Privacy & Information Security Law Blog

On January 23, 2019, the European Commission announced that it has adopted its adequacy decision on Japan (the “Adequacy Decision”). According to the announcement, Japan has adopted an equivalent decision and the adequacy arrangement is applicable with immediate effect.

Prior to the adoption of the Adequacy Decision, Japan implemented a series of additional safeguards designed to ensure that data transferred from the EU to Japan will be protected in line with European standards. These include:

• A set of supplementary rules to bridge the difference between EU and Japanese standards on various issues, including sensitive data, the exercise of individual rights and onward transfer of EU data to third countries;
• Safeguards concerning Japanese public authorities’ access to EU personal data for criminal law enforcement and national security purposes; and
• A complaint-handling mechanism, administered and supervised by the Japanese Personal Information Protection Commission, to investigate and resolve complaints from Europeans regarding access to their data by Japanese public authorities.

In terms of next steps, an initial joint review will be carried out after two years to evaluate the functioning of the framework. The assessment will cover all aspects of the Adequacy Decision, including the application of the additional safeguards mentioned above. Representatives of the European Data Protection Board will participate in the portion of the review relating to access to data by Japanese public authorities for law enforcement and national security purposes. Following this initial review, periodic reviews of the framework will take place at least every four years.

Commenting on the Adequacy Decision, Věra Jourová, Commissioner for Justice, Consumers and Gender Equality, noted in the announcement that the “decision creates the world’s largest area of safe data flows” and that “this arrangement will serve as an example for future partnerships in this key area [of privacy] and help setting global standards.”

The European Commission has also released a factsheet and Q&As on the adequacy arrangement with Japan.