Cybersecurity—Japan—Q&A guide

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Cybersecurity—Japan—Q&A guide
  • 1. Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?
  • 2. Which sectors of the economy are most affected by cybersecurity laws and regulations in your jurisdiction?
  • 3. Has your jurisdiction adopted any international standards related to cybersecurity?
  • 4. What are the obligations of responsible personnel and directors to keep informed about the adequacy of the organisation’s protection of networks and data, and how may they be held responsible for inadequate cybersecurity?
  • 5. How does your jurisdiction define cybersecurity and cybercrime?
  • 6. What are the minimum protective measures that organisations must implement to protect data and information technology systems from cyberthreats?
  • 7. Does your jurisdiction have any laws or regulations that specifically address cyberthreats to intellectual property?
  • 8. Does your jurisdiction have any laws or regulations that specifically address cyberthreats to critical infrastructure or specific sectors?
  • 9. Does your jurisdiction have any cybersecurity laws or regulations that specifically restrict sharing of cyberthreat information?
  • More...

Cybersecurity—Japan—Q&A guide

This Practice Note contains a jurisdiction-specific Q&A guide to cybersecurity in Japan published as part of the Lexology Getting the Deal Through series by Law Business Research (published: November 2020).

Authors: TMI Associates—Masaya Hirano; Kazuyasu Shiraishi

1. Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?

Japan has a dedicated cybersecurity law called the Basic Act on Cybersecurity, which was enacted on 6 November 2014 (and promulgated on 12 November 2014).

The primary task of the Basic Act on Cybersecurity is to ensure cybersecurity while also ensuring free distribution of information. It is the purpose of the Basic Act on Cybersecurity to move cybersecurity-related policies forward in a comprehensive and effective manner, and contribute to the creation of a more energetic and continuously developing economic society, consequently contributing to the national security of Japan.

Owing to increased threats to cybersecurity, the Basic Act on Cybersecurity was amended on 5 December 2018 (and became effective on 1 April 2019) with a view to further ensuring cybersecurity in Japan and to fully preparing Japan to host the Tokyo 2020 Olympic and Paralympic Games (now postponed to 2021). The principal amendments are as follows:

  1. A cybersecurity council will be established to enable various public and private entities to mutually cooperate in sharing cybersecurity information and discussing necessary countermeasures, etc. It is planned that the

Popular documents