The European Union has come to an agreement with Japan on the equivalency of their respective data protection systems, effectively creating an expanded area where shared data will be secure. From the European Commission’s press release:
“To live up to European standards, Japan has committed to implementing the following additional safeguards to protect EU citizens’ personal data, before the Commission formally adopts its adequacy decision:
- A set of rules providing individuals in the EU whose personal data are transferred to Japan, with additional safeguards that will bridge several differences between the two data protection systems. These additional safeguards will strengthen, for example, the protection of sensitive data, the conditions under which EU data can be further transferred from Japan to another third country, the exercise of individual rights to access and rectification. These rules will be binding on Japanese companies importing data from the EU and enforceable by the Japanese independent data protection authority (PPC) and courts.
- A complaint-handling mechanism to investigate and resolve complaints from Europeans regarding access to their data by Japanese public authorities. This new mechanism will be administered and supervised by the Japanese independent data protection authority.”
This reciprocal adequacy process gives greater impetus for international companies to comply with GDPR regulations, especially as the EEA countries of Lichtenstein, Norway and Iceland have recently signed up to the regulation.
To read more on GDPR and learn about MAP’s advice, see our Legal section.