JAPAN Trends and Developments Contributed by: Norihiro Sekiguchi, Daisuke Mure, Yuki Kuroda and Ryosuke Sogo, Oh-Ebashi LPC & Partners
Injunctive relief and damage recovery systems Currently, data subjects can request cessation of use or erasure of unlawfully processed personal data and claim damages under Article 709 of the Civil Code. However, Japanese courts typically award only USD10–20 per person for mental dis - tress in data breach cases involving less sen - sitive information, making litigation financially impractical for most victims. The existing consumer organisation lawsuit sys - tem has significant limitations, including: • the injunctive relief system does not cover APPI violations; and • the damage recovery system (“Japanese Class Action”) cannot independently address mental distress suffered from negligent data breaches. To address these gaps, the Study Group pro - poses: • allowing qualified consumer organisations as parties able to seek injunctive relief against specific APPI violations (Articles 18, 19, 20, 27 and 28); and • enabling collective recovery through the courts for mental distress suffered by numer - ous data subjects from negligent data breaches. These systems would provide more effective rights protection for data subjects and estab - lish clearer judicial guidance on what constitutes APPI violations and negligence in data breach cases. Other key discussion points Beyond administrative monetary penalties and systems for injunctive relief and damage recov -
tion (Article 20); and (d) providing personal data to third parties without consent (Article 27). These violations would be penalised particularly when they generate benefits or compensation for the violator. • Violations of security management measures, addressing the frequent occurrence of data breaches in Japan For both categories, penalties would apply only when: • reasonable care was not exercised (negli - gence-based approach); • rights were infringed or face a concrete risk of infringement; or • violations affect 1,000+ data subjects (exclud - ing small-scale cases). For violations based on infringement of rights, the penalty amounts would be equal to or exceed the financial benefits gained (based on sales rev - enue, not profit). For violations based on insuf - ficient security management, penalties would be calculated as a percentage of sales during the violation period, similar to Japan’s Antitrust Act (1–10%) or Act Against Unjustifiable Premiums and Misleading Representations (3%). The system would include leniency provisions with reductions for voluntary reporting to encour - age early detection and compliance. Repeated violations within ten years would face 1.5 times the standard penalty. The Study Group is also considering a statute of limitations and methods to ensure effectiveness against overseas busi - nesses.
427 CHAMBERS.COM
Powered by FlippingBook