<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=654132&amp;fmt=gif">

Prop 24 (CPRA/CCPA 2.0) Has Passed: What This Means For You

CPRA Passed!

Dan Clarke, President - IntraEdge

All Posts

Japan Makes Critical Updates to Data Privacy Law - APPI

While the COVID-19 pandemic has forced many organizations to conduct business remotely, this did not interfere with Japan moving forward with updating their privacy law. Recently, the Japanese Cabinet approved a bill to revise the Act on the Protection of Personal Information (APPI), which would broaden a data subject's powers to exercise control over their data and establish a system to facilitate a company's internal use of data. 

How do these APPI updates affect companies? 

The new updates to the APPI will require companies to take measures to protect personal data of data subjects, such as introducing a form of pseudonymization. In addition, the APPI will require companies to submit a data breach report to the Personal Information Protection Commission (PPC) and notify data subjects in the event of a data breach.  

What privacy rights does the APPI extend to data subjects?

The new updates to APPI, expand the rights of data subjects such as cessation of use, deletion, and cessation of third-party provisions of retained personal data. The updates make it easier for a data subject to exercise their data privacy rights and broaden the types of retained data. Any data retained for less than six months is included in a data subject right to demand disclosure of data. 

Japan's privacy law significantly affects both the data subjects (consumers) and data handlers (companies) as penalties are increased. If a data handler fails to comply with the amended privacy updates, the maximum fine on data handlers can reach upwards of 100 million yen, depending on the violation. An increase of penalties is not the only update to the APPI that holds companies responsible for violating privacy rights; for example, expanding the PPC authority to offshore companies will allow the PPC the ability to report privacy violations.  


Monique Becenti
About Monique Becenti
Monique Becenti is the Product Marketing Manager at Truyo. She has deep technical knowledge in technology with an emphasis on data privacy.
Recent Posts

Prop 24 (CPRA/CCPA 2.0) Has Passed: What This Means For You

Dan Clarke, President - IntraEdge California voters said "yes" to Proposition 24, known as the California Privacy Rights Act (CPRA). The CRPA expands ...

Round Three of Proposed Modifications to the CCPA

The California Consumer Privacy Act (CCPA) proposed updates continue to roll in as the third set of proposed modifications released by the California ...

Update: Governor Gavin Newsom Signs AB-1281

Governor Gavin Newsom signed Assembly Bill 1281 on Tuesday, September 29, 2020. The bill extends the business-to-business and employee partial morator...

CPRA is on the Horizon - What's the Ripple Effect?

Data breaches and technology are evolving at such a rapid rate. In the first half of 2020 alone, data breaches significantly increased by 273% compare...