Privacy bills have faults

個人情報保護法案の問題点

The possibility remains, however, that such information might be wrongly collected, stored or used.

One important improvement is that concerns about media regulation have been alleviated if not removed. Another notable change is the inclusion of new rules for punishing government employees who collect sensitive personal information by taking advantage of their official positions.

But there is doubt as to whether the pro posed legislation would ensure privacy protection — doubt reinforced by recent revelations that the Defense Agency tapped into local government databases to gather confidential information about would-be recruits for the Self-Defense Forces.

The worry is that the package, as it stands, would not provide full safeguards against privacy violations.

The Upper House has its work cut out to improve the package. An opposition proposal to review the legislation three years after its enactment is a step in the right direction, but it leaves immediate problems on the back burner. What is needed most is a more exhaustive debate of the package, inside and outside the Diet.

The package consists of five bills, including one that lays out guidelines for the protection of basic personal data, such as name, gender and birth date. The basic bill, an update of the original one, excludes a requirement calling for "proper acquisition of information." Critics of that rule considered it vague to the extent that it could unduly restrict reporting activity.

Private companies in violation of the rules would be subject to penalties just as public servants abusing their privileges would be punished. By comparison, though, private entities seem likely to be more constrained in their use of personal data. In principle, they would be required to use da ta only for specified purposes. State ministers in charge would have strong authority to crack down on violators.

On the other hand, those that supply information to media organizations, including journalists and writers, would be exempt from ministerial intervention. While the moves to ease media restrictions are welcome, there is no denying that the updated measures are meant in part to meet a self-imposed deadline: The government is under pressure to get the package through the Diet in time for the scheduled full introduction in August of a national computer network on resident registrations.

Opposition parties have put forward a number of proposals that merit consideration. One is a plan to set up a third-party panel in the Cabinet Office that would oversee handling of personal data. Such a commission would help ease public concerns over the running of the privacy protection system. Japan should consider taking cues from Sweden, which has a similar watchdog body.

Another opposition proposal says people should have a right to "control" how their personal information is handled. Whether this kind of right can be defined by law may be argu able, but there is no question that citizens must be fully assured that their personal data will not be used in ways detrimental to their interests.

From this point of view, the government proposal to punish abuses by public employees is significant. The main worry about personal data held by government offices is that it might be divulged to unauthorized parties. Once leaked, it could cause irreparable damage to individuals involved.

The basic bill stands in need of a further review because its sweeping nature leaves open the possibility that a wide range of disparate sectors in which personal data is handled might be placed under catch-all but largely effective regulations. It is, therefore, necessary to establish separate laws for sectors such as health care and financial services. In fact, the package includes a proposal to this effect. To prevent data leaks in these sectors, enacting sector-by-sector privacy legislation is an urgent priority.

The Japan Times Weekly
May 10, 2003
(C) All rights reserved

      行政機関と情報取扱業者が保管する個人情報を保護する目的の同法案は、昨年廃案になった旧法案を修正したものであるが、情報の不適正な収集、保管、利用の可能性を残している。

      新法案はメディア規制について疑問を完全に払拭したとはいえないが、一定の配慮をした。また、個人情報を取り扱う行政機関職員にも新たに罰則規定を設けている。

      しかし、この法案で個人情報が完全に保護できるか疑問がある。例えば、防衛庁が自衛隊員募集のために、全国の自治体に適齢者の情報を提供するよう要請していた経緯がある。

      問題の法案について国会の内外で十分に議論しなければならない。

      個人情報取扱業者については行政機関職員と同様に違反に対する罰則規定があるが、業者の情報利用は特定の目的に限るなど、より厳しい制限を受けることになるようだ。

      一方、メディアに対し情報を提供するジャーナリスト、ライターなどは規制を受けない。メディア規制緩和は結構だが、8月に予定される住民基本台帳ネットワークの稼動前に新法の成立を図る動きだろう。

      野党側は、法案に関連していくつかの提案をしている。例えば、個人情報の取り扱いを監視する第三者機関を内閣府内に設置する、個人情報の使用について制限する権利を国民に与える、といった提案は考慮に値する。この観点から、個人情報を取り扱う行政機関職員に対する罰則規定は重要だ。

      法案はさらに見直すべきだ。個人情報を扱う多様な部門、例えば医療、金融などについて包括的規制を適用するのは問題がある。関係各部門について個別の法律を作ることが緊急の課題である。