How can personal data be utilized while suppressing the adverse effects caused by the monopoly of internet giants? International discussions are needed, from a broad perspective, on the appropriate nature of regulations.
The European Union has introduced a new rule dubbed the General Data Protection Regulation (GDPR) that calls for businesses to strictly manage personal data.
The new regulation is based on the idea that the handling of personal data is decided not by a corporate entity but an individual person. Concerning data on individual persons living in Europe, businesses are required to inform the users of services about the content of data to be collected and how the data can be used, and obtain their approval on these matters.
Firms will be obliged to implement such measures as deleting personal information and suspending the use of data for business purposes if so requested by individual persons.
Huge web-based companies chalk up enormous profits by utilizing personal data for ads and other purposes without the knowledge of individual persons.
In the aftermath of an illegal leak of a great volume of users' personal data involving Facebook, Inc. of the United States, demands for protection of personal data have been gaining momentum across the world.
The EU's direction toward strengthening the protection of personal information is understandable.
Work out universal rules
A matter of concern is that the new regulation is too stringent.
A company that violates the regulation faces a fine of up to 20 million euros (about 2.5 billion yen) or the equivalent to 4 percent of its worldwide sales, whichever is higher.
Huge monetary penalties inflict a serious blow to companies. If the new regulation is applied strictly, it would lead to a business slump within the EU and have a negative impact on the European economy.
The new regulation applies also to Japanese firms, even if they have no bases in Europe. Its effect will extend to a wide range of corporate entities, including mail-order businesses and travel agencies.
To deal with the new regulation, businesses are required to increase the number of personnel and renew their online systems. Many companies seek advice from lawyers and consulting firms well versed in European laws and regulations.
Putting aside cash-laden big businesses, small and medium-sized companies will have to bear heavy cost burdens. There are conspicuous delays in making preparations.
It cannot be overlooked that the move toward establishment of blocs, as regards the handling of private data, has been accelerating globally.
The United States, which has many huge information technology firms, permits the free distribution of personal data.
China, where the distribution of information is strictly managed and controlled, adopts a system to close off personal data. The EU's new regulation bans, in principle, acts that move private data outside the EU.
The fact that methods for protecting personal data differ greatly among the United States, Europe and China undermines corporate activities conducted beyond national boundaries.
Japan should actively call on other countries to work out international rules for the protection of personal data, by taking advantage of such occasions as meetings of the Group of 20 major economies.
(From The Yomiuri Shimbun, June 25, 2018)
Read more from The Japan News at https://japannews.yomiuri.co.jp/
