Keynote Speeches | Stakeholder Questions & Comments | Commission Responses | Takeaways | Participants

Presentation Slides 

The Asia Pacific Institute for the Digital Economy (APIDE) in collaboration with Keio University and the American Chamber of Commerce in Japan (ACCJ) was pleased to host on March 10, 2016 the fifth gathering of the “multi-stakeholder” community in Japan focusing on issues related to the protection of personal information and the use of personal data for commercial purposes.

The previous four privacy forums were convened in 2014 with the goal of providing input from the “multi-stakeholder” community into deliberations within the Abe administration and Japan’s Diet regarding revisions to the Personal Information Protection Act (PIPA), which came into effect in April 2005.

The Abe Administration under the leadership of the Cabinet Office offered amendments to the existing legislation with the objective of updating it to reflect the advent of new Internet technologies, such as cloud computing, big data, the Internet of Things and the widespread utilization of social media. The government recognized that both users and business were looking for guidance and clarity so that Japan could take full advantage of new ways to collect and use data in its emerging Digital Economy and meet its international obligations to promote the free flow of data in and out of Japan. Among the most important of the revisions was the decision to establish a Personal Information Protection Commission (PPC) to develop and enforce privacy regulation in the interest of users and the broader economy.

The revisions to PIPA were passed by the Japanese Diet in September 2015 and will come fully into effect two years later after implementing rules and guidelines have been set by the PPC, which got its official start in January 2016. The development of new rules will require the continued participation of the “multi-stakeholder” community in Japan and active engagement with the PPC to ensure that the new regulations both reflect and meet the need of all stakeholders.

For that reason, APIDE decided to call together the first meeting of the community since November 2014 just prior to the Cabinet Office’s finalization of the legislative draft on revisions to the PIPA, which was presented to the Diet in February 2015. The objective going forward is to bring together the community on a quarterly basis to encourage information-sharing with and involvement by the “multi-stakeholder” community in Japan as the PPC undertakes its deliberations and to assist the PPC in its efforts to align Japan’s implementation of the revised PIPA with international trends and best practices.

Program Overview

The Fifth Multi-Stakeholder Forum featured expert presentations on privacy developments in Japan and the region by two keynote speakers: PPC Commissioner Satoru Tezuka (who was assisted by PPC Councillor Kazunori Yamamoto) and Professor Abu Bakar Munir from the University of Malaya. Commissioner Tezuka in his remarks outlined the provisions in the newly revised law and provided important insights into how the Commission would be addressing a number of key changes found in the legislation. Professor Munir, who helped draft Malaysia’s privacy law and is an advisor to ASEAN, offered an overview of privacy legal developments in the region that provided a needed context for discussing the changes contemplated in Japan.

Following the keynote addresses, the floor was open to the “multi-stakeholder” community for comments and questions. The community was represented by some 20 stakeholders drawn from Japanese and US businesses (including Yahoo Japan, Shinkeiren, BIGLOBE, Facebook, Microsoft, Caterpillar, HP), the academic community (Keio, Tsukuba, Chuo, Kyoto Universities), the legal profession (Endeavour), small business (Makaira, Bizmobile) and government (MIC). Many other stakeholders, including from the Japan Network Information Center (JPNIC), the law firm of Nishimura and Asahi, Sony, IBM, and Meiji University, attended as members of the audience.

Keynote Presentations

Satoru Tezuka, PPC Commissioner

DSC04051The Commissioner opened his remarks by noting that many decisions remain to be made with regard to the operations of the newly revised privacy framework and apologized in advance that he might not be able to answer questions in the detailed way that everyone might want. He said the Commission is committed to working with the “multi-stakeholder” community and noted that he had asked PPC Councilor Kazunori Yamamoto to assist him in responding to comments and questions raised by the community.

The Commissioner’s first slide made clear that the revised law is a clear departure in many ways from the current system in that it brings together the many different facets of Japan’s privacy system that are now under the responsibility of the respective ministries. It also provides a mechanism to link together the national government, local government and independent administrative agencies respective privacy policies.

Of course, the success of this will depend critically on the powers and resources of the new PPC as well as its mandate. Quoting from Article 1 of the new law, the Commissioner stressed that the PPC’s mission is to protect individual privacy and to contribute to the creation of new industries and strengthened Japanese economy. He listed three key objectives: to clarify national policy with the goal of eliminating the “grey zone” that has worried the public and left business uncertain of what is allowed and what is not; of promoting the appropriate use of data for commercial purposes; and of working with international partners on a global privacy agenda.

The Commissioner explained that the PPC would be responsible for certifying privacy accreditation bodies, overseeing and enforcing compliance from business and other organizations, and responding to complaints from users. With regard to the government, the PPC would set standards for agencies, monitor the compliance of contractors and handle citizen complaints. Looking at the schedule ahead, the Commissioner said that the new body would be focusing on elaborating its administrative structure and guidelines over the next year and a half. During that period, the separate Ministries would still have the initiative and take responsibility for privacy policy in Japan. The PPC would also be devoting resources to ensure the smooth introduction of the new “national ID” system.

Commissioner Tezuka cited the following as the most important new areas under the law and indicated that they would be focus of the PPC rulemaking. These include: defining “personal information” (e.g. fingerprints, drivers license, national ID, etc.), which can uniquely identify an individual, and “sensitive” information that requires explicit consent before sharing; setting procedures for de-identifying data and rules for sharing this data; establishing conditions for transferring data to third parties including “traceability” procedures, necessary record-keeping and opportunities for opt out; confirming rules for cross-border data transfers; providing certifying accreditation bodies and reducing the compliance burden for small business.

He added that definitional issues, procedures for “deleting” data and the handling of “sensitive” data would be dealt with by Cabinet Orders. Rules for cross-border data transfers, record keeping requirements and procedures for anonymizing data would be set by administrative regulation. Assistance to small business would be dealt with through administrative guidance.

Professor Abu Bakar Munir, University of Malaya

2016-03-10 19.25.10Professor Munir opened his remarks by affirming ASEAN nations’ commitment to privacy and noting the commitment of member countries to develop “best practices/guideline” on privacy as part of their efforts to create an integrated ASEAN Economic Community. He displayed a chart that benchmarked ASEAN country progress on setting a legal framework for their emerging “digital economies.” Singapore was the most advanced with laws governing all key sector, i.e. electronic transfers, privacy, cyber crime, consumer protection, content regulation and domain names. But other ASEAN nations have also taken many of necessary steps.

Digging a little deeper, Professor Munir’s next slide looked at the key elements of data protection law: principles, rights, enforcement and exemptions for public agencies with a specific focus on the situation in Korea, Malaysia, Taiwan, Singapore, Philippines, Thailand and Indonesia. The one area where the legal framework remained incomplete for the countries studied was with respect to extending privacy rules to governments.

The divergences among the studied countries were more prominent when Professor Munir looked at requirements for reporting data breaches, differentiating personal and sensitive data, dispute settlement mechanisms and setting responsibility for privacy within organizations. Korea’s privacy framework had all these elements, but there were significant gaps in the approaches of other countries on the list.

Looking at privacy enforcement and remedies, e.g. registration schemes for data collectors, civil and criminal penalties, responsibility for enforcement and the option of class action, the differences in approach were even larger. Malaysia is the only country with a registration requirement and Taiwan is the only economy which still leaves privacy enforcement to each Ministry rather than a data protection authority. However, in every jurisdiction except Malaysia, there are both civil and criminal remedies for privacy abuses.

Professor Munir also highlighted a number of one-country privacy initiatives that might be imitated elsewhere. For example, Korea requires a privacy impact statement and Singapore uses a “reasonable person test” in assessing culpability for data breaches.

With respect to the regulation of cross-border data transfers, there is no clear consensus among the countries surveyed. Malaysia and Thailand have adopted a EU style “adequacy” requirement while Singapore, Philippines, Korea and Taiwan are following an APEC style “accountability” regime. Indonesia’s rules in this area are still being debated. There are some caveats to this. For example, Korean law distinguishes between “providing” data (in which case it is governed by privacy law) and outsourcing information for processing (where it is under the Network Act).

Professor Munir did not comment specifically on Japan’s new framework in his presentation, since an English version of the text has only just been released. He indicated, however, that the legislation appears to give a great deal of discretion to the PPC to set rules for the definition and handling of personal data and conditions for transferring personal data to third parties and overseas. In his summary remarks, Professor Munir urged that in developing its administrative framework the PPC should keep in mind these principles: technological neutrality, international benchmarking and the need for flexibility in rulemaking and enforcement.

Comments and Questions from the Multi-Stakeholder Panel

DSC04084Facebook’s Takuya Yamaguchi provided the first follow up to the keynote presentations. He opened his remarks by stating that privacy is a top concern for the company and that protecting privacy required the development of strong technical competence on the part of firms and the government so that the implications of new technology for privacy could be properly assessed. For this reason, he continued, a multi-stakeholder approach to developing privacy rules is desirable so that all aspect of an issue can be considered. He concluded that we are in a new era where “protection” of data must also include the concept of how we “protect” its value in promoting innovation and growth of the economy. In the end, privacy is an issue for users and Facebook is committed to assuring them maximum control over how they wish their data to be used.

Bizmobile’s Yoshihiro Obata spoke next and made the point that there are limits to data anonymization rules and procedures as contemplated by the PPC. He pointed out that already the technology to instantaneously capture user behavior coupled with the wealth of data on cellphones available to providers makes a post-facto approach to data anonymization of limited utility. The new problems of privacy, he argued, need to be developed dynamically and that there needs to be a much larger and more inclusive discussion.

Obata added in a post-program discussions that there is a lack of clarity between Japan’s concept of “personal information and the US/European concepts of privacy.” He also pointed out that there also seems to be some ambiguity between the legal concept of “personally identifiable information” used in the original version of the PIPA and that of “personal information” found in the amended version of the law. He added his understanding that that transfer of “personal information” collected by one company to a third party is not specifically subject to regulation in the US or Europe. However, there appears to be a requirement in the amended Japanese law for companies to obtain user consent before undertaking this action. He indicated that this potential discrepancy between “international” and Japanese practice may require further discussion.

DSC04080Endeavour Law Office Attorney Naoko Mizukoshi agreed with Obata’s point on anonymization and underlined that from a legal perspective the “context” determines the risk and this varies from one situation to the next, i.e. what is acceptable within the travel industry may not be in the legal profession – so setting standards for anonymization may prove complicated and costly.

Caterpillar Japan Global Government and Corporate Affairs Director Megumi Tsukamoto commented that the advent of the Internet of Things has made protecting privacy and guarding cyber security, issues that are critical for ensuring the continued free flow of data. She said that suppliers and users need to work together in order to secure the future of the Internet.

APIDE Chairman Masanobu Katoh raised two questions: how practically Japan can strengthen the engagement of the multi-stakeholder community in policymaking on privacy given the weakness of civil society institutions domestically; and what is special or different about Japan’s approach to privacy as reflected in the recent revisions to the law that might serve as a model for other countries.

DSC04066HP’s Yoshihiro Sato joined the previously expressed skepticism regarding efforts to specify “anonymization” rules as standards. He warned that it is already pointed out in the report by technical working group of government that setting standards for anonymization is difficult. The report suggested that the processing method of data should be determined on a case by case basis, referencing how the data will actually be utilized. Additionally, the term “anonymization” or “de-identification” should not be used in discussing the utilization of personal data, because there needs to be a balance between the protection of data and its effective utilization so that data can deliver insights without identifying a particular individual.

Mari Nakajima an attorney from Microsoft asked focused on asking how companies would reassure their customers that they are following appropriate procedures regarding privacy and specifically how the new privacy framework might help build greater trust among users so they would be more willing to entrust their data to the cloud.

Chuo University Professor Hiroshi Miyashita raised the issue of the “privacy shield” agreement between the US and the EU and how the government viewed provisions such as the prohibition of “data localization” requirements under the Transpacific Partnership (TPP) Agreement.

Professor Kaori Ishii from Tsukuba University raised the linkage between the “my number” act, which sets strict rules for use and disclosure of an individual’s “national ID” and the PIPA, which takes a more flexible approach to the use of personal information. She also seconded the general skepticism about setting standards for anonymization of personal data.

Finally, Professor Makoto Yokozawa from Kyoto University asked what happens to the PIPA after it comes into force in 2017. He noted that technological progress will still continue and asked how the Commission plans to stay ahead of a rapidly changing privacy environment. He urged the Commission to embed some mechanism that would allow for the continued updating of the law, such as a regular review process and wide latitude for self-regulation by bodies under the general supervision of the PPC. He also urged the Commission to give consideration to “privacy by design” as found in Australia’s data protection act.

Responding To The Community

2016-03-10 19.42.25In responding, Commissioner Tezuka acknowledged that technology is now moving so fast that new rules are always
being overtaken by new situations. He said that promoting greater user “literacy” with respect to the risks and value of data will be an important emphasis for the PPC. He added that the Commission also needs to be sensitive to cultural values and to develop appropriate mechanism for protect them.

Councilor Yamamoto added that in order to make progress in this area, the Commission needs to engage with users. He affirmed that the Commission is examining ways to work with users in different economic sector to develop voluntary codes of conduct that the Commission would reference in its enforcement activities.

Councilor Yamamoto continued that the PPC welcomed exchanges such as at this Forum with the “multi-stakeholder” community and was committed to providing opportunities for public comment as part of its rule-making process. He stated that a unique characteristic of the new law is that Japan will be tackling the issue of how to protect personal information through specifying procedures for anonymization procedures, which will permit companies to use personal data responsibly. This will take a good deal of research, but it reflected the Japanese government and industries’ commitment to protecting privacy.

Commission Tezuka concluded that, while the revisions to the existing privacy framework are directed to facilitating the utilization of data, there is no intention by the government to weaken privacy protections in Japan. As an example, he said that TPP is an international agreement that sets certain standards, but that Japan also needs to develop rules and procedures that are consistent with its economy and culture. These are not inconsistent.

Professor Munir said in closing that data protection laws should not be construed as mechanisms to restrict the use of data. The challenge, however, is to get the balance right. He said that Japan appears to be over focused on the “identification” issue (e.g. protecting passport numbers) when the real problem is “identifiability” (i.e. factors external to an individual, such as GPS coordinates, that combined with other information can uniquely identify an individual).

Final Takeaways

A common understanding from the program was that more dialogue and discussion is needed – the two hours allotted for the session went by all too quickly. This was also the beginning of a process and we expect a more concrete and deeper exchange as the new PPC begin to address many of the issues raised during this session.

APIDE looks forward to welcoming back Commissioner Tezuka and Councilor Yamamoto at future sessions. We also wish to express our special appreciation to Professor Abu Bakar Munir for joining us and his reminder that we need to be both mindful and knowledgeable about the direction that privacy discussions are taking in the Asia region. We hope to make this dimension a part as well of our “multi-stakeholder” engagement.

In the meantime, APIDE has a number of future “areas for discussion” that we believe require more research, analysis and advocacy from the multi-stakeholder community. We hope that the list below will be a useful reference for the PPC in its internal deliberations and its future engagement with the multi-stakeholder community.

Definition of Personal Information: What is included; what is not and why; how might this change with the massive deployment of IOT where the issue of “identifiability” becomes a larger concern?

Anonymizing Data: How will standards and procedures be determined and enforced; how will proprietary technologies be protected; could Japan’s standards differ in important respect from international practices?

Consent and Disclosure: How will these requirements be implemented and how might they differ from current practices?

Record Keeping and other Compliance Rules: What is the potential costs to businesses of these provisions? Does the PPC have the capacity to properly manage and review these reporting requirements?

Data Localization: The TPP agreement “prohibits” such rules, but how will sensitive areas like health and educational records be handled?

Extra-Territorial Application of the Law: How will data held outside Japan be subject to oversight by the PPC?

“Safe Harbor” Arrangements: Will Japan seek to be a part of the “Privacy Shield” arrangement between the US and Japan; what role will the PPC play in such negotiations?

PPC Rulemaking: Will there be opportunities for public hearings and public comment periods prior to PPC decisions – can the usual 30-day period be extended to 60-90 days to allow input from the international community; will English language texts be available for review and comment?

PPC Enforcement Actions: What procedures will be in place to ensure transparency and guarantee of due process in PPC investigations and enforcement decisions?

PPC Authority: How will the relationship between the PPC and other Cabinet ministries and agencies, particularly FSA, be managed?

Multistakeholder Panelists


UntitledSatoru Tezuka

Personal Information Protection Commission(PPC), Commissioner
Satoru Tezuka is a Professor of the School of Computer Science, Tokyo University of Technology. He graduated from the Department of Technology, Keio University where he received a Ph.D. Prior to his position he worked for the Laboratory of Hitachi Ltd.as a manager of the information security department. He is a Commissioner of Personal Information Protection Commission, a SIP Sub Program Director of Council for Science, Technology and Innovation, a Committee Member of Critical Infrastructure Advisory in Cybersecurity Strategy Headquarters Information Security Policy Meeting. He is also the President of the Information Network Law Association, an executive director of the Japan Society of Security Management and a director of the Institute of Digital Forensics.

sugihara-bioYoshitaka Sugihara
Chair, Internet Economy Task Force, ACCJ
Yoshitaka Sugihara serves as a Governor of the American Chamber of Commerce in Japan, and Chair of the Internet Economy Task Force. He studied Political Science at Doshisha University before attending the University of Pennsylvania. In 1994 he served as a researcher at the London School of Economics. He specializes in Information Communications, International Relations, and International Economics.

kosekiYoshi Koseki
CSO, BIGLOBE
Dr. Yoshiyuki Koseki is CSO and the former CEO of BIGLOBE Inc., one of the largest internet service providers in Japan. BIGLOBE operates a combination of multiple broadband services, including FTTH, Wi-Fi, and LTE. He has been leading the ISP division for 15 years and led the company to one of the largest firm in terms of the number of FTTH and Mobile subscribers in Japan. He holds a B.S. in Computer Science from Tokyo Institute of Technology, a M.S. in Computer Science from University of California, Los Angeles, and a Ph.D. in System Science from Tokyo Institute of Technology. Before managing BIGLOBE operations, Dr. Koseki was leading Research and Development groups at NEC Corporation and has considerable expertise in the fields of Artificial Intelligence, Human Computer Interaction, and Visual Programming languages.

toshinori_kajiuraToshinori Kajiura
Chair, Keidanren – Committee on Internet Economy Industry
Toshinori Kajiura is Senior Researcher at Hitachi – Information & Communications Systems. He is also Chair of the Japan Committee on the Internet Economy Industry Forum at the Japanese Business Federation (Keidanren). Mr. Kajiura is a visiting professor at Tsukuba University and serves as an expert on various working groups within METI, MIC, and Ministry of Land, Infrastructure, & Transportation.

 

yoshihiro-obata-profileYoshiro Obata
CEO, Bizmobile
Yoshiro Obata began his career with KDD (former KDDI) in ’86, and later as an acceptance testing and global interconnection engineer, subsequently working for their R&D teams, where he designed and developed a second-generation global fax mail system. In 1994, he was assigned as the project manager to start global Internet transit business between the United States and Japan. In 2013, after the acquisition of eAccess by Softbank, he moved to Equinix Japan where he works as a solutions architect. He now serves as the CEO of BizMobile, Inc.

koichiro-fuji-profileKo Fujii
President, Makaira
Ko Fujii is President of Makaira. As a public affairs professional with strong focus on the tech sector, his expertise includes strategic global communications, risk communication, crisis management, and strategic stakeholder engagement. Prior to his current position, Ko was Head of Public Policy and Government Relations for Google in Japan, and before that, a public affairs consultant at Fleishman Hillard Japan.

Ko has worked within the Japanese government’s Ministry of Education, Culture, Sports, Science and Technology (MEXT). He has studied Law at the University of Tokyo, and holds an MBA from Kellogg School of Management at Northwestern University, majoring in Marketing and Public/Nonprofit Management.

naoko-mizukoshi-profileNaoko Mizukoshi
Attorney, Endeavour Law Office
Naoko Mizukoshi is an attorney and Founder/Partner at Endeavour Law Office. Admitted to the bar in Japan in 1995, and in the State of California in 2002, she has been advising a variety of corporate clients from large multi-national corporations to high-tech start-ups with her deep expertise in Intellectual Property, ICT, and Entertainment.

Ms. Mizukoshi possesses a unique combination of experiences both as a partner lawyer at one of the largest law firms in Japan as well as an in-house lawyer at global IT companies. Ms. Mizukoshi has served as an in-house lawyer at Microsoft, Autodesk, and Nomura Research Institute.

jiro-kokuryo-profileJiro Kokuryo
Vice President for International Collaboration, Keio University
Dr. Kokuryo holds an MBA and Ph.D. from Harvard University. As a member of Japan’s IT Strategy Headquarters, Dr. Kokuryo played a key role in Japan’s rapid and highly successful deployment of Internet infrastructure and has been a strong advocate of greater utilization of Internet technologies in areas such as healthcare and disaster preparedness.

He heads the Design Platform Laboratory within the Keio Research Institute.

kaori-ishiiKaori Ishii
Associate Professor, Faculty of Library, Information, and Media Science, Chuo University
Dr. Ishii received the Ph.D in Law from Chuo University after having engaged in the practice as an attorney at law. Her research interests are primarily in the field of protecting privacy and personal data.

She has served as an subject matter expert on many Governmental Expert Committees in Japan.


prof-abu-bakar-munir-profileAbu Bakar Munir

Professor, University of Malaya
Professor Abu Bakar Munir is an internationally renowned scholar, expert and consultant on ICT law and data protection law. He was the Dean of the Faculty of Law at the University of Malaya, Malaysia. Currently, he is a Professor at the Faculty of Law and an Associate Fellow at the University Of Malaya Malaysian Centre Of Regulatory Studies (UMCoRS).

Professor Munir was appointed the Adviser to the Government of Malaysia on data protection law in 2007 and was instrumental in crafting and the passing of the Personal Data Protection Act of 2010.


Mari Nakajima

Legal and Corporate Affairs, Microsoft Japan
Mari Nakajima joined Microsoft Japan in 2007 and has handled various commercial deals including cloud services, licensing, marketing.

She currently focuses on privacy and security on the cloud services.

 

imageHiroshi Miyashita
Professor, Chuo University
Dr. Miyashita is associate professor of law at Chuo University.  He was appointed as the first privacy officer for international relations in the Cabinet Office of Japan in 2007, attending the OECD, APEC, APPA and Privacy Commissioner’s meetings as the Japanese delegation.  He received a Doctor in Law from Hitotsubashi University and was a visiting scholar at Harvard Law School and CRIDS (Centre de Recherche Information, Droit et Société), University of Namur

 


Picture-Ms.Ishijima _YahooJapanMana Ishijima

Deputy General Counsel, Corporate Legal Affairs & Public Policy
Mana Ishijima studied law at Keio University and started her career at Toyota Tsusyo Corporation (former Tomen Corporation). Her interest in the unlimited possibilities of the Internet finally led her to join Yahoo! JAPAN in 2002. She has been engaged in various unique services of Yahoo! JAPAN and many of its significant commercial deals. After serving as a senior manager of the M&A team in the legal department, she was assigned as the Deputy General Counsel in 2015, responsible for corporate legal affairs & public policy.


hishidaMitsuhiro Hishida
Director, Multilateral Economic Affairs, MIC

Mr. Mitsuhiro Hishida has been Director of Multilateral Economic Affairs Office, Global ICT Strategy Bureau, Ministry of Internal Affairs and Communications (MIC) since 2012. In his current position, he is in charge of negotiation for multilateral issues in the ICT field, including OECD, APEC, WTO, TPP, and other EPAs.

 

IMG_1896Megumi Tsukamoto
Director, Global Government and Corporate Affairs, Japan
Caterpillar Japan Ltd.

Megumi Tsukamoto joined Caterpillar within GGCA Japan, having previously worked at IBM Japan. She has extensive experience in government affairs and for the last seven years has led the Government and Regulatory Affairs team for Intel. She has been an active member of local and international industry associations in Japan. She has been frequently nominated as a consulting member for various expert councils and committees within the Government of Japan.


Yamaguchi_FBTakuya Yamaguchi

Head of Public Policy Japan, Facebook

Takuya Yamaguchi is the first officially appointed Head of Public Policy in Facebook Japan since March 2015. Before joining Facebook, he has worked for Google Japan, Cisco Systems Japan, and Microsoft Japan as public policy and Government outreach expert and dealt with broad range of policy issues related to ICT. He also worked as Deputy Director, IT Policy Office, Government of Japan.


MinoruOgisoMinoru Ogiso

Secretariat, Japan Association of New Economy (JANE)

Minoru Ogiso serves as a secretariat in Japan Association of New Economy (JANE) where he leads policy discussion and makes policy proposals to the government. The JANE is one of the largest business associations in Japan with more than 500 member companies mainly from internet and technology industry. Mr. Ogiso is also responsible for public policy and government relations in Rakuten Inc. since he joined the company in 2006. Prior to joining Rakuten and JANE, Mr. Ogiso worked at the Ministry of Land, Infrastructure, Transport and Tourism for more than ten years. Mr. Ogiso holds a bachelor degree in Law from Tokyo University.

Yoshihiro Sato
Privacy Office, Hewlett Packard Japan

Facilitators

Masanobu Katohkatoh-profile
Chair, The Asia Pacific Institute for the Digital Economy (APIDE)
Masanobu Katoh started his professional career at the legal department of Fujitsu Limited in 1977. In June 2002 he headed the company’s IP and Legal groups in Japan. Following several executive positions including Vice President and General Counsel, Mr. Katoh joined Intellectual Ventures in 2010. Mr. Katoh is actively involved in policy and regulatory discussions on Internet and technology issues. He served as chairman of the Internet Law & Policy Forum (ILPF), a board member of the Internet Corporation for Assigned Names and Numbers (ICANN), chairman of working group of Internet Governance at Global Information Infrastructure Commission (GIIC) and chairmen of two subcommittees at the Japan Business Federation (Nippon Keidanren). He serves as vice chair of IGF-Japan, the local IGF group launched in Japan.

He received law degrees from the University of Tokyo (LL.B.) and the University of Michigan (LL.M.), and is admitted to practice law in Washington D.C. and New York.

jim-foster-profileJim Foster
Executive Director, The Asia Pacific Institute for the Digital Economy (APIDE)
Jim Foster is Executive Director of APIDE, and Professor at Keio University. He is interested in the intersection of technology and policy with a particular focus on how regulatory frameworks impact on innovation and growth. He is also active on global Internet governance issues, especially as they related to privacy, security and competition policy concerns. He is a former Vice President of the American Chamber of Commerce in Japan (ACCJ) and a founder of the ACCJ Internet Economy Task Force, which supports the US-Japan Internet Economy Dialogue.

He graduated from the University of Notre Dame in 1971 and received his Ph.D. in Government from the University of Washington in Seattle in 1980. He is a former US diplomat and worked as Director of Corporate Affairs for Microsoft Corporation in Tokyo.