Sept. 29 — Japan's Ministry of Economy, Trade and Industry (METI) will amend its guidelines implementing the Personal Information Protection Law, Minister Yuko Obuchi said Sept. 26 as she announced enforcement action against a company that faced the largest data breach in Japan.
The announcement came a day after Benesse Holdings Inc. released an independent investigation report concluding that the breach affected 48.6 million of its customers, more than twice the number of affected customers the company previously reported.
The company, which sells correspondence education programs for schoolchildren, initially reported July 9 that 20.7 million customers were affected (136 Privacy Law Watch, 7/16/14)(13 PVLR 1288, 7/21/14). On July 16, the company increased that number to 22.6 million customers (143 Privacy Law Watch, 7/25/14)(13 PVLR 1332, 7/28/14).
Obuchi didn't comment on the details of planned amendments to the METI's data protection guidelines, but she said the changes would reinforce provisions related to data breaches and cybersecurity. She said the guidelines would be amended in 2015.
Obuchi told reporters that METI instructed Benesse that it should reinforce its management structure to prevent the recurrence of the lax data security that allowed a former employee to download the personal information of customers and then transfer it to third parties.
METI said Benesse's lax data security safeguards and poor personal information management violated Article 20 of the Personal Information Protection Law.
Benesse also violated Article 22 of the statute by providing inadequate supervision of personnel, according to a METI spokesman.
Obuchi said that as a result of confirming the violations her ministry was issuing an administrative recommendation to Benesse's management to take measures for better protection of customer private information.
The recommendation included advising Benesse to take responsibility for the actions of its business partners.
The enforcement recommendation focused on the need for the company to reinforce its management attention to data security and ensure that its data protection administrative structure is in place, the METI spokesman said.
The enforcement action didn't include fines or other penalties.
METI's recommendations to Benesse are similar to those made in the independent investigation report released by the company.
That report said the company should :
In addition, the company should clarify its organizational responsibility for protecting personal information, the report said.
To contact the reporter on this story: Toshio Aritake in Tokyo at firstname.lastname@example.org
To contact the editor responsible for this story: Donald G. Aplin at email@example.com
Full text of Benesse's breach report is available, in Japanese, at http://op.bna.com/pl.nsf/r?Open=dapn-9pfm7e.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)