Yohko Orito and Kiyoshi Murata
It is often alleged that with the maturation of society, people in developed countries are aware of their rights and, among them, the right to privacy is now universally accepted. However, understanding of the concept and importance of privacy is not necessarily universal. For example, there is no word in Japanese that precisely corresponds to the English word privacy. Many Japanese people use the word puraibashi, the adopted word for privacy, without clearly understanding its meaning. In fact, for ordinal Japanese people privacy is just an imported idea and they tend to consider the right to privacy means that anyone can arbitrarily refuse interference of others and because of such arbitrariness this right is a subjective, timeserving concept.
Additionally, in Japanese society group mentality is emphasised and it is supposed that formation of well-rounded character is attained by learning to be cooperative and, therefore, that to be assertive is a vice and to compromise with others is a virtue. A characteristic mark of Japanese linguistic culture is frequent usage of implication in communication: to tell or describe important things explicitly is often hesitated and a person in his or her own right is expected to sense others’ implied feelings, emotions and thoughts in the proper way. Insisting on the right to privacy as “the right to be let alone” is, on the one hand, indicative of lack of cooperativeness and, on the other, of inability to communicate. The right to privacy as “the individual right to control the circulation of information concerning him or her” tends to be considered a manifestation of excess mistrust of those who collect, store, share and use personal data and of the cooperative society. Consequently, the right to privacy is foreign to the Japanese culture and this is one reason that less importance is attached to the right to privacy in Japanese society than in Western societies.
On the other hand, the tremendous development and spread of information and communication technology (ICT) has enabled business organisations, including Japanese firms, to collect, store, process, use and share a huge amount of personal data of customers. It is alleged that such personal data use make it possible for business organisations to satisfy ever changing customer needs, to streamline their business operations and, therefore, to gain competitive advantage. Personal data use is also expected that it can gift business organisations with favorable, long-term relationship with customers through timely provision of goods and services the customers really desire and with business partners through sharing necessary data. Individual customers can enjoy benefits of the timely provision of customized goods and services at lower price enabled by the proper use of personal data on customers by business organisations.
However, personal data use is a double-edged sword for business organisations as well as individual customers. It is inseparable from the risk of invasion of privacy. Any business behaviour that arouses suspicion of a violation of the right to privacy may result in withering criticism of the business organisation and expose it to trust and reputation risk. From the viewpoint of business, in order to avoid the risk, business organisations should develop secure information systems and take measures to preserve personal data they have in safety. Simultaneously, from a social standpoint, the fact that a tremendous amount of personal data is collected, stored, processed, shared and used by business organisations may justify private-sector-led self-regulation or public regulation for the private sector on protection of computer processed personal data.
Based on the idea that ICT is the strategic technology for Japan in the 21st century, the Japanese government adopts a policy to construct a “highly-networked information society” and is undertaking development of infrastructure for it. As a part of implementation of this policy, Act for Protection of Personal Data, which covers the private sector as well as the public sector, was approved in May 2003 and will be put into force in April 2005. The main cause for the issue of this act which has penalty clauses was not an internal claim, because of undervaluation of the right to privacy in Japanese society as mentioned above, but external pressure by the international community such as OECD guidelines and Directive 95/46/EC on the processing of personal data: business activities in the global business environment in which personal data are shared among business organisations beyond national borders will not become permitted unless some form of regulation on protection of personal data exists in each nation in which the business organisations are based. Coming enforcement of Act for Protection of Personal Data in Japan is recognised as, on the one hand, business opportunity for information system vendors or ICT consultant firms to sell their customer firms security systems corresponding to this law and as, on the other, what costs system users inevitable money.
One of ethical concerns with respect to protection of personal data and privacy in Japan is, then, that no business organisation would attempt to address privacy issues beyond abiding by the act. This concern may seem to be plausible when the following case is shown: in July 2001, Mainichi Newspaper reported that Toppan Insatsu sold a mailing list made and held by a bankrupt catalogue shipper, to which Toppan Insatsu attached a security warranty, to another catalogue shipper, and the manager in charge of this sale asserted that Toppan Insatsu did just a legal business activity. The thought that behaving morally is identical with compliance with law is wrong and, moreover, socially dangerous. However, for ordinal Japanese people it is difficult to consider how and why they should protect privacy beyond law because of their culture and, therefore, privacy protection in Japan would tend to become just superficial.