In recent years, the importance of protecting personal data has been emphasised and many people often mistakenly believe that they can claim damages under tort law for violations of data protection law. However, under tort law, breaches of data protection law do not necessarily result in financial, bodily or mental harm. Furthermore, it is unclear whether violations of the right to data protection themselves can be considered as damage. 

Technically speaking, data protection law and tort law are distinct, and the detailed and occasionally ambiguous nature of data protection provisions complicates the understanding of the relationship between the two. In this seminar, we will examine relevant Japanese cases and compare them with the right to privacy in order to clarify this issue.

Takayuki KATO is professor of law at Toyo University teaching constitutional law and holds Ph.D. degree from Chuo University on the book titled Boundaries of Constraint on Sexually Explicit Expression (Minervashobo 2008). He has many publications in the area of equality, freedom of speech, privacy, data protection, and AI and law. His recent published book titled Difference between Right to Privacy and Protection of Personal Information (Toyo University Publishing 2022) analyses the legal systems of Ireland, the United Kingdom and Japan, and particularly addresses on the guarantee of privacy rights in the 17th century of the UK which could be assessed as the source of privacy law.

His current work is focused on the possibility of the attachment of legal personality to AI or Avatar. Some believe any sort of entity could be the object of law because legal personality is a creation of legal contemplation. He challenges this assertation on the ground that they seem to ignore substantial, necessary or sufficient criteria for the legal personality qualifications. After he looks into the history, role and significance of legal personality for natural person and artificial person as prototypes, he examines how laws came to treat idol, ship, nature and animals as legal objects. With the fundamental analyses, he then considers whether legal personality could be assigned to AI or Avatar.  

He is a member or chairperson of personal data protection committee at four municipal governments including Saitama prefecture and Suginami-ku, and of privacy mark committee at four corporate associations including Committee for the Certification of APEC Cross Border Privacy Rules (CBPR) in Japan and the Privacy Mark Review Committee at JIPDEC (Japan Information Processing and DEvelopment Center).

Japanese civil code does not explicitly recognize the right to privacy as a protected interest in tort law. Supreme Court precedents that have acknowledged "privacy" as a protected interest without translating the term into Japanese have predominantly dealt with cases involving news articles or academic publications concerning criminal facts, raising questions about whether these truly constitute protection of the private sphere in its pure sense. Furthermore, Supreme Court cases that have awarded damages for the disclosure or leakage of personal names remain controversial in terms of their scope and application.

Japanese case law on "privacy" protection has disproportionately focused on the transfer of personal data to third parties, failing to recognize data retention or processing as tortious conduct. This understanding is also reflected in administrative data protection legislation, resulting in significant divergences from the EU's GDPR. This seminar proposes directions for data protection law reform based on an analytical framework that categorizes the protected legal interests in privacy violations.

Kunifumi Saito is an Associate Professor at the Faculty of Policy Management, Keio University. He earned his J.D. summa cum laude from Waseda Law School and his Ph.D. from the Graduate School of Media and Governance at Keio University.

Prior to entering law school, Professor Saito worked as a software engineer at NTT DATA Corporation. Following his admission to the bar, he began his legal career as an associate at Jones Day's Tokyo office. He subsequently served as Deputy Director at Japan's Consumer Affairs Agency and as Senior Manager at Mitsubishi UFJ Financial Group.

His recent book, Legal Protection of Privacy and Dignity (Nippon Hyoron Sha, 2023), is a comparative legal study that introduces U.S. fiduciary duty doctrine to the Japanese legal context.

Japanese administrative law has increasingly recognized the role of independent supervisory authorities in the governance of personal data. The Personal Information Protection Commission (PPC), established as an independent body under the amended Act on the Protection of Personal Information (APPI), serves as Japan’s central data protection authority. However, its institutional foundation and functional scope differ significantly from its European counterparts.

While the PPC has engaged in international cooperation—such as adequacy negotiations with the EU and participation in the Global Privacy Assembly—its enforcement mechanisms remain embedded in traditional administrative structures, raising questions about its independence in practice. Moreover, Japan’s fragmented data protection regime, which separates public- and private-sector oversight, has constrained the PPC’s ability to supervise government actors comprehensively.

This presentation situates the PPC’s functions within broader debates on regulatory autonomy and cross-border data governance. It further assesses how the Commission's role reflects Japan’s unique legal and administrative traditions, and what challenges remain in aligning with evolving global data protection standards.

Mayu Terada holds a LL.D. in Law from Hitotsubashi University, and J.D. from Keio University Law School, where she specialized in administrative law and information law. After serving as an Associate Professor at the International Christian University, she is currently a Professor at the Graduate School of Social Data Science, Hitotsubashi University.

She has held various public roles, including Chair of the Saitama Prefecture Personal Information Protection Review Board, Member of the Tokyo Metropolitan Government’s Information Disclosure and Personal Information Protection Review Board, and Member of the Kanagawa Prefecture Information Disclosure Council. In addition, she has served on several national committees, such as the Cabinet Office, Cabinet Secretariat, and Cabinet Legislation Bureau Tender Monitoring Committee. Currently, she is a Member of the Ministry of Internal Affairs and Communications’ Council on Information Disclosure and Personal Information Protection, appointed by the National Diet.

www.uni-kassel.de/go/geminn

www.uni-kassel.de/go/hornung