Information on the Data Privacy Regulations of Foreign Countries
- Introduction
- Australia
- Austria
- Bangladesh
- Belgium
- Brazil
- Bulgaria
- Cambodia
- Canada
- China
- Croatia
- Cyprus
- Czech Republic
- Denmark
- Estonia
- Finland
- France
- Germany
- Greece
- Haiti
- Hong Kong
- Hungary
- Iceland
- India
- Indonesia
- Iran
- Ireland
- Israel
- Italy
- Japan
- Kazakhstan
- Kyrgyzstan
- Laos
- Latvia
- Liechtenstein
- Lithuania
- Luxembourg
- Malaysia
- Malta
- Mexico
- Morocco
- Myanmar
- Netherlands
- New Zealand
- Nigeria
- Norway
- Oman
- Philippines
- Poland
- Portugal
- Qatar
- Romania
- Russia
- Saudi Arabia
- Singapore
- Slovakia
- Slovenia
- South Africa
- South Korea
- Spain
- Sri Lanka
- Sweden
- Switzerland
- Taiwan
- Thailand
- Trinidad and Tobago
- Turkey
- Ukraine
- United Arab Emirates
- United Kingdom
- United States of America
- Viet Nam
Information on the Data Privacy Regulations of Foreign Countries
Introduction
LINE is providing various services to its customers, and there are cases where LINE provides your personal data to a company located in a country or region other than the country or region where you reside, upon obtaining your consent etc., in the course of providing such services.
The fact that LINE may provide your personal data to foreign companies is described in LINE’s Privacy Policy, and in the privacy policy and rules of various services.
This page describes information on the data privacy regulations of foreign countries as reference information in connection with your own personal data being provided to a company located in a country or region other than the country or region where you reside.
Please refer to this page when using the various services provided by LINE.
As the contents related to information on the data privacy regulations of foreign countries, there are the following four items.
■ Existence of the data privacy regulations
Whether there is a data privacy regulation, including a comprehensive regulation, in the corresponding country/region is indicated.
■ Reference information related to the data privacy regulations
The following types of information are indicated as a reference related to the standards of the data privacy regulation of each country.
▪ Whether the standards of the data privacy regulation of the corresponding country/region are equivalent to those of Japan
When the data privacy regulation of the corresponding country/region is equivalent to those of Japan, such fact is indicated.
▪ Adequacy decision in EU
When adequacy decision in EU has been adopted in the corresponding country/region, such fact is indicated.
Adequacy decision in EU is the European Commission’s decision to the effect that the corresponding country/region has secured an adequate level of protection for personal data. When adequacy decision in EU has been adopted in the corresponding country/region, the same level of protection of personal information as in Japan can be basically expected in such corresponding country/region.
▪ Participation in APEC CBPR system
When the corresponding country/region is a participating country of the APEC CBPR system, such fact is indicated.
When the corresponding country/region is a participating country of the APEC CBPR system, the same level of protection of personal information as in Japan can be basically expected in such corresponding country/region since it is considered that such corresponding country/region has laws compliant with the APEC privacy framework and an enforcement office to enforce such laws.
▪ Satisfaction of OECD’s Eight Principles
Whether the data privacy regulation of the corresponding country/region includes rules corresponding to OECD’s Eight Principles is indicated as needed.
OECD’s Eight Principles fulfill the role as the basic principles to be referenced in the efforts for international personal information protection, and are considered to be the substantial global standards when each country establishes its personal information protection system.
In this page, whether the data privacy regulation of the corresponding country/region includes rules corresponding to OECD’s Eight Principles is indicated according to the following legends for each of OECD’s Eight Principles.
Legends: ○ Rules are included in the comprehensive system; ∆ Certain rules are included in the comprehensive system/Rules are included in individual systems; — No rules could be found
OECD’s Eight Principles are as indicated in (1) to (8) below.
(1) Collection Limitation Principle
Personal data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject
(2) Data Quality Principle
Personal data should be relevant to the purposes for which they are to be used, and should be accurate, complete and kept up-to-date
(3) Purpose Specification Principle
The purposes for which personal data are collected should be specified, and the subsequent use limited to the fulfillment of those purposes
(4) Use Limitation Principle
Personal data should not be used for purposes other than those specified except with the consent of the data subject or by the authority of law
(5) Security Safeguards Principle
Personal data should be protected by reasonable security safeguards against such risks as loss, destruction, use, modification or disclosure of data
(6) Openness Principle
There should be a general policy of openness about developments, practices and policies with respect to personal data. Means should be readily available of establishing the existence of personal data, and the purposes of their use, as well as the the data controller
(7) Individual Participation Principle
An individual should have the right to obtain from a data controller, or otherwise, confirmation of whether or not the data controller has data relating to him, and to challenge data relating to him
(8) Accountability Principle
A data controller should be accountable for complying with measures which give effect to the principles stated above
■ Existence of system that may significantly affect the rights and interests of individuals
Information on whether there is a system that may significantly affect the rights and interests of individuals pursuant to the transfer of personal data to the corresponding country/region in comparison to Japan’s data privacy regulation is indicated.
Specifically, the following information which may significantly affect the rights and interests of individuals in the system of the corresponding country/region is indicated; namely, (1) existence of rules which directly obligate the recipient of personal information, which was collected within the corresponding country/region, to retain such personal information within the corresponding country/region, or obligates the recipient of personal information to substantially retain such personal information within the corresponding country/region by imposing restrictions on carrying such personal information outside the corresponding country/region (system related to data localization), and (2) existence of rules which allow the government to access the personal data retained by private businesses or obligate private businesses to provide personal data to the government under laws for the purpose of enforcement of criminal laws and/or national security safeguards (system related to government access).
LINE will provide information related to the data privacy regulations of the corresponding country/region upon periodically checking and confirming the data privacy regulations of the country/region to which your personal data may be provided. Please note that, since the information related to the data privacy regulation of each country will be updated periodically, such information may differ from the latest one at present.
Furthermore, please also review the information on the data privacy regulations of foreign countries provided by the Personal Information Protection Commission of Japan.
Australia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Austria
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Bangladesh
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | — |
| Security Safeguards | — |
| Individual Participation | — |
| Data Quality | — |
| Use Limitation | — |
| Openness | — |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Belgium
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Brazil
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
—
Bulgaria
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Cambodia
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | △ |
| Individual Participation | △ |
| Data Quality | — |
| Use Limitation | — |
| Openness | — |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Canada
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Adopted (Private Sector)
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
China
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to data localization that may significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Croatia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Cyprus
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Czech Republic
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Denmark
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Estonia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Finland
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
France
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Germany
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Greece
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Haiti
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: No
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | — |
|---|---|
| Purpose Specification | — |
| Security Safeguards | — |
| Individual Participation | — |
| Data Quality | — |
| Use Limitation | — |
| Openness | — |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Hong Kong
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Hungary
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Iceland
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
India
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | △ |
| Individual Participation | △ |
| Data Quality | △ |
| Use Limitation | △ |
| Openness | △ |
| Accountability | △ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Indonesia
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | △ |
| Individual Participation | △ |
| Data Quality | △ |
| Use Limitation | — |
| Openness | △ |
| Accountability | △ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Iran
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | — |
| Individual Participation | △ |
| Data Quality | △ |
| Use Limitation | △ |
| Openness | — |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Ireland
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Israel
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Adopted
▪ CBPR system: Not participating
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Italy
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Japan
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Kazakhstan
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | △ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to data localization that may significantly affect the rights and interests of individuals
Kyrgyzstan
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | △ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Laos
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | △ |
| Individual Participation | △ |
| Data Quality | — |
| Use Limitation | △ |
| Openness | △ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Latvia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Liechtenstein
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Lithuania
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Luxembourg
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Malaysia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | △ |
| Individual Participation | △ |
| Data Quality | △ |
| Use Limitation | △ |
| Openness | △ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
—
Malta
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Mexico
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Morocco
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | △ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Myanmar
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | — |
|---|---|
| Purpose Specification | — |
| Security Safeguards | △ |
| Individual Participation | — |
| Data Quality | △ |
| Use Limitation | △ |
| Openness | — |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Netherlands
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
New Zealand
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Adopted
▪ CBPR system: Not participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Nigeria
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to data localization that may significantly affect the rights and interests of individuals
Norway
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Oman
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | — |
| Security Safeguards | — |
| Individual Participation | △ |
| Data Quality | — |
| Use Limitation | — |
| Openness | △ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Philippines
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Poland
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Portugal
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Qatar
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Romania
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Russia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to data localization that may significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Saudi Arabia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes (Scheduled to enforce on March 17, 2023)
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Singapore
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Slovakia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Slovenia
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
South Africa
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | △ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
—
South Korea
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Spain
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Sri Lanka
■ Existence of the data privacy regulations
Comprehensive system: No
System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | — |
|---|---|
| Purpose Specification | — |
| Security Safeguards | — |
| Individual Participation | — |
| Data Quality | — |
| Use Limitation | — |
| Openness | — |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Sweden
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
Switzerland
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Adopted
▪ CBPR system: Not participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Taiwan
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Thailand
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes (Fully enforced on June 1, 2022)
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
Trinidad and Tobago
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes (Some regulations have not been enforced)
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | ○ |
| Individual Participation | △ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | △ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
—
Turkey
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
—
Ukraine
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | △ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
—
United Arab Emirates
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | ○ |
|---|---|
| Purpose Specification | ○ |
| Security Safeguards | ○ |
| Individual Participation | ○ |
| Data Quality | ○ |
| Use Limitation | ○ |
| Openness | ○ |
| Accountability | ○ |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals
United Kingdom
■ Existence of the data privacy regulations
▪ Comprehensive system: Yes
■ Reference information related to the data privacy regulations
▪ There is a data privacy regulation acknowledged as being the same level as in Japan
United States of America
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Participating
■ Existence of system that will significantly affect the rights and interests of individuals
—
Viet Nam
■ Existence of the data privacy regulations
▪ Comprehensive system: No
▪ System of individual sectors/regions: Yes
■ Reference information related to the data privacy regulations
▪ Adequacy decision in EU: Not adopted
▪ CBPR system: Not participating
▪ OECD Privacy Guidelines 8 Principles
| Collection Limitation | △ |
|---|---|
| Purpose Specification | △ |
| Security Safeguards | △ |
| Individual Participation | △ |
| Data Quality | △ |
| Use Limitation | △ |
| Openness | △ |
| Accountability | — |
■ Existence of system that will significantly affect the rights and interests of individuals
▪ There is a system related to government access that may significantly affect the rights and interests of individuals