A Web of rules: how the Internet is affecting Japanese content liability, privacy and consumer protection laws - Case Study

Japan, Inc., Nov, 2002 by J. Dax Hansen, Keiji Sugiyama

IDENTIFYING THE WEB OF rules that govern the wired and wireless Internet in Japan is a time-consuming but essential task for businesses engaged in Japan-related activities. This article summarizes a number of Internet-related laws in Japan and includes several specific examples of the application of these laws to businesses operating in Japan. Included is a discussion of a recent governmental enactment to limit the liability of certain telecommunications service providers (TSPs) for content posted on their networks, efforts to regulate the transmission of spam, and proposed privacy measures and consumer protection laws.

Content Liability

Japanese legacy laws regulate various types of content, including pornography, gambling and advertising, although Article 21 of Japan's constitution also guarantees freedom of expression. Until recently, however, Japan has not had Internet-specific content liability laws.

On November 30, 2001, the Diet passed a law that went into effect May 27, 2002, to regulate online infringement of third party rights, including defamation, copyright infringement and privacy violations. This law is known as the Provider Liability Law. In response to growing problems involving defamation and copyright infringement among Internet users in Japan, the Diet passed the law as an attempt to provide mechanisms for dealing with the online publication of infringing or malicious content.

Under the Provider Liability Law, a TSP's liability to a third party claiming infringement generally is limited, unless it knows or has reason to know that information on its network infringes on the rights of a third party. In the case that the TSP deletes information submitted by a sender, the TSP's liability to the sender generally is limited if it is reasonable to assume that third party rights have been infringed upon, or the TSP conveys to the sender a request from the third party that the information be deleted, and the TSP does not receive from the sender within seven days a response contesting the proposed deletion. A third party claiming infringement may request the TSP to remove the allegedly infringing or defamatory content from the TSP's network. However, within the parameters stated above, the TSP is given flexibility to take remedial action based on its own assessment of the alleged infringement. Although the Provider Liability Law does not create an affirmative duty on TSPs to police their networks, TSPs face liability if they intentionally ignore consumer complaints and fail to take action to address such complaints.

In addition to providing a mechanism for removing infringing content, the Provider Liability Law provides that the third party claiming infringement can demand that the TSP disclose identity information about the alleged offender. A victim is entitled to learn the name and address of the offender under certain conditions, such as for use in filing a lawsuit. However, the TSP may use its discretion in determining whether or not to disclose the sender's identity to the third party claiming infringement. Except in the case of intentional or gross negligence, the TSP will not be liable to the third party claiming infringement if the TSP fails to respond to the third party's demand for disclosure. However, TSPs refusing to disclose personal information can be taken to court. Such disclosure provisions raise questions of conflict with the Constitution, which guarantees personal privacy, secrecy of communication and freedom of expression.

The Provider Liability Law deals with subject matter similar to that of the US Communications Decency Act and the Digital Millennium Copyright Act. It is similar to these US laws in that it fosters development of the Internet by limiting the liability of the TSP. However, it is different in that it places different burdens on the TSP than those placed on the TSP under the US model. It is also different in that it applies the same standard of liability to all types of violations covered by the Provider Liability Law (copyright infringement, defamation, privacy infringement). Yet it does not broadly cover all cases where liability is concerned; it only stipulates certain rules and leaves other situations to be determined under general laws.

The Provider Liability Law is different from the Communications Decency Act in that the TSP is much more involved in the process under the Japan model. For example, under the Provider Liability Law, the TSP cannot rely on the limited liability safe harbor if it is technically able to filter the infringing content and knows of has reason to know of it but fails to act. No such requirement applies to TSPs under the US law. While the TSP is also protected from liability from blocking, such protection depends on the TSP's having evidence of the infringement or claim, or providing notice and an opportunity to respond to the allegedly infringing party. Under the Communications Decency Act, the TSP's protection is extended to choosing to leave the content in place even after notice of a claim. Arguably, the US service provider may even edit the content in question without losing the benefit of the limitation on liability.