Skip to main content

This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.
If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

Digital Agency Compliance Committee (7th)

Digital Agency will be the control tower for the formation of digital society, which aims to realize the sustainable and sound development of the Japanese economy and the happy lives of the people. The expectations of the people toward Digital Agency are extremely high, and Digital Agency bears an extremely heavy responsibility.

At today's meeting, active discussions and exchanges of views were held on the progress of various initiatives related to compliance, the utilization of evaluation systems to expand opportunities for digital startups to enter public procurement, the operation status of the bidding restriction system, and the content of the report in response to the "Request for Report, etc. under the Act on the Use of Numbers to Identify Specific Individuals in Response to Cases of False Registration of Personal Information Protection Commission" from public fund receiving account.

The results of today's discussions will be fully reflected in the formulation of various norms and rules in Digital Agency.

Overview

  • Date and Time: Friday, March 15, 2024 (2024) from 9:30 to 11:00
  • Location: Digital Agency Shared Conference Room

Committee Members

(Japanese syllabary order, honorific titles omitted)

Members

  • Toshiya Natori (Legal Partner, ITN Law Office): Chairman
  • Koichi Endo (Councilor Digital Agency)
  • Toru Kajikawa (Representative Partner and Chairman, Taiyo LLC)
  • Jiro Kokuryo (Professor, Faculty of Policy Studies, Keio University)
  • Akihiko Shiba (Attorney at Shiba and Tanaka Management Law Office)
  • Keiko Fujimori (Representative Director / Certified Public Accountant, ASIMOV ROBOTICS Co., Ltd.)

Materials

Relevant policies

Summary of proceedings

After the Secretariat explained the contents of each agenda, discussions were held. The main opinions are as follows.

Status of promotion of various initiatives related to compliance

  • Regarding the training, I think that the theme has been selected in consideration of the risks in Digital Agency, and it is a good content. In the future, we would like to request that efforts be made to disseminate the training to employees by incorporating actual cases and understanding the participation rate.
  • Although an attorney serves as an external contact point for whistleblowing, we feel that the dissemination of information is not sufficient. The advantage of accepting whistleblowing by an attorney outside organization is to ensure anonymity, and we would like you to repeatedly disseminate this point so that it is well conveyed.

Use of evaluation systems to expand opportunities for digital startups to enter the public procurement

  • There is a story of ordering, a story of project management, and a specific story of development. Until now, the project management part was thrown to the major companies, so vendor lock-in occurred. I think the desirable form of the division of roles here is a problem of the entire Digital Agency. Do you have an image for that? We need to have abilities in some parts, and if there is a shortage of manpower, we will implement project management by asking a place like a consultant. I can imagine that it is such a form, but it is necessary to have an image of what kind of system is desirable.
  • If the project management is entrusted to a major company, it will be a vendor lock-in, so Digital Agency must have the capability itself. However, there is also a measure to utilize external consultation, and what kind of system will be built will be the future of Issue.
  • Instead of talking about a world that moves sequentially like a waterfall, it has become a world that moves in a para, and we need to deal with compliance issues when moving in a para.
  • The number of small and medium-sized startups in procurement is shown, and how to nurture them is the Issue. If we want to expand this, I think we need to respond more carefully to start-ups in the course of procurement than ever before, but we need to consider the balance with the rationalization of procurement.
  • I appreciate the efforts to increase the opportunities for startups to enter the market, but is this purpose being utilized at the stage of screening for bid participation qualifications? If the reality is that it takes a considerable amount of time and effort for SMEs to obtain bid participation qualifications, the efforts will not be effective.
  • It is true that it will be difficult for the ordering party to use many small and medium-sized startups. Startups do not always have people who have enough know-how to look over the whole project. In order to make good use of people who have sharp points of startups, it is necessary to transfer the know-how to look over the whole project well on the ordering party side.

Status of Operation of the Bidding Restriction System

  • Is the measure to prevent external access to the Access Restricted Folder where procurement Written Specifications are created different from the idea of eliminating the room for fraud by understanding as much as possible the communication about procurement and making it transparent? Or, is there no problem if the ordering party and the business operator are communicating in a place other than the Access Restricted Folder and all of this is understood and transparent? If it cannot be done from the viewpoint of security, it may be different from the problem of compliance. In any case, regarding the granting of access rights to the Access Restricted Folder by the support business operator proposed in the survey report of the last fiscal year, we would like to reanalyze whether the proposal was made from the viewpoint of business convenience or from the viewpoint of compliance, and arrange it including what can be done technically.
  • You explained that there was one application for exemption in fiscal 2023, but I would like you to carefully analyze whether it was one that was finally realized after overcoming difficulties, one that is likely to increase in the future, the sense of burden on companies and ordering parties, which have been Issue, and how much understanding has spread. After that, I would like you to take necessary measures, if any, to ensure that applications for exemption will be made.

Regarding the content of the report in response to the "Request for Report, etc. Pursuant to the Act on the Use of Numbers to Identify Specific Individuals in Response to False Registration Cases in Personal Information Protection Commission" from public fund receiving account

  • The main cause of this incident, the failure to log out, is a human error, so it always happens, and it is necessary to build a system based on this assumption at the stage of system design and operation in the first place.
  • Digital Agency may not understand this, but what does it mean that Personal Information Protection Commission entered the on-site inspection despite the fact that Digital Agency made a report? Does it mean that there were some inadequacies?
  • Since the compliance INS Committee has a strong interest in matters related to compliance, including the protection of personal data, it is requested that information be shared in an appropriate form from time to time and that more appropriate responses be taken.

Other
(Communication from the Secretariat)

End