Skip to main content

This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

International Data Governance Study Group (the fifth)

In order to support the implementation of the Institutional Arrangement for Partnership (IAP) established under the OECD and other international frameworks, the Government of Japan will hold study meetings to discuss, study and make recommendations by experts, while reflecting information and requests from stakeholders such as Japan and companies related to cross-border data transfer.

Overview

  • Date and Time: Tuesday, January 28, 2025, from 10:00 to 11:30
  • Location: Online Meeting (Microsoft Teams)
  • Agenda:
    1. Opening
    2. Business
      1. Matters to be discussed
        1. Draft Data Governance Guidelines
        2. Free discussion
      2. Matters to be reported
        1. Japan-ASEAN Efforts in the Field of DFFT / Data Governance
        2. Publication of Manual on Cross-Border Data Management of Industrial Data
        3. Communication, etc.
        4. Closing

Material

Related Information

Summary of the meeting

Date

Tuesday, January 28, 2025, from 10:00 a.m. to 11:30 a.m.

Location

Online Meetings (Microsoft Teams)

Attendee

Members (in the order of Japanese syllabary)

  • Chairman Yamamoto
  • Member Atsumi
  • Raw shellfish member
  • Member Kawamura
  • Member Kitamura
  • Leader
  • Member Sato
  • Member Sawada
  • Member Suzuki
  • Member Naganuma
  • Masujima Members
  • Member Miyamoto

Observer

  • Personal Information Protection Commission Secretariat
  • Ministry of Internal Affairs and Communications

Secretariat

  • International Strategy, Group of Service for Citizens, Digital Agency
  • International Affairs Office, Bureau of Commerce and Information Policy Ministry of Economy, Trade and Industry
  • Digital Consulting Department, Mizuho Research & Technologies Co., Ltd.

Discussion Summary

(1) Draft Data Governance Guidelines (Digital Agency)

Purpose of the Data Governance Guidelines (Draft)
  • The Data Governance Guidelines (draft) are presented as part of various policies to form an integrated data ecosystem in Japan in cooperation with the public and private sectors in order to utilize data, which has become a major means of production in the digital economy, in a manner consistent with the characteristics of data.
  • From the viewpoint of promoting the reliable distribution of data in terms of both the appropriate use and protection of data to the management of companies, the axes that should be given priority consideration in the formulation of management strategies are summarized.
  • Along with the promotion of data utilization, it is also important from the viewpoint of corporate governance to establish an appropriate system for utilizing data.
Four Pillars of Data Governance Implementation
  • The first pillar, "Business processes in line with the reality of cross-border data," describes desirable measures to comply with regulations necessary when data cross borders within the company or jurisdiction.
  • In the second pillar, "data security," the focus is shifted from "information system units" to "data," and measures that combine rules, technologies, and operations for shared and collaborative partners are described based on the life cycle of data.
  • The third pillar, "Data Maturity," is a comprehensive ability that indicates whether a company is using data effectively, maximizing data and minimizing risks continuously, and achieving maximum corporate performance. It also states that management has a responsibility to explain the maturity level of the company to the outside world, and that various departments within a company need to closely cooperate from the viewpoint of data in order to improve the maturity level.
  • The fourth pillar, "Action Guidelines on the Utilization of AI and Other Advanced Technologies," describes desirable actions to be taken in order to minimize risks while making the most of the power of AI and other technologies, such as formulating action guidelines and making them known not only within the company but also to stakeholders.

(2) Open discussion

Overall data governance guidelines (draft)
  • Policies and rules are necessary for promoting data utilization and value creation through data. Leading companies have started to consider examination criteria for DX issues, and we believe that the Data Governance Guidelines (draft) are effective in considering companies.
  • Therefore, it would be better to use a message that DX is necessary for the realization of the Society 5.0 for SDGs, the resolution of social issues, the creation of industries, and other social objectives.
    - While there are differences among companies in the degree of promotion of DX, it has been set for the purpose of promoting DX so that it can be understood as an initiative related to various companies. (Secretariat)
  • Although the establishment of a CDO is a prerequisite, it is possible to promote DX without the establishment of a CDO. Therefore, GOJ requests USG to give consideration to the description so that it does not mean that it does not comply with METI's DX Code without the establishment of a CDO.
  • It is important not to stick to the name of CDO, but how to develop equivalent functions within the existing organization and each company. It is desirable to clarify what should be prioritized and what functions are equivalent.
    • Considering the importance of the functions and roles of CDOs rather than their names and formal settings, the Secretariat should consider a policy for their inclusion.
  • For example, it is written in one line, "In the supply chain, the rules of contracts with all stakeholders are clearly written in advance, and responsibilities, etc. are clarified," but it takes a very large amount of effort to do this. Things that must be done and things that are desirable, etc. Priorities, It is also important to have a written culture of love.
    • While referring to the examples of the EU and consulting with relevant organizations, we would like to consider how to proceed. (Secretariat)
  • The agricultural industry has little intention of using and utilizing data, so it is necessary to make farmers understand that there are benefits to using and utilizing data. Although there is no problem with the contents of the Data Governance Guidelines (draft), it is important to present use cases and actions to show the benefits of providing data.
    • We live in an age where providing data is a demerit and receiving data is a merit. By joining the data linkage community, we would like to be able to show concrete merits in use cases so that those who provide data can share the merits of data linkage. (Secretariat)
  • It would be better to set a time frame for the dissemination and implementation of data governance initiatives. The supply chain involved in the industry is diverse, but a game plan is needed to decide which companies to start with and which to bring in.
  • It would be desirable to provide more specific information on the linkages between data utilization and international data collaboration and corporate value.
  • The distinction between data reference and data transfer should be considered in the future.
  • On page 7, it is written that attention should be paid to the location of data handled in the information sharing system and the legal benefits associated with the data. However, there is no description on this point in the "business process in line with the reality of cross-border data" and "data security." Therefore, it is advisable to consider making additions based on trends in the development of international standards such as "Framework and concepts for organizational autonomy and digital confidentiality." It is advisable to consider including the level of confidentiality of data in the description.
    • Intra-Company collaboration is important for information sharing, and it would be desirable for management and CDOs to be able to see the status of collaboration. (Secretariat)
    • Legal benefits associated with data are described in footnotes at present because they also relate to technical matters related to the location and actual status of data, but the method of description will be reviewed. (Secretariat)
  • The content of the Data Governance Guidelines (draft) is considered on the basis of the "GOVERNANCE INNOVATION" that Japan has presented so far, and I am satisfied with it. However, since there are some barriers when private companies operate it, it is expected that the government will interact with them by creating additional measures such as tools based on the feedback from companies.
Organizing terms and concepts
  • The Digital Governance Code published by the Ministry of Economy, Trade and Industry and the Data Spaces Academy of the IPA also have several readers, so please clarify the positioning of the documents.
  • The definitions of "data management" and "data governance" are somewhat difficult to understand. In the draft data governance guidelines, they are described as internal data management, but in the data management framework, they are defined as efforts to ensure the reliability of data. Therefore, it may be necessary to organize the terms.
  • The term "governance" can be used at the level of a company, a country, or the international community. Please consider using a different term for "international data governance" in relation to the international community, and for governance within a company.
    • We would like to adjust the terminology based on the descriptions in the existing guidelines. (Secretariat)
  • At the management level, the roles and expected actions are different between execution and action, so it is better to clarify which message is sent to. It is important to send a message not only to the board but also to shareholders who have effective governance and capital markets, and to make use of capital market dynamics and market selection.
Business processes in line with the reality of cross-border data
  • It is also related to various legal systems such as the Data Act, the Intellectual Property Law, and the Information Law. Therefore, how should a company create a control tower for those that cannot be handled by the existing system of the company?
About Data Maturity
  • Perhaps the definition of "data maturity" could be explained in more detail.
  • The concept of "data-maturity" makes it possible to make requests based on concepts other than security. While referring to the United Kingdom, which is considering the concept of data-maturity in advance, the idea of raising data-maturity may be developed in each company. The characteristics of governance of those who are not good at data-utilization are the people of governance in Showa. By supporting the implementation of methods to increase data-maturity in each company through human resource development and implementation of organizational restructuring, etc. under this governance mechanism, it is an effective guideline proposal as a tool to directly connect the activities to update the governance of Showa to Reiwa type.
    • "Data maturity" is not a mechanism to perform authentication in all data sharing, but a concept that assumes comprehensive authentication by entering a community. We would like to see cooperation in the future, including from the viewpoint of standardization. (Secretariat)
Action Guidelines for the Utilization of AI and Other Advanced Technologies
  • There are various ways to realize it depending on the actual situation of the company, and it is meaningful to promote the accumulation and dissemination of specific case practices.
  • The report states that the evaluation of the results of the implementation of the Guidelines reflects the opinions of external experts who have no direct interest in the company. What is the intention behind this?
    • In addition to actively utilizing external experts to supplement the in-house dedicated organization, it is also described from the viewpoint of ensuring the independence of governance. (Secretariat)
About "Moving Beyond Data Governance Implementation"
  • An example of a social problem caused by the construction of a high-rise condominium is described. A detailed explanation of the analysis that the problem could have been avoided by data linkage may be necessary. It seems that the description in the latter part that there is a merit in sharing if the data is less sensitive is also difficult to gain a sense of understanding.
    • In the case of high-rise condominiums, the timing of the timetable revision does not always coincide with the timing of condominium construction, and the commodity value of services fluctuates depending on the reputation of residents, etc. (Secretariat)
  • At the stage prior to implementation of data governance, it may be necessary for the management to explain to shareholders that it is positioned as part of the management strategy consistent with the DX strategy and that it will increase profits through this. A policy of emphasizing the benefits of data governance may also be acceptable.
  • Implementation of data governance involves detailed discussions on interoperability, data security, data maturity, etc. Therefore, not only management's commitment but also CDO, etc. are required, and I feel that it is necessary to organize the stages.
  • I understand that the term "stakeholders" includes investors, but are the end consumers of B-to-C business, individuals who provide data, and society, which is a collection of individuals, included in stakeholders?
  • In general, I think that the recent trend in the case of corporate governance is for stakeholders to see it fairly broadly, so I would like to see it approach that if possible.
    • We will consider it based on your comments. We recognize that the level of importance varies depending on the type, degree of collection, and granularity of data, and we will continue to consider it. (Secretariat)
Way forward
  • To be held by the chairman of the Study Group and coordinated for disclosure
    • No objection at all

Or more