"Guideline For Protecting Personal Data"
In Electronic Network Management (Revised)
December 3, 1997
Electronic Network Consortium
(Objective)
The aim of these guidelines is to ensure that electronic networks develop in a well-structured way by providing all domestic online service providers regardless of business aims, size or business methods with a unified approach to managing and protecting personal data to safeguard the rights of the online user.
It is intended that online service providers refer to these guidelines when designing their online services. In addition to pursuing their own business aims, it is important that they act to protect personal data belonging to network users.
(Terminology)
(Subject of the guidelines)
The guidelines apply to anyone who handles personal data on electronic networks. Following is a list of relevant organizations:
- Providers of electronic network services
- Companies and organizations that contract out their electronic networks to network providers
- Hosts and providers of services including electronic malls, e-mail servers, electronic bulletin boards, forums.
- Administrators of web sites on the Internet who process customer information.
(Guidelines)
- Collecting personal data
When people or organizations that are the subject of these guidelines collect personal data as a prerequisite to providing a service, the necessity of collecting the data must be clearly established and only the data that is required to provide the service should be requested. Following are some examples of the type of membership data that should be requested:
- How to request membership data
Data on individual members should be obtained directly from the member or a representative assigned by the member. Data on corporate members should be obtained directly from the individual or a representative assigned by the individual (a pre-designated contact person).
- Considerations in collecting personal data
The personal data must be collected by legal and fair means, and the consent of the individual concerned must be obtained.
- Personal information that cannot be collected
Personal data in the following categories cannot be requested, used or provided, with the following exceptions: When the unambiguous consent of the individual concerned has been obtained, when a specific law allows for the collection, usage and provision of such data, or when the information is essential for a specific legal procedure.
- Information on race or ethnic group
- Family background and place of birth
- Religion (religion, belief, creed), political views, or membership of a labor union
- Health, medical condition or sexual preference
- Use of personal data
Use of personal data must be limited to the purposes for which the data was collected. However, the data may be utilized for other purposes when the individual concerned gives consent for this use. Organizations that are the subject of these guidelines should maintain the necessary systems. Following is an example of the systems where personal data can be considered necessary.
- e-mail, electronic bulletin boards, electronic forums.
Personal data displayed on e-mail systems should be limited to the minimum amount necessary to send an e-mail. Personal data attached to messages to electronic bulletin boards or forums must be limited to the minimum amount needed to identify the individual taking responsibility for the content in the light of freedom of expression.
- Providing personal data
Personal data must not be provided to any third party, except in the case where a third party has valid legal reasons and the consent of the individual concerned is obtained. Following are some examples:
- Request by a person to view their own data
When disclosure of personal data is requested by the subject of the data, the data shall be provided after confirming the identification of the requester. The provider or the host of the electronic network should have in place a system to provide legitimate data promptly.
- Request by a person to view their own data
When disclosure of personal data is requested by the subject of the data, the requester's identification should be confirmed first by checking against the member's data and then the requested data should be provided. When the requester is a representative such as a family member assigned by the individual concerned, the information should be provided only after confirming that the representative has been assigned by the subject of the data themselves. In the case of corporate membership, personal data can be provided to a contractor (representative) who has the permission of the individual concerned in the same way as for individual members. The request for personal data by other departments in the same corporation will be rejected.
- Method of verifying ownership of data
Data should be collated with the registered member data held by the provider or host of the electronic network and data which is known only to the individual concerned.
- Data available for disclosure
Personal data categorized in the previous section are subject to disclosure. However, data such as passwords should be provided after confirming that the recipient is the requester via postal mail, or a phone call.
- Setting up a help desk
Providers and hosts of electronic networks should set up a help desk to respond to inquiries. All members should be informed of the existence of the help desk.
- Disapproval of the use of personal data
When the individual disapproves of the provision to a third party of his/her personal data already held by the provider or host of an electronic network, the data should not be given to a third party, except in cases where the data must be given to fulfill the responsibility as provider or host.
- Security of personal data
Providers of electronic networks should have in place a suitable and effective security system to prevent leakage of data. They should keep personal data needed in fulfilling their business aims accurate and up-to-date.
- Request for correcting account information
When the account holder requests corrections to their account information, the data should be corrected after verifying the requester's identification. The account information may be changed when requested by a financial institution.
- Use of external services
When outside vendors are contracted to handle any part of the operation, their legal obligation to maintain privacy of information must be written in the contract. They must not disclose any information obtained during the contracted work, and there must be no leakage of personal data.
- Handling personal data for ex-members
When personal data is kept after membership has been canceled, the data should be safeguarded by a proper security system in the same way as before cancellation.
- Responsibility of users
Some personal data such as passwords are known only by the user, and the responsibility of the user to keep such information secret should be clearly stated in the membership policy along with the reasons why.
- Managers of personal data
Providers of electronic networks should appoint a manager within the organization who understands the objectives of these guidelines and who is capable of carrying them out to be responsible for the proper management of personal data.
(Implementation)
Providers of electronic network should respect the aims of the guidelines and provide proper systems within the organization to protect personal data. The guidelines should be enforced among electronic network providers and the Electronic Network Consortium will follow up on spreading the use of the guidelines and user education.
go to index
e-mail address enc@nmda.or.jp
(c)1997 Electronic Network Consortium