Japan to Share Telecommunications Data with the United States for Active Cyberdefense
Japan plans to share data obtained from private-sector telecommunications carriers with the United States under a proposed active cyberdefense framework. This policy aims to prevent cyberattacks on critical infrastructure and will be included in upcoming legislation.
The government has already informed the United States of its plan, and data sharing will be discussed during a meeting between Japanese and U.S. foreign and defense ministers in Tokyo later this month.
Active cyberdefense involves government monitoring of computer networks in peacetime by analyzing communications data provided by private-sector telecommunications carriers. It can also include infiltrating an attacker's computer to render it harmless.
By providing communications information to the United States, the Japanese government expects to receive similar information in return. This information could alert Japan to new cyberattacks and provide details on how to respond.
The United States has been urging Japan to institute an active cyberdefense, and the government's decision to provide communications intelligence is a response to this request. This policy aligns with the National Security Strategy, which emphasizes information gathering and analysis in collaboration with allies and like-minded countries.
The government proposes requiring telecommunications carriers to release communications data through a new law, which will be submitted to an extraordinary Diet session in the autumn. This law will specify that the information collected will be limited to metadata, excluding the content of emails and personal information.
However, concerns remain about the potential violation of privacy and surveillance of citizens, as well as the risk of data leaks. Additionally, the scope of information sharing with the United States, the risk of individual identification, and data handling procedures need to be addressed.
Furthermore, the validity of providing communications information to the United States itself may be questioned from the perspective of data sovereignty, which advocates for a country to manage its information within its borders.