Attaining Safe, Secure ICT Utilization Environment and R&D ......than personal computers because users carry smart-phones that remain switched on and connected with net-works. Users’

1. Potential and problems of personal data utilization and distribution(1) Current state and potential of personal data utilization and

distributionPersonal data utilization has made rapid progress in

various areas in Japan and other countries. In line with future technological development, new highly conve-nient personal data services are expected to emerge in the future.

As far as the disclosure of personal data to relevant persons, the obtainment of consent from specific per-sons to the utilization of their personal data and the use of anonymity technologies are appropriately implement-ed, personal data may be utilized with no privacy in-fringement problems being caused.

(2) Systems and initiatives for personal data utilization and distribution

a. Enactment of Personal Information Protection ActThe Act on the Protection of Personal Information

(Law No. 57 of 2003) (hereinafter referred to as the Per-sonal Information Protection Act) was enacted in May 2003 and took effect in April 2005. Simultaneously, the Act on the Protection of Personal Information Held by Administrative Organs and the Act on the Protection of Personal Information Held by Independent Administra-tive Agencies, etc. were enacted and implemented. In April 2004, the Cabinet made a decision on the Basic Policy on the Protection of Personal Information based on the Personal Information Protection Act.

b. MIC initiativesIn response to the full implementation of the Personal

Information Protection Act, the MIC revised the Guide-lines for Protection of Personal Information in the Tele-communications Business released in 1991 and estab-lished the Guidelines for Protection of Personal Information of Broadcast Receivers, the Guidelines for Personal Information Protection in the Postal Service Field and the Guidelines for Personal Information Pro-

tection in the Corresponding Delivery Service Field.The MIC initiated a panel on problems regarding ICT

services based on the viewpoint of users in April 2009 and provided proposals on personal data protection.

(3) Challenges for promoting appropriate utilization and distribution of personal data

a. Handling user information in smartphonesSmartphones are linked to their users more strongly

than personal computers because users carry smart-phones that remain switched on and connected with net-works. Users’ actions and communication history and other data are made available through smartphones. Since around the summer of 2011, many media reports have emerged on cases where the handling of user infor-mation in smartphones became controversial, leading smartphone users to become interested in the matter.

b. Challenges for utilization of personal data in JapanThe utilization of personal data causes privacy prob-

lems when data are linked strongly to specific persons. Difficult problems regarding how to handle personal data are highly likely to emerge when it is difficult to decide how strong the linkage of personal data with spe-cific persons is in the course of personal data utilization and distribution.

In the secondary and tertiary utilization of personal data, particularly, the linkage of these data with specific persons, though weak in the primary utilization, could grow stronger with more information accumulated and analyzed to allow these persons to be identified. In such case, it may be difficult to decide whether the utilization could run counter to privacy rules. Since secondary or tertiary users alone have difficulties in obtaining rele-vant persons’ consent to the utilization, the overall mech-anism for the utilization of personal data must be de-signed to secure the appropriate handling of data.

2. International comparison of personal data users’ consciousness of data treatment

(1) Perceptions about personal data handlingPersonal data that should be protected might have dif-

ferent degrees of privacy, ranging from names that are usually published to information that relevant persons would like to keep unavailable to other persons.

In a survey on personal data users’ perceptions, re-spondents were asked about how they perceive personal data subject to protection. Personal data were then di-vided into three groups -- (1) ordinary personal data (personal data with a lower degree of privacy), (2) per-

Section 1　Big Data utilization and personal data

Part 1

35

Chapter 3Attaining Safe, Secure ICT Utilization Environment andR&D Strategy

sonal data subject to prudent handling (personal data with a high degree of privacy) and (3) sensitive data (personal data with a very high degree of privacy). Us-ers’ perceptions about each group of personal data were compared.

a. Ordinary personal dataPercentage shares for respondents answering that

they are reluctant to provide or publish ordinary per-sonal data in any case are generally low in the countries

subject to the survey. But the shares in France are high-er than in the other countries (Figure 3-1-2-1).

b. Personal data subject to prudent handlingPercentage shares for respondents answering that

they are reluctant to provide or publish their email ad-dress and hobbies among personal data subject to pru-dent handling are relatively low in all of the countries. But such shares regarding location information and ac-tion history are relatively high (Figure 3-1-2-2). A com-

(Source) MIC “Survey Research on New Challenges for Advancement of ICT Infrastructure and Services” (2013)

Figure 3-1-2-1 Data that people are reluctant to provide or publish in any case (ordinary personal data)

11.911.9

9.99.913.813.8

27.927.923.223.2

20406080

100

Japan（n=1,000）

36.636.6

16.416.418.318.3

51.851.843.943.9

Nationality

Post Company name

Sex

Name

Nationality

Post Company name

Sex

Name

Nationality

Post Company name

Sex

Name

Nationality

Post Company name

Sex

Name

Nationality

Post Company name

Sex

Name

Nationality

Post Company name

Sex

Name

20406080

100

France（n=1,000）

39.439.4

27.727.733.533.5

52.752.745.645.6

20406080

100

13.813.810.710.714.014.0

29.929.923.723.7

20406080

100

Singapore（n=1,000）

15.615.611.011.015.515.5

30.930.922.922.9

20406080

100

South Korea（n=1,000）

20.820.8

11.611.613.813.8

33.733.731.831.8

20406080

100

U.S.（n=1,000） U.K.（n=1,000）


Figure 3-1-2-2 Data that people are reluctant to provide or publish in any case (personal data subject to prudent handling)U.S.（n=1,000）

13.713.722.922.918.718.7

34.234.240.940.9

20406080

100

Japan（n=1,000）

39.639.6

47.247.224.724.7

68.568.574.274.2

20406080

100

France（n=1,000）

38.538.5

51.151.137.637.6

70.470.480.380.3

20406080

100

U.K.（n=1,000）

16.816.827.227.219.919.9

34.534.540.040.0

20406080

100


16.116.128.328.319.419.4

38.038.047.047.0

20406080

100


24.224.240.640.621.921.9

64.364.365.665.6

20406080

100

Email address

Hobbies Telephonenumber

Action historyLocationinformation

Email address



Email address



Email address



Email address



Email address



36

Part 1

parison of country-by-country survey results indicates that shares for those answering that they are reluctant to provide or publish personal data subject to prudent han-dling are higher in Japan, France and South Korea than in the other countries.

c. Sensitive dataPercentage shares for respondents answering that

they are reluctant to provide or publish sensitive data are higher than those for the other two groups of per-sonal data in all of the countries. Shares regarding sensi-tive data are relatively low in the United States and the United Kingdom and relatively high in France, as is the case with ordinary personal data or personal data sub-ject to prudent handling (Figure 3-1-2-3). In the United States, the United Kingdom and France, shares for those answering that they are reluctant to provide or publish clinical history and health conditions among the five cat-egories of sensitive data are higher than those for the other categories. In Japan, South Korea and Singapore, the shares regarding propensity are the highest.

(2) Service users’ perceptions about service providers’ utilization of personal dataWhen service providers ask service users to give per-

sonal data to be utilized by those service providers for improving services, those users may feel resistance against some utilization methods. We conducted a sur-vey on specific utilization methods subject to resistance in the six countries and compared the survey results. The results indicate that percentage shares for respon-dents feeling resistance against each of the utilization methods including browsing, collection/accumulation, publication, analyses and trade in Japan are higher than

in the other countries (Figure 3-1-2-4).


Figure 3-1-2-3 Data that people are reluctant to provide or publish in any case (sensitive data)U.S.（n=1,000）

38.838.8

35.335.352.452.4

48.848.840.440.4

20406080

100

Japan（n=1,000）

56.756.7

54.254.257.457.4

74.674.660.760.7

20406080

100

France（n=1,000）

70.670.6

71.571.580.480.4

75.875.873.173.1

20406080

100

U.K.（n=1,000）

41.641.6

34.634.6

60.160.1

43.743.747.547.5

20406080

100


43.543.5

31.931.961.461.4

66.166.148.948.9

20406080

100


55.555.5

33.433.4

66.566.5

70.570.559.059.0

20406080

100

Unionmembership

Thought and creed

Clinical history and health conditions

Propensity

Religion

Unionmembership

Thought and creed


Propensity

Religion

Unionmembership

Thought and creed


Propensity

Religion

Unionmembership

Thought and creed


Propensity

Religion

Unionmembership

Thought and creed


Propensity

Religion

Unionmembership

Thought and creed


Propensity

Religion


Figure 3-1-2-4 Service providers’ methods for utilization of service users’ personal data against which users feel resistance

（％）

n=1,000 in each country

0 10 20 30 40 50 60 70 80 90 100

37.1

47.8

65.1

37.1

56.7

0.5

6.0

44.6

63.7

67.6

37.4

68.3

0.1

0.8

31.5

42.1

37.1

25.5

51.5

0.5

7.4

31.2

45.8

61.9

28.5

53.8

1.2

15.8

34.3

52.8

58.8

32.8

55.1

0.9

17.0

49.4

54.7

73.8

42.2

74.6

0.2

4.1

Browsing

Collection/accumulation

Publication

Analyses

Trade

Others

Feeling noresistance to any

particular method

Japan U.S. U.K. France South Korea Singapore

Part 1

37

(3) Tolerable range of personal data treatmenta. Perceptions about personal data treatment during social media use

The international survey indicates that the percent-age share in Japan for respondents who cannot tolerate the publication of their names by third parties through social media in any case is far higher than in the other countries. Percentage shares are high in all of the coun-tries for those who cannot tolerate a situation where in-formation classified by some users as secret on social media are reclassified by service providers as available for browsing by all users (Figure 3-1-2-5).

b. Perceptions about Big Data-related servicesIn the questionnaire survey, respondents were also

asked about users’ perceptions about Big Data-related services (Figure 3-1-2-6). The survey results indicate that users feel less resistance against personal data treatment that is specific and advantageous for users from the viewpoint of security and safety.

(4) Conditions for supplying personal data to service providersQuestioned about conditions for supplying personal

data to service providers in the survey, many respon-dents in all of the countries answered that they may sup-ply such data to service providers in “cases where the service providers are reliable.” (Figure 3-1-2-7)

A country-by-country comparison indicates that Japan features high percentage shares above 50% for “cases where economic advantages are gained through person-al data supply” and “cases where convenience is im-proved through personal data supply.” South Korea has a similar feature.

(5) Conditions for utilization or distribution of personal dataRegarding conditions for service providers’ utilization

or distribution of service users’ personal data, service users in the six countries were asked whether they would tolerate personal data being utilized or distributed in four cases. Figure 3-1-2-8 illustrates the relationship between percentage shares for those who “tolerate per-sonal data being utilized or distributed” and those who “do not tolerate personal data being utilized or distrib-uted.”

In all of the countries, percentage shares for “tolerate personal data being utilized or distributed” are the high-est in the case where “users give explicit consent.” While Western shares reach around 50%, Asian shares are limited to around 30%.

Given the above survey results, Japanese service us-ers’ perceptions about service providers’ utilization of their personal data can be summarized as follows. The percentage share for service users who are reluctant to have their personal data published in any case in Japan is higher than in the United States and the United King-dom. The shares for those feeling resistance against various utilization methods such as browsing, opening, analyses and trade in Japan are higher. These results in-dicate that any border between legal and illegal actions for the utilization of personal data tends to be vague in Japan.

As to conditions for supplying personal data to service providers, respondents in the survey generally an-swered that they may supply such data to service provid-ers in “cases where the service providers are reliable.” But Japan features high percentage shares above 50% for “cases where economic advantages are gained through personal data supply” and “cases where convenience is improved through personal data supply.”

Regarding conditions for service providers’ registra-tion, utilization or distribution of service users’ personal data, service users in the survey were asked whether they would tolerate personal data being utilized or dis-tributed in specific cases. The survey results show that 20-30% in Japan would tolerate their personal data being utilized or distributed with the condition of their explicit consent, and anonymizing or coding of data.


Figure 3-1-2-5 Tolerable range of personal data treatment (during social media use)

（％）（％） 0 10 20 30 40 50 60 70 80 90 1000 10 20 30 40 50 60 70 80 90 100

84.2

67.2

73.8

68.6

77.4

68.3

14.9

23.1

20.5

25.8

20.8

27.9

0.9

9.6

5.7

5.7

1.8

3.8

57.3

26.2

28.4

19.5

29.5

27.5

38.7

45.3

46.1

52.4

60.4

50.1

4.0

28.5

25.5

28.1

10.0

22.4Singapore（n＝973）

Japan（n＝759）

U.S.（n＝916）

U.K.（n＝863）

France（n＝846）

South Korea（n＝907）

Singapore（n＝973）

Japan（n＝759）

U.S.（n＝916）

U.K.（n＝863）

France（n＝846）

South Korea（n＝907）

Is it tolerable for you to see your real name opened to third parties through social media?

Tolerable Conditionally tolerable Intolerable in any case Tolerable Conditionally tolerable Intolerable in any case

Is it tolerable for you to see a situation where information classified by some users as secret on social media is reclassified by service providers as available for browsing by all users

38

Part 1


Figure 3-1-2-6 Tolerable range of personal data treatment (Big Data-related services)

（％）（％）0 10 20 30 40 50 60 70 80 90 1000 10 20 30 40 50 60 70 80 90 100

（％）（％）0 10 20 30 40 50 60 70 80 90 1000 10 20 30 40 50 60 70 80 90 100

（％）n 0 10 20 30 40 50 60 70 80 900 10 20 30 40 50 60 70 80 90 100

1,000

1,000

1,000

1,000

1,000

1,000

n

1,000

1,000

1,000

1,000

1,000

1,000

0 10 20 30 40 50 60 70 80 90

43.3

44.2

49.5

55.1

46.8

50.2

53.6

42.8

44.0

41.1

50.9

45.4

3.1

13.0

6.5

3.8

2.3

4.4

37.0

32.4

37.1

46.2

35.0

36.4

59.5

50.4

52.9

48.0

62.5

55.8

3.5

17.2

10.0

5.8

2.5

7.8

24.8

37.2

36.9

25.4

22.6

30.8

58.6

44.1

48.3

49.0

58.8

54.7

16.6

18.7

14.8

25.6

18.6

14.5

41.1

54.2

60.1

51.0

30.1

37.7

52.5

33.6

33.3

40.1

62.7

53.4

6.4

12.2

6.6

8.9

7.2

8.9

22.0

20.1

16.9

24.9

21.8

19.8

54.1

43.4

41.8

47.2

56.0

54.1

23.9

36.5

41.3

27.9

22.2

26.1

39.4

42.8

47.0

45.9

42.5

44.3

53.1

43.4

43.5

46.2

52.8

48.9

7.5

13.8

9.5

7.9

4.7

6.8

24.4

32.2

29.6

36.9

26.5

34.7

61.9

53.6

58.1

54.1

61.7

55.9

13.7

14.2

12.3

9.0

11.8

9.4

（％）100

（％）n100

1,000

1,000

1,000

1,000

1,000

1,000

n

1,000

1,000

1,000

1,000

1,000

1,000

n

1,000

1,000

1,000

1,000

1,000

1,000

n

1,000

1,000

1,000

1,000

1,000

1,000

n

1,000

1,000

1,000

1,000

1,000

1,000

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Tolerable Conditionally tolerable Intolerable in any case







Personal data registered for different services including social media and e-commerce services are linked together

Personal data registered for a membership registration service are used by providers of other services including e-commerce, healthcare and

video-browsing services

Location information acquired from smartphones and other terminals is used for providing information on recommended restaurants

and shops around relevant locations

Collecting data from running vehicles for figuring out traffic conditions and dangerous locations

Collecting data from running vehicles for enterprises to design auto insurance products

Installing many surveillance cameras for crime prevention purposes

Using medical information (including patients’ personal data) for developing medical services

Part 1

39


Figure 3-1-2-7 Conditions for supplying personal data to service providers（％）0 20 40 60 80 100

50.5

53.8

30.7

69.2

0.7

35.3

34.7

23.6

78.3

2.7

49.2

50.6

26.5

66.2

0.5

35.5

40.7

25.6

73.7

2.1

33.3

43.2

20.5

76.6

5.3

27.5

46.2

18.0

76.9

6.2

Singapore (n=897)Japan (n=851) U.S. (n=876) U.K. (n=888)France (n=707) South Korea (n=911)

Cases where convenience is improvedthrough personal data supply

Cases where economic advantages aregained through personal data supply

Cases where personal data supplycontributes to society

Cases where the serviceproviders are reliable

Others


Figure 3-1-2-8 Conditions for utilization or distribution of personal data

0

10

20

30

40

50

60

0 10 20 30

Japan（n=1,000）

40 50 60（％）（％）

0

10

20

30

40

50

60

0 10 20 30

U.S.（n=1,000）

40 50 60

60（％）（％）

60

（％）（％）

0

10

20

30

40

50

60

0 10 20 30

U.K.（n=1,000）

40 500

10

20

30

40

50

60

0 10 20 30

France（n=1,000）

40 50

0

10

20

30

40

50

60

0 10 20 30


40 50 600

10

20

30

40

50

60

（％）（％）

（％）（％）

（％）（％）

0 10 20 30


40 50 60

Perc

enta

ge sh

are

for r

espo

nden

ts w

ho to

lera

te

pers

onal

dat

a to

be

utili

zed

or d

istrib

uted

Percentage share for respondents who don't tolerate personal data being utilized or distributed

Perc

enta

ge sh

are

for r

espo

nden

ts w

ho to

lera

te

pers

onal

dat

a to

be

utili

zed

or d

istrib

uted


Perc

enta

ge sh

are

for r

espo

nden

ts w

ho to

lera

te

pers

onal

dat

a to

be

utili

zed

or d

istrib

uted


Perc

enta

ge sh

are

for r

espo

nden

ts w

ho to

lera

te

pers

onal

dat

a to

be

utili

zed

or d

istrib

uted


Perc

enta

ge sh

are

for r

espo

nden

ts w

ho to

lera

te

pers

onal

dat

a to

be

utili

zed

or d

istrib

uted


Perc

enta

ge sh

are

for r

espo

nden

ts w

ho to

lera

te

pers

onal

dat

a to

be

utili

zed

or d

istrib

uted


Users' explicitconsent

Users' explicit consent

Users' explicit consentUsers' explicit consent



Utilization for user-approvedservices after anonymizing


Utilization for user-approved services after anonymizing


Utilization for user-approved services after anonymizing

Utilization foruser-approved

services afteranonymizing

Utilization for user-approvedservices without anonymizing



Utilization foruser-approved serviceswithout anonymizing



Service providers'utilization afteranonymizing

Service providers' utilizationafter anonymizing

Service providers' utilization after anonymizing Service providers' utilization after

anonymizing

Service providers'utilization after anonymizing

Service providers' utilization after anonymizing

40

Part 1

3. Government initiatives(1) Strategic Headquarters initiatives

On personal data treatment, the Declaration towards Creating a World-leading IT Nation, adopted by the Stra-tegic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society in June 2013, states (1) that business environments should be developed to harmonize the utilization of per-sonal data with the protection of personal information and privacy to facilitate the utilization, (2) that Japan should use the OECD (Organisation for Economic Co-operation and Development) and other international ne-gotiations and promote international cooperation, as the standardization of rules on privacy and information se-curity, the improvement of convenience through the cre-ation of international mechanisms and the smooth cross-border transfer of information are important for business environment development, and (3) that the diffusion of personal data utilization should be promoted in Smart-phone and other areas where rules for handling user in-formation have already been created.

The declaration also urges the Strategic Headquar-ters to promptly create a new panel to specify rules for utilizing personal data while giving consideration to the

protection of personal information and privacy and to launch initiatives as early as possible within 2013 to re-vise personal information protection guidelines and standardize procedures for obtaining consent for the utilization. Another new panel is planned to develop guidelines (including a roadmap) within the year for in-stitutional reforms including the creation of third-party organizations and new legal measures.

From 2014 on, the government will develop personal data utilization environments in line with the roadmap in the institutional reform guidelines to promote the utiliza-tion, while giving considerations to international coop-eration, according to the declaration.

(2) MIC initiatives -- Creating personal data utilization and distribution panelIn November 2012, the MIC initiated a panel on the

utilization and distribution of personal data. Its report proposed a framework for the utilization of personal data and policies for its realization to specify personal data utilization rules for promoting the appropriate utilization and distribution of personal data.

1. Cyber attacks growing more sophisticated and complicated(1) Trend of threats to information security

At present, the malware types registered in databases at information security vendors are rapidly increasing, while external attacks including malware infection and hacking are accounting for a high share of causes of in-formation leakage and infringement incidents. In this

way, threats to information security around us are grow-ing more serious. Recent cyber attacks have ranged wide, targeting from state secrets to personal informa-tion and money. The time has come for individuals as well as government agencies and enterprises to take more information security measures.

2. Information users’ consciousness of information security(1) Experiences of information security damage and insecurity

during Internet useQuestioned whether they incurred information secu-

rity damage during their Internet use, those answering that they were sure or had evidence of damage and those answering that they saw the possibility of having

Section 2　Information security and safe, secure information utilization


Figure 3-2-2-1 Experiences of information security damage and insecurity during Internet use【Experiences of information security damage】

1,000

ｎ

1,000

1,000

1,000

1,000

1,000

【Insecurity during Internet use】

1,000

ｎ

1,000

1,000

1,000

1,000

1,000

0 20 40 60 80 100（％）（％）

14.4

18.2

20.0

15.0

19.7

19.6

61.6

47.7

55.2

36.3

48.0

49.4

15.4

17.0

14.3

34.0

24.4

21.8

8.6

17.1

10.5

14.7

7.9

9.2

0 20 40 60 80 100

8.3

3.1

1.4

5.2

8.8

1.9

50.7

24.0

22.8

37.3

53.4

18.7

37.5

33.1

34.6

39.9

30.8

38.7

3.5

39.8

41.2

17.6

7.0

40.7

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Having received damage (being sure of damage, having evidence of damage)

Having received damage damage(seeing the possibility of having received damage)

Having never received damage I don’t know

Feeling no insecurity Feeling less insecurityFeeling insecurityFeeling some insecurity

Part 1

41

received damage accounted for 48.7% of respondents in the survey in France. The French share is the highest among the six countries, followed by 34.1% in the United States and 32.3% in South Korea. The percentage share for respondents answering that they had never received damage came to 61.6% in Japan, the highest among the six countries.

About insecurity during Internet use, those feeling insecurity and those feeling some insecurity accounted for 62.2% of respondents in the survey in South Korea. The share is the highest among the six countries, fol-lowed by 59.0% in Japan and 42.5% in France. South Ko-rea and France have more respondents who received information security damage and felt insecurity during Internet use. In Japan, more respondents felt insecurity, although more received no damage (Figure 3-2-2-1).

(2) Implementation of information security measuresQuestioned about information security measures in

the survey in the six countries, those having taken no measures accounted for a majority of 55.3% of respon-dents in South Korea, but those who had taken security measures and were still feeling insecurity commanded majority shares in the other five countries. In Japan, par-ticularly, about 70% answered that they had taken secu-rity measures and were still feeling insecurity. In the United States and the United Kingdom, more than 30%

answered that they had taken sufficient security mea-sures (Figure 3-2-2-2).

(3) Smartphone information securityJapan has published the so-called Three Articles on

Smartphone Information Security and is working to en-lighten citizens about the articles. In the survey, respon-dents in the six countries were asked about their aware-ness of the three articles -- “updating OS and applications,” “introducing anti-virus software” and “con-firming safety of applications to be installed.” The sur-vey results indicate that respondents in Japan are more aware of all three than in the other countries (Figure 3-2-2-3).

(4) Information security literacyQuestioned whether they had acquired information

about information security, more than 50% of respon-dents answered yes in the United States, the United Kingdom, France and Singapore. In contrast, the corre-sponding percentage shares in Japan and South Korea slipped below 40% (Figure 3-2-2-4).


Figure 3-2-2-3 Awareness of information security measures for smartphones

n【Updating OS and applications】

768

678

444

563

476

382

n【Introducing anti-virus software】

768

678

444

563

476

382

n【Confirming application safety】

768

678

444

563

476

382

0 20 40 60 80 100

67.8

64.9

58.4

60.6

57.7

65.1

0 20 40 60 80 100

67.0

55.7

55.2

37.8

60.0

55.7

0 20 40 60 80 100

58.6

48.9

40.5

36.7

49.9

43.2

（％）（％）（％）

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore

Japan

U.S.

U.K.

France

South Korea

Singapore


Figure 3-2-2-4 Acquiring information about information security measures

1,000

1,000

1,000

1,000

1,000

1,000

ｎ

0 20 40 60 80 100（％）

8.5

25.2

24.8

13.0

27.2

21.1

52.3

16.6

20.2

31.6

46.7

25.5

37.0

36.5

35.9

44.2

23.3

38.7

2.2

21.7

19.1

11.2

2.8

14.7

Japan

U.S.

U.K.

France

South Korea

Singapore

Acquiring sufficient information

Acquiring information rather than notAcquiring no informationAcquiring not so much

information


Figure 3-2-2-2 Implementation of information security measures

0 20 40 60 80 100（％）

16.5

10.0

8.5

9.6

55.3

18.7

69.8

58.4

51.6

63.0

41.6

63.1

13.7

31.6

39.9

27.4

3.1

18.2 1,000

1,000

1,000

1,000

1,000

1,000

ｎ

Japan

U.S.

U.K.

France

South Korea

Singapore

Having taken sufficient security measures

Feeling some insecurity even while taking security measures

Having taken no particular security measures

42

Part 1

3. Information security initiatives in Japan(1) Creation of new information security strategy

As the environment surrounding Japan’s information security has rapidly changed with progress being made in the fusion or integration of cyber and real spaces, cy-ber space risks have expanded, dispersed and become global. Given the serious environmental changes, the Information Security Policy Conference in June 2013 de-cided a cyber security strategy calling for realizing a cy-ber security-oriented country by building a world-lead-ing resilient, vigorous cyber space to ensure national security and crisis management, social and economic development and the people’s safety and security.

(2) Consultations with foreign countries and regions on informa-tion securityJapan has vigorously discussed the possibility of bilat-

eral information exchange and cooperation, and other topics at bilateral meetings with foreign countries and regions (the United States, the United Kingdom, the Eu-ropean Union, the Association of Southeast Asian Na-tions and India) on information security.

(3) MIC initiativesa. Initiating Information Security Advisory Board

In order to receive advice from experts to allow the public and private sectors to effectively address rapidly changing information security challenges and contrib-ute to Japan’s economic growth, the MIC initiated the Information Security Advisory Board in March 2013 to consider a future information security policy. In April, it compiled a proposal on the MIC’s information security policy promotion.

b. Public-private cooperationIn order to contribute to preventing cyber attack dam-

age from expanding, the entire government has made information-sharing arrangements with key infrastruc-ture operators through CEPTOAR (Capability for Engi-neering of Protection, Technical Operation, Analysis and Response). The MIC has promoted cooperation with relevant people for the key information and communica-tions infrastructure and local governments and with the National Institute of Information and Communications Technology (NICT) in sharing information and enhanc-ing measures against cyber attacks.

In July 2012, the MIC and METI created the Cyber Attack Analysis Council jointly with four relevant organi-zations -- NICT, the Information-Technology Promotion

Agency (IPA), the Japan Data Communications Associa-tion’s Telecom-ISAC Japan and the Japan Computer Emergency Response Team Coordination Center -- to promote information sharing and advanced analyses about cyber attacks. Furthermore, the MIC has launched measures to collect and analyze cyber attack information, build network protection models based on analyses and implement practical public-private exercis-es for protection from cyber attacks.

c. International cooperationSince any single country or organization has difficul-

ties in addressing the increasing cross-border cyber at-tacks, international cooperation is important. The MIC has cooperated with Internet service providers and uni-versities in Japan and foreign countries in building inter-national networks to collect information about DDoS (Distributed Denial of Service) and other cyber attacks and malware. The MIC has also cooperated with foreign countries to conduct research and development, and demonstration tests for technologies for predicting and responding quickly to cyber attacks under the PRAC-TICE (Proactive Response against Cyber Attacks through International Collaborative Exchange) project. The ministry has launched such cooperation with the United States, ASEAN and others.

d. Diffusion and enlightenmentAs smartphone, SNS, wireless LAN and other new in-

formation and communications services have penetrat-ed into society, fraudulent and other actions to take ad-vantage of these services have caused damage. Therefore, it is important for each service user to under-stand the characteristics of these services and acquire knowledge for their safe and secure use (information security literacy).

Since FY2003, the MIC has operated the Information Security Website for the People where information secu-rity knowledge is explained in an easy-to-understand manner. Based on the latest trends of services and threats to information security, the MIC renewed the website in April 2013.

As for wireless LAN services that have been grow-ingly used, information theft and other security chal-lenges have been reported. In response, the MIC has drafted and published a guidebook for promoting the safe, secure use of wireless LAN services.

1. Present situation and challenges for innovation creationInnovations can be divided into two categories -- “sus-

tainable innovations” through the improvement of tradi-tional products and services, and “disruptive innova-tions” for destroying values of traditional products and

services. At the same time, innovations are divided into two groups by approach -- “product innovations” to de-velop new products for their differentiation and “process innovations” to implement new processes for the differ-

Section 3　R&D to promote ICT innovation

Part 1

43

entiation of products.Japan’s economic development has apparently been

led by sustainable innovations where Japan has caught up with forerunners and obtained greater competitive-ness through process innovations centering on improve-ments and product innovations represented by smaller, lighter devices such as transistor radios and headphone stereos.

Meanwhile, economic globalization has made prog-ress, with many technologies commoditized. As a result, competitiveness obtained through sustainable innova-tions has become easier to be caught up with. In fact, Japan’s competitiveness in innovations has weakened year by year.

In order to achieve further economic growth stably, therefore, the creation of disruptive innovations is re-quired.

(1) Slumping R&D investmentJapan’s research and development investment, which

has been led by private sector enterprises, has declined rapidly since the Lehman Shock (Figure 3-3-1-1). Private R&D investment now centers on large enterprises’ inter-nal investment. Risk money investment in ventures, small and medium-sized enterprises, universities and other third parties has been limited.

The government’s R&D investment excluding supple-mentary budget expenditures has remained flat (Figure 3-3-1-2).

(2) Sticking to independence-oriented approachesJapan’s industry features fierce domestic competition.

In Western countries and South Korea, however, a small number of enterprises are very competitive in each area and monopolize key technologies. Large Japanese enter-prises have made less effort to acquire technology-lead-ing ventures and SMEs, purchase technologies from other firms or universities, or undertake global joint R&D projects.

(3) Human resources shortagesIn Japan, there are less science-based human resourc-

es who create technologies to realize innovations than in other countries. There are far less highly educated ICT human resources in Japan. While women’s viewpoints are required to produce new technologies, women’s share in science-based human resources is still small.

(Notes)1. The science and technology promotion expenditure is on an original budget basis.2. The local government expenditure for FY2012 is a preliminary figure given in February 2013.

(Source) Cabinet Office Website

Figure 3-3-1-2 Science and technology budget trends(100 million yen)

Original budget Science and technology promotion expenditure Supplementary budget Local government budget

0FY2012FY2011FY2010FY2009FY2008FY2007FY2006FY2005FY2004FY2003FY2002FY2001

10,000

20,000

30,000

40,00040,490 40,841 40,404

41,401 40,44742,405

50,46350,000

42,444

46,959

51,521

Science and technology promotion expenditure

2nd period 3rd period 4th period

45,84143,581

35,11334,685 35,444 35,974 36,084 35,779 35,743 35,708 35,639

4,297

2,400

10,970

35,890

3,853

4,576

36,647

1,978

36,926

5,832

4,480

4,404

6,081

4,899

3,2384,475

41

4,453305

4,250375

4,206

1,4514,160

1,175

10,1915,076

（11,124）（11,832）（12,298）（13,135）（13,352）（13,334）（13,777）（13,628）（13,477）（13,312）（13,170）（12,841）

1st period (FY1996-2000)Investment under the basic plan: 17 trillion yenActual investment: 17.6 trillion yen

2nd period (FY2001-2005)Investment under the basic plan: 24 trillion yenActual investment: 21.1 trillion yen

3rd period (FY2006-2010)Investment under the basic plan: 25 trillion yenActual investment: 21.7 trillion yen

4th period (FY2011-2015)Investment under the basic plan: 25 trillion yen

Total science and technology expenditure

(Source) MIC “2012 Science and Technology Research Survey”

Figure 3-3-1-1 Corporate R&D investment trends

9.0

10.0

11.0

12.0

13.0

14.0

10.911.5 11.6 11.8 11.9

12.713.3

13.8 13.6

12.0 12.012.3

111009080706050403020100(FY)

(trillion yen)

44

Part 1

Japan has few people who can select promising tech-nologies for new businesses or industries while figuring out market needs. Japanese are weak in developing new technologies into new businesses or industries.

(4) Lagging behind in developing intellectual property strate-giesJapanese enterprises’ measures to secure patents and

other intellectual properties have been centered on de-fensive ones including those to allow their products to be provided to others. They have been less ambitious to take advantage of intellectual properties as business re-sources. As a result, they have not sufficiently utilized intellectual properties.

Costly, time-consuming international patent applica-tions have remained slack. Such applications by Japa-nese, if any, are relatively slower than global R&D moves.

(5) Structural social obstaclesa. Venture business development infrastructure shortages

While ventures and other new organizations can make effective efforts to produce disruptive innovations, it has been difficult to find ventures in Japan due to high busi-ness startup risks, shortages of risk money including venture capital funds, and limited opportunities for en-trepreneurs to meet their supporters.

Ventures for their part lack new market exploration efforts. Many of them tend not to fully consider their business concepts or competitive advantages before their startup. Japan also lacks infrastructure for large enterprises to take advantage of ventures’ achievements through alliances or M&As. Ventures depend heavily on initial public offerings as an exit to growth. As a result, many ventures disappear before becoming able to go public.

b. Cultural and institutional obstacles to innovationsAs Japan’s present business culture gives priority to

periodic profit or loss, enterprises have difficulties in ini-tiating unproven business models. Specific products or services are required in the screening process for com-mercializing technologies. Commercialization is diffi-cult unless legal problems are solved. It is thus difficult to pursue disruptive innovations in Japan.

As the mark-to-market accounting system has been globally introduced over recent years, the entire society has tended to pursue short-term achievements. Under such circumstances, long-term business efforts might have declined in the absence of fund providers for long-term R&D projects in the private sector in Japan. This could be a background factor behind lack of disruptive innovations.

2. Steps for innovation creation in Japan(1) Direction of solutions to challenges

The Innovation Creation Subcommittee has drafted an interim report on solutions to the abovementioned challenges for realizing the creation of disruptive inno-vations originating from Japan, calling for the entire na-tion to (1) create new technologies and services, (2) utilize technologies from the viewpoint of potential needs, (3) shift away from independence-oriented or self-contained approaches, and (4) develop the environ-ment for promoting the creation of innovations.

(2) Specific government initiativesThe direction of solutions to challenges indicates that

in order to realize the creation of disruptive innovations originating from Japan, the government will have to con-sider five initiatives -- (1) to support efforts to create new technologies and services, (2) to support eco-system formation, (3) to promote preemptive projects to absorb social needs, (4) to build a remarkably excellent envi-ronment for inducing innovations, and (5) to guide the private sector to vitalize risk money investment.

(3) Technology areas for future initiativesAlthough the above focused on how best to pursue

disruptive innovations, sustainable innovations also re-main important. Since peripheral supportive technolo-gies as well as unique technologies are required for real-izing disruptive innovations, Japan will have to develop a wide range of technologies.

The Innovation Creation Subcommittee, based on its discussions, has divided present and future priority technology areas into two groups -- application technolo-gies for solving challenges and ICT-supporting infra-structure technologies for realizing applications.

Part 1

45

Documents

Attaining Safe, Secure ICT Utilization Environment and R&D ......than personal computers because users carry smart-phones that remain switched on and connected with net-works. Users’