Photo/Illutration Prime Minister Fumio Kishida, second from front, speaks at the expert panel meeting in the prime minister's office on June 7. (Takeshi Iwashita)

The government has opened substantial discussions for introducing a setup called an “active cyberdefense,” which would keep tabs on cyberspace even in peacetime.

This will forestall and neutralize attacks on Japan’s government institutions and key infrastructure when any signs of similar attacks have been detected.

The setup is intended to prevent a situation that would seriously affect national security and people’s lives. It could, however, end up restricting the secrecy of communications, which is guaranteed by the Constitution, and lead to violations of personal data and privacy.

An institutional arrangement should therefore be created to ease people’s anxiety about the matter.

Active cyberdefenses are already implemented in countries including the United States and Britain.

Japan’s three key national security policy documents, which the administration of Prime Minister Fumio Kishida revised late in 2022, set the goal of strengthening the nation’s response capabilities in cybersecurity to a level “equal to or surpassing” that of leading Western countries.

The policy also clearly stated that Japan will “introduce” an active cyberdefense.

The government on June 7 organized an inaugural meeting for an expert panel that will discuss measures for developing laws on such a cyberdefense. 

These laws could entail strengthening public-private information sharing, using communication intelligence to detect any attackers, and giving the government the necessary authority for invading and neutralizing servers of an adversary.

The gathering and analysis of communication intelligence, among the measures to be considered, should be rigorously tested for consistency with Article 21 of the Constitution, which provides that the privacy of communications should be protected. 

It should also be scrutinized under the Telecommunications Business Law, which bans secrecy violations under the threat of penalties.

And unauthorized access to any enemy servers is, as things now stand, banned by the Law on Prohibition of Unauthorized Computer Access.

Masaharu Kondo, director-general of the Cabinet Legislation Bureau, told the Lower House Budget Committee in February, in referring to an active cyberdefense, that the privacy of communications “may be subject to certain restrictions, depending on the circumstances, to a necessary and inevitable extent from the viewpoint of public welfare.”

In fact, the communications interception law was enacted in 1999 to meet the public welfare requirements for criminal investigations.

The law, however, covers only limited types of crimes and provides for rigorous procedures, including the requirement for a warrant that is issued by a judge.

Intelligence gathering for dealing with cyberattacks would be both extremely wide-ranging and routine in nature.

There should therefore be more cautious discussions on how to prevent human rights violations and forestall data leaks and unintended use of information by the government.

There should also be checks by the Diet and an independent third-party organization.

Kishida, who attended the inaugural expert panel meeting, instructed Taro Kono, minister for digital transformation, to work out relevant legislative bills “as soon as possible.”

His administration, which is seeking to submit the bills to the extraordinary Diet session in the autumn at the earliest, should not, however, rush to a slipshod conclusion to meet the presumed time frame.

To gain the understanding and acceptance of the public, the Kishida administration should ensure transparency of the discussions and take the lead in disclosing relevant information.

--The Asahi Shimbun, June 9

Related News