JIPDEC IT-Report 2016 Winter JIPDEC IT-Report 2016 Winter JIPDEC JIPDEC IT-Report 2015 Winter EU GDPR 2018 EU- EUEU

JIPDEC IT-Report 2016 Winter 特集国内外における個人情報保護施策の最新動向 一般財団法人日本情報経済社会推進協会

JIPDEC IT-Report 2016 Winter JIPDEC IT-Report 2016 Winter 2015 2017 7JIPDEC2005 201512JIPDEC IT-Report 2015 Winter EU2016414GDPR 2018 EU- EUEU 201649 201612 JIPDEC IT-Report 2016 Winter. -1. -2. 1. 1.GDPR 2. 3. 9 Ⅲ. 19 201649 21

I I-1. -1JIPDEC 2003200510 2015 2014 201610 11 1. 1. 2. 3. 4. 5. 6. 7.5,000 1-1. DNA IT-Report 1

1-2. 1-3. 2 IT-Report

1-4. 1 SNS 1-5. OECD APEC APEC CBPR 1 1 APEC CBPRCross Border Privacy Rules 2011APECAPEC20144 IT-Report 3

28729 EUEU 1-6. -2. 1-7. 5,000 20 100 5,000 4 IT-Report

1 2 3 4 5 1 2 3 4 1 2 3 4 IT-Report 5

2016102750,000 2. 2017 URL 201611 http://www.ppc.go.jp/ http://www.ppc.go.jp/personalinfo/ http://www.ppc.go.jp/personal/preparation/ 6 IT-Report

I-2. 371 43 20159399 IT-Report 7

1 20 認定個人情報保護団体の役割 国認定 事業分野ごとの特性に応じたルールとして個人情報保護指針を作成する 作成した個人情報保護指針は個人情報保護委員会に届け出 公表される また 対象事業者が指針を遵守するよう指導 勧告を行う 認定個人情報保護団体 情報提供 指導 勧告 苦情処理 意見聴取 個人情報保護指針の作成にあたり消費者等の意見を聴く 対象事業者の個人情報の取扱いに関する苦情を解決する 対象事業者 消費者 2 8 IT-Report

Ⅱ 1.GDPR 1-1. 2016414EUGeneral Data Protection Regulation GDPR EU1995EUData Protection DirectiveDPD1998 ICT DPD EUDPDEU EUEU EU2012125 GDPR 20143201562016 4144GDPRGDPR 2018525 1-2.GDPR (1) 44 GDPRDPDEUEU adequate level of protection 11 EU DPDGDPR EU EU standard data protection clauses Binding Corporate RulesBCR EU GDPR Codes of conductcertification mechanism EU binding and enforceable commitment IT-Report 9

BCREUData Protection Authority DPA GDPR GDPRDPDSCC 2,000 23 4 3 GDPREUEU GDPR EUEU EUGDPR EUEU EUEU EUWeb EU27 GDPREUEUrepresentative GDPR 1,000 112 EU EUEUEU EUGDPR EU EUEU GDPR (2) ICTIT 10 IT-Report

GDPR 4(1) GDPRpersonal data GDPRICT GDPR 9 17 DPDGDPR right to be forgotten GDPR 2014513Google Google1998 Google 271222 28712 20 GDPR ex. CSV WebSNSECIT IT-Report 11

21 ICTEC 22 AI IoTInternet of Things GDPR EU (3) GDPRDPDcontroller Processor GDPRPrivacy by DesignPbD Privacy Impact AssessmentPIA EU EU 28 Processor 3(8) 12 IT-Report

GDPR EU 32 2 4 3 32 36 EU 30 250 250 IT-Report 13

3334 72 2002 California Security Breach Notification Act 25 Data protection by design GDPR Data protection by default PbD 35 Data protection impact assessmentdpia 14 IT-Report

DPIA DPIAPIA 37 Data Protection Officer DPO DPO 83 1,000 11 2 2,000 234 GDPR GDPR 7982 GDPR IT-Report 15

(4) GDPR EU GDPR EU EUEU EUEU EU EUEUEU EU EUGDPREU EU 1-3.GDPR (1) GDPREU EUEU EU EUWeb EU EUGDPR EUEU GDPR (2) GDPREUEU EUEU EUEU ASP EUBCR EU GDPR GDPR EU EU 16 IT-Report

(3) EUEUGDPR GDPRGDPR EUDPD DPDEUGDPR 2. 2-. (1) EUDPDEU 1999Safe harbor Agreement DPD (2) Foreign Intelligence Surveillance ActFISA EUEU 2013 NSACIA NSACIAMicrosoft Yahoo!GoogleFacebookYouTubeSkypeIT EU (3) FacebookFacebook EU 201510 IT-Report 17

2-. (1) 20162EU-USEU-US Privacy Shield 20167 (2) FTC Web 45EU 2-. EU 20161028 11APEC CBPREU 3. 3-1.APEC APECCross Border Privacy Rules SystemCBPR APEC 20144 Accountability Agent AA CBPR20161 JIPDEC AA 3-. 24 CBPR CBPR 18 IT-Report

Ⅲ 1970 10 6/28 1973 1976 1974 1977 1 2009 1978 1979 1980 OECD 108 9/17 9/23 1981 108 1/28 1982 1983 7/4 10/1 1984 1998 1985 108 10/1 JIPDEC 1986 JIPDEC 5 12/16 1989 10 1 23 1990 10 1 1988 1994 1995 EU 1995 10/24 3 1996 3/4 1997 IT-Report 19

JIPDEC4/1 1997 1998 EU 10/21 EU 10/24 11 11 JIS Q 15001 3/20 1999 2000 EU EU7 2001 2015 6 5/30 2003 2004 APEC APEC 10/29 4/1 2005 JIS Q 1500120065 2006 2007 APEC 2012 EU EU 2/23 5/31 1/1 APEC 4 2013 OECD 2014 7/11 9/3 2015 EU- 6/2 12/18 10 1/1 APEC-CBPR JIPDEC AA1 EU GDPR4/14 APPA6 2016 10 EU- EU EU 7/12 8 20 IT-Report

2016 4 2016 9 20164 2020 DeNA 10.4 NII DB AIPIoT 43 J-WAVEWeb 64 SNS IoT/ 4.0 IoT/ 4.0 IPAIVI IPAi IVI IT-CMF 35 664 GDPR EUEU Microsoft GoogleGoogle Book EUGoogleAndroidGoogle EU EFF AppleiPhone 4 Bitkom32 FBI Vulnerability Process iphonemac Apple G7 GoogleFordUberSelf-Driving Coalition for Safer Streets IT-Report 21

20165 IPA CSIRT Ameba DDos 444Web IDC JapanIoT6.22020 13.8 17ATM 14 AIP AIP 2015 83 993 2016 9.2 AI 2015 103618,470 5 MicrosoftGoogle 511 Alibaba20163 Wal-Mart4,850 FacebookFace book LinkedIn2012SNS 6502016511,700 GoogleCNIL 2016/3 16 Google GoogleOracleJava ECFacebookTwitterYouTubeGoogle Microsoftcode of conduct24 JIPDEC JCAN 22 IT-Report

20166 2016 GDP600 10 IoT AI 30 IoTIoT IoT 5IoT 2016 NICT C++ 280 JTB3679 2015 1.5613 14 21 APPA JIPDEC DMARCEasy Solutions DMARC Compass LINE20158-9 LINE Bug Bounty Program GoogleAdWords Google FacebookGoogleITFBI 10 2 AppleSamsung IBM400 Acer34,500 Top500 Hack the Pentagon OECD IoT FAA FAA 11 Facebook EU IT-Report 23

20167 IoT IoTVer.1.0 22,000 UFJcoinbase Google Google 60 LINENYSE NYSE42IT ARM 3.3 ARM9 Pokémon GO IT53GoogleIT 5,000IT 643 BiCS FLASH JIPDEC JCAN/CMD Facebook WhatsApp 607 GoogleHTTPS Chrome ECGoogle Facebook CNILMicrosoftWindows10 Delft University of Technology1 162.5TB Facebook 1,00096 ESET Clash of Kings 160 emarketertwitter28,630 10.9202036,880 Amazon EFF Yahoo!WebVerizon 483,000 Amazon Amazon Prime Air Amazon2016 1,803 3 611 24 IT-Report

20168 IoT 2Lab Selection DeNA 1329IoT EC 15 JIPDEC ISMS ROBINS Bitfinex 12BTC7,200 6,000BTC3.6 Apple20 200 3,888 LookoutLinuxTCPAndroid14 POS 3,70016,9002014 PC170 LeakedSource Mail. Ru 2,500 Pokémon GO 1.3 Twitter23.5 EU Apple Apple130 20159 LINEMVNO 500 10 4 1 AutomotiveETAS 2016 96.3 15,000 201646 DDos129% ID/ JIPDEC JIPDEC Web EV MozillaApple4 Microsoft GoogleAndroid Project Zero Prize 20173 20 MicrosoftAzure Samsung Galaxy Note 7100 AP 2015 iphone FBI IBMAI Yahoo!20145 Krebs on SecurityDDos Web665Gbps MozillaWoSign FirefoxWosign10 IntelBMW3 5G Automotive Association5GAA AmazonFacebookGoogleIBMMicrosoftAI Partnership on AI IT-Report 25

JIPDEC IT-Report 2016 Winter 201612158 106-00321-9-912 TEL03-5860-7555FAX03-5573-0561