On 4-5 December, European data protection authorities, assembled in the European Data Protection Board (EPDB), met for their fifth plenary session, and adopted an opinion on the EU-Japan draft adequacy decision. Though recognising that the Japanese legal framework could not replicate the EU general data protection regulation (GDPR), the EPDB indicated that a number of concerns remained, in particular regarding the protection of personal data transferred from the EU to Japan. This adequacy decision is expected to be the first adopted by the EU since the GDPR came into force.
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.