NY Forum on Japanese Culture and Business Globalization in the IT Revolution
The following is a summary of the presentation by Dr. Alan Westin at the NY Forum on October 2, 2000
Alan WESTIN (Director, Japan-U.S. Privacy and Data Protection Program at the Center for Social and Legal Research and Professor Emeritus, Columbia University)
Shumpei KUMON (Executive Director, GLOCOM)
"Comments on Japan's Network Culture and the IT Revolution"
My comments at this forum are drawn from 40 years of studying and writing about privacy and information technology in democracies; serving as a privacy consultant to over 150 companies and government agencies; and now directing the Japan-US Privacy and Data Protection Program, an activity of the non-profit Center for Social and Legal Research that I head.
Like the U.S., Japan sees its commercial and cultural future heavily tied to E-commerce and information technology applications in the early 21st century. So the two nations officially declared in the US-Japan Joint Statement on Electronic Commerce issued in May, 1998 by President Clinton and PM Hashimoto.
These are not just words. The US and Japan rank #1 and #2 among nations in the number of their citizens using the Internet and in the number of web sites created in each country. As of June, 2000, over 20 million Japanese were using the Net. And, almost 60% of Japanese going online have made purchases on the Net.
The two nations also share a commitment by a majority of their businesses to personalized or "target" marketing as the new imperative of business-to-consumer relationships, not only online but in the offline world as well. "We must know you to serve you" is the central premise of this global trend, and new techniques of data warehousing and data mining support this fundamental commitment.
But in both countries, this business model is in peril -- because of a basic lack of trust and confidence among majorities of citizens in both nations toward the way businesses are collecting and using consumer personal information.
Observers of American political culture are not surprised at this condition, given traditional American distrust of government and business institutions and demands for legal civil liberties protections. Over 100 national public opinion surveys on privacy in the US over the past decade have publicized this popular concern over privacy in the U.S.
Most Americans and many Japanese would assume that this would not be the case in Japan, where trust in and deference to governmental authority and business leadership have been the norm. Yet survey research and political-cultural trends clearly show that Japanese business and consumers are locked in the same tensions and disconnections as in the U.S., and that the lack of trust in Japan in fact is even deeper than in the U.S.
A national survey of the Japanese public conducted in November, 1999 by a Tokyo survey firm and sponsored by my US-Japan Program on privacy and data protection documented this reality:
· 77% of the adult Japanese public say they are concerned today about the potential misuse of their personal information. (US is 94%)
· 67% say consumers in Japan have lost all control over how businesses collect and use their information (US is 82%)
· 67% of Japanese consumers using the Internet say they worried about privacy threats when they use the Net. (US is 81%)
· Only a third -- 32.5% -- of Japanese believe most businesses in Japan today handle the personal consumer information they collect in a proper and confidential way (in the US, twice as many -- 65% -- believe most businesses are acting properly)
· And, only a third -- 34% -- of Japanese believe that existing laws and organizational practices in Japan "provide a reasonable level of consumer privacy today." (US is much higher, at 59%)
Clearly, the business and the government cultures in both nations are challenged by this trend, and -- after too long a delay and lack of attention -- business and government leaders in both nations are addressing this issue, and from an interestingly common set of assumptions spelled out in the 1998 E-Commerce Statement -- let the private sector lead, let self-regulation go forward, but let government be ready to step in when needed to adequate policies are applied by all.
· In the US, federal legislation on financial services and health care have laid out new privacy protections; Congress is considering framework legislation for Internet privacy; and regulatory agencies have become active at the federal level (the Federal Trade Commission) and the states (State Attorneys general and Consumer Protection agencies). and, as the land of litigation, the lawyers are bringing class action lawsuits against both brick and click companies that they claim to have violated promises to consumers about how their personal information would be handled. In addition, 85% of major web sites have placed Privacy Notices on their web sites, and online privacy seals programs by Trust-e, the Better business bureau, and Web Trust are being widely implemented.
· In Japan, some Japanese corporate web sites -- such as Toshiba and Fujitsu -- and Japanese ISPs -- like Nifty -- have put up good privacy notices. ECOM (the Electronic Commerce Promotion Council of Japan). the Japan Internet Association, and other industry groups have issued good privacy guidelines. JIPDEC (The Japan Information Processing Development Center, a MITI organization) has developed a Privacy Mark system to be adopted by Japanese companies and industry associations). And, a Personal Data Protection Law to create legal rules for the full private sector in Japan has been drafted by Japanese experts and will be debated in the Diet this winter.
So, there is recognition of the trust problem and many specific actions addressing it. But -- at this time -- the winning of consumer trust is not secure in both countries. And, I must say as a close analyst of privacy trends who has been meeting extensively with Japanese business, government, and consumer groups over the past three years, I see Japan as further behind in taking the necessary actions
1. Only a small portion of Japanese consumer products/services web sites have privacy notices and policies, compared to over 80% in the U.S.
2. Only about 150 Japanese companies have obtained the JIPDEC Privacy Mark, compared to over 3000 major US companies operating online.
3. Only a handful of Japanese companies have developed full privacy codes for all their uses of consumer personal information, where my estimate is that almost half of comparable US firms have issued and widely publicize such privacy codes.
4. There are no independent, non-profit associations yet in Japan that could audit and certify that Japanese companies are following their privacy promises -- a vital step in restoring consumer trust in both nations.
5. And, most companies in Japan have not yet recognized and accepted the fact that the Net revolution empowers consumers with information about products and services on a global scale, and that demanding individual choice as to how their personal information is collected and used is now the driving attitude among most online consumers in Japan -- as in the U.S.
So, while there is much that needs to be done in the US to win consumer trust in e-commerce and online communication, even more needs to be done in Japan. There are no ideological or structural impediments to good action by Japanese businesses -- they simply have to recognize that -- without consumer trust and individual-consumer empowerment -- Japan will not realize the promise of Internet and IT potential.