On April 7, 2026, Japan's Cabinet approved a bill to amend the Act on the Protection of Personal Information (APPI) and submitted it to the 221st Diet as Cabinet Bill No. 54; the House of Representatives passed it on May 26, and it now sits with the upper house. The package, driven by the Personal Information Protection Commission (PPC), does three things at once that rarely travel together: it loosens consent rules so companies can train AI and run statistical analysis on personal data, it tightens rules on children's and biometric data, and it gives the regulator real financial teeth for the first time.
That combination is unusual — and mostly sensible.
A consent carve-out built for AI
The headline change for developers is a statutory exemption: businesses may process personal data — including sensitive categories — for statistical creation and AI model development without prior consent, provided the risk to individuals is low and the company publicly discloses key information about the processing, including its identity and the nature of the analysis. Third-party transfers for these purposes require a written agreement that explicitly invokes the exception.
The ambition is explicit. Japan's digital leadership has framed consent-free use of sensitive data as necessary for building competitive domestic AI models, and analysts read the reform as an attempt to make Japan one of the easiest places in the world to develop AI applications.
This is the right instinct. Consent-based regimes were designed for a world of discrete, purpose-bound data collection; they map poorly onto large-scale model training, where the value comes from aggregate patterns rather than individual records. Forcing per-record consent would not give individuals meaningful control — most people click through — but it would hand a decisive advantage to whoever already holds the data or can afford to buy it.
The privacy objection, fairly stated
The strongest objection is not naïve. Privacy advocates argue that "transparency" is a weak substitute for consent: a disclosure buried on a corporate website does little to constrain how sensitive data — a medical record, a fingerprint, a child's face — is repurposed, and once a model is trained the data cannot be withdrawn. That concern is legitimate, and the bill answers a meaningful part of it.
It creates a category of "specified biometric personal information" — facial geometry, fingerprints, voice patterns, gait, and DNA — bars sharing it with third parties through opt-out mechanisms, and lets individuals demand that use of body-feature data stop even absent any illegal handling. For children under 16, processing requires parental consent, and handlers must act in the "best interests of the child" given their age and development.
This is proportionality done well: the data that is genuinely irreversible and identity-defining gets the strongest guardrails, while low-risk aggregate analysis gets a clear, predictable lane.
Fines priced to the harm
The most consequential structural change is the new administrative fine. Until now the PPC could issue guidance and corrective orders but could not levy monetary penalties — a gap that made Japanese enforcement look toothless beside the EU. The bill lets the PPC order payment when illegal handling of personal data produces financial gain.
Crucially, Japan did not copy the GDPR. The EU fines up to 4% of global annual turnover; Japan's penalty is gain-based — tied to the money the violator actually obtained from the breach. And it is bounded: it does not apply where the operator exercised reasonable care, where fewer than 1,000 individuals were affected, or where harm is deemed insignificant.
This design is smarter than the European model it declined to imitate. Turnover-based megafines are blunt; they can dwarf the actual harm and fall hardest on large firms regardless of culpability, which pushes companies toward defensive over-compliance. A disgorgement model removes the profit from breaking the rules without turning every clerical error into an existential threat. The 1,000-person floor and the reasonable-care defense keep the regime focused on serious, deliberate misuse rather than honest mistakes.
What to watch
The risks lie in the undefined terms. "Low risk" and "best interests" will be filled in by PPC regulations and guidelines over the next two years — the law takes effect within two years of promulgation. Drawn too narrowly, the AI exemption becomes a trap that no cautious general counsel will rely on; drawn too broadly, and the children's and biometric safeguards collapse into boilerplate. The transparency obligation is only as strong as its enforcement: the PPC will have to audit real disclosures, not accept template language pasted into a privacy policy.
There is a sequencing lesson here too. Japan legislated the enabling rule and the guardrails in a single instrument, rather than rushing a prohibition and backfilling exceptions later. That ordering — clarify what is permitted, define what is protected, then price the violations — is exactly what jurisdictions still drafting AI and data rules should copy.
The bottom line
Japan has produced a privacy reform worth studying. It treats AI training as a normal, low-risk use of data rather than a threat to be consented away; it reserves its heaviest protections for the data that genuinely cannot be un-shared; and it prices violations to the gain rather than to a headline percentage of revenue. The forthcoming PPC guidelines will determine whether the balance holds — but the architecture is proportionate, evidence-based, and refreshingly free of the reflex to regulate by fear.