1. Home
  2. News Releases
  3. Back Issues
  4. January FY2025
  5. “Manual on Cross-Border Industrial Data Management” Compiled to Promote Companies’ International Data Sharing and Utilization

“Manual on Cross-Border Industrial Data Management” Compiled to Promote Companies’ International Data Sharing and Utilization

January 27, 2025

The Ministry of Economy, Trade and Industry (METI) compiled the “Manual on Cross-Border Industrial Data Management” for personnel in charge of practical data-related matters at companies. This manual serves as a guide for companies that intend to internationally share and utilize data in ascertaining the major risks they face and holding discussions on appropriate measures against the risks.

1. Background

Against the backdrop of the dissemination of IoT and digital transformation (DX) and calls for enhanced transparency in supply chains, more and more companies have been sharing and utilizing data internationally. At the same time, some countries and regions have been advancing the improvement of their data-related legislative systems and have set some regulations which impose restrictions on the cross-border transfers of industrial data that companies hold and requiring the compulsory disclosure of such data to the governments. These regulations are expected to constrain international corporate activities and, in the mid- to long-term, there are concerns that they will have an impact on the competitiveness of Japanese industries as a whole and on the establishment and dissemination of digital infrastructure.

Against this background, METI convened the Industrial Data Sub-Working Group on May 30, 2024, as a body under the International Data Governance Advisory Committee and the International Data Governance Study Group (co-hosted by the Digital Agency and METI). In response, the sub-working group compiled a list of the risks involved in the international sharing and utilization of industrial data and the measures against such risks that companies can take, in particular, focusing on cross-border transfers of data.

METI hereby announces that it compiled the “Manual on Cross-Border Industrial Data Management” based on the results of discussions by the sub-working group. As the global society has been advancing repeated discussions on personal data related to cross-border transfers, this manual is the first compilation focusing on non-personal data. The manual also aims to encourage individual companies to promote data sharing and utilization, thereby helping such companies to fortify industrial competitiveness in the mid- to long-term and establish digital infrastructure across companies.

The manual targets a wide range of industries, including manufacturing and IT services, regardless of company size or industry, and its main readers are assumed to be personnel in charge of practical matters at companies, including the business division, risk and compliance division, legal division, and data management division.

2. Overview of the manual

(1)  Scope and positioning of the study

Under Data Free Flow with Trust (DFFT), a concept that Japan has upheld internationally, the manual sets out three values that companies are expected to achieve, namely promotion of free distribution and use, confidentiality and rights protection, and trustworthiness assurance. Conversely, the manual covers a variety of risks that companies may face, namely that companies cannot freely access and manage data stored in other countries and regions, they cannot protect important data (in terms of confidentiality and rights), or they cannot trust data.

(2) Steps in cross-border data management

The manual sets three steps to take ([i] risk visualization, [ii] risk assessment, and [iii] implementation of actions), and explains the processes for taking the steps. It also classifies typical potential risks into two categories: 1) risks associated with government actions and 2) risks associated with private enterprise actions, and presents potential measures that companies may consider effective against the risks, mainly focusing on the former category.

(3) Anticipated risks and actions

The manual focuses, in particular, on cross-border transfers of data and shows specific examples of measures against the following three risks that fall under the category of risks caused by government action, which are organized in accordance with the steps in Item (2) above:
 1. Restriction on data transfers and business activities (data localization),
 2. Forced access to data (government access), and
 3. Mandatory data sharing and disclosure.

Related Materials

Related Links

Division in Charge

Office of International Affairs, Commerce and Information Policy Bureau