- Home
- News Releases
- Back Issues
- March FY2026
- Global CBPR System Program Requirements Updated
Global CBPR System Program Requirements Updated
March 23, 2026
Joint News Release with the Personal Information Protection Commission
The Global Cross-Border Privacy Rules (CBPR) Forum, comprising 14 jurisdictions including Japan, has engaged in discussions to review the Program Requirements* in order to enable broader participation by additional jurisdictions so that the Global CBPR System can serve as a global standard.
The main items newly added by this update are as follows:
- Procedures required for the handling of sensitive personal information and children’s personal information
- Procedures for the assessment and mitigation of the risk of leakage of personal information
- Procedures for notifying affected individuals of data breaches
From April 1, 2027, onward, applicant organizations seeking new certification or recertification will be subject to certification assessments based on the updated Program Requirements.
Related Links
Announcement by the Global CBPR Forum regarding this matter
The press release regarding this matter issued by the Global CBPR Forum, as well as the full text of the updated Program Requirements, are available on the Global CBPR Forum website.
About the Global CBPR
For details of the system, please refer to the following page.
Past METI News Releases
- The U.K. Announces its Intention to Participate in the Global Cross-Border Privacy Rules (CBPR) Forum (April 18, 2023)
- Global Cross-Border Privacy Rules (CBPR) Forum Publishes Documents (such as Policies, Rules, and Guidelines) for Operationalization of the Global CBPR System (May 7, 2024)
- Launch of the Global Cross-Border Privacy Rules (CBPR) System (June 2, 2025)
Division in Charge
Office of International Affairs, Commerce and Information Policy Bureau
Download(To Adobe site)