The Unfair Competition Prevention Act (“Act”) was revised in 2018, and came into effect on 1st of July, 2019. The revised Act is said to be the first law in the world which tries to protect “big data” itself.
Background of the Revision
Data is becoming more and more valuable under The Forth Industrial Revolution. New value will be created by utilizing and combining various kinds of data, and thus it is required and desirable for the new innovation that data is provided and shared widely.
On the other hand, even though data is acquired and utilized without authorization, the protection of data was not sufficient under previous Japanese laws.
If the data is a kind of technical or business information useful for business activities that are kept secret and that are not publicly known, it is protected as “trade secret” under the Act. But confidentiality is strictly required, which is not the case for big data which should be provided and shared for innovation.
If the data is a kind of creative information, it can be protected by the Patent Act or the Copyright Act, but such case is quite limited.
So the data that is valuable but not publicly disclosed and not totally kept secret, could not be protected by existing IP rights. That means that only damage claim based on general tort is available, but no claim for injunction against wrongful acquisition etc. of such valuable data.
Therefore, the Act has just been revised to provide new protection for such data. As described below, the level of the protection of “protected data” is actually lower than that that of “trade secret” considering the importance of smooth data distribution and utilization for innovation under The Forth Industrial Revolution.
Revised Unfair Competition Prevention Act defines “protected data” in Article 2 (7) as follows;
The term “protected data” as used in this Act means technical or business information that is accumulated in a reasonable amount by electronic or magnetic means (meaning an electronic form, magnetic form, or any other form that is impossible to perceive through the human senses alone; the same applies in the following paragraph) as information provided to specified persons on a regular basis and that is managed (excluding information that is kept secret).
To understand what kind of data can be the “protected data” under the Act, “Guidelines on Protected Data” (“Guidelines”) is provided.
According the Guidelines, protected data has to be
1) “provided to specified persons on a regular basis” which assumes big data and similar data that is widely provided to third parties through a transaction or other operation;
2) “accumulated in a reasonable amount” whose amount is to be determined according to the nature of the specific data; and
3) “managed by electronic or magnetic means” which means it is necessary that the intention of the owner of any data to control the data as something to be provided exclusively to specified persons is shown by the methods such as authentication technology or leased line.
Protected data is “excluding information that is kept secret” in order to distinguish “trade secrets” from “protected data.”
Any information that has been made available to the public without compensation (open data) is excluded from application.
Acts of Unfair Competition
There are three categories for the acts of unfair competition concerning “acquisition”, “use” and “disclosure” of “protected data”;
1) Category of unauthorized acquisition,
2) Category of significant violations of the principle of good faith, and
3) Category of subsequent acquisition.
The category of unauthorized acquisition regulates acts as that of acquiring protected data by malicious means (theft, fraud, duress, or other wrongful means”).
Among the category of significant violations of the principle of good faith, only the acts which satisfy the following requirements will fall under “unfair competition” concerning protected data; (i) for the purpose of wrongful gain or causing damage to the protected data owner, and (ii) actions taken in breach of the duties regarding the management of the protected data.
And in the last category, if subsequent acquirer is in bad faith (not including “gross negligence”) at the time of acquisition, acquisition, use and disclosure are regarded as “unfair competition.” On the other hand, if subsequent acquirer is in good faith at the time of acquisition, only the actions done by a subsequent acquirer who entered into bad faith after acquiring the data are regarded as “unfair competition.”
In all categories, the unfair competition acts are more limited than those concerning “trade secrets,” in order to ensure a good balance in protection between the protected data owner and users thereof.
Remedies against Unfair Competition
Further, the remedies against the unfair competition against the “protected data” are limited to the civil ones such as damages and injunction, although the remedies against the unfair competition against the “trade secrets” may also include the criminal ones.