{"id":5297,"date":"2025-06-05T01:11:21","date_gmt":"2025-06-04T16:11:21","guid":{"rendered":"https:\/\/itresearchart.biz\/?p=5297"},"modified":"2025-06-05T01:11:21","modified_gmt":"2025-06-04T16:11:21","slug":"analysis-of-active-cyber-defence-law-in-japan-part-2-access-and-neutralisation-measures","status":"publish","type":"post","link":"https:\/\/itresearchart.biz\/?p=5297","title":{"rendered":"Analysis of \u201cActive Cyber Defence Law\u201d in Japan Part 2 (Access and Neutralisation measures)"},"content":{"rendered":"<p>Two bills related to so-called \u2018active cyber defence\u2019 (\u2018Law on the Prevention of Damage Caused by Unauthorised Acts Against Important Electronic Computers\u2019 and \u2018Law on the Enforcement of the Law on the Prevention of Damage Caused by Unauthorised Acts Against Important Electronic Computers and the Revision of Related Laws\u2019) were passed by the House of Councillors on 16 May 2025 and became law (News article: \u2018<a href=\"https:\/\/www.nikkei.com\/article\/DGXZQOUA1335S0T10C25A5000000\/\">Law passed to prevent cyber attacks; government to monitor communications and require companies to report incidents\u2019<\/a>).<\/p>\n<p>Of these, we examined public-private partnerships, the use of communications information, and organisational structure improvements in our previous blog post, \u2018<a href=\"https:\/\/itresearchart.biz\/?p=5237\">Reading the \u2019Bill on the Prevention of Damage Caused by Unauthorised Acts Against Important Electronic Computers\u2018 (Use of Communications Information, etc.)<\/a>.(Japanese)\u2019<\/p>\n<p>Here, we will examine the measures related to \u2018access and neutralisation.\u2019 The relevant legislation is the \u2018Law on the Revision of Related Laws in Connection with the Enforcement of the Law on the Prevention of Damage Caused by improper Acts Against Important Electronic Computers\u2019 (<a href=\"https:\/\/www.shugiin.go.jp\/internet\/itdb_gian.nsf\/html\/gian\/honbun\/houan\/g21709005.htm\">draft text<\/a>).<\/p>\n<p><a href=\"https:\/\/itresearchart.biz\/?attachment_id=5299\" rel=\"attachment wp-att-5299\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-5299\" src=\"https:\/\/i0.wp.com\/itresearchart.biz\/wp-content\/uploads\/2025\/06\/ACDLaw-en-1.png?resize=644%2C362&#038;ssl=1\" alt=\"\" width=\"644\" height=\"362\" srcset=\"https:\/\/i0.wp.com\/itresearchart.biz\/wp-content\/uploads\/2025\/06\/ACDLaw-en-1.png?resize=644%2C362&amp;ssl=1 644w, https:\/\/i0.wp.com\/itresearchart.biz\/wp-content\/uploads\/2025\/06\/ACDLaw-en-1.png?resize=300%2C169&amp;ssl=1 300w, https:\/\/i0.wp.com\/itresearchart.biz\/wp-content\/uploads\/2025\/06\/ACDLaw-en-1.png?resize=768%2C432&amp;ssl=1 768w, https:\/\/i0.wp.com\/itresearchart.biz\/wp-content\/uploads\/2025\/06\/ACDLaw-en-1.png?w=1280&amp;ssl=1 1280w\" sizes=\"(max-width: 644px) 100vw, 644px\" \/><\/a><\/p>\n<p>The main contents of this law include revisions to the Police Officers&#8217; Duties Act and the Self-Defence Forces Act.<\/p>\n<h1><b>1 Revisions to the Police Officers&#8217; Duties Act<\/b><\/h1>\n<p>We will examine the amendments to the Police Officer Duties Enforcement Act. The Police Officer Duties Enforcement Act consists of Article 4 (Measures for Evacuation, etc.), Article 5 (Prevention and Suppression of Crimes), Article 6 (Entry), and Article 7 (Use of Weapons).<\/p>\n<p>The Police Duties Execution Act translation is <a href=\"https:\/\/www.japaneselawtranslation.go.jp\/ja\/laws\/view\/4043\/tb\">here.<\/a><\/p>\n<p>Article 6-2 will be added, titled \u2018Measures by Cyber Threat Prevention Officers.\u2019<\/p>\n<p>From an academic perspective, there was some discussion about whether cyber-related measures could be taken under Article 5, and personally, I thought that if Article 4 (Evacuation, etc.) were based on necessity, it could be handled there, but it has been placed under Article 6-2.<\/p>\n<h2><b>(Measures by Cyber Threat Prevention Measures Enforcement Officers)<\/b><\/h2>\n<h2>Article 6-2<\/h2>\n<p>Paragraph 1 designates Cyber Threat Prevention Measures Enforcement Officers.<\/p>\n<blockquote><p>The Commissioner of the National Police Agency shall designate police officers from among those of the National Police Agency or prefectural police who are deemed to possess the necessary knowledge and ability to appropriately take the measures specified in the following paragraph as Cyber Threat Prevention Measures Enforcement Officers.<\/p><\/blockquote>\n<p>Paragraph 2 states that when<\/p>\n<ul>\n<li>electronic communications used for acts that harm cybersecurity or other unlawful acts using information technology (hereinafter referred to as \u2018information technology-related unlawful acts\u2019 in this paragraph) or electronic communications suspected of being used for such acts (hereinafter referred to as \u2018harm-related electronic communications\u2019 in this paragraph and the proviso of Paragraph 4)<\/li>\n<\/ul>\n<p>or<\/p>\n<ul>\n<li>electromagnetic records (meaning records created in electronic, magnetic, or other forms not perceivable by human senses, and intended for use in information processing by computers; the same applies hereinafter in this paragraph) used for information technology-related unlawful acts, or electromagnetic records suspected of being used for such acts (hereinafter referred to as \u2018harm-related electromagnetic records\u2019 in this paragraph)<\/li>\n<\/ul>\n<p>and<\/p>\n<p>where<\/p>\n<ul>\n<li>there is an urgent need because leaving such acts unchecked would pose a serious threat to human life, bodily safety, or property,<\/li>\n<\/ul>\n<p>the administrator or other relevant party of the electronic computer that is the source or destination of the harmful telecommunications or the electronic computer on which the harmful electromagnetic records are stored (hereinafter collectively referred to as \u2018harmful electronic computers\u2019 in this article) shall be ordered to take<\/p>\n<p>to take measures deemed necessary to prevent harm, such as the deletion of harmful electronic records stored on the harmful electronic computer, provided that such measures are carried out through telecommunications lines and are deemed necessary to prevent harm, including, to the extent necessary to appropriately prevent harm, connecting to the harmful electronic computer through telecommunications lines to confirm the electronic records related to its operations stored on the harmful electronic computer. and\/or<\/p>\n<p><b>take such measures themselves.<\/b><\/p>\n<p>Additionally, Paragraph 3 establishes provisions for consultation with the Minister of Foreign Affairs in cases involving entities outside Japan.<\/p>\n<p>Paragraph 4 sets forth provisions regarding the approval of the Cyber Communications Information Management Committee.<\/p>\n<p>Here, the Minister of Justice may order the administrator or other relevant parties to<\/p>\n<blockquote><p>take measures deemed necessary to prevent harm, such as the deletion of harmful electronic records,<\/p><\/blockquote>\n<p>and, if they comply, that is acceptable; however, in practice, they are unlikely to comply voluntarily, so the authority must take such measures itself.<\/p>\n<p>The issue here is what specific measures should be taken and what rules should govern their implementation.<\/p>\n<p>Regarding cyber techniques, I have discussed this in my article \u2018A Comparative Legal Analysis of Active Cyber Defence\u2019 (InfoCom Review No. 72)<\/p>\n<ul>\n<li>Information Sharing<\/li>\n<li>Tar Pit Sandbox Honeypot<\/li>\n<li>Jamming and Deception<\/li>\n<li>Hunting<\/li>\n<li>Beacon<\/li>\n<li>Deep Web\/Darknet Intelligence Gathering<\/li>\n<li>Botnet Take Down<\/li>\n<li>Coordinated Sanctions<\/li>\n<li>White Hat Ransomware<\/li>\n<li>Rescue Missions for Property Recovery<\/li>\n<\/ul>\n<p>and other methods have been identified.<\/p>\n<p>Among these, which ones<\/p>\n<blockquote><p>are considered necessary measures for harm prevention<\/p><\/blockquote>\n<p>? Additionally, what would be the rules of engagement (ROE) in such cases?<\/p>\n<p>Regarding this point, I referred to Mr. Jinnai&#8217;s doctoral thesis, \u2018Legal Issues in Cyber Operations Conducted by the Self-Defence Forces\u2019 (<a href=\"https:\/\/lab.iisec.ac.jp\/degrees\/d\/theses\/iisec_d53_thesis.pdf\">link<\/a>). In note 45 of that thesis, my work, \u2018Continuation of the Concept of Active Cyber Defence\u2019 (<a href=\"https:\/\/itresearchart.biz\/?p=4167\">link<\/a>), is cited, and it is stated that<\/p>\n<blockquote><p>From a purely military operational perspective, the means permitted in an operation are ultimately determined by the military based on the operational objectives and operational environment. Specifically, the Rules of Engagement (ROE), which are created for each operation and include political and legal elements, are issued as orders (in the case of the Self-Defense Forces, which are administrative agencies, these orders would correspond to administrative notices under administrative law). These orders then regulate the details of authority.It is important to understand that different means are not legally prescribed depending on the type of operation. In simple terms, the law establishes the broad framework for whether the military should conduct an operation, and it is generally not the case that the means used in an operation are regulated by law.<\/p><\/blockquote>\n<p>As stated above, ROE is the key point. However, even so, the question arises as to whether the \u2018measures deemed necessary for the prevention of harm\u2019 mentioned above encompass all specific operations, or only part of them, and if only part, what are the criteria for determining that part.<\/p>\n<h2><b>2. Amendment to the Self-Defence Forces Act<\/b><\/h2>\n<p>Article 4 is an amendment to the Self-Defence Forces Act.<\/p>\n<p>\u2018Communication protection measures for important electronic computers\u2019 will be added to Article 81-3.<\/p>\n<p>The authority to take such measures includes:<\/p>\n<blockquote><p>Ordering the implementation of measures related to the operation of electronic computers necessary to prevent damage to the relevant important electronic computer, which are carried out through telecommunications lines (hereinafter referred to as \u2018communication protection measures\u2019 in this article and Article 91-3).<\/p><\/blockquote>\n<p>What is interesting is the requirement for such measures.<\/p>\n<ol>\n<li>It must be determined that there is a significant risk that the specified unauthorised act will cause a specific major disruption (meaning a disruption to the functions of the important electronic computer that results in the cessation or degradation of such functions, and where such cessation or degradation would lead to a disruption that cannot be easily restored, thereby causing a situation that seriously jeopardises the safety of the state and the people) to the important electronic computer.<\/li>\n<li>The special technical capabilities or information possessed by the Self-Defence Forces are indispensable for preventing the occurrence of a specific major disruption.<\/li>\n<li>There is a request or consent from the National Public Safety Commission.<\/li>\n<\/ol>\n<p><cite>Specific major disruption<\/cite><\/p>\n<p>This concept refers to a situation that would result in a situation that would significantly impair the safety of the state and its citizens.<\/p>\n<blockquote><p>Within the framework of the Self-Defence Forces Act,<\/p><\/blockquote>\n<ul>\n<li>Defence deployment (Article 76)<\/li>\n<li>Security deployment for the protection of Self-Defence Forces facilities, etc. (Article 81-2)<\/li>\n<\/ul>\n<p>Public order deployment (Article 78)<\/p>\n<p>and others, and within these, \u2018communication protection measures for important electronic computers\u2019 are permitted in cases of specific major disruptions.<\/p>\n<p>The specific actions here are \u2018measures related to the operation of electronic computers necessary to prevent damage to the relevant important electronic computers, which are carried out via telecommunications lines.\u2019 However, what these measures will concretely entail, and the fact that ROE will likely be a key point in practice, are the same issues as those regarding the measures taken by the Cyber Threat Prevention Measures Enforcement Officer mentioned above. In fact, Article 91-3 stipulates the \u2018authority for communication protection measures for important electronic computers\u2019 as follows:<\/p>\n<blockquote><p>the provisions of Article 6-2, paragraphs 2 to 11 of the Police Officer Duties Enforcement Act shall apply mutatis mutandis to the performance of duties by self-defence force members of units or other entities ordered to take communication protection measures pursuant to the provisions of Article 81-3, paragraph 1.<\/p><\/blockquote>\n<p>Additionally, corresponding amendments have been established.<\/p>\n<p>In Article 95-4, \u2018Authority for the Protection of Specific Electronic Computers Used by the Self-Defence Forces,\u2019<\/p>\n<ul>\n<li>\u2018Specific electronic computers used by the Self-Defence Forces\u2019<\/li>\n<li>\u2018Specific electronic computers used by the armed forces of the United States of America stationed in Japan pursuant to the Treaty on Mutual Cooperation and Security between Japan and the United States of America\u2019<\/li>\n<\/ul>\n<p>the provisions regarding the execution of duties by Self-Defence Forces personnel tasked with protecting such systems from unauthorised acts using information technology are applied mutatis mutandis.<\/p>\n","protected":false},"excerpt":{"rendered":"Two bills related to so-called \u2018active cyber defence\u2019 (\u2018Law on the Prevention of Damage Caused by Unauthorised [&hellip;]","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[21,53,49],"tags":[],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8IUOX-1nr","_links":{"self":[{"href":"https:\/\/itresearchart.biz\/index.php?rest_route=\/wp\/v2\/posts\/5297"}],"collection":[{"href":"https:\/\/itresearchart.biz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itresearchart.biz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itresearchart.biz\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/itresearchart.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5297"}],"version-history":[{"count":1,"href":"https:\/\/itresearchart.biz\/index.php?rest_route=\/wp\/v2\/posts\/5297\/revisions"}],"predecessor-version":[{"id":5300,"href":"https:\/\/itresearchart.biz\/index.php?rest_route=\/wp\/v2\/posts\/5297\/revisions\/5300"}],"wp:attachment":[{"href":"https:\/\/itresearchart.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5297"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itresearchart.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5297"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itresearchart.biz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}