[Smcwg-public] Comment on 9.4
伊藤 忠彦
tadahi-ito at secom.co.jp
Thu May 12 07:54:23 UTC 2022
Hi Stephen
I got some comment from our company's privacy officer.
In Japanese law, "Personally identifiable information" would be scope of protection regardless of whether it were public or not (he believe so do GDPR).
(e.g. It is not good if list of subscriber's name were bleached, even if each of name were public in some way)
If "Personal Information" ( or "Personally identifiable information") of our document is not same as "personally identifiable information" in each countries's legal term, it might be better to describe that is different. (as far as I understand, we will comply with each countries's data-protection law anyway, and BR describe additional messuament for personal identifiable information. Therefore, auditing of compliance for each countries data protection law is outside of scope of this BR('s audit). It might be helpful to describe about that scoping in somewhere.)
Regards Tadahiko Ito
More information about the Smcwg-public
mailing list