Yes, scraping public data in Japan is generally permissible if done without violating privacy or circumventing technical protections, but strict adherence to the Act on the Protection of Personal Information (APPI) and Unfair Competition Prevention Act (UCPA) is required.
Key Regulations for Scraping Public Data in Japan
- APPI Compliance: Personal data extraction from public sources triggers APPI obligations if the data identifies individuals. Controllers must ensure lawful purposes, minimize data collection, and provide opt-out mechanisms under Article 30.
- UCPA Restrictions: Automated scraping that bypasses technical barriers (e.g., CAPTCHAs, rate limits) may constitute “unfair competition” under UCPA Article 2(1)(xi), risking injunctions or fines up to ¥3 million.
- 2026 Amendments: Pending revisions to APPI expand extraterritorial reach, requiring foreign entities scraping Japanese public data to appoint local representatives and comply with enhanced data portability rights.
Scraping publicly available corporate registry filings (e.g., Tōhon data) is permitted, but aggregating such data into commercial databases without consent may violate UCPA’s “illegitimate acquisition” clause. Courts scrutinize intent: commercial use heightens risk, while academic or journalistic purposes receive more leniency under Article 3(1) of the UCPA.
Technical safeguards matter. Scrapers must respect robots.txt directives and API terms, as Japanese courts increasingly treat violations as evidence of bad faith under UCPA. The Personal Information Protection Commission (PPC) has signaled stricter enforcement post-2026, particularly for datasets combining public and inferred personal data.
Foreign entities should conduct due diligence on data sources, as Japan’s extraterritorial APPI amendments may apply if processing affects Japanese residents. Consulting local counsel is advisable for high-risk projects.