On June 2, 2025, the Global Cross-Border Privacy Rules (“CBPR”) Forum officially launched the Global CBPR and Privacy Recognition for Processors (“PRP”) certifications. Building on the existing Asia-Pacific Economic Cooperation (“APEC”) CBPR framework, the Global CBPR and PRP systems aim to extend privacy certifications beyond the APEC region. They will allow controllers and processors to voluntarily undergo certification for their privacy and data governance measures under a framework that is recognized by many data protection authorities around the world. The Global CBPR and PRP certifications are also expected to be recognized in multiple jurisdictions as a legitimizing mechanism for cross-border data transfers.Continue Reading Global CBPR and PRP Certifications Launched: A New International Data Transfer Mechanism
Matsumoto Ryoko
Ryoko Matsumoto is a global visiting lawyer who attended Kyoto University, Kyoto University Law School, and Stanford Law School.
Contact:Email
EU’s Community of Practice Publishes Updated AI Model Contractual Clauses
By Dan Cooper, Joshua Gray, Sam Jungyun Choi & Matsumoto Ryoko on
Posted in Artificial Intelligence (AI)
The “market” for AI contracting terms continues to evolve, and whilst there is no standardised approach (as much will depend on the use cases, technical features and commercial terms), a number of attempts have been made to put forward contracting models. One of the latest being from the EU’s Community of Practice on Public Procurement of AI, which published an updated version of its non-binding EU AI Model Contractual Clauses (“MCC-AI”) on March 5, 2025. The MCC-AI are template contractual clauses intended to be used by public organizations that procure AI systems developed by external suppliers. An initial draft had been published in September 2023. This latest version has been updated to align with the EU AI Act, which entered into force on August 1, 2024 but whose terms apply gradually in a staggered manner. Two templates are available: one for public procurement of “high-risk” AI systems, and another for non-high-risk AI systems. A commentary, which provides guidance on how to use the MCC-AI, is also available.Continue Reading EU’s Community of Practice Publishes Updated AI Model Contractual Clauses
Japan Plans to Adopt AI-Friendly Legislation
Posted in Artificial Intelligence (AI), International
On February 4, 2025, the Japanese Government announced its intention to position Japan as “the most AI-friendly country in the world”, with a lighter regulatory approach than that of the EU and some other nations. This statement follows: (i) the Japanese government’s recent submission of an AI bill to Japan’s Parliament, and (ii) the Japanese Personal Data Protection Commission’s (“PPC”) proposals to amend the Japanese Act on the Protection of Personal Information (“APPI”) to facilitate the use of personal data for the development of AI.Continue Reading Japan Plans to Adopt AI-Friendly Legislation