The Basic Act on Cybersecurity(Act No. 104 of 2014)
Last Version: Act No. 11 of 2019
TOC
History

  • June 11, 2021
    • Last Version: Act No. 11 of 2019
    • Translated Date: October 13, 2020
    • Dictionary Version: 14.0
  • December 12, 2016
    • Last Version:
    • Translated Date: September 30, 2015
    • Dictionary Version: 9.0

The Basic Act on Cybersecurity
Act No. 104 of November 12, 2014
Table of Contents
Chapter I General Provisions(Articles 1 to 11)
Chapter II Cybersecurity Strategy(Article 12)
Chapter III Basic Policy(Articles 13 to 24)
Chapter IV Cybersecurity Strategic Headquarters(Articles 25 to 37)
Chapter V Penal Provision(Article 38)
Supplementary Provisions
Chapter I General Provisions
(Purpose)
Article 1The purpose of this Act is to set a basic policy for Japan's cybersecurity initiatives, clarify things such as the responsibilities of the national and local governments, and provide for the formulation of a cybersecurity strategy and other things that will become the foundation of cybersecurity initiatives, and also to comprehensively and effectively advance cybersecurity initiatives in conjunction with the Basic Act on the Formation of an Advanced Information and Telecommunications Network Society (Act No. 144 of 2000) in ways such as establishing a Cybersecurity Strategic Headquarters, and by doing so, to enhance economic and social vitality and achieve sustainable development and bring about a society where the people can live with a sense of safety and security, and also to contribute to ensuring peace and safety in the international community and contribute to Japan's national security, in consideration of the context in which it has become an urgent issue to ensure cybersecurity while also ensuring the free flow of information, due to the increasing severity of threats to cybersecurity and other such changes in internal and external circumstances that are arising on a global scale as a function of the development of the Internet and other such advanced information and telecommunications networks, and the increased use of information and communications technologies.
(Definitions)
Article 2The term "cybersecurity" as used in this Act means that the necessary measures have been taken to prevent the leakage, loss, or damage of information that is recorded, sent, transmitted, or received in electronic form, magnetic form, or any other form that cannot be perceived by the human senses (hereinafter referred to as "electronic or magnetic form" in this Article) and to securely manage that information in other such ways; that the necessary measures have been taken to ensure the security and reliability of information systems and of information and communications networks (including the necessary measures to prevent damage from unauthorized activities directed at a computer through an information and communications network or through a storage medium associated with a record that has been created in electronic or magnetic form (hereinafter referred to as "electronic or magnetic storage medium")); and that this status is being properly maintained and managed.
(Basic Principles)
Article 3(1)Since ensuring the free-flow of information through the development of the internet and other advanced information and telecommunications networks and through the use of information and communications technologies is important to such things as people's enjoyment of freedom of expression, the creation of innovations, and the enhancement of economic and social vitality through the use of these networks and technologies, cybersecurity policy must be advanced with the principle to proactively respond to cybersecurity threats through coordination among a variety of actors, such as the national and local governments and critical social infrastructure providers (referring to those engaged in business that provides infrastructure which is the foundation of the lives of the people and economic activities, and whose functional failure or deterioration would cause an enormous impact on them).
(2)The cybersecurity policy must be advanced with the principle to raise awareness to each individual member of the public about cybersecurity and encourage each individual member of the public to take voluntary actions, and positively promote actions to establish resilient systems which can prevent any damage caused by threats against cybersecurity and quickly recover from damage or failure.
(3)The cybersecurity policy must be advanced with the principle to develop the Internet and other such advanced information and telecommunications networks, and positively promote actions to establish vital economy and society through the utilization of information and communications technologies.
(4)The cybersecurity policy must be advanced through international cooperation with the principle for Japan to assume a leading role in the formulation and development of an international cybersecurity framework, in consideration of the fact that responding to cybersecurity threats is a common issue throughout the international community, and that Japan's economy and society operate within the context of internationally close and interdependent relationships.
(5)The cybersecurity policy must be advanced in consideration of the basic principles of the Basic Act on the Formation of an Advanced Information and Telecommunications Network Society.
(6)The cybersecurity policy must be advanced with due consideration not to wrongfully infringe on the rights of the people.
(Responsibilities of the National Government)
Article 4The national government is responsible for formulating and implementing comprehensive cybersecurity policies in line with the basic principles in the preceding Article (hereinafter referred to as "basic principles").
(Responsibility of Local Governments)
Article 5In accordance with the basic principles, local governments bear the responsibility to formulate and implement independent cybersecurity policies in consideration of the appropriate division of roles with the national government.
(Responsibility of Critical Social Infrastructure Providers)
Article 6In accordance with the basic principles, a critical social infrastructure provider is to deepen its interest in and understanding of the importance of cybersecurity and to endeavor independently and actively to ensure cybersecurity, as well as endeavoring to cooperate in the implementation of the cybersecurity policy that the national or local government implements, in order to stably and properly provide its services.
(Responsibility of Cyberspace-Related Business Entities and Other Business Entities)
Article 7In accordance with the basic principles, cyberspace-related business entities (referring to those engaged in business regarding the maintenance of the internet and other advanced information and telecommunications networks, the utilization of information and communications technologies, or business relating to cybersecurity; the same applies hereafter) and other business entities are to endeavor independently and actively to ensure cybersecurity, as well as endeavoring to cooperate in the implementation of the cybersecurity policy that the national or local government implements, in the course of their business activities.
(Responsibility of Educational and Research Organizations)
Article 8In accordance with the basic principles, universities and other educational and research organizations are to independently and actively endeavor to ensure cybersecurity, foster human resources related to cybersecurity, carry out research on cybersecurity, and disseminate the results, while endeavoring to cooperate with the cybersecurity policy that the national or local government implements.
(The Efforts by the People)
Article 9In accordance with the basic principles, the people are to endeavor to deepen their interest and understanding of the importance of cybersecurity and pay necessary attention to ensuring cybersecurity.
(Legislative Measures)
Article 10The national government must take legislative, financial, or tax measures or any other measures that are necessary to implement the cybersecurity policy.
(Development of Administrative Organizations)
Article 11In implementing cybersecurity policies, the national government is to endeavor to develop administrative organizations and to improve administrative management.
Chapter II The Cybersecurity Strategy
Article 12(1)The national government must establish a basic plan for cybersecurity (hereinafter referred to as the "cybersecurity strategy") with the aim of the comprehensive and effective promotion of the cybersecurity policy.
(2)The cybersecurity strategy is to provide for the following particulars:
(i)basic objectives of cybersecurity policies;
(ii)particulars concerning the ensuring of cybersecurity within national administrative organs and other related organs;
(iii)particulars concerning the promotion of ensuring cybersecurity in critical social infrastructure providers, the associations that they form, and local governments (hereinafter referred to as "critical social infrastructure providers and other related entities"); and
(iv)beyond what is listed in the preceding three items, particulars necessary to comprehensively and effectively promote cybersecurity policies.
(3)The Prime Minister must request a cabinet decision on the proposed cybersecurity strategy.
(4)When having established the cybersecurity strategy, the national government must report it to the Diet without delay and make it public through the use of the internet and other appropriate means.
(5)The provisions of the preceding two paragraphs apply in the case of amendments to the cybersecurity strategy.
(6)In order to ensure necessary funding for the costs needed to implement the cybersecurity strategy, the national government must endeavor to take necessary measures for implementing the cybersecurity strategy smoothly, such as appropriating the necessary funding in the budget each fiscal year, to the extent that national finances allow.
Chapter III Basic Policy
(Ensuring of Cybersecurity at National Administrative Organs and Related Organs)
Article 13With regard to cybersecurity at national administrative organs, incorporated administrative agencies (referring to incorporated administrative agencies prescribed under Article 2, paragraph (1) of the Act on General Rules for Incorporated Administrative Agencies (Act No. 103 of 1999); the same applies hereafter) and special corporations (referring to a corporation directly incorporated by law or incorporated by a special law through a special incorporation procedure which is subject to Article 4, paragraph (1), item (ix) of the Act for Establishment of the Ministry of Internal Affairs and Communications (Act No. 91 of 1999); the same applies hereafter), and so forth, the national government is to provide necessary measures including: the formulation of common standards of cybersecurity measures for national administrative organs, incorporated administrative agencies and designated corporations (special corporations and authorized corporations (referring to a corporation incorporated by a special law which needs the approval of a governmental entity for their incorporation and associated matters; the same applies in Article 33, paragraph (1)) which are designated by the Cybersecurity Strategic Headquarters as ones for which the national government needs to further enhance measures which it is providing to ensure cybersecurity, in consideration of the impact on the people's living conditions and economic activities accrued in the case in which cybersecurity in the corporations is not ensured; the same applies hereafter); the collaborative use of interoperable information systems among national administrative organs; monitoring and analysis of malicious activities against information systems of national administrative organs, incorporated administrative agencies or designated corporations through information and communications networks or electronic or magnetic storage medium; cybersecurity exercises and training at national administrative organs, incorporated administrative agencies and designated corporations; responses to cybersecurity threats in cooperation, communication and coordination with relevant domestic and foreign parties; the sharing of information regarding cybersecurity among national administrative organs, incorporated administrative agencies, special corporations, and so forth.
(Ensuring Cybersecurity at Critical Social Infrastructure Providers and Other Related Entities)
Article 14The national government is to provide measures such as formulating standards, exercises and training, information sharing, and the promotion of other voluntary activities, and other necessary measures regarding cybersecurity in critical social infrastructure providers and other related entities..
(Facilitation of Voluntary Activities of Private Enterprises, Educational, Research, and Other Organizations)
Article 15(1)The national government is to provide necessary measures, including increasing awareness and understanding about the critical value of cybersecurity, offering consultation on cybersecurity, and providing necessary information and advice, in order to promote the voluntary activities for cybersecurity of private enterprises such as small and medium-sized enterprises, or of educational and research organizations such as universities, considering that information related to their intellectual property is critical for the enhancement of Japan's international competitiveness.
(2)Considering that it is important for each member of the public to make an effort to voluntarily strive to ensure cybersecurity, the national government is to provide necessary measures, including offering consultation on cybersecurity and providing necessary information and advice on actions such as, appropriate choices about products and services in the daily use of computers or the internet and other advanced information and telecommunications networks.
(Coordination with Multiple Stakeholders)
Article 16The national government is to aim at the enhancement of coordination among relevant ministries and is to take necessary measures to enable multiple stakeholders, such as the national government, local governments, critical social infrastructure providers, and cyberspace-related business entities, to work on cybersecurity policies in mutual coordination.
(Cybersecurity Council)
Article 17(1)The Chief of the Cybersecurity Strategic Headquarters prescribed in Article 28, paragraph (1) and the commissioned Minister of State (referred to as "Chief, etc." in the following paragraph) is to establish the Cybersecurity Council (hereinafter referred to as the "Council" in this Article) to hold the necessary consultations on the advancement of cybersecurity policies.
(2)If the Chief, etc. finds it necessary to do so, upon going through deliberations, the Chief, etc. may have the following persons join the Council as a member thereof:
(i)heads of national administrative organs (excluding the Chief, etc.);
(ii)local public entities or associations that they form;
(iii)critical social infrastructure providers or associations that they form;
(iv)cyberspace-related business entities or associations that they form;
(v)universities and other educational and research organizations, or associations that they form; and
(vi)other persons considered to be necessary by the Chief, etc.
(3)The Council may request its members concerned for submission of materials, expression of opinions, explanations, or any other cooperation regarding the advancement of cybersecurity policies when the Council finds it necessary for consultations referred to in paragraph (1).In this case, the members of the Council must respond to the request, unless there is a justifiable reason for not doing so.
(4)Any person who performs or previously performed the duties of the Council must not divulge or misappropriate any secrets learned in connection with those details without justifiable grounds.
(5)The general affairs of the Council are performed by the Cabinet Secretariat and managed by an Assistant Chief Cabinet Secretary who is ordered to do so.
(6)Beyond what is prescribed in the preceding paragraphs, necessary matters concerning the organization and operation of the Council are prescribed by the Council.
(Cybercrime Control and Prevention of Damage)
Article 18The national government is to take necessary measures to control cybersecurity-related crimes and prevent the spread of damage caused by them.
(Response to Incidents Which May Critically Impact the Country's Safety)
Article 19The national government is to take necessary measures to improve and strengthen systems at the relevant bodies and to strengthen mutual coordination and clarify the division of roles among the relevant bodies for responding to cybersecurity-related incidents that might critically affect the country's safety..
(Enhancement of Industrial Development and International Competitiveness)
Article 20The national government is to take necessary measures related to cybersecurity, including the promotion of advanced research and development, technological advancements, the development and recruitment of human resources, the strengthening of the market environment and the development of new businesses through the improvement of competitive conditions, and the internationalization of technological safety and reliability standards and the participation in such frameworks for mutual recognition of standards, in order to create new business opportunities, develop sound businesses, and enhance international competitiveness, so that the cybersecurity sector can become a "growth industry" which creates employment opportunities, in consideration of the fact that it is critical for Japan to have self-reliant capabilities to ensure cybersecurity.
(Promotion of Research and Development)
Article 21The national government is to take necessary measures related to cybersecurity for the improvement of the cybersecurity research environment; the promotion of basic research on technological safety and reliability as well as the promotion of research and development for core technologies; the development of skilled researchers and engineers; the strengthening of coordination among national research institutes, universities, the private sector, and other relevant parties; and international coordination for research and development, in order to promote research and development for cybersecurity and its technological and other relevant demonstrations, and to have the relevant cybersecurity results widespread, in consideration of the fact that it is critical for Japan to maintain self-reliant technological cybersecurity capabilities.
(Development of Human Resources)
Article 22(1)In close coordination and cooperation with universities, colleges of technology, specialized training colleges, private enterprises, and other relevant entities, the national government is to take necessary measures to ensure appropriate employment conditions and treatment of the workforce in the field of cybersecurity, thereby enabling their duties and work environments to become attractive enough to meet their professional values.
(2)In close coordination and cooperation with universities, college of technology, specialized training colleges, private enterprises, and other relevant entities, for the purposes of recruitment, development, and quality improvement of cybersecurity-related human resources, the national government is to take necessary measures, including the utilization of a qualification scheme and training of young technical experts.
(Promotion of Education and Learning, and Public Awareness Raising)
Article 23(1)For the purpose of raising public awareness and deepening their understanding about cybersecurity among the people on a broad scale, the national government is to take necessary measures including the promotion of education and learning, public awareness activities, and the dissemination of knowledge in the field of cybersecurity.
(2)In order to contribute to the promotion of the measures prescribed under the preceding paragraph, the national government is to take necessary measures, including the implementation of events for public awareness and the dissemination of information on cybersecurity and the designation of the period to promote cybersecurity activities in a focused and effective manner.
(Promotion of International Cooperation)
Article 24In order for Japan to play an active role in the international community in the field of cybersecurity and increase Japan's international interests, the national government is to advance international cooperation relating to cybersecurity, including through independent participation in the formulation of international rules, by building relationships of trust and promoting information-sharing on an international level, by providing active support for capacity building in developing regions' cybersecurity response and other such international technological cooperation, and through crime control; and is also to take the necessary measures for deepening other countries' understanding of cybersecurity in Japan.
Chapter IV Cybersecurity Strategic Headquarters
(Establishment)
Article 25For the purpose of effectively and comprehensively advancing cybersecurity policies, the Cybersecurity Strategic Headquarters (hereinafter referred to as the "Headquarters") are established under the Cabinet.
(Functions under Jurisdiction of the Headquarters)
Article 26(1)The Headquarters will carry out the following functions:
(i)preparing a draft of the cybersecurity strategy and promoting its implementation;
(ii)establishing the standards of cybersecurity measures for national administrative organs, incorporated administrative agencies and designated corporations, and promoting the implementation of the evaluation (including audit) of measures based on the standards and other measures taken based on the standards;
(iii)evaluating the countermeasures against critical cybersecurity-related incidents involving national administrative organs, incorporated administrative agencies or designated corporations (including investigation into finding the cause or causes of the incident);
(iv)facilitating communication and coordination with domestic and foreign parties concerned when a cybersecurity-related incident occurs; and
(v)beyond the functions listed in the preceding items, engaging in research and deliberation on proposals for major cybersecurity policies; establishing cross-governmental plans, making guidelines for estimates of relevant administrative organs' expenditures and establishing the basic principles for implementing their policies; promoting the implementation of those policies, such as evaluating them; and carrying out overall coordination.
(2)In preparing the draft of the cybersecurity strategy, the Headquarters must hear the opinions of the Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society, and the National Security Council in advance.
(3)The Headquarters is to work in close coordination with the Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society with regard to critical issues concerning cybersecurity.
(4)The Headquarters is to work in close coordination with the National Security Council with regard to critical issues concerning cybersecurity in the context of national security.
(Organization)
Article 27The Headquarters consists of the Chief of the Cybersecurity Strategic Headquarters, the Deputy Chief of the Cybersecurity Strategic Headquarters, and the members of the Cybersecurity Strategic Headquarters.
(The Chief of the Cybersecurity Strategic Headquarters)
Article 28(1)The person in charge of the headquarters is called as the Chief of the Cybersecurity Strategic Headquarters (hereinafter referred to as the "Chief"), and the Chief Cabinet Secretary serves in that capacity.
(2)The Chief engages in the overall management of the Headquarters' duties and the oversight of personnel at the Headquarters.
(3)The Chief may make recommendations to the heads of relevant administrative organs when necessary, based on the evaluations prescribed under Article 26, paragraph (1), item (ii), (iii), and (v), or the documents, information or other materials provided pursuant to the provisions under Articles 32 or 33.
(4)After making the recommendations as prescribed under the preceding paragraph, the Chief may request a report from the heads of the relevant administrative organs regarding the measures taken based on the recommendations.
(5)In relation to the recommendations made in accordance with paragraph (3) of this Article, if the Chief finds it particularly necessary to do so, the Chief may present opinions to the Prime Minister to take action in regards to the relevant matter, as prescribed under Article 6 of the Cabinet Law (Act No. 5 of 1947).
(The Deputy Chief of the Cybersecurity Strategic Headquarters)
Article 29(1)The Deputy Chief of the Cybersecurity Strategic Headquarters (hereinafter referred to as the "Deputy Chief") is assigned to the Headquarters, and a Minister of State serves in that capacity.
(2)The Deputy Chief assists the Chief's duties.
(Members of the Cybersecurity Strategic Headquarters)
Article 30(1)The members of the Cybersecurity Strategic Headquarters are assigned to the Headquarters (referred to as "members" in the following paragraph).
(2)Those listed below are designated as members (except in a case in which someone listed in items (i) through (v) is designated as the Deputy Chief):
(i)the Chairperson of the National Public Safety Commission;
(ii)the Minister for Internal Affairs and Communications;
(iii)the Minister for Foreign Affairs;
(iv)the Minister of Economy, Trade and Industry;
(v)the Minister of Defense;
(vi)the person whom the Prime Minister designates from among any Ministers of State other than the Chief and Deputy Chief, as those considered indispensable in carrying out the functions under the jurisdiction of the Headquarters, beyond the persons set forth in the preceding items; and
(vii)among experts with exceptional knowledge and experiences on cybersecurity, those designated by the Prime Minister.
(Entrustment of Duties)
Article 31(1)The Headquarters, according to the category of duties listed in the following items, may entrust a part of its duties to the persons specified in each of the items:
(i)duties listed in Article 26, paragraph (1), item (ii) (limited to one relating to audit based on the standards of cybersecurity measures for incorporated administrative agencies and designated corporations) or duties listed in item (iii) of that paragraph (limited to one relating to investigation into finding the cause of critical cybersecurity-related incidents involving incorporated administrative agencies or designated corporations):the Information-technology Promotion Agency, Incorporated Administrative Agency or a corporation specified by Cabinet Order as one that has sufficient technical competence and expert knowledge and experience concerning the cybersecurity measures and that is capable of carrying out duties reliably; and
(ii)duties listed in Article 26, paragraph (1), item (iv):a corporation specified by Cabinet Order as having sufficient technical competence and specialized knowledge and experience in communication and coordination with domestic and foreign parties in the event of a cybersecurity-related incident, and being capable of reliably carrying out their relevant duties.
(2)An officer or personnel of a corporation that has been entrusted with duties pursuant to the preceding paragraph or a person who had been in such a position must not divulge or misappropriate any confidential information learned in connection with those duties under that entrustment, without justifiable grounds.
(3)An officer or personnel of a corporation entrusted with duties pursuant to paragraph (1) who are in charge of the duties under the entrustment, are deemed to be an official engaged in public services pursuant to laws and regulations, for the purpose of applying the Penal Code (Act No. 45 of 1907) or other penal provisions.
(Submission of Materials)
Article 32(1)The heads of relevant administrative organs must provide the Headquarters with materials or information related to cybersecurity that is beneficial to the performance of the functions under its jurisdiction in a timely manner, as set by Headquarters.
(2)Beyond what is provided for in the preceding paragraph, as requested by the Chief, the heads of the relevant administrative organs must cooperate with the Headquarters, such as by providing materials or information related to cybersecurity that is necessary for the performance of the functions under its jurisdiction, or by explaining those materials or information.
(Submission of Materials and Other Cooperation)
Article 33(1)If the Headquarters considers it necessary to do so for the fulfillment of the functions under its jurisdiction, the Headquarters may request the necessary materials to be submitted, the necessary opinions to be presented, the necessary explanation to be given, or any other cooperation to be provided, in relation to the measures which the Headquarters takes in coordination with the national government, or other cybersecurity measures for preventing the spread of damage caused by threats against cybersecurity and promoting a quick recovery from such damage, by the heads of local governments or incorporated administrative agencies; the deans or the president of national university corporations (referring to national university corporations prescribed under Article 2, paragraph (1) of the National University Corporation Act (Act No.112 of 2003)); the heads of inter-university research institute corporations (referring to inter-university research institute corporations prescribed under Article 2, paragraph (3) of the Act); the President of the Japan Legal Support Center (referring to the Japan Legal Support Center prescribed under Article 13 of the Comprehensive Legal Support Act (Act No. 74 of 2004)); the representatives of special corporations or authorized corporations designated by the Headquarters; and the representative of the relevant entity facilitating cybersecurity-related communication and coordination with domestic and foreign parties concerned.In this case, the relevant person must respond to the request, unless there is a justifiable reason for not doing so.
(2)On finding that it is particularly necessary to do so in order for the fulfillment of the functions under jurisdiction of the Headquarters, it may request the cooperation under the same paragraph from a party other than the parties prescribed in the preceding paragraph
(Cooperation for Local Governments)
Article 34(1)If a local government finds it necessary to do so in order to formulate or implement the policy prescribed in Article 5, it may request the Headquarters to provide information and other cooperation.
(2)If cooperation is requested pursuant to the preceding paragraph, the Headquarters is to make an effort to meet the request.
(Duties)
Article 35The duties of the Headquarters are performed by the Cabinet Secretariat and managed by an Assistant Chief Cabinet Secretary who is ordered to do so.
(The Chief Minister)
Article 36For matters related to the Headquarters, the Prime Minister serves as the chief minister prescribed in the Cabinet Act.
(Delegation to Cabinet Orders)
Article 37Beyond what is provided for in this Act, necessary matters relating to the Headquarters are prescribed by Cabinet Order.
Chapter V Penal Provisions
Article 38A person who violates the provisions of Article 17, paragraph (4) or Article 31, paragraph (2) is subject to punishment by imprisonment for not more than one year or a fine of not more than 500,000 yen.
Supplementary Provisions
(Effective Date)
Article 1This Act comes into effect on the date of promulgation; provided, however, that the provisions of Chapters II and IV as well as Article 4 of the Supplementary Provisions come into effect on the day specified by Cabinet Order within a period not exceeding one year from the date of promulgation.
(Examination)
Article 2For cybersecurity incidents classed as emergencies specified in Article 21, paragraph (1) of the Act on Securing the Peace and Independence of Japan and the Security of the Nation and its People in an Armed Attack, and a Survival-Threatening Situation (Act No.79 of 2003), and other malicious activities against electronic computers through information and communications networks or electronic or magnetic storage medium, the national government is to examine, from a broad point of view, measures aimed at further strengthening the capability of the defense of infrastructure which is the foundation of the peoples' living conditions and economic activities, and the functional failure or deterioration of which would risk enormous impacts to them.
Supplementary Provisions[Act No.66 of September 11, 2015][Extract]
(Effective Date)
Article 1This Act comes into effect on April 1, 2016.
Supplementary Provisions[Act No.76 of September 30, 2015][Extract]
(Effective Date)
Article 1This Act comes into effect on the date specified by Cabinet Order within a period not exceeding six months from the date of promulgation.
Supplementary Provisions[Act No.31 of April 22, 2016][Extract]
(Effective Date)
Article 1This Act comes into effect on the date specified by Cabinet Order within a period not exceeding six months from the date of promulgation; provided, however, that the provisions of the following Article and Article 3, Article 5 and Article 6 of Supplementary Provisions come into effect on the date of promulgation.
(Delegation to Cabinet Orders)
Article 6Beyond what is provided for in Article 2 through the preceding Article of the Supplementary Provisions, necessary transitional measures for the enforcement of this Act (including transitional measures for penal provisions) are specified by Cabinet Order.
Supplementary Provisions[Act No. 91 of December 12, 2018][Extract]
(Effective Date)
(1)This Act comes into effect on the day specified by Cabinet Order within a period not exceeding one year from the date of promulgation.
Supplementary Provisions[Act No. 11 of May 24, 2019][Extract]
(Effective Date)
Article 1This Act comes into effect on April 1, 2020; provided, however, that the amending provisions in Article 2 that add one Article to the Supplementary Provisions of the National University Corporation Act; in Article 4, the provisions amending Article 3 of the National Institution for Academic Degrees and Quality Enhancement of Higher Education Act, and amending Article 16, paragraph (1) of the same Act; and the provisions of the following Article, and the provisions of Article 4, paragraph (3) and paragraph (4), Article 9, Article 11 and Article 12 of the Supplementary Provisions come into effect on the date of promulgation.