Skip to main content

This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

Ideathon of Data Security Working Group (held on September 1, 2025)

On Monday, September 1, 2025, we held a "Ideathon" in Digital Agency with the goal of mapping data-protection measures. Led by the members of the data-security working group, 13 people from academia, legal practitioners, businesses, and engineers participated in the event and studied what measures could be taken in what situations based on use cases using generative AI. The event was meaningful in that it brought together practical perspectives and technical knowledge through lively discussions among participants.

Table of Contents

  1. Event Summary
  2. Event Characteristics
  3. Outcome of the event
  4. Future Development
  5. Related Information

1. Overview of the event

Purpose of the Ideathon

Data Free Flow with Trust (DFFT), which was proposed by Japan, has become even more important as the emergence of advanced technologies such as AI has increased opportunities to connect, share, and utilize data beyond the boundaries of companies, industries, and national borders. The data security working group established by Digital Agency in November 2024 has been studying how data security should be in Japan in order to realize the philosophy of DFFT.
At this Ideathon, which was held as part of this review, we conducted mapping according to the life cycle of data for measures to protect data itself, such as privacy enhancing technologies (PETs), which are being discussed by the working group.

Ideathon System

Participants with various specialties, including academic experts, legal practitioners, business operators, and engineers, were divided into two teams and examined the following process.

Flow of Ideathon

  1. Consideration of Protective Measures for AI at the Time of Model Generation
    • Identification of technical risks
    • Consideration of Technical Measures
    • Team Presentations
  2. Exploring Protective Measures for Data at Inference by Leveraging Generative AI
    • Identification of technical risks
    • Consideration of Technical Measures
    • Team Presentations
  3. Comment
    From Digital Agency, Director-General, Chief Cloud Officer (CCO), Deputy Director-General, Director, and others participated and expressed their thoughts on the content of the discussion.

Attendee

  • (WG Chair) Tatsuhiko Inadani, Professor, Graduate School of Law, Kyoto University
  • (WG member) Kenta Ohno Engineering Manager, Preferred Networks, Inc.
  • (WG member) Masaaki Information-Technology Promotion Agency, Japan (IPA) Security Center Director of Technology Evaluation Department
  • (WG member) Partner, Attorney at Law, Kitayama Shomori & Hamada Matsumoto
  • (WG member) Keita Sakai Professor, Faculty of Law, Waseda University
  • (WG Member) Tetsuya Sakashita Managing Director, social promotion association of Information Economy, Japan (JIPDEC)
  • (WG member) Keiichi Sato General Manager of Public Safety Department No. 2, Public Safety Promotion Headquarters, Public Systems Division, Hitachi, Ltd.
  • (WG member) Akira Kikuchi Senior Researcher, Social Information Research Institute, NTT Corporation
  • (WG member) Katsumi Takahashi Senior Researcher, Social Information Research Institute, NTT Corporation
  • (WG member) Takao Takenochi Vice President of Public Affairs, Privacy Tech Association, Company A
  • (WG member) Kota Hosokawa Director-General, Security Technology Group, Information Systems Department, Sumitomo Electric Industries, Ltd.
  • Senior Consultant, Corporate System Integration Division, SB Technology Corporation
  • Hisataka Higashi: Principal Consultant, Global Business Promotion Office, Cybertrust Co., Ltd.
  • (Secretariat) Director-General, Digital Agency, HASUI Tomoya
  • (Secretariat) Chief Cloud Officer, Digital Agency, YAMAMOTO Norihito

2. Characteristics of the event

This Ideathon has the following features.

  1. A team of participants with a wide range of knowledge, including academic experts, legal practitioners, business operators, and engineers, realized discussions that fused practical perspectives and technical knowledge.
  2. By dividing into two teams to consider and present, it created an opportunity to notice different perspectives and approaches.
  3. Specific considerations were made using use cases using generative AI as a theme. In addition, in order to hold intensive discussions in a limited time, the risks associated with the cross-border transfer of data were organized and clarified in advance, which made it possible to focus on the risks from a technical perspective for each situation and the measures that could be taken to counter them.
(The experts are divided into two teams to deepen the discussion.)
Photos of experts divided into two teams and having a serious discussion using Post-it Notes
(Attorney Kitayama presenting the team's results)
Attorney Kitayama is shown on the right side of the picture, and he is standing and talking while holding a microphone and looking at a paper posted on the wall. Participants are shown from the center to the left of the picture, and they are standing and listening to the story.
(Group photo of participants)
Group photo of two rows of participants, three in the center of the front row holding a stuffed Maina-chan.

3. Event Outcomes

The most significant result of the Ideathon was that we were able to create a mapping draft based on a specific scenario, starting from the risks faced when data is transferred across borders, systematically identifying technical measures, and mapping protective measures according to the data life cycle.
Within a short four hour review, each participant was able to bring their expert knowledge and organize the risks and technical measures for each phase of the data life cycle.

4. Future Development

In the future, we will work to achieve the following goals.

  1. The Working Group on Data Security will compile a report including the results of this Ideathon, and organize Japan's views on data security.
  2. We will contribute to the realization of the philosophy of DFFT by actively disseminating the results of domestic discussions at international forums.