August 2025

Data Governance — Institutional Development Underway

(Trends in private organizations)

In October 2024, the DPFJ published a proposal titled “Promoting Data Governance” (a joint proposal by three organizations, including the DSA (Data Society Alliance) and JDTF (Japan Digital Trust Forum), hereafter referred to as the “DPFJ Proposal”). This proposal outlined a direction to maximize the use of data as a strategic intangible asset, advance the resolution of social issues and the creation of added value, and promote institutional development to realize regional revitalization, new industry creation, and enhanced economic security.
Similarly, Keidanren (Japan Business Federation) published two proposals, “Toward Building an Industrial Data Space” (October 2024)³ and “Second Proposal Toward Building an Industrial Data Space” (May 2025)⁴ , which recommended the establishment of a public-private council to promote the construction of data spaces and related initiatives.

(Trends in government and ruling party)

In light of these private-sector developments, in May 2025⁵ the Liberal Democratic Party’s Digital Society Promotion Headquarters published “Digital Nippon 2025.” This document recognized that “in today’s world, where data is the source of value creation, the construction of flexible and efficient data linkage systems that contribute to solving social issues and creating new businesses is essential for all industries and public services.” As concrete promotion items, it listed:

This clarified a stance of promoting data governance centered on data spaces.

In June 2025, following this, the government’s Digital Administrative and Fiscal Reform Council adopted the “Basic Policy on the Data Utilization System.”⁶ This basic policy included:

As a result, public and private sectors came into alignment in promoting data utilization. To implement this direction concretely, it was announced in June 2025 that a new Public-Private Council on Digital Ecosystems⁸ would be established, chaired by the Digital Agency and Keidanren. This council will also include the three organizations including the DPFJ, and is expected to begin full-scale activities in autumn of this year.

Related Institutional Developments in the Transition to a Data-Driven Society

(Revision of GDP Statistics)

First, regarding the shift toward a data-driven society, there is a growing awareness of the problem that the impact of the data economy on the overall economy cannot yet be sufficiently analyzed. To address this, moves have emerged toward revising economic statistics.

Specifically, in March 2025, the UN Statistical Commission adopted the 2025 SNA (new GDP standards)⁹ . The key point is the “valuation and capitalization of data.”

This means that data, as an intangible asset, would be recorded as an asset in economic statistics. By clarifying the economic value of data, it becomes possible to indicate its importance as a strategic asset in monetary terms. At present, however, estimates of data value are limited to cost-based calculations. In the future, through the construction of data spaces and the development of data distribution markets, market-based valuation of data is also expected to progress. Such initiatives may even lead to the recognition of data as assets in corporate financial accounting.

Incidentally, countries aim to introduce GDP statistics compliant with the new standards by 2029–2030, so it will be necessary to continue monitoring these developments.

(Ongoing Review of Competition Law)

Next, the DPFJ Proposal noted that “one of the main issues in recent national elections has been correcting income distribution, and in the midst of a trend toward stronger protectionist tendencies to shield domestic markets, we must closely monitor developments so that countries’ digital policies move toward promoting the free cross-border flow of data.”

In other words, as the weight of intangible assets such as data increases, it will be necessary to build corrective measures into the social system to address monopolization of data by a small number of businesses, from the perspective of “correcting distributive inequality” mentioned earlier. Data, as an asset, tends to generate market oligopolies due to its characteristics of “zero marginal cost” stemming from extreme economies of scale, and its non-rivalrous nature. This makes it easier for monopolistic structures to emerge. Therefore, the strengthening of competition law—such as large-scale platform regulations targeting GAFA in Europe and Japan—must be continually reviewed and revised to maintain effectiveness, given the rapid pace of market structural change.

(Debates over Digital Democracy)

Furthermore, from the perspective of preventing the concentration of data, it is also necessary to reconsider traditional systems of political participation and democracy, including electoral systems in the digital age, as needed. At the same time, discussions should be deepened on new forms of digital democracy utilizing digital technologies¹⁰.

AI Governance — Emerging New Divisions

(The validity of an AI law based on non-regulation)

Next, concerning the approach to AI governance, the DPFJ Proposal, based on the separately developed “Toward Building an AI Governance Framework (ver. 2.0)” (December 2025)¹¹, identified three basic perspectives: minimizing AI risks, establishing an environment to maximize the benefits of AI, and creating markets to realize such an environment as autonomously as possible. Concretely, it emphasized the importance of promoting:

Among these, regarding the enactment of an AI law, the “Act on the Promotion of Research, Development and Utilization of Artificial Intelligence-Related Technologies” was promulgated and enforced in June 2025 (with some parts to be enforced on dates set by Cabinet orders within three months of promulgation)¹².

This AI Law stipulates the establishment of an AI Strategy Headquarters and the formulation of a Basic AI Plan, while avoiding the application of direct regulation on AI. It thus took the form of a basic law that clearly articulated a fundamental stance of “non-regulation of AI,” in line with the spirit of the DPFJ Proposal¹³.

The government, based on this AI Law, plans to proceed with the formulation of the Basic AI Plan and the development of AI guidelines. It remains to be seen whether the above-mentioned “active use of AI” and “formulation of a comprehensive strategy for new industry creation” will advance. In particular, given that in Japan even guidelines tend to carry quasi-legal moral force, care must be taken to ensure that the government does not intervene excessively in AI risk assessment. At the same time, it is necessary to establish the environment to ensure that access to AI is provided on a non-discriminatory basis.

(The Inauguration of the New U.S. Administration and Emerging AI Conflicts)

Looking at the trends of major countries in AI governance, a new axis of confrontation is becoming evident. Traditionally, China established “Generative AI Regulations” that effectively excluded foreign generative AI (by prohibiting such AI from producing content banned under Chinese laws and regulations). In contrast, former Western nations assumed that AI should be freely accessible to everyone, and it was thought that the differences between authoritarian states and liberal states would sharpen further within the field of AI governance.

However, since the inauguration of the Trump administration in the U.S. in January 2025, serious conflicts have begun to arise even within the Western bloc. In February 2025, at the AI Action Summit held in France, a declaration was adopted that included ensuring that AI is “open, inclusive, transparent, ethical, safe, secure, and trustworthy (while taking international frameworks¹⁴ into account).” Sixty-four countries and regions, including Japan, signed this declaration. EU Commission President von der Leyen stated, “People need confidence that AI is safe. This is the very purpose of the AI Act.”

In contrast, the U.S. refused to sign this declaration¹⁵. Vice President Vance declared: “Excessive regulation of the AI sector could kill an innovative industry still in its takeoff stage. We will dedicate ourselves fully to growth-oriented AI policy.” Thus, a conflict has emerged between Europe, which seeks to ensure user trust in AI through hard law such as the AI Act, and the U.S., which argues that AI, as a technology still under development, should grow further under a non-regulatory approach.

(Challenges Facing U.S. AI Policy)

In January 2025, the U.S. issued a new presidential order that entirely repudiated the Biden administration’s AI policies. Under Biden, the October 2023 Presidential Order on AI Governance had avoided direct regulation but promoted soft-law approaches: setting NIST standards for Red Teaming to detect AI vulnerabilities, and developing explicit guidance to prohibit algorithmic discrimination. All these policies, however, were scrapped with the change of administration.

Instead, in July 2025, the Trump administration announced a new presidential order on AI and an AI Action Plan.

The AI Action Plan outlined three pillars (a total of 30 items):

This reconfirmed traditional positions such as reviewing regulations that hinder AI. It also included items with a strong unilateral U.S.-centric character, such as promoting exports of U.S. AI to allied nations and urging allies to follow U.S. restrictions on AI and semiconductor exports to China.

Additionally, the federal government announced a policy of “ideological neutrality” — meaning that LLMs biased toward ideologies such as DEI (Diversity, Equity, and Inclusion) would not be procured by federal agencies. As many commentators have noted, while the Chinese approach involves state intervention in the content of AI-generated outputs, and the U.S. approach involves intervention under the name of “ideological neutrality,” both represent state interference (government reach) into AI. This raises serious concerns about violations of freedom of expression, a core value of liberal democracies.

The DPFJ Proposal had warned: “As government involvement in cyberspace grows stronger, there is concern that confrontation between liberal states and authoritarian states will sharpen further in AI governance.” In reality, however, confrontation has also arisen between Europe and the U.S. over regulatory approaches to AI, while China and the U.S. now exhibit similarities in their interventions into AI outputs. This creates an increasingly complex structure that warrants close attention going forward.

Security Governance — Building a Comprehensive Deterrence Strategy

In cyberspace, the boundaries between peacetime and wartime no longer exist, and situations such as gray-zone incidents and hybrid warfare (where civilian and military uses merge) have already become a reality. Accordingly, in everyday socio-economic activities, careful attention must be paid to cyberattacks that may involve state actors or reflect state-level conflicts.

(Significant Progress in Active Cyber Defense)

Against this backdrop, the Act on Strengthening Cyber Response Capabilities passed in May 2025¹⁶ represents a major step forward in strengthening Japan’s cybersecurity system. Legal arrangements for active cyber defense, which were first clearly presented in the National Security Strategy approved by Cabinet in December 2022¹⁷, have now been institutionalized. The key points of this new law include:

(Toward Building a Comprehensive Cyber Deterrence Strategy)

Going forward, it will be necessary to build a comprehensive cyber deterrence strategy and, on that basis, strengthen international cyber cooperation among like-minded nations. Such a deterrence strategy must effectively combine two forms of deterrence¹⁸:

Additionally, it will be necessary to promote private-sector security investment (for example, encouraging the perception of cybersecurity expenditures as investments rather than costs by improving corporate disclosures, and introducing tax incentives for capital investment).

To address the severe shortage of cybersecurity personnel, new initiatives must also be pursued. These include establishing training facilities funded by government subsidies but primarily operated by the private sector, and setting up new public-private talent development centers that operate cyber ranges utilizing government and private-sector incident data.

(Institutional Development for Responding to Cognitive Warfare)

In building a cybersecurity strategy, it is essential to secure the three elements of data: confidentiality, integrity, and availability.

Ensuring data integrity, in particular, is becoming extremely important for the realization of a data-driven society. For example, in recent election campaigns, there have been instances of bot attacks suspected of involving state actors. Attacks targeting election systems — the very foundation of democracy — (i.e., cognitive warfare) could become even more severe. Countermeasures, including those against disinformation during peacetime, are thus necessary.

In this regard, the National Security Strategy stated that the government would “establish a new structure within the government to strengthen response capabilities in the cognitive domain, including dealing with the spread of disinformation.” There is therefore an urgent need to set up a government department dedicated to handling cognitive warfare.

Multipolar International Cooperation — The Increasing Complexity of Digital Diplomacy

(Divergent National Visions of Digital Policy)

Countries do not share a uniform basic direction in digital policy. Here, let us summarize the digital policies of four major powers/regions: the U.S., Europe, China, and India.

(Fig1)

As shown in Figure 1, if the horizontal axis represents the “strength of regulation” (with greater regulation toward the right) and the vertical axis represents the “degree of state involvement” (with authoritarian state-led approaches at the top and liberal citizen-led approaches at the bottom), we can see four distinct models of digital states¹⁹.

(Changing Models of Digital States)

How will the four digital state models described above (U.S., Europe, China, and India) evolve going forward? (See Figure 2).

(Fig 2)

Once again, the policies of the Trump administration in the U.S., such as additional tariffs and other unilateral measures, have had a major impact. The U.S. has imposed numerous demands on trading partners, often criticized as lacking rational justification, using additional tariffs as leverage. This pursuit of “America First” has created rifts with virtually all of its partners to varying degrees. In response, China has imposed retaliatory tariffs on the U.S. and sought to strengthen its economic partnerships with ASEAN countries by leveraging its negative stance toward the U.S.

Europe, meanwhile, has taken countermeasures against GAFA through a series of digital-related laws and regulations. However, these have not produced sufficient results, and perceptions have spread that European citizens’ data remain locked in GAFA’s walled gardens. Against this backdrop, the Draghi Report²² published in September 2024 stated that Europe’s digital lag is the main cause of its productivity gap with the U.S., pointing to shortcomings such as insufficient innovation ecosystems in the digital sector and the dispersal of digital infrastructure investment leading to weak impact. The report stressed that Europe must aim to create and disseminate its own digital technologies in order to regain digital sovereignty. These ideas have quickly gained traction within Europe, partly in reaction to pressure from U.S. tariffs. The Eurostack initiative, which now includes about 100 companies including Airbus, seeks to secure Europe’s independent digital sovereignty.

(Japan’s Position as a Digital State)

Amid these developments, where does Japan stand? Looking at its strategies for digital technology development and competition policy, Japan’s orientation is relatively close to that of Europe. For example, the joint statement of the Japan–EU Regular Summit in July 2025 included the following:

Japan may also pursue a direction similar to India’s, where the government builds public digital platforms (infrastructure) and opens their APIs, enabling diverse private-sector application models — a form of public-private partnership model.

In any case, the central issue in digital policy discussions is how to secure digital sovereignty. Particularly, as national digital policy directions evolve, not only are differences becoming evident between liberal states (U.S., Europe, Japan) and authoritarian states (China, Russia, etc.), but cracks are also emerging within the liberal bloc itself, notably between the U.S. and Europe. In this sense, countries are increasingly aiming for their own unique forms of digital sovereignty.

Digital sovereignty must be discussed from two perspectives: data sovereignty, which involves maintaining control over a nation’s own data, and technological sovereignty, which ensures independent controllability over a nation’s digital infrastructure.　Debates over digital sovereignty must go beyond technology, deepening discussions from diverse perspectives including the economy, diplomacy, security, and culture.

Conclusion

In the areas of digital governance — including data governance, AI governance, and security governance — this paper has reviewed key policy trends in the first half of 2025.

From a broad perspective, it can be understood that countries’ digital policies are generally moving in the direction envisioned in the DPFJ Proposal. At the same time, digital technologies such as AI are evolving at a pace beyond expectations, and with the advent of the Trump administration, divergences in digital policy among countries, including allies, have become more pronounced. This reinforces the importance of continuing comprehensive examinations of digital policy trends across nations, as undertaken in this paper, on a regular basis.