Detailed overview
Japan regulates AI through a policy-oriented statutory framework and official business guidance rather than through an EU-style high-risk AI Act. The main statute is the Act on Promotion of Research and Development and Utilization of AI-related Technologies, adopted in 2025. The law promotes AI research, development and use while addressing safety, transparency, rights protection and international cooperation.
Promotional, not punitive
Japan's AI law is not built around a broad licensing system or a single table of AI administrative fines. It establishes national principles and government responsibilities, encourages responsible AI development and use, and gives the State a role in preparing AI policy, collecting information, analysing AI-related incidents and providing guidance, advice or other measures where necessary.
The law requires the national government to prepare an AI Basic Plan. This plan is intended to guide Japan's AI policy, including research and development, industrial use, human-resource development, infrastructure, safety measures and international cooperation. Public authorities, research institutions and private businesses are expected to cooperate with government AI policy and responsible AI use.
AI Guidelines for Business
Japan's official AI Guidelines for Business are also central. They are intended for AI developers, AI providers and AI business users. They address practical governance issues such as human-centred AI, safety, fairness, privacy, security, transparency, accountability, education, competition and innovation. The guidelines are not a single statutory licensing regime, but they are important for demonstrating responsible AI governance in Japan.
Existing-law overlays
Where AI processes personal data, Japan's personal-information protection law may apply. Where AI is used in regulated sectors, additional requirements may arise under sector-specific rules, such as finance, healthcare, product safety, consumer protection, employment, competition or intellectual property laws.
Penalties
Japan does not currently have one AI-specific penalty table equivalent to the EU AI Act. Penalties arise under the underlying law breached, such as personal-information protection, consumer protection, financial regulation, unfair competition, intellectual property or sectoral safety law. The AI Promotion Act and AI Guidelines should therefore be understood as a governance and policy framework rather than a full risk-based enforcement code.
Practical requirements & details
Sourced from the Act on the Promotion of Research and Development and the Utilization of AI-related Technologies (AI Promotion Act 2025), the AI Guidelines for Business v1.1 (METI/MIC, 2024), the Act on the Protection of Personal Information (APPI), PPC guidance and sectoral regulators (FSA, MHLW).
AI Promotion Act 2025
- Sets national principles and government responsibilities for AI research, development and use.
- Requires the government to prepare an AI Basic Plan.
- State role: information collection, AI-incident analysis, guidance, advice and other measures where necessary.
- Not a licensing law and does not create a single AI-specific fine table.
AI Guidelines for Business (METI + MIC)
- Apply to AI developers, providers and business users.
- Built around: human-centric, safety, fairness, privacy, security, transparency, accountability, education/literacy, fair competition, innovation.
- Practical sections include AI governance design, data quality, prompt-injection mitigation, generative-AI risks, supply-chain due diligence.
APPI overlay (PPC)
- AI processing personal information must comply with APPI: notification of utilisation purpose, sensitive-data restrictions, third-party transfer rules.
- PPC has issued generative-AI cautionary statements (June 2023) on input of personal information into LLMs.
- APPI breach penalties: corporate fines up to JPY 100 million; individual fines up to JPY 1 million; data leakage reporting mandatory.
Sector overlays
- Financial services (FSA): guidelines on AI use in financial institutions — governance, model risk management, third-party risk.
- Healthcare (MHLW + PMDA): SaMD AI must be approved as a medical device; predictive AI subject to PMDA AI/ML guidance.
- Copyright Act (Art. 30-4) — permits use of works for non-enjoyment purposes (e.g. AI training) but does not authorise output infringement.
Penalties
- No single AI-specific fine table. Penalties arise under APPI, sectoral law, IP law, criminal law or unfair-competition law.