Photo/IllutrationThe Asahi Shimbun

The Fair Trade Commission (FTC) is considering regulating cookies that companies install on computers with a guideline it aims to complete by the end of this year.

The FTC is concerned that companies might be violating the Anti-Monopoly Law if they use people's personal data without their explicit consent, which they obtained by storing the text files on users' computers that track the web pages they visit.

The FTC already has been crafting a policy to regulate personal information collected by giant information technology companies. Japan's most influential business group, Keidanren (Japan Business Federation), is opposed to the move to regulate, saying it will hurt many companies.

If a new regulation on cookies is implemented, Keidanren members such as finance- and IT-related companies that collect personal information may be targeted for violating the antitrust law.

“Regulating in great detail could be a problem,” Keidanren Chairman Hiroaki Nakanishi said at a news conference on Oct. 21.

The FTC announced a draft of its guideline to protect personal information at the end of August. According to the draft, if giant IT companies, including digital platform providers, collect users’ personal information without consent, they will be seen as abusing their dominant bargaining position.

Regarding how far the regulation will go to protect Internet users, FTC Chairman Kazuyuki Sugimoto said, “We should see it in a broader range than the current rules under the law on the protection of personal information.”

Because cookies that companies place on computers don't record the names of users, they were not targeted in the law on the protection of personal information. But if cookies are combined with other information, it becomes possible to identify individuals and track their behavior online.

Many companies are utilizing personal information of users as big data in their businesses.

Earlier this year, a scandal erupted after Recruit Career Co., operating the "Rikunabi" job-placement website, was found to have sold data it collected on student job-seekers. The company did not have the students' permission to sell the personal information.

Initially, it collected data online with cookies.

“We should have a regulation to clarify the objective of the collected information and increase transparency to check whether the data is used for the initially stated purpose,” Sugimoto said.

Location data recorded on smartphones and other devices is also expected to be regulated, but the guideline remains vague about what constitutes a violation of the antitrust law, only stating that “personal information and other things” will be protected.

(This article was written by Toshiki Horigome, a senior staff writer, and Tomoyoshi Otsu.)