Large-scale data breaches affecting more than 1,000 individuals will likely become subject to mandatory notification to the Japanese privacy commission, under new rules for the amended privacy law. The Personal Information Protection Commission, or PPC, has also disclosed draft rules to regulate cross-border data transfers, because the amended law requires stricter responsibility