What is a "Record-Order Seizure" in Japan and How Can It Impact Data Custodians?

Japanese Attorney at Law - Bengoshi L.L.

8 min read

As businesses increasingly rely on complex digital systems to store vast amounts of information, criminal investigators in Japan face the challenge of accessing specific electronic data without causing undue disruption to legitimate operations. One specialized tool in their arsenal is the "record-order seizure" (記録命令付差押え, kiroku meirei-tsuki sashiosae). This legal mechanism, introduced through amendments to Japan's Code of Criminal Procedure (CCP) effective from June 2012, allows authorities to compel data custodians to extract and provide specific digital records, rather than investigators seizing entire systems themselves.

Understanding how this procedure works, who can be targeted, and what obligations it imposes is crucial for any entity that manages significant digital records in Japan.

The Genesis and Rationale of Record-Order Seizures

The traditional method of seizing digital evidence often involved the physical confiscation of entire computer systems, servers, or storage devices. While effective in some instances, this approach presented growing difficulties:

  • System Complexity: Modern IT infrastructures, particularly in corporate environments, can be extraordinarily complex. Investigators might lack the specialized technical knowledge to navigate these systems efficiently and identify specific relevant data quickly.
  • Disruption to Operations: Seizing an entire server or critical database could cripple a business's daily operations, leading to significant financial and logistical consequences unrelated to the investigation itself.
  • Data Volume: Storage capacities have exploded, and systems often contain vast amounts of data, much of which may be irrelevant to a particular investigation. Sifting through this on-site or after seizing bulk hardware can be inefficient.
  • Need for Custodian Expertise: Often, the individuals who manage or regularly use a system (the data custodians) are best placed to quickly and accurately locate and extract specific pieces of information.

The record-order seizure was introduced to address these challenges. It aims to strike a balance by allowing investigators to obtain necessary digital evidence in a more targeted manner, leveraging the expertise of the data custodian and, ideally, minimizing the disruption that would be caused by a full physical seizure of hardware. This procedure acknowledges that in many cases, the content of the electromagnetic records, rather than the physical media itself, is the primary target of the seizure.

The legal basis for record-order seizures is found in Articles 99-2 and 218(1) of the Japanese Code of Criminal Procedure.

Article 99-2 (Order to Record and Seize Electromagnetic Records):
"A court may, when it deems necessary, order a person who stores electromagnetic records or another person who has the authority to utilize electromagnetic records to have necessary electromagnetic records recorded on a recording medium or printed out, and seize said recording medium." (This is a paraphrase of the core concept).

Article 218(1) (Search, Seizure, or Inspection by Warrant):
This article establishes that prosecutors, assistant prosecutors, or judicial police officials may, when necessary for the investigation of an offense, conduct seizures or record-order seizures upon a warrant issued by a judge.

In essence, a record-order seizure is a compulsory measure authorized by a judicial warrant. It does not involve investigators directly searching through a system and copying files themselves. Instead, the court order is directed at a designated "data custodian," compelling them to perform specific actions:

  1. Record: The custodian is ordered to take "necessary electromagnetic records" (必要な電磁的記録) and record them onto a tangible recording medium (e.g., a DVD-R, an external hard drive, a USB flash drive). This can involve simply copying existing files or, in more complex scenarios, extracting data from databases or compiling information from various sources within the system and then recording it.
  2. Print: Alternatively, the custodian may be ordered to print out the necessary electromagnetic records.
  3. Seizure of the Resultant Medium/Printout: Once the custodian has complied and created the specified record on the new medium or printed it, that medium or printout is then seized by the investigators.

The original system or storage devices remain with the custodian, thus avoiding the severe disruption of a full physical seizure.

Who Can Be Subject to a Record-Order Seizure?

The CCP specifies that a record-order can be directed at:

  1. A "person who stores electromagnetic records" (電磁的記録を保管する者, denshi-teki kiroku o hokan suru mono).
  2. "Another person who has the authority to utilize electromagnetic records" (その他電磁的記録を利用する権限を有する者, sonota denshi-teki kiroku o riyō suru kengen o yūsuru mono).

This definition is broad and encompasses more than just the physical owner or possessor of the storage hardware. It includes:

  • System Administrators: Individuals responsible for the maintenance and operation of IT systems.
  • IT Managers/Personnel: Corporate IT staff who have privileged access to company data and systems.
  • Specific Users: Employees or individuals who, due to their roles or permissions, have lawful access to and control over the specific data targeted by the order.
  • Service Providers: In some cases, third-party service providers who host or manage data on behalf of a client could potentially be subject to such an order, provided they fall within Japanese jurisdiction and have the requisite authority over the specific data.

The key is the lawful authority to access, manage, and extract the data in question.

The Process and Warrant Requirements

A record-order seizure is a significant exercise of state power and therefore requires strict adherence to judicial process:

  1. Warrant Application: Investigators must apply to a judge for a record-order seizure warrant.
  2. Judicial Review: The judge will review the application to determine if there is a necessity for the measure in the context of the criminal investigation.
  3. Warrant Specificity: If issued, the warrant must be specific. According to legal commentary and practice, it must clearly state:
    • The person who is being ordered to perform the recording or printing (i.e., the designated data custodian).
    • The specific electromagnetic records that are to be recorded or printed. This requires a precise description of the target data to avoid overreach. For example, it might specify "all email communications between user A and user B from January 1, 2024, to March 31, 2024, stored on the company's mail server," or "access logs for database XYZ pertaining to suspect C's activities on June 15, 2024." A vague request for "all relevant data" would likely be insufficient.
    • The place where the order is to be executed (typically the custodian's premises).
  4. Execution by the Custodian: Upon being served with the warrant, the named custodian is legally obligated to carry out the instructions – to locate the specified data, record it onto a suitable medium (or print it), and then provide that medium (or printout) to the investigators.
  5. Seizure by Investigators: The investigators then formally seize the medium or printout prepared by the custodian.

It's important to note that a record-order seizure cannot be executed without a warrant, even at the scene of an arrest. This distinguishes it from certain other evidence-gathering powers that can be exercised warrantlessly incident to a lawful arrest (such as the direct copying of data from a seized device by investigators themselves under CCP Article 110-2).

Obligations and (Lack of) Penalties for Data Custodians

A crucial aspect of the record-order seizure is the nature of the obligation it places on the data custodian:

  • Legal Duty to Comply: The person or entity named in the warrant has a legal obligation to comply with the court order.
  • Absence of Direct Penalties for Non-Compliance: Significantly, the CCP does not currently prescribe direct penalties (such as fines or imprisonment) specifically for a data custodian who refuses to carry out the actions mandated by a record-order seizure warrant.

This lack of immediate punitive sanction for non-compliance by the custodian is a unique feature. While the order is compulsory, the law relies on the custodian's ultimate adherence to a court order. If a custodian is uncooperative, investigators cannot, under the authority of that same record-order warrant, then step in and operate the systems or conduct the data extraction themselves.

What happens in the face of refusal?

  1. Persuasion: Investigators will likely attempt to persuade the custodian, emphasizing their legal duty.
  2. Alternative Measures: If refusal persists, investigators would need to consider alternative legal avenues. This might involve seeking a different type of warrant, such as a traditional search and seizure warrant for the entire system or specific storage devices, if grounds for such a warrant exist. This, of course, would lead to the very disruption the record-order seizure was designed to avoid. One of the legal examples provided in the source material illustrates this: if a company refuses a record-order, the police then obtain a separate warrant to seize the company's server itself.

The effectiveness of a record-order seizure, therefore, often hinges on the perceived authority of the court order and the custodian's willingness to cooperate, or their assessment of the consequences of not cooperating (which might include a more intrusive investigation). There is an inherent risk that an uncooperative custodian could potentially attempt to alter or delete data upon being served with the order, though such actions would constitute separate offenses like obstruction of justice or destruction of evidence. Consequently, this measure is deemed most effective when the data custodian is cooperative or when the formal weight of a court order is sufficient to ensure compliance.

Distinctions from Other Digital Evidence Seizure Methods

The record-order seizure differs from other methods of obtaining digital evidence:

  • Versus Direct Seizure of Media: The most obvious difference is that the original IT system, servers, or storage devices remain in the possession and control of the custodian. Only the newly created medium with the specified data is taken.
  • Versus Copying to Another Medium by Investigators (CCP Art. 110-2):
    • Who Performs the Action: Under Article 110-2, investigators can make the copy themselves or have the person subject to the seizure (e.g., the suspect) make the copy. A record-order, by contrast, is an order directed to the data custodian to perform the recording/printing.
    • Complexity of Extraction: Article 110-2 typically involves a more straightforward copying of existing files or a full disk image by investigators. A record-order can require the custodian to perform more complex data extraction, aggregation from multiple sources, or generation of reports before recording/printing.
    • "Transfer" (移転, iten): Article 110-2 also allows for "transfer," where data is copied and then the original is deleted from the source medium. This "transfer" concept is not explicitly part of the record-order seizure mechanism.
  • Versus Remote Access Seizure (CCP Art. 99-2):
    • Initiation: Remote access seizure is initiated and conducted by investigators (with a specific warrant) using a target computer under their control to access networked data.
    • Custodian's Role: A record-order relies on the designated data custodian to actively perform the data extraction and recording.

Practical Applications and Scenarios

Record-order seizures are particularly useful in scenarios such as:

  • Investigating Large or Complex Systems: When dealing with extensive corporate networks, proprietary databases, or intricate IT infrastructures where investigators lack the specialized knowledge to efficiently locate and extract specific data.
  • Targeted Data Extraction from ISPs or Telecoms: For instance, compelling an Internet ServiceProvider (ISP) to produce specific subscriber information, IP address logs, or communication records for a defined period. One of the legal examples from the source material describes a record-order warrant issued to an ISP's customer system manager to copy subscriber and communication history data from various internal and externally managed remote servers onto a DVD-R, which was then seized.
  • Data Dispersed Across Multiple Systems: If the required evidence is not stored in a single location but is fragmented across different databases or servers within an organization's control, a record-order can instruct the custodian to compile and record this information.
  • Minimizing Business Disruption: When the continued operation of the IT system is critical for a business, a record-order seizure allows investigators to obtain the necessary evidence without taking the entire system offline.
  • Overseas Data Controlled by a Domestic Custodian: As noted earlier, if a Japanese entity (the custodian) has lawful control and access to data that is physically stored on servers outside Japan, a record-order seizure directed at that Japanese entity may be a viable legal route for Japanese investigators to obtain that data without directly engaging in extraterritorial acts of seizure. The order compels the domestic custodian to retrieve and provide the data.

Conclusion

The record-order seizure (記録命令付差押え) represents a nuanced and important tool within the Japanese legal framework for obtaining digital evidence. It allows investigators to secure specific electronic records by compelling a data custodian to extract and record or print the information, which is then seized. This method is particularly advantageous when dealing with complex IT systems, large volumes of data, or when minimizing disruption to the data owner's operations is a priority.

For businesses and other entities acting as data custodians, receiving such an order carries a legal obligation to comply, even though direct penalties for immediate non-compliance are not stipulated within the CCP for this specific procedure. Understanding the scope of the order, the specificity of the data requested, and the company's role as a custodian is vital. Legal counsel should be consulted to ensure that compliance is managed appropriately and that the company's rights and other obligations are considered. While designed to be less intrusive than full physical seizures, a record-order seizure is still a compulsory measure, underscoring the evolving landscape of digital evidence gathering in Japan.