The Radio Act (Act No. 131 of 1950) covers all products which utilise the radio spectrum and operate under 3 THz. Regarding most consumer-use equipment within its scope, the Radio Law divides products into three categories. Specified radio equipment requires a third-party assessment. High-frequency devices must be tested for compliance and registered by a local Japanese company before they can be placed on the market. Extremely low-power devices are not subject to mandatory approval requirements.

The mandatory process of certification for telecommunications terminal equipment, according to the Japan Telecommunications Business Law, includes testing by a Ministry of Internal Affairs and Communications accredited lab. Telecommunications terminal equipment requires certification to connect to public network services in Japan. There are two ways to prove that telecom terminal equipment complies with the technical requirements according to the Rules Regarding Accreditation of the Conformity of Terminal Equipment to Technical Requirements (Ordinance No. 15 of the Minister of Internal Affairs and Communication of 2004):
- Accreditation of a single piece of equipment by conformity of terminal equipment to technical requirements (Art. 8);
- Type certification for mass-produced products (Art. 19).

As stipulated in Art. 14.18 of the Customs Tariff Act, the imports of goods with a total customs value of JPY 10,000 (approx. USD 67) or less are exempt from customs duties. This amount is below the USD 200 threshold recommended by the International Chamber of Commerce (ICC).

A business operator must retain information for electronic transactions for seven years (Art. 10, Act on Special Provisions concerning Preservation Methods for Books and Documents Related to National Tax Prepared by Means of Computers (Act No. 25 of 1998).
A business operator who uses e-mail for advertising must preserve documents that evidence consent from receivers to send such email prior to the transmission (Art. 3.2), Act on Regulation of the Transmission of Specified Electronic Mail (Act No. 26 of 2002).

Japan's Act on the Limitation of Liability for Damages of Specified Telecommunications Service Providers and the Right to Demand Disclosure of Identification Information of the Senders establishes a safe harbour regime for intermediaries for copyright infringements. According to Art. 3 of the Act, no Internet service provider (ISP) may be held liable for failing to delete infringing content. Furthermore, the Act also shields ISPs from the liability for any damage caused by the deletion of content on its network if the ISP reasonably believes that the content infringes the intellectual property rights or privacy of others or if a third party alleges infringement and the content sender does not respond to the ISP's inquiry within seven days.

Japan's Act on the Limitation of Liability for Damages of Specified Telecommunications Service Providers and the Right to Demand Disclosure of Identification Information of the Senders establishes a safe harbour regime for intermediaries beyond copyright infringements. According to Art. 3 of the Act, no Internet service provider (ISP) may be held liable for failing to delete infringing content. Furthermore, the Act also shields ISPs from the liability for any damage caused by the deletion of content on its network if the ISP reasonably believes that the content infringes the intellectual property rights or privacy of others or if a third party alleges infringement and the content sender does not respond to the ISP's inquiry within seven days.

Act for the Prevention of Illegal Mobile Phone Use requires mobile voice communication carriers to verify the identity of subscribers when a contract is terminated or transferred.

The amendment of the Copyright Act (Act No. 48 of 1970) adopted regulations on "index sites" that contain links leading to infringing content. It is reported that due to the requests for content removals and blocking, ISPs must monitor the customer's online activity to determine whether they are accessing the sites in question.

Chapter 4 of the Act on Development of an Environment that Provides Safe and Secure Internet Use for Young People (Act No. 79 of 2008), which became effective in April 2009, provides an obligation to provide service to filter content harmful to young people. The Act imposes this obligation not only for Internet service providers and mobile network service providers but also for manufacturers of equipment with functions to access the Internet, such as smartphones, as a result of the amendment that came into effect in 2018.

Japan has introduced import restrictions on certain goods from Russia under the Foreign Exchange and Foreign Trade Act. The Ministry of Economy, Trade and Industry has amended its public notice, based on Art. 52 of the Foreign Exchange and Foreign Trade Act and Art. 3 of the Import Trade Control Order. This amendment subjects the import ban to approval under Art. 4 of the same Order. The items affected by this approval procedure include automatic data-processing machines and related units (HS 84.71), as well as parts and accessories for office machines like computers and printers (HS 84.73), among others.

As amended in April 2022, under Art. 2.4 of the Cabinet Order on Export Trade Control, anyone wishing to export goods listed in Table 2-3 to Russia must obtain approval from the Minister of Economy, Trade and Industry, following the procedures established by the Ministry's Order. Table 2-3 includes several ICT goods, such as computers and their accessories, communication devices, cryptographic equipment, integrated circuits, semiconductor devices, electronic test equipment, analogue and digital recording devices, oscilloscopes, and components for microwave and millimetre wave equipment.

The type of conformity assessment procedure adopted is the Supplier's Declaration of Conformity (SDoC) type 2 - the supplier or manufacturer of the equipment declares the equipment meets the technical and administrative requirements on the basis of test reports by a testing laboratory recognised by the regulator. No registration of the equipment with the regulator is required. This mandatory requirement is limited to EMI for the products covered by the Electrical Appliance and Material Safety Law.
The Act divides electrical products into specified and non-specified products. While specified electrical products such as AC adapters and electric massagers require third-party assessment by a registered conformity assessment body (CAB), non-specified electrical products are subject to a self-declaration scheme for mandatory PSE marks.
Similarly, under the Consumer Product Safety Act (Act No. 31 of 1968), some electrical products classified as special specified products because of high risk to consumer safety require a third-party assessment by a registered CAB, while specified products with moderate risk to consumer safety are subject to self-declaration for PSC mark.

The Act on the Protection of Personal Information (Act No. 57 of 2003) (APPI) did not originally restrict the transfer of personal information to foreign countries, but amendments enacted in 2015 and which took effect in May 2017 added restrictions on cross-border data flows. The amended APPI prescribes three types of legitimate transfers of personal information to a third party in a foreign country under Article 24: (1) transfers to a country that the Personal Information Protection Commission (PPC) has designated as having an acceptable level of data protection; (2) transfers to a third party in a foreign country in circumstances in which actions have been taken to ensure the same level of data protection as in Japan (such as entering into a data transfer agreement imposing obligations on the transferee meeting the requirements of the APPI); or (3) transfers with the data subject’s consent.
Under the Enforcement Rules for the APPI (promulgated in 2016), as for (2), Art. 11 specifies that it means: "(i) a personal information handling business operator and a person who receives the provision of personal data have ensured in relation to the handling of personal data by the person who receives the provision the implementation of measures in line with the purport of the provisions under Chapter IV, Section 1 of the Act by an appropriate and reasonable method or (ii) a person who receives the provision of personal data has obtained a recognition based on an international framework concerning the handling of personal information." To date, the only PPC-recognised international framework is the APEC Cross-Border Privacy Rules System.

Japan has joined agreements with binding commitments to open transfers of data across borders: the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP, Art. 14.11), the Agreement Between The United States Of America And Japan Concerning Digital Trade (Art. 11), and the Agreement between the United Kingdom of Great Britain and Northern Ireland and Japan for a Comprehensive Economic Partnership (Art 8.84).

The Act on the Protection of Personal Information (Act No. 57 of 2003) (APPI), enacted in 2003 and last amended in 2022, is Japan's data protection regime. The Amendment Bill of the Act on the Protection of Personal Information was approved by the Diet in June 2020 and entered into effect on 1 April 2022.
In addition to the APPI, the Personal Information Protection Commission (PPC) issued general guidelines, guidelines on data transfer to a third party in a foreign country, guidelines on confirmation and records for providing to a third party, and guidelines on anonymously processed information. Furthermore, the Guideline on Personal Information Protection in Telecommunications Business issued by the Ministry of Internal Affairs and Communications, genetic information guidelines issued by the Ministry of Economy, Trade and Industry, financial affairs guidelines jointly issued by the PPC and the Financial Services Agency, medical care guidelines jointly issued by the PPC and the Ministry of Health, Labour and Welfare are also relevant.