S&K Brussels



We are one of the only law firms worldwide offering legal advice in both Japanese and English, by EU- and US-registered attorneys who specialize in global data protection regulations.

S&K Brussels was established in July 2019 in Brussels (Belgium), the capital of the European Union. Our firm specializes in European and US regulatory compliance, with a focus on providing cross-jurisdictional data protection support to Japanese multinational companies. In October 2020, S&K Brussels headquarters was relocated to Tokyo, where our Japanese bengoshi and foreign-qualified attorneys are currently based. In addition to our Tokyo headquarters, we have secondary offices in Brussels and New York, as well as in Washington, DC (the latter belonging to our affiliate, S&K Brussels Consulting, which tracks the most recent developments in US federal data privacy discussions and draft regulations).

S&K Brussels is one of the only law firms worldwide that provides legal expertise in both Japanese and English on global data protection regulations, by EU- and US-trained and registered bilingual attorneys. Our firm's leadership comprises Japan-qualified attorneys (bengoshi) who are registered with the Brussels Bar Association of Belgium (B-List) and the New York State Bar Association, and who specialize in United States (including at federal and state levels) and European data protection regulatory compliance. Our Tokyo team, comprised of such bengoshi together with foreign-qualified data protection attorneys, is uniquely capable of providing Japanese-language legal advice on global data protection regulations well beyond European and US jurisdictions, via our extensive network of local data protection counsel.

S&K Brussels' wide range of services includes: developing and reviewing data protection compliance mechanisms for corporate clients and their international subsidiaries and branches; representing and defending companies in legal conflicts involving issues of international data protection law, including class action litigation and negotiations with, and investigations by, European and US data protection supervisory authorities; conducting data protection due diligence in M&A transactions; assessing and ensuring post-merger integration data protection compliance; and advising on data protection matters specific to cutting-edge technologies and services (e.g. IoT, Connected Car and MaaS).

Our team has represented countless Japanese companies and organizations on EU and US data protection matters. Our firm's diverse client base spans multiple industry sectors, ranging from the Japan-based headquarters of global companies, including those listed on the Fortune 500, to overseas subsidiaries and branches, government agencies, and major law firms in Japan.

Preparing our clients for cross-border data protection regulatory compliance

Managing overseas subsidiaries, and in particular, ensuring compliance with constantly evolving international regulatory frameworks, is challenging for Japanese global organizations. The recent strengthening of data protection legislation and enforcement mechanisms across Europe, the United States, Thailand, China, Brazil, India and beyond, has further intensified this challenge.

The EU General Data Protection Regulations (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA) and many other domestic data protection frameworks include extraterritorial provisions applicable not only to overseas entities, but to Japanese headquarters as well. With the recent evolution of international regulatory regimes, many featuring stringent enforcement mechanisms coupled with steep penalties for non-compliance, Japanese global companies now face an urgent need to take data privacy and security more seriously, and to advance their data protection practices to meet global standards. This is particularly true given the increased promotion of digitalization and heightened emphasis on data strategy in business operations by Japanese global organizations across all industry types.

In recent years, dozens of Japanese companies have suffered severe, and often irreversible, economic and reputational damage due to compliance-related deficiencies in the global regulatory space, frequently resulting in governmental investigations and fines, civil class actions and criminal prosecutions, compelled under EU/US antitrust and competition laws. Japanese companies' delayed implementation of global compliance schemes have resulted in serious sanctions including: (i) criminal sentences and prison terms of up to two years for more than two dozen Japanese executives; (ii) multi-year investigations by the US Department of Justice, the European Commission, and other governmental authorities incurring significant legal and e-discovery fees; (iii) fines amounting to hundreds of millions in USD and Euros (often fined concurrently), as a result of such investigations; (iv) multi-year class action lawsuits and negotiations; (v) considerable legal and e-discovery costs associated with defending against such class actions; and (vi) significant court-ordered damages and negotiated settlements. Although potentially rewarding, cross-border business also carries enormous economic and reputational risks for Japanese companies which are particularly vulnerable in the realm of global regulatory compliance.

Our firm endeavors to equip Japanese multinational companies with the compliance tools and frameworks necessary to ensure that Japanese entities' negative experiences with global antitrust/competition laws are not repeated in the data protection regulatory space.

By providing the legal support necessary to align Japanese headquarters' data protection regimes with international compliance standards, whilst supporting risk-based compliance at the overseas subsidiary level, S&K Brussels aims to ensure that Japanese global companies and organizations are at the forefront of data protection - and to relegate administrative and criminal sanctions and civil litigation for regulatory non-compliance to the realm of the past.

Raising awareness regarding data protection requirements amongst expatriates and local hires in European and US offices

In most cases, Japanese headquarters must take the lead in ensuring company-wide data protection reform and global regulatory compliance. However, it is equally crucial that overseas representatives and local personnel across Europe and the United States receive comprehensive education and training regarding applicable data protection regulatory standards and obligations.

Our team has provided countless in-person and virtual compliance trainings for the overseas offices of our Japanese corporate clients throughout Europe and the United States. Frequently in cooperation with local Japanese associations and Japanese Chambers of Commerce in Amsterdam, Brussels, Düsseldorf, Frankfurt, Geneva, Hamburg, London, Milan, Munich, Paris, Vienna and Warsaw, we have trained hundreds of Japanese representatives and local employees on GDPR compliance and risk management. In the United States, we have provided regulatory compliance trainings for local subsidiaries and branch offices, as well as virtual CCPA and CPRA seminars alongside Japanese Chambers of Commerce in Los Angeles, San Francisco and New York. Following each training, our attorneys provide continued support to Japanese expatriates and local employees of our clients' overseas entities, thereby ensuring ongoing contributions to local Japanese communities across Europe and the United States.

We are internationally-recognized experts in global data protection

Our bengoshi and foreign-qualified attorneys have all attended tier one law schools in the United States, the United Kingdom and Japan, and have practiced at leading international law firms in Europe and the United States. Our attorneys are certified to practice law in all of the major data protection jurisdictions, including the EU (the Brussels Bar, B-List), California, New York as well as Japan. Our bengoshi have accumulated years of hands-on data protection expertise directly in the heart of the European Union, and have extensive experience negotiating with European data protection authorities charged with GDPR enforcement, including the European Data Protection Board at the EU level as well as authorities in Germany, Spain, France, the Netherlands, Denmark and the United Kingdom. Our team's depth and breadth of experience and direct exposure to the global data protection regulatory landscape in Europe and the United States surpasses that of many leading overseas law firms, and coupled with our Japanese language abilities, renders our services unparalleled in the Japanese market.

Our attorneys are internationally recognized for their global data protection expertise. One of our bengoshi was ranked fourth in the data protection category of The Nikkei's Companies' Choice of Lawyers 2019 ranking, and was also recognized in The Legal 500 EMEA listings for EU Regulatory: Privacy and Data Protection (2019 & 2020) and Competition: EU and Global (2018 & 2019).

In addition, our bengoshi have published numerous articles and legal guidelines on EU GDPR and US state and federal data protection regulations, and are frequently quoted in various newspapers including the Nikkei Newspaper and Yomiuri Newspaper regarding trends in global data protection enforcement and legislation.

Empowering Japanese data protection practitioners in Japan and overseas

Alongside our client work, our team at S&K Brussels is committed to enriching and strengthening the Japanese community of data protection practitioners, both within Japan and overseas. Our bengoshi and foreign-qualified attorneys are all active members of the International Association of Privacy Professionals (IAPP), and frequently conduct pro bono seminars to educate Japanese-speaking business and legal professionals on the latest developments in the data protection regulatory space. One of our bengoshi also serves as a Director and Founding Member of the Japan DPO Association, a Japan-based non-profit organization of privacy professionals dedicated to cross-discipline data privacy education and to furthering Japanese companies' global competitive advantage.

Providing proactive and dynamic privacy advice on global data protection regulatory trends

Although the bulk of our services address current data protection regulatory compliance, we are cognizant of the rapid evolution of data protection laws, and are therefore committed to providing dynamic and forward-looking legal support that outlasts the status quo.

In partnership with S&K Brussels Consulting our firm has amassed a substantial network of policy-makers and regulatory analysts in Brussels and Washington, DC - the epicenters of global data protection regulation - which apprise us of forthcoming trends and anticipated regulatory reforms at EU Parliamentary and US federal levels. We take great pride in providing our clients with forward-looking and lasting guidance reflective of existing legal requirements together with those on EU and US regulatory horizons, including the California Privacy Rights Act (CPRA) and the SAFE DATA Act.

S&K Brussels is at the forefront of European and US regulatory compliance, in particular data privacy/data protection and antitrust/competition. We are passionate about supporting Japanese global companies in their overseas operations, and endeavor to do our utmost to ensure that Japanese corporations and organizations remain compliant and competitive across international markets.

Takeshige Sugimoto, Attorney-at-Law, Managing Director and Partner-in-Charge of Tokyo and New York Offices of S&K Brussels
Akihiro Kawashima, Attorney-at-Law, Partner-in-Charge of Brussels Office of S&K Brussels

© S&K Brussels LPC. 2020. All rights reserved.