Japan Restricts Local Government IT Procurement to Certified Products, Effectively Excluding Chinese Equipment
Japan will require local governments to procure IT equipment only from products certified as having low cybersecurity risks, effectively excluding Chinese-made equipment to prevent information leaks. This measure, targeting implementation by summer 2027, will apply to computers, communication equipment, servers, and cloud services used by local governments.
📋 Article Processing Timeline
- 📰 Published: April 17, 2026 at 16:38
- 🔍 Collected: April 17, 2026 at 17:01 (23 min after Published)
- 🤖 AI Analyzed: April 17, 2026 at 18:04 (1h 2m after Collected)
Central News Agency
(Central News Agency reporter Dai Ya-chen, Tokyo, 17th) Japan will require local governments to use IT (information technology) equipment only from products certified as having low cybersecurity risks. This move is primarily aimed at Chinese-made products, with the goal of excluding equipment that could lead to information leakage risks.
Nikkei reported that the Japanese government is expected to revise relevant regulations as early as June, aiming for implementation in the summer of 2027. The scope will include computers, communication equipment, servers, and cloud services used by local governments in their operations.
Products certified under the Ministry of Economy, Trade and Industry's IoT equipment security assessment system "JC-STAR" and the National Center of Incident Readiness and Strategy for Cybersecurity's cloud service security standard "ISMAP" will be allowed for procurement.
The report stated that Chinese-made equipment is considered to pose risks of information leakage or being used as a springboard for cyberattacks from abroad. Since "JC-STAR" and "ISMAP" currently do not certify Chinese-made products, Chinese-made equipment will effectively be excluded from procurement.
The Ministry of Internal Affairs and Communications will set up a dedicated window to handle inquiries from local governments. Equipment already procured will be gradually replaced with certified products during updates.
The Japanese central government already adopted a policy in 2018 to procure only equipment that meets cybersecurity requirements, but local governments previously had no such restrictions.
In recent years, cyberattacks targeting local governments have continued to increase, with cases of personal data leakage and website unavailability. (Editor: Chen Hui-ping) 1150417
Choose to stand with facts, every sponsorship you make is a force to protect press freedom.
Download the Central News Agency 'First-hand News' APP to stay updated with the latest news.
The text, images, and audio-visual content on this website may not be reproduced, publicly broadcast, publicly transmitted, or utilized without authorization.
(Central News Agency reporter Dai Ya-chen, Tokyo, 17th) Japan will require local governments to use IT (information technology) equipment only from products certified as having low cybersecurity risks. This move is primarily aimed at Chinese-made products, with the goal of excluding equipment that could lead to information leakage risks.
Nikkei reported that the Japanese government is expected to revise relevant regulations as early as June, aiming for implementation in the summer of 2027. The scope will include computers, communication equipment, servers, and cloud services used by local governments in their operations.
Products certified under the Ministry of Economy, Trade and Industry's IoT equipment security assessment system "JC-STAR" and the National Center of Incident Readiness and Strategy for Cybersecurity's cloud service security standard "ISMAP" will be allowed for procurement.
The report stated that Chinese-made equipment is considered to pose risks of information leakage or being used as a springboard for cyberattacks from abroad. Since "JC-STAR" and "ISMAP" currently do not certify Chinese-made products, Chinese-made equipment will effectively be excluded from procurement.
The Ministry of Internal Affairs and Communications will set up a dedicated window to handle inquiries from local governments. Equipment already procured will be gradually replaced with certified products during updates.
The Japanese central government already adopted a policy in 2018 to procure only equipment that meets cybersecurity requirements, but local governments previously had no such restrictions.
In recent years, cyberattacks targeting local governments have continued to increase, with cases of personal data leakage and website unavailability. (Editor: Chen Hui-ping) 1150417
Choose to stand with facts, every sponsorship you make is a force to protect press freedom.
Download the Central News Agency 'First-hand News' APP to stay updated with the latest news.
The text, images, and audio-visual content on this website may not be reproduced, publicly broadcast, publicly transmitted, or utilized without authorization.
FAQ
What is the purpose of the Japanese government's new restrictions on local government IT procurement?
The purpose is to strengthen cybersecurity by effectively excluding Chinese-made products that pose a risk of information leakage.
What kind of products will be allowed for local government IT procurement?
Products certified under METI's 'JC-STAR' and NISC's 'ISMAP', which are assessed as having low cybersecurity risks, will be allowed.