The government plans to introduce penalties for the unauthorized use and leakage of information obtained through communication monitoring for cyber defense, officials said Thursday.

The penalties are part of a broader government plan to introduce active cyber defense, or preemptive action to prevent cyberattacks. The government will submit legislation to enact the plan to parliament during an ordinary session set to start on Jan. 24.

The bill calls for mandatory prior approval by an independent organization to break into the server of an attack source and render it harmless, in consideration of the confidentiality of communications guaranteed by Article 21 of the Constitution.

Under the bill, operators of key infrastructure, such as those in the electricity and financial sectors, will be required to report the information technology devices they use, and notify authorities when attacks occur. The government will provide them with information necessary to prevent damage.

Communications subject to monitoring will be those between foreign countries as well as between Japan and other countries via foreign equipment suspected to be used for cyberattacks.

The scope of analysis will be limited to what is known as mechanical information, such as internet protocol addresses and transmission and reception times, and email texts and other essential content of communications will be excluded.

If a cyberattack threat is identified, police and the Self-Defense Forces are expected to take measures to prevent intrusions and neutralize attacks.