I've heard that Japan has a law that stipulates that all pages that contain forms with personal information must be SSL-encrypted.
For example, under this law, a simple contact form with a "name" and "email address" fields would need to be encrypted.
I'm trying to find out what information needs to be protected, and what doesn't. thanks.
I assume this is in reference to the "Act on the Protection of Personal Information (個人情報保護法令)" law in japan. I'm not a japanese lawyer so I can't tell you either way, but a quick scan doesn't bring up any mention of SSL encryption or html forms.
Article 20 does mention, in typical lawyer speak, that proper security measures must be taken when handling personal information. The explanation (解説) link below is probably where you need to look for actual implementation details.
English:
http://www5.cao.go.jp/seikatsu/kojin/index_en.html
http://www5.cao.go.jp/seikatsu/kojin/foreign/act.pdf
Japanese:
http://www5.cao.go.jp/seikatsu/kojin/houritsu/index.html
Explanation of the law [Japanese]:
I live in Japan and am Japanese, but I never recall a time that something like that come up.
The 個人情報保護法令 I know of, but it is limited to personal information as in customer information and other private credentials of that manner(patient info for doctors, address and phone numbers of credit card users, etc). Perhaps it is more strict in text, but in practice I dont see it being inforced on any further levels.
About the methods of how it should be securied, SSL or not I have never heard of any.
Opinion from a local, I hope it helps