Evaluating Data Breach Notification Protocols

Data protection is one of the most important aspects of the digital economy, with its legal implications extending across digital landscapes. The failure to protect data in data breaches can threaten the interests of owners and expose them to various risks. Legal compliance regarding how owners are notified of data breaches is important to prevent this, necessitating deep legal discourse and analysis. Using a comparative legal research method with a statutory approach, this study dissects norms within Indonesia and South Korea’s legal systems to analyze their differences in legal compliance regarding this issue. The findings of this study highlight the discrepancies in legal frameworks between Indonesia and South Korea. It particularly notes Indonesia's lack of a governing body for data breach notifications and the absence of comprehensive privacy impact assessments or cybersecurity compliance. Ultimately, the study underscores the need for Indonesia to develop a normative model for data protection to address its significant regulatory gaps—
contrasting with South Korea's more robust legal mechanisms and the GDPR's systematic oversight.

KEYWORDS: Data Breach, Data Breach Notification, Data Protection.