Under the amendment to the Personal Information Protection Act, organisations could have to pay up to three times the damage caused by the "loss, theft, leakage, forgery, alternation or impairment of personal information because of a deliberate act or serious error", JD Supra said.
Consumers can claim damages of up to 3 million won, or £1,700, it said.
The Personal Information Protection Committee has also been given greater powers including dispute handling and the ability to recommend policy and system changes.
Data privacy expert Peter Bullock of Pinsent Masons, the law firm behind Out-Law.com said that the amendment does not come as a great surprise as South Korea has "for a number of years been something of an outlier in the region, in terms of its data protection regime."
"It has regulations in part even more restrictive than EU regulations of data users' use of personal data," he said.
The Korean Communications Commission has also produced a guide (link in Korean) to the collection and use of personal information through mobile apps, app stores and smartphone operating systems, and how to obtain consent on mobile apps.
