Tens of million personal data records have been leaked over the past five years but fines for the leaks averaged 258 won ($0.22), a lawmaker said Thursday, calling for tougher penalties.

According to Rep. Park Kwang-on of the ruling Democratic Party, over 64 million leaks of personal information, such as names, social security numbers and mobile phone numbers, were reported from the public, private and online sectors from 2016 to last month.

Of them, administrative action was taken in 50.87 million cases, resulting in fines of 13.14 billion won, or an average of 258 won per case, Park said citing data from the Personal Information Protection Commission.

He said the country's laws on personal data protection levy a fine of 3 percent of a firm's total revenue resulting from a violation, a level he said is too low compared with countries in Europe.

"If we are to become a digital economy, we must place the highest importance on protecting personal information," said the lawmaker, who serves on the National Assembly's National Policy Committee.

Park called for introducing standards similar to the European Union's General Data Protection Regulation. Under the GDPR, serious violations of the regulations can lead to fines of up to 20 million euros or 4 percent of a firm's worldwide annual revenue, whichever amount is higher.

By year, there were 22.12 million leaks in 2016, 6.1 million in 2017, 8.54 million in 2018, 18.39 million in 2019 and 9.94 million in the first nine months of this year, according to the lawmaker. (Yonhap)