<![CDATA[The development of human civilization, especially in communication and information technology, has made it easier for people to obtain information. One example of the acceleration of information exchange on taxation is the presence of the Automatic Exchange of Information (AEoI). Tax avoidance practices carried out by certain taxpayers are expected to be mitigated by the existence of AEOI. The existence of this AEoI system requires a legal instrument that is responsive to the certainty of personal data protection in Indonesia, considering that the rapid exchange of information can lead to violations of confidentiality or misuse of the data obtained. The research method used is a normative legal approach with a focus on legal analysis of literature, tracing legal materials from applicable regulations and literature. Indonesia has enacted Law No. 27 of 2022 concerning Personal Data Protection (PDP Law) in 2022, effective as of October 2024. The preparation of the PDP Law itself is based on the golden standard of data protection regulations, namely the General Data Protection Regulation (GDPR) of the European Union. However, the effectiveness of the implementation of personal data protection does not come from the strictness of the regulations, but from the existence of a personal data protection supervisory agency. Personal data protection regulations in Singapore are regulated through the Personal Data Protection Act (PDPA), although the regulation is not as strict as the PDP Law or GDPR, but implementation can run well with the existence of a supervisory body, namely the Personal Data Protection Commission (PDPC). Keywords: Personal Data Protection, Taxpayers, Automatic Exchange of Information (AEOI)]]>
