<![CDATA[The rapid digital transformation has turned data privacy into a global strategic issue. Regulations such as the General Data Protection Regulation (GDPR) provide a comprehensive legal framework for the protection of personal data, but their effectiveness depends heavily on the ability of organizations to apply the principles of accountability and substantive responsibility. This research aims to analyze the paradigm shift from regulatory compliance (regulation-based) to organizational accountability (responsibility-based) in data privacy governance in the digital era. The approach used is qualitative with a systematic literature study method, reviewing Scopus-indexed scientific articles and the Web of Science published between 2015–2025, as well as policy reports from international institutions such as the OECD and EDPB. The analysis was carried out using thematic analysis techniques to identify the main patterns in the application of the principles of accountability, privacy by design, data protection impact assessment (DPIA), as well as social context and privacy ethics. The results show that the paradigm shift towards responsibility requires organizations not only to comply with formal regulations, but also to build an internal governance system that is able to proactively prove data protection. Mechanisms such as privacy by design and DPIA have proven effective in increasing transparency, risk mitigation, and public trust. In addition, the theory of Contextual Integrity and the Taxonomy of Privacy assert that privacy protection must consider social norms and ethical values, not just legal aspects. In the context of developing countries, including Indonesia, the implementation of privacy responsibilities still faces challenges such as limited institutional capacity, low digital literacy, and policy fragmentation. Therefore, it is necessary to strengthen independent supervisory institutions, increase public literacy, and integrate accountability principles in business strategies and technology design. This research confirms that the future of data protection lies in the balance between strong regulation and ethical responsibility of organizations. By internalizing the principles of accountability, organizations can build a transparent, ethical, and sustainable data ecosystem, while strengthening public trust in the digital age.]]>
