PROTECTION OF PERSONAL DATA IN THE USE OF ELECTRONIC PUBLIC SERVICES IN THE REPUBLIC OF KAZAKHSTAN

Abstract

The article examines the key challenges and prospects of personal data protection in the context of digitalization of public services in the Republic of Kazakhstan. The relevance of the topic is driven by the rapid development of electronic services, which provide citizens with convenience and accessibility while simultaneously creating new risks related to data breaches and unlawful processing of information. The methodological framework of the study is based on a systemic approach, comparative legal analysis, and an examination of national legislation in comparison with international standards. The analysis identified three main areas of concern: the insufficiency of sanctions for violations, difficulties in holding database operators accountable, and the absence of effective procedures for compensating citizens for damages. Special attention is given to large-scale data leaks that revealed significant gaps in regulation and demonstrated the necessity of revising law enforcement practices. The proposed directions for improvement include the introduction of Data Protection Impact Assessments (DPIA), the establishment of procedural guarantees for timely notification and compensation, and the harmonization of the national legal framework with GDPR principles and the eIDAS 2.0 regulation. The practical significance of the study lies in the development of recommendations aimed at strengthening citizens’ trust in electronic public services and ensuring the sustainability of Kazakhstan’s digital transformation.