Personal information leakage has become a sensitive issue around the world. International organizations such as OECD and EU have established and have been developing Privacy Guidelines and Privacy Directives, while countries with sophisticated financial industry, such as the US, UK, and Australia, are reinforcing protection and management system of personal information, especially of credit information. In overseas, there is no legal distinction between credit information and personal information. For example, there are the OECD Privacy Guidelines, the EU Data Protection Directive, the Gramm-Leach-Bliley Act and Fair Credit Reporting Act of the US, the Data Protection Act, the Consumer Credit Act, and Data Security in Financial Services of England, the Privacy Act of Australia, and the Data Protection Act of Japan. With development of information technology, the phenomenon of diversification and convergence of business models in financial industry is taking place in every country. A significant portion of laws on credit information is similarly composed, reflecting the basic principles of to the OECD Guideline. In case of Korea, its strength in IT is evident in financial area. Privacy laws of Korea is well established based on the basic principles of the OECD guideline. Korea quickly adopted credit information protection systems and strong oversight systems, which makes it one of the most developed countries in the area of data information and communication law. Financial industry requires strong oversight because financial accident may result in widespread property damage. Therefore, reliable and safe use of personal information should take priority over development of industry based on creative information processing. At the same time, adherence to and strict enforcement of existing laws, and strong sanctions for violation is necessary.