Türkiye ve Dünyada
Bu bölümde 331 doküman yer almaktadır.
BROŞÜR, REHBER VE BİLGİLENDİRME DOKÜMANLARI
- YENİ 19.01.2018 Kişisel Veri Güvenliği Rehberi (KVKK Telif Hakkı Uyarısı)
- Kişisel Verilerin Silinmesi, Yok Edilmesi veya Anonim Hale Getirilmesi Rehberi (KVKK Telif Hakkı Uyarısı)
- Kişisel Verilerin Korunması Kanunu'nun Amacı ve Kapsamı
- 6698 Sayılı Kanun'da Yer Alan Temel Kavramlar
- 6698 Sayılı Kanun'da Yer Alan Kurumsal Terimler
- Anayasal Bir Hak Olarak Kişisel Verilerin Korunmasını İsteme Hakkı
- 6698 Sayılı Kişisel Verilerin Korunması Kanunu ve Uygulaması
- 6698 Sayılı Kanunun Uygulanmasına Yönelik Soru ve Cevaplar
- Açık Rıza
- Kişisel Verilerin Korunmasına İlişkin Başvuru ve Şikayet Hakkı
- Ulusal ve Uluslararası Alanda Kişisel Verilerin Korunmasına Duyulan İhtiyaç
- Kişisel Verilerin Korunması Alanında Ulusal ve Uluslararası Düzenlemeler
- Kişisel Verilerin Yurtdışına Aktarılması
- Kişisel Verileri Koruma Kurulu'nun Yapısı ve Görevleri
Data Protection Act (2000)
The Austrian Data Protection Act (Datenschutzgesetz 2000; DSG 2000, Federal Law Gazette I No. 165/1999) came into effect on 1 January 2000. In implementation of the Directive on Data Protection 95/46/EC, the act provides for a fundamental right to privacy with respect to the processing of personal data which entails the right to information, rectification of incorrect data and removal of unlawfully processed data. It regulates the pre-conditions for the lawful use and transfer of data, including mandatory notification and registration obligations with the Data Protection Commission. Furthermore, it provides for judicial remedy in case of breach of its provisions.
The 'Privacy Law' of December 1992 is intended to protect citizens against the abusive use of personal data. The law defines the rights and duties of both the data subject and the processor. It moreover provides legal basis for the creation of an independent body in charge of overseeing the correct use of personal data, namely the Commission for the Protection of Privacy. Since its promulgation, this law has been significantly modified in 1998 in order to transpose the EU Directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data (Directive 95/46/EC). This law is now available in its ‘consolidated version’ dated August 2007.
In addition, it is worth noting that a specific law containing provisions relating to spamming was adopted on 24 August 2005, so as to transpose the related article of the EU Directive 2002/58/EC on privacy and electronic communications (the ‘ePrivacy Directive’).
Adopted in January 2002 and last amended in October 2016, the Law for Protection of Personal Data has been modelled on the EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. It applies to the protection of individuals with regard to the processing of personal data, granting them the right to access and correct information held about them by public and private bodies. It defines lawful grounds for the collection, storage and processing of the personal data of individuals. Application of the Act is overseen by the Commission for Personal Data Protection, an independent supervisory authority.
Law on Personal Data Protection (NN 106/12)
The Law on Personal Data Protection was adopted in June 2003, implementing the relevant EU Directive (95/46/EC). It foresees that personal data may be transferred cross-border and processed in another jurisdiction, to the extent that this jurisdiction can ensure an adequate level of protection. The law was amended once on 20 October 2006 (NN 118/06), while the last amendment took place on 3 April 2008 (NN 41/08).
The 'Processing of Personal Data (Protection of Individuals) Law' (138(I)/2001) entered into force in November 2001, and was amended by Law 37(I)/2003. It is compliant to the acquis communitaire, and especially, the European Directive 95/46/EC on Data Protection. On 31 December 2007, the 'Retention of Telecommunication Data for Purposes of Investigation of Serious Criminal Offences Law' of 2007 (Law 183(I)/2007) was introduced harmonising Cypriot legislation with EU Directive 2006/24/EC of 15 March 2006. The law regulates the terms under which the retention of personal data for the purpose of crime investigation, detection and prosecution is legal.
Act on the Protection of Personal Data (2000, last amendment: 2011)
The Data Protection Act (No. 101/2000) was adopted in April 2000 with the aim to protect the citizens’ right to privacy. (Click HERE for Consolidated version of the Personal Data Protection Act) To this end, it regulates the rights and obligations regarding the processing of personal data and specifies the conditions under which personal data may be transferred to other countries. Furthermore, it allows individuals to access and correct their personal information held by public and private bodies. It is enforced by the Office for Personal Data Protection. It was last amended in 2011.
This act entered into force on 1 July 2000 in order to implement Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data, allowing individuals to access their records held by public and private bodies. The Act, which was amended in 2007, is enforced by the Datatilsynet (Data Protection Agency). Other laws regulating the processing of personal information by the public sector include the Public Administration Act of 1985, the Publicity and Freedom of Information Act of 1985, the Public Records Act of 1992 and the National Registers Act of 2000. These laws set out basic data protection principles and determine which data should be available to the public and which data should be kept confidential.
Providers of electronic networks and services are required to notify the competent body for eGovernment in cases of data breaches that have significant consequences on the provision of services or concern person-identifiable information. This legal requirement implements in part Directives 2009/140/EC and 2009/136/EC. The Act has been amended several times and amendments have been consolidated in the Amendment Act of 2014.
Act on Marketing Practices (2013)
In June 2003, an amendment to the Marketing Practices Act was adopted to implement the Directive on ‘privacy and electronic communications’ 2002/58/EC. This transposition entailed a change to Denmark's legal data protection framework on spam. According to the Directive, people who have already given their address to businesses can be spammed with advertisements for 'similar services' ('soft opt-in'), which the Danish legislation Act had not allowed until then. Amendments have been consolidated in the Consolidated Marketing Practices Act (2013).
Consumer Protection Act (2004)
This Act entered into force on 15 April 2004 and it regulates the offering and sale, or marketing in any other manner, of goods and services to consumers by traders. Furthermore, it determines the rights of consumers as the purchasers or users of goods or services, and provides for the organisation and supervision of consumer protection and liability for violations of this Act. Some minor amendments were included and entered into force on 1 January 2015 (proceedings and punishments for legal persons).
Personal Data Protection Act (1996)
The first Personal Data Protection Act (PDPA) entered into force on 19 July 1996. The Act was amended in 2003, to be made fully compliant with the EU Data Protection Directive 95/46/EC, and once again amended in January 2008. The Act protects the fundamental rights and freedoms of persons with respect to the processing of their personal data, in accordance with the right of individuals to obtain freely any information that is disseminated for public use.
The 2008 version of the Act introduced several changes. Firstly, the previous classification of personal data into three groups (non-sensitive personal data, private personal data and sensitive personal data) has been replaced by two data categories: (1) 'personal data' and (2) 'sensitive personal data', the latter being the sub-class under special protection. Secondly, all processed personal data are protected and registered by Chief processors (i.e. controllers) with the Data Protection Inspectorate, the data protection supervision authority. Moreover, the new PDPA Act extends all general principles applying to the processing of personal data and to the processing of the personal identification code (the unique number assigned to every Estonian citizen and resident).
From 1 January 2015 the Data Protection Inspectorate may submit reports concerning significant matters which have an extensive effect or need prompt settlement which become known in the course of supervision over compliance with the Act to the Constitutional Committee of the Riigikogu and the Legal Chancellor. The current version can be found in this web address.
This Regulation entered into force on 1 January 2008 and establishes the system of security measures for information systems used for processing the data contained in state and local government databases and for information assets related therewith. The system consists of the procedure for the specification of security measures and the description of organisational, physical and IT security measures to protect data. However, it is underlined that this Regulation does not apply to security of information systems processing state secrets.
Personal Data Act (1999)
The Personal Data Act, which came into force on 1 June 1999, replaced the Personal Data File Act of 1988, which was the first law concerning data protection in Finland, aiming at preventing violations of integrity at all stages of data processing. The functional objective was to promote the development of and compliance with good data processing practices. The main principles of the protection of privacy remained largely unchanged in the 1999 Act. It accommodates the constitutional reform and the EU Data Protection Directive (95/46/EC). The basic rights and freedoms of individuals are even more strongly emphasised in the processing of personal data. It is overseen and enforced by the Data Protection Ombudsman. Other legal documents contain special provisions regarding the processing of personal data. The Act on the Openness of Government Activities (1999) controls access to public registers. The protection of privacy in electronic communications is also regulated by the Information Society Code (2014).
The Law on ‘Informatics and Liberty’ was adopted on 6 January 1978. The Law provides a legal framework for the use of identifiers in databases and the processing of personal data by public and private sector organisations. The Law created a National Commission for Informatics and Liberty (CNIL), which is in charge of overseeing its implementation and observance. The CNIL also has an advisory role in the planning of administrative data systems. The Law on Informatics and Liberty was amended by law no. 2004-801 of 6 August 2004 implementing the EU Data Protection Directive (95/46/EC).
Law on Personal Data Protection (2005, 2008)
Harmonisation of legislation in the area of personal data protection has been one of the government’s priority activities since 2002. A new law on personal data protection, amended to include EC recommendations, was drafted in 2004, adopted on 25 January 2005 and modified to comply fully with the European Directive 95/46/EC in 2008 (Official Gazette no. 7/2005 and 103/2008). The law represents a 'lex generalis' in the area of data protection in the country.
According to the law, personal data shall be: fairly and lawfully processed; collected for specified, explicit and legitimate purposes; processed in a manner which is consistent and proportionate with these purposes; accurate and complete; kept for no longer than the necessary time frame for fulfilling the above mentioned purposes. Further amendments to the law were made in 2010, 2011, 2014 and 2015.
Law on Electronic Management (2009)
The Law on Electronic Management (Official Gazette, no. 105, 21/08/2009), adopted on 21 August 2009, regulates the work of ministries and other government authorities in the exchange of data and documents in electronic format, in relation to the implementation of administrative services by electronic means. Seven bylaws were adopted in June 2010 to enable implementation, as well as that of electronic workflow procedures and electronic document exchanges. Those acts regulate issues such as environment and communication; certification of information systems; format and content of administrative services by electronic means such as electronic documents; standards and regulations for electronic communication; technical requirements; security of information systems; format and contentof administration of data bases and others.
Further amendments to the law were made in 2011.
Federal Data Protection Act (2003)
Germany has one of the strictest data protection laws in the European Union. The world's first data protection law was passed in the German Land of Hessen in 1970. In 1977, a Federal Data Protection Law followed, which was replaced in 1990, amended in 1994 and 1997. An additional revision took place in August 2002 to align German legislation with the EU Data Protection Directive (95/46/EC). The general purpose of this law is 'to protect the individual against violations of his personal rights by handling person-related data.'
Law 2472/1997 on the Protection of Individuals with regard to the Processing of Personal Data was adopted in April 1997. It establishes the terms and conditions under which the processing of personal data is to be carried out so as to protect the fundamental rights and freedoms of natural persons and in particular their right to privacy. It also allows any person to obtain their personal information held by government departments or private entities. The law is enforced by the Hellenic Data Protection Authority. It is complemented by Law 2774/1999 on the Protection of Personal Data in Telecommunications, and by Law 3115/2003 that establishes the Hellenic Authority for the Information and Communication Security and Privacy in order to protect the secrecy of mailing, the free correspondence or communication in any possible way, as well as the security of networks.
Law 3471/2006 was adopted on 28/06/2006, revising Law 2472/1997, and intending to the enactment of preconditions with regard to the personal data processing and for the assurance of the confidentiality in telecommunications. Law 3471/2006 was amended by Law 3917/2011 and Law 4070/2012.
Law 3674/2008 sets out the obligations of the service provider for the security of telephone services. According to these provisions, the provider is responsible for security matters under the supervision of premises, facilities, connections and hardware systems and software. To this end the provider has an obligation to take appropriate technical and organisational measures and to use hardware and software that ensure the confidentiality of communications and the detection of breach, or attempted breach, of confidentiality of communications.
Act No. CXII of 2011. on Informational Self-determination and Freedom of Information (also available in English) is a combined Data Protection and Freedom of Information Act. This Act sets rules and safeguards the processing of personal data of public and private bodies. Its application is overseen by the National Data Protection and Freedom of Information Authority.
The Act on the Protection of Privacy as regards the Processing of Personal Data (No. 77/2000) was passed in 2000 and came into effect on 1 January 2001. The act implements the EC Data Protection Directive (95/46/EC) and deals with how the protective principle relates to data quality, and presents criteria for the legitimacy of data processing. The act applies to any automated processing of personal data and to manual processing of such data if it is, or is intended to become, a part of a file.
Data Protection Strategy 2014 - 2016
The mission of the strategy is to protect the individual’s right to data privacy by enabling people to know, and to exercise control over, how their personal information is used, in accordance with the Data Protection Acts and related legislation.
The Data Protection Act of 1988 was amended in 2003 to ensure full compliance with the EU Data Protection Directive (95/46/EC).The aim of the Directive is to establish common standards of data protection across Member States in order to protect personal privacy and to ensure the smooth operation of the internal market, while ensuring adequate levels of data protection in countries outside the European Economic Area to facilitate and encourage international trade (Department of Justice and Law Reform). The Data Protection Commissioner oversees and enforces the Act.
Copyright and Related Rights Act (2000).
This Act affects a total reform of Irish copyright and related rights law, bringing it fully into line with the requirements of EU and international law in this area. It places Ireland among world leaders in terms of standards for copyright protection.
Data Protection Code (2004)
The Data Protection Code entered into force on 1 January 2004. It replaces the previous Data Protection Law (Law no. 675/1996), as well as a number of other legislative and regulatory provisions.
The Data Protection Code updates, completes and consolidates Italy's data protection legislation (1996) by introducing important innovations and conforming national legislation to European regulations, in particular the Data Protection Directive (95/46/EC) and the Directive on privacy and electronic communications (2002/58/EC).The code aims to strengthen the data protection rights of individuals, allowing them to exercise their rights and instigate proceedings more easily. The Code was lastly amended on 4 November 2010.
The Data Protection Commissioner ('Garante Privacy') is in charge of supervising and enforcing the application of the Data Protection Code. In an effort to simplify the complaint process, the Commissioner has published a complaints' form on its website.
Personal Data Protection Law (2000)
The Law on Personal Data Protection was adopted by Parliament on 23 March 2000. It is based on standard fair information practices and is fully compliant with the EU Data Protection Directive (95/46/EC). The aim of this Law is to protect the fundamental human rights and freedoms of natural persons, in particular the inviolability of private life with respect to the processing of personal data. Application of the Law is overseen by the State Data Inspectorate, which is also responsible for spam supervision.
The Information Technologies Security Law came into force on 1 February 2011. It aims to improve information technologies security by defining the key requirements for organisations to guarantee the security of essential electronic services. The law provides for the identification and protection of critical infrastructure, the establishment and organisation of an IT Security Incident Response Institution (national CERT), the determination of conduct in information technology security incidents, the setup of minimum security requirements for state and municipal institutions and the implementation of Directive 2009/140/EC by electronic communications service providers.
The Data Protection Act of 14 March 2002 provides for the rights and obligations of private individuals and State authorities, implementing into national law the EU Directive 95/46/EC on the protection of individuals concerning the processing of personal data and the free exchange of data. The Act (register number 235.1) was supplemented by two regulations in July 2002 (register number 235.11) and February 2006 (register number 235.111). The latter concerns the use of personal data by the police for cases related to terrorism, national security and crime prevention. In September 2008, the Parliament adopts a partial revision of the Data Protection Act bringing the law into line with EU agreements regarding the connection to European database systems, such as the Schengen Information System (SIS), or the Eurodac service. The revised law focuses on the independence of data protection from the Executive and underlines its main role in ensuring the protection of personal rights and the respect for privacy.
The law on Legal Protection of Personal Data was adopted on 11 June 1996 and last amended on 1 January 2009. Its main purpose is the protection of an individual’s right to privacy with regard to the processing of personal data. The law is fully compliant with the EU Data Protection Directive (95/46/EC).
Data Protection Act (2007)
The Data Protection Act, which implements Directive 95/46/EC regarding the protection of personal data of 2 August 2002 and which was amended by the law of 27 July 2007 governs the processing and use of personal data in Luxembourg.
The Data Protection Act of 2002 governs the processing and use of personal data, and goes beyond the framework of the EU Directive by covering not only natural, but also moral persons. It contains specific provisions on the processing of medical data by health services, the processing of personal data for surveillance purposes and in the workplace. The Data Protection Act applies to "data controllers" ("a natural or legal person, public authority, agency, or any other body which solely or jointly with others determines the purposes and methods of processing personal data") and "data processors" ("any natural or legal person, public authority, administrative body or other entity that processes personal data on behalf of the controller" excluding any of the data controller's employees).
The law also created a new data protection authority, the Commission nationale pour la protection des données (CNPD) in December 2002. The CNPD is an independent agency whose task is to regulate the processing of personal data in Luxembourg and ensure compliance with data protection regulations. The Data Protection Act has also provided for an online public data processing register, which makes it possible to check if an authority, company, association, professional, or self-employed worker is likely to hold information about an individual and if they have declared as much to the CNPD.
Processing of Personal Data in the Electronic Communications Sector Act (2011)
The 'Processing of Personal Data in the Electronic Communications Sector Act', which was adopted on 28 July, 2011 and which entered into force on 1 August, 2011, transposes the EU Directive on privacy and electronic communications (Directive 2009/136/EC) into Luxembourgish law and forms part of Luxembourg’s legislative 'telecom package' (cf. below). It aims at protecting the privacy of Internet users (including protection against unsolicited commercial communications or 'spam') and users of added value services, such as GPS. The National Commission for Data Protection (CNPD), which was created by the 2002 Data Protection Act, is competent for checking the legality of personal data processing.
Data Protection Act (2001)
The Data Protection Act was passed on 14 December 2001 and came fully into force in July 2003. It was introduced in order to render Maltese law compatible with EU Data Protection Directive (95/46/EC), even though Malta was not yet an EU Member State at that time, this was a prerequisite prior to joining the EU. It outlines principles of ‘good information/ data handling’ to guarantee the protection of personal information. Data Controllers, such as educational institutions, employers and banks, are obliged to inform individuals of the reasons for collecting information about them. Furthermore, individuals are to be assured that the data collected will not be used for any other reason than for the purpose it was collected and are granted rights of access to the personal information held by the data controller. The Act provides grounds for processing “personal data” but makes special provision for processing “sensitive personal data”, a sub-set of personal data, in very specific stipulated circumstances.
Regulation 2016/679/EU will eventually supersede this Act on the protection of natural living persons with regard to the processing of personal data and on the free movement of such data, generally known as the General Data Protection Regulation. This Regulation will come into force in its entirety in all EU Member States from 25 May 2018.
Personal Data Protection Act (2000)
The EU Data Protection Directive (95/46/EC) adopted in 1995 regulates the processing of personal data within the European Union. The Dutch Personal Data Protection Act was adopted by the Dutch Parliament in July 2000 and came into force on 1 September 2001. It sets the rules for recording and using personal data, and ensured the transposition in Dutch law of the European Directive. The Act is overseen and enforced by the Data Protection Authority (DPA).
The EU General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data better known as the General Data Protection Regulation is repealing the Directive 95/46/EC. The regulation will enter into force on 25 May 2018.
Personal Data Act (2000)
The purpose of Act No. 31 of 14 April 2000 relating to the processing of personal data (Personal Data Act) is to protect natural persons from violation of their right to privacy through the processing of personal data. It ensures that personal data is processed in accordance with fundamental respect for the right to privacy, including the need to protect personal integrity and private life, and that personal data is of adequate quality. This Act transposes the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data into Norwegian law.
The regulations on the processing of personal data (Personal Data Regulations) were laid down by the Royal Decree of 15 December 2000 pursuant to Act No. 31 of 14 April 2000 on the processing of personal data (Personal Data Act), as amended on 23 December 2003.
The Act on the Protection of Personal Data was adopted on 29 August 1997 and has been amended a few times so far. This Act follows the rules established by European Union's Directive 95/46/EC on the protection of individuals with regard to the processing of personal data. The Inspector General for the Protection of Personal Data supervises the observance of the Act. In case of breach of the provisions on personal data protection, the Inspector General, ex officio, or upon a motion of a person concerned, by means of an administrative decision, shall order to restore the proper legal state.
The Regulation focuses on how to share copies of electronic documents and forms under conditions of safety. Accordingly, it clarifies the form of official certification of receipt of electronic documents by the recipient, the ways to safely share electronic copies of documents and safety conditions for forms and templates of shared documents. It has been amended twice so far.
Law no. 41/2004, of 18 August transposes into national law Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector, except for Article 13 which concerns unsolicited communications. This legislation applies to the processing of personal data within the context of publicly available electronic communications services and networks, while complementing the provisions of Law no. 67/98 of 26 October (Law on the Protection of Personal Data). Its provisions shall ensure protection of the legitimate interests of subscribers who are legal entities to the extent that such protection is consistent with their nature.
The law allows individuals to access and correct personal information held by public or private bodies. It was complemented by recent additions such as Law no. 55, (OJ. no. 244/23.03.2005), which ratifies the Additional Protocol to The Convention for the Protection of Individuals with regard to automatic processing of personal data, referring to control authorities and cross-border data flow. Furthermore, a National Supervisory Authority for Personal Data Processing was established in 2005 by Law no. 102/2005 (O.J. no. 391/09.05.2005). All of the data protection files previously kept by the Ombudsman have now been handed over to the Authority, which supervises and controls the legality of the personal data processing under Law no. 677/2001.
This Law on the processing of personal data and the protection of privacy in the electronic communications sector replaced Law no. 676 of 21 November 2001 on the Processing of Personal Data and the Protection of Privacy in the Telecommunications Sector. It closely follows Directive 2002/58/EC on personal data processing and privacy protection in the electronic communications sector.
The National Security Authority is working on drafting the Act on Cyber Security to comprehensively cover cyber and information security, introduce basic security requirements and other measures critical for coordinating the protection of information, communication and management systems. At the same time, the European NIS Directive on network and information security is being transposed into the Slovak legislative.
This legislation (1 July 2013) implements the principles set in the EU's Data Protection Directive (95/46/EC). Under this Act, individuals can Access and correct personal informationheld by public and private bodies. The Act is enforced by the Office for Personal
Data Protection. This Act regulates:
- a) Protecting the rights of natural persons against wrongful interference with their private life in connection with the processing of their personal data
- b) Rights, duties and liability in connection with personal data processing
- c) Establishment of the scope of the powers and organisation of the Office for Personal Data Protection of the Slovak Republic.
The Personal Data Protection Act (Official Gazette of the Republic of Slovenia No. 94/07), currently applicable, was adopted in July 2004 and came into force on 1 January 2005. It replaced a previous version, adopted in 1999, and transposed the EU Directive 95/46/EC on data protection into Slovenian Law.
The main goal of the Act is to prevent illegal and unwarranted violations of personal privacy in the course of data-processing, and to ensure the security of personal databases and their use. Until 1 January 2006, the Inspectorate for Personal Data Protection was in charge of overseeing the application of the Act. Since then, such responsibility has been transferred to the Information Commissioner (Information Commissioner Act, adopted in December 2005). The last amendment of the Personal Data Protection Act was performed in 2013.
The Organic Law 15/1999 of 13 December 1999 on the Protection of Personal Data brought Spanish law in line with the EU Data Protection Directive 95/46/EC.
This law regulates the processing of personal data in the public and private sectors. It grants citizens with the right to access and correct their personal information in the records held by public and private bodies. Personal information may only be used or disclosed to a third party with the consent of the individual, and only for the purposes that it was collected. Additional protections are provided for sensitive data. The Law is enforced by the Spanish Data Protection Agency.
The resolution of this Instruction from the 7 October 2016, establishes the conditions for the gathering and communication of data about the status of security. This will allow to know the main variables regarding the security of the information from the systems included in the scope of the National Security Framework. Moreover, it will help to elaborate a general profile for the state of cybersecurity in the public sector.
The resolution of this Instruction from 13 October 2016, establishes the criteria and procedure to determine the compliance with the National Security Framework and determines the mechanism to obtain and publish the declaration of compliance and security credentials.,.
The article 17 of the new Law 39/2015 on the Common Administrative Procedure Public Administration, states that each administration shall implement a single Digital Archive System for the long term preservation of documents belonging to resolved procedures. The article also requires the application of adequate security and privacy protection measures as required by the NSS and law on data protection.
Personal Data Act (1998)
The Personal Data Act came into force on 24 October 1998. The Personal Data Act was adopted to bring Swedish law into compliance with the requirements of the EU Data Protection Directive 95/46/EC, which aims to prevent the violation of personal integrity in the processing of personal data. The Act lists certain fundamental requirements concerning the processing of personal data. These demands include, inter alia, that personal data may only be processed for specific, explicitly stated and justified purposes and if the person registered gives his/her consent. Exemptions to this rule include the exercise of official powers, or the fulfilment of a legal obligation by the controller of personal data. In many areas of the administration there are special registry laws to supplement or replace the provision in the Personal Data Act.
The Act, approved on 19 June 1992 and entered into force on 1 July 1993, aims to protect the privacy and the fundamental rights of persons when their data is processed. It applies to the processing of data pertaining to natural persons and legal entities by federal bodies and private persons.
For the first time in Switzerland, the public and private sectors are subject to the same rules. In the public sector, the Act only covers the activities of authorities at federal level. However, the majority of Swiss cantons have introduced similar legislation to govern public sector data collection and processing in their respective localities. The Swiss law was granted adequacy approval by the EU in 2000.
The Federal Council’s update of the Ordinance on Data Protection entered into force on 1 November 2016. The ordinance envisages that certain procedures and products used for processing personal data can be better certified and thereby data protection can be improved.
This Ordinance regulates the technical, organisational and procedural requirements concerning the evidential value and control of data and information (electronic data) produced electronically or in a comparable manner in accordance with Articles 122–124 of the VAT Ordinance (VATO) of 27 November 2009.
Turkish Constitution (1982)
Section 5 of the 1982 Turkish Constitution is entitled, 'Privacy and Protection of Private Life'. Article 20 of the Turkish Constitution addresses the issue of 'Privacy of the Individual’s Life', and states: "Everyone has the right to demand respect for their private and family life. Privacy of individual and family life cannot be violated. Unless there exists a decision duly passed by a judge in cases explicitly defined by law…neither the person nor the private papers, nor belongings of an individual shall be searched nor shall they be seized". With the 2010 amendment of the Constitution, citizens are granted the right to request the protection of their personal data. They have the right to be informed about their own personal data, accessing these data, requesting to be corrected or deleted and learning whether it has been used for the purposes that the data were obtained in the first place. Thus individual data can be processed only as foreseen by the law or with the consent of the person, as mentioned in Article 22.
After the 2010 amendment of the Constitution, citizens are granted the right to request protection of their personal data. Hereinafter, individual data can be processed only in the circumstances envisaged in the law or with the express consent of the person. According to the regulation, relevant procedures and principles will be codified by law, namely the ‘Law on Protection of Personal Data’, which was published in the Official Gazette on 7 April 2016 numbered 29677.
This law regulates the conditions of processing and transfer of the personal data, rights and obligations, obligations of the data supervisor or the related person regarding data security to the institution and the board of the protection of the personal data.
The By-Law, which was adopted on 5 November 2008, identifies the obligations of operators with respect to ensuring security of electronic communications networks. It covers the principles and basis of measures to be taken in order to eliminate the risks stemming from threats and vulnerabilities with the aim of ensuring physical data, hardware-software and personnel security. It explicitly states that personal information processing and protection of privacy are not under its scope.
The By-Law on the Personal Information Processing and Privacy in the Telecommunications Sector was adopted on 6 February 2004 to define the procedures and principles related to guaranteeing personal information processing and protection of privacy in the telecommunications sector.
Turkey became party to the Council of Europe Convention on Cybercrime (CETS No. 185), adopted in order to ensure international cooperation combating with cybercrimes efficiently. Subsequent to making legislation for the protection of personal data, approval studies of Conventions No. 108 and 181 aiming at the protection of individuals in case of processing these data to an automatic operation, will be launched.
*** Click HERE for all legislation
about Personal Data Protection in Turkey ***
Digital Economy Act (2010)
The Act concerns the online infringement of copyright. It creates a system which aims to increase the ease of tracking down and suing persistent infringers, and after a minimum of one year permit the introduction of 'technical measures' to reduce the quality of, or potentially terminate those infringers' Internet connections. It furthermore creates a new ex-judicial process to handle appeals.
Data Protection Act (1998)
The Data Protection Act 1998 received Royal Assent in July 1998 and came into force on 1 March 2000, giving effect to the EU Data Protection Directive (95/46/EC). It lays down rules for the way organisations have to treat personal data and information that apply to paper-based and electronic records. These rules are mandatory for all organisations that hold or process personal data, in the public as well as the private and voluntary sectors. The Act contains eight data protection principles, which state that all data has to be: processed fairly and lawfully; obtained and used only for specified and lawful purposes; adequate, relevant and not excessive; accurate, and where necessary, kept up to date; kept for no longer than necessary; processed in accordance with an individual's rights; kept secure; and transferred only to countries that offer adequate protection.
AVRUPA BİRLİĞİ'NDE KİŞİSEL VERİLERİ KORUMA MEVZUATI ve DİĞER ULUSLARARASI BELGELER
- 2016, 5 Mayıs: 2016/679 Avrupa Birliği Genel Veri Koruma Tüzüğü (EU Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, General Data Protection Regulation - GDPR)
- 2006, 15 Mart: 2006/24/EC Kamuya açık elektronik iletişim servisleri veya kamu iletişim ağlarının sunulması ile bağlantılı olarak üretilen veya işlenen verilerin saklanması (Directive 2006/24/EC on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC) Data Retention Directive
- 2002, 12 Temmuz: 2002/58/EC Elektronik İletişim Sektöründe Kişisel Verilerin İşlenmesi ve Gizliliğin Korunması Direktifi (Directive 2002/58/EC concerning processing of personal data and the protection of privacy in the electronic communications sector) e-Privacy Directive
- 2001, 8 Kasım: 181 No’lu Kişisel Verilerin Otomatik İşleme Tabi Tutulması Karşısında Bireylerin Korunması Sözleşmesi’ne Ek Denetleyici Makamlar ve Sınıraşan Veri Akışına İlişkin Protokol (EC Treaty 181: Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data regarding supervisory authorities and transborder data flows)
- 1999 15 Haziran: Amendments to the Convention for the protection of individuals with regard to automatic processing of personal data (ETS No. 108) allowing the European Communities to accede (adopted by the Committee of Ministers, in Strasbourg, on 15 June 1999)
- 1995 24 Ekim: 95/46/EC Sayılı Kişisel Verilerin İşlenmesi ve Serbest Dolaşımı Bakımından Bireylerin Korunmasına İlişkin Avrupa Parlamentosu ve Avrupa Konseyi Direktifi EC-Directive 95-46-EC Directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data PDP Directive
- 1990, 14 Aralık: Birleşmiş Milletler Bilgisayarla İşlenen Kişisel Veri Dosyalarına İlişkin Rehber İlkeleri (Guidelines for the Regulation of Computerized Personal Data Files)
- 1981, 28 Ocak: 108 No’lu Kişisel Verilerin Otomatik İşleme Tabi Tutulması Karşısında Bireylerin Korunması Sözleşmesi (EC Treaty 108-Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data)
- 1953-İnsan Hakları ve Temel Özgürlüklerin Korunmasına İlişkin Sözleşme
AVRUPA BİRLİĞİ - RAPORLAR
- 2014 ;Nisan, EU FRA European Union Agency for Fundamental Rights Handbook on European Data Protection Law
ENISA (AVRUPA BİRLİĞİ AĞ ve BİLGİ GÜVENLİĞİ AJANSI) RAPORLARI
- YENİ 2018: Privacy and Data Protection in Mobile Applications
- YENİ 2018: Handbook on Security of Personal Data Processing
- 2017: Recommendations on European Data Protection Certification
- 2017: Privacy Enhancing Technologies: Evolution and State of the Art
- 2016: PETs Controls Matrix: A systematic approach for assessing online and mobile privacy tools
- 2016: Privacy and Security in Personal Data Clouds
- 2016: Guideline for SMEs on the security of personal data processing
- 2015: Privacy and Data Protection By Design - from Policy to Engineering
- 2015: Readiness Analysis for the Adoption and Evaluation of Privacy Enhancing Technologies
- 2015: Privacy by Design in Big Data
- 2015: Online Privacy Tools for the General Public
- 2013: Recommendations for a methodology of the assessment of severity of personal data breaches
- 2013: On the Security, Privacy and Usability of Online Seals
- 2013: Securing Personal Data in the Context of Data Retention
SONUÇLARI veya ETKİLERİ BAKIMINDAN İLGİLİ ENISA RAPORLARI
- 2017: Hardware Threat Landscape and Good Practice Guide
- 2016: Smart Hospitals: Security and Resilience for Smart Health Service and Infrastructures
- 2016: Cyber Security and Resilience of Intelligent Public Transport Good practices and recommendations
- 2014: Algorithms, Key Size and Parameters Report
DPWP ÇALIŞMA RAPORLARI
- 2017, 08 Haziran, İş ortamında veri işlemeye ilişkin 2/2017 Tarihli Görüşler (WP249- Opinion 2/2017 on data processing at work)
- 2017, 4 Nisan, Veri Koruma Etki Değerlendirmesi (DPIA) ile ilgili Yönergeler (WP248 - Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679)
- EKLER (Hepsini İndir)
- Annex 1: Current EU Legal instruments on data protection
- Annex 2: Evaluation of the implementation of the Data Protection Directive
- Annex 3: Data protection in the areas of police and judicial co-operation in criminal matters
- Annex 4: Summary of replies to the public consultation on the Commission's Communication on a Comprehensive Approach on Personal Data Protection in the European Union
- Annex 5: Detailed Analysis of Impacts
- Annex 6: Detailed Assessment of Impacts of the Introduction of Data Protection Officers (DPOs) and Data Protection Impact Assessments (DPIAs)
- Annex 7: Analysis of the Impacts of Policy Options on Fundamental Rights
- Annex 8: Consultation of SMEs
- Annex 9: Calculation of Administrative Costs in the Baseline Scenario and Preferred Option
- Annex 10: Impacts of the preferred option on competitiveness
- 2017, 04 Nisan, E-Mahremiyet Yönetmeliği (2002/58 / EC) için Önerilen Yönetmeliğe ilişkin 01/2017 Tarihli Görüşler (WP247- Opinion 01/2017 on the Proposed Regulation for the ePrivacy Regulation (2002/58/EC))
- 2016, 13 Aralık, Veri Denetleyicisinin veya Veri İşleyen'in Denetim Otoritesinin Belirlenmesine ilişkin Yönergeler (WP244- Guidelines for identifying a controller or processor’s lead supervisory authority)
- 2016, 19 Temmuz, E-Mahremiyet Yönergesinin değerlendirilmesi ve gözden geçirilmesi hakkında 03/2016 sayılı görüş (WP240- Opinion 03/2016 on the evaluation and review of the ePrivacy Directive (2002/58/EC))
- 2016, 13 Nisan, AB - ABD Mahremiyet Kalkanı Taslak Yeterlilik Kararı Hakkında 01/2016 tarihli Görüş Raporu (WP238- Opinion 01/2016 on the EU – U.S. Privacy Shield draft adequacy decision)
- 2015, 16 Aralık, Vergi amaçları için kişisel verilerin otomatik olarak değişimi bağlamında veri koruma gereksinimlerine uyum sağlamaya ilişkin kriterler hakında Üye Devletler için Rehberler (WP234- Guidelines for Member States on the criteria to ensure compliance with data protection requirements in the context of the automatic exchange of personal data for tax purposes)
- 2009, 10 Şubat, 00350/09/EN Mahremiyet (Gizlilik) ve elektronik iletişim üzerine 2002/58 / EC sayılı Direktifte değişiklik yapan teklifler hakkında 1/2009 sayılı görüş (e-Mahremiyet Direktifi) Opinion 1/2009 on the proposals amending Directive 2002/58/EC on privacy and electronic communications (e-Privacy Directive)
DPWP: Data Protection Working Party: 95/46/EC Sayılı Direktifin 29. maddesi uyarınca kurulan "Veri Koruma Çalışma Grubu" (The Working Party on the Protection of Individuals with Regard to the Processing of Personal Data)
ICO BİLGİ KOMİSYONU OFİSİ (Information Commissioner's Office)
- 2017 Kasım ICO Notification of Data Security Breaches
- 2017 Ağustos ICO Guide to freedom of information
- 2017 Temmuz ICO The Guide to Data Protection
- 2017 Mayıs ICO Preparing for GDPR
- 2017 Mart ICO The Guide to Enviromental Information Regulations
- 2016 Mayıs ICO Guide to Privacy and Electronic Communications Regulations
- 2016 Mart ICO Encryption Guide
- 2016 Ocak ICO A Practical Guide to IT Security
- 206 Şubat ICO The Guide to Re-Use of Public Sector Information Regulations 2015
- 2015 Nisan ICO The Guide to INSPIRE Regulations-Spatial Information
- 2012 Mayıs ICO Guidance on Data Security Breach Management
DİĞER ULUSLARARASI RAPORLAR ve REHBERLER
- 2017 Kasım, IAB Europe, GIG GDPR Implementation Working Group - Paper 03 - Consent
- 2017 Temmuz, IAB Europe, GIG GDPR Implementation Working Group - Paper 02 - The Definion of Personal Data
- 2017 Mayıs, IAB Europe, GIG GDPR Implementation Working Group - Paper 01 - GDPR Compliance Primer
- 2017 EPF European Patients Forum The new EU Regulation on the Protection of Personal data: what does it mean for patients? A guide for patients and patients’ organisations
- 2017 May Gird_and_Bird Guide to the GDPR
- 2016 Federal Ofice for Information Security, Cloud Computing Compliance Controls Catalogue C5
- 2016 UNCTAD-Data Protection Regulations and International Data Flows
- 2013 OECD Privacy Framework
- 2011 OECD Privacy Guidelines
- 2009 OECD Policies for Information Security and Privacy
- 2009 RAND Review of the European Data Protection Directive
- 2008 OECD Policy Guidance on Online Identity Theft
- 2006 OECD Making Privacy Notices Simple
- 1998 OECD Ministerial Decleration on the Protection of Privacy on Global Networks
- 1980 OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
- 2017: BS 10012:2017 British Standard: Data protection. Specification for a Personal Information Management System
- 2017: AICPA - Trust Services Principles Criteria
- 2014: MSS 1000:2014: CQI, Management System Specification and Guidance
- 2013: ISO/IEC 27001:2013 Information technology -- Security techniques -- Information security management systems -- Requirements
- TS EN ISO/IEC 27000 Standart Ailesi
- National Institute of Standards and Technology (NIST) - Siber Güvenlik standartları
YÜKSEK LİSANS ve DOKTORA TEZLERİ
- "Hiyerarşik Verilerde Mahremiyetin Korunması", İsmet ÖZALP, Sabancı Üniversitesi Mühendislik ve Fen Bilimleri Enstitüsü Bilgisayar Bilimleri ve Mühendisliği Anabilim Dalı, Doktora Tezi, 2017
- "Kişisel Sağlık Verilerinin Kaba Güç Saldırılarına Karşı Güvenli Saklanması ve İşlenmesi", Saharnaz Esmaeilzadeh DILMAGHANI, İhsan Doğramacı Bilkent Üniversitesi Mühendislik ve Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, 2017
- "Üniversite Öğrencisi Sosyal Medya Kullanıcılarının Mahremiyet Algısı", İsmail KAPLAN, Anadolu Üniversitesi Sosyal Bilimler Enstitüsü İletişim Tasarımı ve Yönetimi Anabilim Dalı, 2017
- "Kişisel Verilerin Ceza Hukuku Kapsamında Korunması", İbrahim KORKMAZ, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Ceza ve Ceza Usul Hukuku Bilim Dalı Doktora Tezi, 2017 [04.02.2020 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "p-Kazanım: Mahremiyet Korumalı Fayda Temelli Veri Yayınlama Modeli", Yılmaz VURAL, Hacettepe Üniversitesi Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, Doktora Tezi, 2017 [12.07.2020 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Türk Sözleşme Hukukunda Kişisel Verilerin Korunması", Furkan Güven TAŞTAN, Yıldırım Beyazıt Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk (Medeni Hukuk) Anabilim Dalı, 2017 [12.06.2020 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Biyometrik Sistemlerin Bilgi Güvenliği", Abubakr RAKHIMOV, Ankara Üniversitesi Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, 2017 [05.06.2019 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Gen Analizlerinde Kişilik Haklarının Korunması ", Ramazan BOZAT, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk Anabilim Dalı, 2017 [18.01.2019 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Elektronik Ticaret Mevzuatı Uygulamaları", Yaren ERDEM, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Bilişim ve Teknoloji Hukuku Anabilim Dalı Hukuk Bilim Dalı, 2017 [07.07.2020 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "İnsan Hakları Hukukunda Unutulma Hakkı", Eren SÖZÜER, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2017 [30.01.2020 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Bilgi Kuramsal Mahremiyet ve Haberleşme Kanalının Bilgi Kuramsal Mahremiyete Etkisi", Mehmet Özgün DEMİR, İstanbul Teknik Üniversitesi Fen Bilimleri Enstitüsü Elektronik ve Haberleşme Mühendisliği Anabilim Dalı Telekomünikasyon Mühendisliği Bilim Dalı, 2017 [Bu tezin yayın izni bulunmamaktadır.]
- ♦♦♦♦♦♦♦ "Sosyal Medya Üzerinden Elde Edilen İstihbaratın Güvenlik Maksatlı Kullanılması", Selami BALTACI, Marmara Üniversitesi Sosyal Bilimler Enstitüsü Uluslararası İlişkiler Anabilim Dalı, 2017
- ♦♦♦♦♦♦♦ "Kişisel Medikal Görüntüleme Raporlarının Sayısal Ortamda Güvenli İletimi ve Saklanması", Çağla AKSOY, Gazi Üniversitesi Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, 2017 [25.07.2018 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Elektronik Haberleşme Sektöründe Kişisel Verilerin Korunması", Ayşe Çiğdem AYÖZGER, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk Anabilim Dalı Doktora Tezi 2016
- "Kişisel Sağlık Kaydı Sistemlerinin Kullanılabilirliği,, Yaser Abdulhaleem ALMADANI, Çankaya Üniversitesi Fen Bilimleri Enstitüsü Matematik Bilgisayar Anabilim Dalı, 2016
- "İşçinin Kişisel Verilerinin Korunması Hakkı", İlke GÜRSEL, Dokuz Eylül Üniversitesi / Sosyal Bilimler Enstitüsü / Özel Hukuk Anabilim Dalı Doktora Tezi 2016 [14.01.2019 tarihine kadar kullanım yazar tarafından kısıtlanmıştır]
- "İşçinin Kişiliğinin ve Verilerinin Korunması", Erbil BEYTAR, Kocaeli Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk Anabilim Dalı, 2016 [13.06.2019 tarihine kadar kullanım yazar tarafından kısıtlanmıştır]
- "Kişisel Verilerin Korunması ve 6698 Sayılı Kanun", Kerim KILIÇ, Atatürk Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2016 [05.09.2019 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Unutulma Hakkı", Can YAVUZ, Yeditepe Üniversitesi Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı, 2016 [16.05.2019 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- ♦♦♦♦♦♦♦ "Türk Askeri İstihbarat Yapısı ve Hukuksal Düzenlemeleri Hakkında Bir Öneri: ABD Örneği ", Fatih GÜDÜK, Kara Harp Okulu Komutanlığı Savunma Bilimleri Enstitüsü Güvenlik Bilimleri Anabilim Dalı, 2016
- "Hassas Bilgi Varlıklarının ve Kişisel Verilerin Hukuksal Düzenlemeler ile Korunması ve Bu Kapsamda Üniversiteler için Bilgi Güvenliği Politikasının Geliştirilmesi", Türkay HENKOĞLU, Hacettepe Üniversitesi Sosyal Bilimler Enstitüsü Bilgi ve Belge Yönetimi Anabilim Dalı Doktora Tezi, 2015
- "Elektronik Ortamda Saklanan Kişisel Verilerin Elde Edilmesi/Değiştirilmesi Suretiyle İşlenen Suçların Ceza Hukuku Açısından Değerlendirilmesi", Alaattin BÜK, Polis Akademisi Başkanlığı Güvenlik Bilimleri Enstitüsü Güvenlik Stratejileri ve Yönetimi Anabilim Dalı Doktora Tezi, 2015
- "Kişilerin Kendisine Ait Verilerin Kaderini Tayin Hakkının Ceza Hukuku Yoluyla Korunması", Deniz SEYREK TÜTÜNCÜBAŞI, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk (Medeni Hukuk) Anabilim Dalı Medeni Hukuk Bilim Dalı, 2015
- "Elektronik Ortamda Kişilik Hakkı İhlalleri ve Korunması", Mine KAYA, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk (Medeni Hukuk) Anabilim Dalı Medeni Hukuk Bilim Dalı, 2015, Doktora Tezi [11.08.2018 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- "Bilgi Güvenliği, Kişisel Verilerin Korunması ve Mahremiyet Etki Değerlendirmesi", Erkan AĞIRALAN, Polis Akademisi Başkanlığı Güvenlik Bilimleri Enstitüsü Güvenlik Stratejileri ve Yönetimi Anabilim Dalı, 2015 [02.11.2018 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- ♦♦♦♦♦♦♦ "İnternet Güvenliği ve Çevrimiçi Gizlilik Alanlarında Yaşanan Sorunlar: İnternet ve Sosyal Medya Kullanıcılarının İnternet Güvenliği ve Çevrimiçi Gizlilik ile İlgili Kanaatleri ve Farkındalıkları Üzerine Bir Araştırma", Malik ASLANYÜREK, Gazi Üniversitesi Sosyal Bilimler Enstitüsü Radyo Televizyon ve Sinema Anabilim Dalı Radyo Sinema ve Televizyon Bilim Dalı, 2015 [27.12.2018 tarihine kadar kullanımı yazar tarafından kısıtlanmıştır]
- ♦♦♦♦♦♦♦ "Telekomünikasyon Sektöründe Veri Toplama Yöntemleri, Yeni Yaklaşımlar ve Güvenlik", Emine HEMŞİNLİ, Gediz Üniversitesi Fen Bilimleri Enstitüsü Endüstri Mühendisliği Anabilim Dalı Sistem Mühendisliği Bilim Dalı, 2015
- "Türk Ceza Hukukunda Kişisel Verilerin Korunması", Metin ÇOKMUTLU, Kocaeli Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Kamu Hukuku Bilim Dalı Doktora Tezi, 2014
- "Veri İşleme Süreçlerinde Tartışmalı bir Çözüm:Veri anonimleştirmesi", Merve GÖZÜKÜÇÜK, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Bilişim ve Teknoloji Hukuku Anabilim Dalı, 2014
- "Kişisel Verilerin Korunması ve Kolluk Hizmetleri", Ramazan KARABULUT, Dicle Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2014
- "Kişisel Verilerin Korunması: Türkiye, ABD ve AB Örnekleri", Ahmet BOZ, Polis Akademisi Başkanlığı Güvenlik Bilimleri Enstitüsü Güvenlik Stratejileri ve Yönetimi Anabilim Dalı, 2014
- "Tıp Alanında Kişisel Verilerin Hukuka Aykırı Olarak Verilmesinin Ceza Hukuku Açısından Değerlendirilmesi (Sır Saklama Yükümlülüğü Kapsamında)", Sabire Sanem YILMAZ, Bahçeşehir Üniversitesi / Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Ceza Hukuku Bilim Dalı, 2014
- "Kişisel Verilerin Korunmasında Uluslararası Düzenlemeler ve Türkiye Örneği", Fatih DİNKCİ, Ondokuz Mayıs Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2014
- "Çevrimiçi Davranışsal Pazarlamanın Tüketici Davranışları Üzerindeki Etkileri ve Kişisel Verilerle İlişkisi", Ali Burak ENSARİ, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Bilişim ve Teknoloji Hukuku Anabilim Dalı, 2014
- "AİHM İçtihatları Bağlamında Kişisel Verilerin Kaydedilmesi Suçu", Sedat Erdem AYDIN, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2014
- "Sağlık Hizmetlerinde Anonimlik: Dağıtık Yapılar İçin İdeal Bir Veri Paylaşım Modeli", Pelin CANBAY, Hacettepe Üniversitesi Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, 2014
- "5237 sayılı Türk Ceza Kanunu'nda Bilişim Suçları", Hüdaverdi UÇAR, Çankaya Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Ceza ve Ceza Usul Hukuku Bilim Dalı, 2014
- ♦♦♦♦♦♦♦ "İnsan Hakları ve Elektronik Gözetim", Özgün Özger BÖLÜKBAŞ, Selçuk Üniversitesi Sosyal Bilimler Enstitüsü Uluslararası İlişkiler Anabilim Dalı, 2014
- "Kişisel Verilerin Korunması Açısından İdarenin Hukuki Sorumluluğu ve Yargısal Denetimi", Aydın AKGÜL, Kocaeli Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Kamu Hukuku Bilim Dalı Doktora Tezi, 2013
- "Kamu Hukuku Açısından İnternet İçeriğinin Düzenlenmesi ve Bu Alanda Devletin İdari Yaptırım Uygulama Yetkisi", Yasin SÖYLER, Gazi Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, Doktora Tezi, 2013
- "Halk Sağlığı Verisi Açıklanmasında Mahremiyeti Koruyan Poliçe Oluşturma için Çok Katmanlı Model", Mehrdad Alizadeh MIZANI, Orta Doğu Teknik Üniversitesi Enformatik Enstitüsü Sağlık Bilişimi Anabilim Dalı, Doktora Tezi, 2013
- "Bilgi Teknolojileri Dış Kaynak Alımında (Outsourcıng) Kişisel Verilerin Korunması ve Gizlilik Sözleşmeleri", Pınar ŞENBAŞ, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı, 2013
- "Kişisel Verilerin Türk Ceza Kanunu Kapsamında Korunması", Elif MENDOS KUŞKONMAZ, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2013
- "GSM Sektörüne Yönelik Düzenlemeler ve Etkileri (Kişisel Veri Koruması Bazında)", Akif ONUR, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Bilişim ve Teknoloji Hukuku Anabilim Dalı, 2013
- "Hukuksal Bağlamda Sosyal Medya Analizi ve Kıyaslamalı Mevzuat Önerileri", Serhat KOÇ, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı, 2013
- "Hibrid Teknikler ve Tek Boyutlu k-Anonimleştirmede Kalitenin Korunumu", Muhammed Zahit GÖK, Zirve Üniversitesi Fen Bilimleri Enstitüsü Elektrik-Elektronik Mühendisliği Anabilim Dalı, 2013
- "Çokgen Bağlantılı Kablosuz Ağlarda Güvenlik, Mahremiyet ve Güven", Ahmet Onur DURAHİM, Sabancı Üniversitesi Mühendislik ve Fen Bilimleri Enstitüsü Bilgisayar Bilimleri ve Mühendisliği Anabilim Dalı, Doktora Tezi, 2012
- "Birden Çok Hassas Niteliğe Sahip Veri Yayıncılığını Koruyan Mahremiyet", Ahmed ABDALAL, Sabancı Üniversitesi Mühendislik ve Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, Doktora Tezi, 2012
- "Kişisel Verilerin Ceza Hukuku Yönünden Korunması", Nil Melek GÜLTEKİN, Galatasaray Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2012
- "Kullanıcı Kişisel Verilerinde Platform Bağımsız Güvenlik", Zana İLHAN, Okan Üniversitesi Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, 2012
- "İş İlişkisinde İşçinin Kişisel Verilerinin Korunması", Selen UNCULAR, Galatasaray Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk Anabilim Dalı, 2012
- " IPTV için Bulut Üzerinde Mahremiyeti Koruyan Hedeflemeli Reklamcılık Metodu", Leyli Javid KHAYATİ, Sabancı Üniversitesi Mühendislik ve Fen Bilimleri Enstitüsü Bilgisayar Bilimleri ve Mühendisliği Anabilim Dalı, 2012
- "İşverenin Özlük Dosyası Düzenleme Borcu", Eser ŞIK, Dokuz Eylül Üniversitesi Sosyal Bilimler Enstitüsü Çalışma Ekonomisi ve Endüstri İlişkileri Anabilim Dalı İnsan Kaynakları Yönetimi Bilim Dalı, 2012
- "Kişisel Verilerin Korunması ve İşlenmesi", Nakşiye AKSOY, Marmara Üniversitesi / Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı Kamu Hukuku Bilim Dalı, 2012 [Bu tezin yayın izni bulunmamaktadır.]
- "Özel Yaşamın Bir Parçası Olarak Telekomünikasyon Yoluyla Yapılan İletişimin Gizliliğine Önleyici Denetim Yoluyla Müdahale", Saadet YÜKSEL, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, Doktora Tezi, 2012 [Bu tezin yayın izni bulunmamaktadır.]
- "Kişisel Verilerin Ceza Muhakemesi Hukukunda Delil Olarak Kullanılması", Güray DAĞ, Marmara Üniversitesi / Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı Kamu Hukuku Bilim Dalı, Doktora Tezi, 2011
- "Kişisel Verilerin Korunması", Elif KÜZECİ, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Genel Kamu Hukuku Bilim Dalı, Doktora Tezi, 2010
- "Avrupa Birliğinin 95/46 Sayılı Veri Koruma Yönergesi Işığında Kişisel Verilerin Korunması", Murat UYGUN, Gazi Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk Anabilim Dalı Avrupa Birliği Hukuku Bilim Dalı, 2010
- "Türk Ceza Kanunu Kapsamında Kişisel Verilerin Korunması", Hale AKDAĞ, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Ceza ve Ceza Usul Hukuku Bilim Dalı, 2010
- "Avrupa Birliği ve Türkiye'de Kişisel Veri Güvenliği ve Fikri Mülkiyet", Özlem TOĞUZ, Orta Doğu Teknik Üniversitesi Sosyal Bilimler Enstitüsü Avrupa Çalışmaları Bölümü, 2010
- "Hasta Bilgilerinin Gizliliği Prensibi", Bilhan GÜVEN, İstanbul Bilgi Üniversitesi Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı İnsan Hakları Hukuku Bilim Dalı, 2010
- "İnternette Kişilik Haklarının İhlâli ve Korunması", Süheyla ZORLU, Selçuk Üniversitesi Sosyal Bilimler Enstitüsü Hukuk Anabilim Dalı Özel Hukuk Bilim Dalı, 2010
- "Personal Data Protection in Turkey: An Information Technology Framework Indented for Privacy Risk Management", Osman Okyar TAHAOĞLU, Dokuz Eylül Üniversitesi Fen Bilimleri Enstitüsü Bilgisayar Mühendisliği Anabilim Dalı, Doktora Tezi, 2009
- "Elektronik Haberleşme Alanında Kişisel Verilerin Özel Hukuk Hükümlerine Göre Korunması", Hayrunnisa ÖZDEMİR, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk (Medeni Hukuk) Anabilim Dalı Medeni Hukuk Bilim Dalı, 2009
- "Bir İnsan Hakları Kavramı Olarak "Kişisel Verilerin Korunması"", Uğur ERSOY, Gazi Üniversitesi Sosyal Bilimler Enstitüsü Siyaset Bilimi ve Kamu Yönetimi Bölümü Kamu Yönetimi Anabilim Dalı Siyaset ve Sosyal Bilimler Bilim Dalı, 2009
- "Kolluğun Suç Öncesi ve Sonrası Kişisel Veri Toplama Yetkisi", Zeynep BAYRAM, Bahçeşehir Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Hukuk Bilim Dalı, 2009
- "Kişisel Verilerin Korunması Hususunda AB ile ABD Arasında Çıkan Uyuşmazlıklar ve Çözüm Yolları", İkbal GÜR, Gazi Üniversitesi Sosyal Bilimler Enstitüsü Siyaset Bilimi ve Kamu Yönetimi Bölümü Kamu Yönetimi Anabilim Dalı Siyaset ve Sosyal Bilimler Bilim Dalı, 2009
- "Ticari Sır, Bankacılık Sırrı veya Müşteri Sırrı Niteliğindeki Bilgi veya Belgelerin Açıklanması Suçu (TCK M. 239) ", Sezin ÖZTÜRK, Dokuz Eylül Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Kamu Hukuku Bilim Dalı, 2009
- "Gizliliği Koruyan Zaman-Mekan Veri Madenciliğinde Mekan Çesitliliğin Sağlanması ", Abdullah Ercüment ÇİÇEK, Sabancı Üniversitesi Mühendislik ve Fen Bilimleri Enstitüsü Bilgisayar Bilimleri ve Mühendisliği Anabilim DalıDokuz Eylül Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Kamu Hukuku Bilim Dalı, 2009
- "Kişisel Verilerin Korunması", Hüseyin Can AKSOY, Ankara Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk (Medeni Hukuk) Anabilim Dalı Medeni Hukuk Bilim Dalı, 2008
- "Kişisel Verilerin Korunmasında Uluslararası Düzenlemeler ve Türkiye'nin Durumu", Engin DİNÇ, Dicle Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı, 2006
- "İşçinin Özel Yaşamına Müdahalenin Sınırları", Kamil Ahmet SEVİMLİ, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Özel Hukuk Anabilim Dalı, 2006 [Bölüm IV-A: İşçiye İlişkin Kişisel Verilerin Korunması]
- "Küreselleşme ve Rasyonel ilaç Kullanımı Bağlamında İlaca Erişim: Patent ve Veri Koruması", Azimet Yalçın BUĞDAYCI, Gazi Üniversitesi Sağlık Bilimleri Enstitüsü Farmakoloji Anabilim Dalı, 2006 [Bu tezin yayın izni bulunmamaktadır.]
- "Veri Koruma ve Türk İlaç Sanayiindeki Etkileri Üzerinde Bir Çalışma", Oğuzhan GÜRSON, Ankara Üniversitesi Sağlık Bilimleri Enstitüsü, 2005 [Bu tezin yayın izni bulunmamaktadır.]
- "Kişilik Hakkının Korunması Sorunu Çerçevesinde Kişisel Verilerin Korunması ve Saklanması", Nilgün BAŞALP, İstanbul Üniversitesi / Sosyal Bilimler Enstitüsü, 2003 [Bu tezin yayın izni bulunmamaktadır.]
NOT: Başlığında "♦♦♦♦♦♦♦" işareti bulunan çalışmalar, içeriği bakımından kişisel veriler ile ilgili tezlerdir.
- 2017-Tilburg University-Privacy and Data Protection in the light of Smart TV Technology
- 2017 Luleå University of Technology-GDPR Securing Personal Data in Compliance with new EU Regulations
- 2017 PhD Abstract - European Regulation of Personal Data Transfers to Third Countries
- 2017 Georgetown University -Query Log Anonymization by Differential Privacy
- 2015 Aalto University - Privacy Preserving Log File Processing in Mobile Network Environment
- 2015 Ocak, University of Oslo, Faculty of Law, Consent as a Basis for the Processing of Personal Data under the European Data Protection Directive: Case Study on Facebook
- 2015 Radboud University-Protecting Personal Data in the Cloud
- 2015 Upssala University-Protection of Personal Data, a Power Struggle between the EU and the US
- 2014 Tilburg University-Data Protection in (Dutch) Corporations
- 2014 University of Oslo-Mobile Cellular Communication and its Efect on PDP in Tanzania
- 2013 Aralık, University of Oslo, Faculty of Law, Regulatory Framework for Personal Data Protection in Georgia and its accordance with EU regulations:comparative analysis
- 2013 Tilburg University-The European Data Protection Reform in the light of Cloud Computing
- 2013 Rovira i Virgili University - PhD Improving data utility in diﬀerential privacy and k-anonymity
- 2013 Simon Fraser University - Algorithms and Tools for Anonymization of the Internet Traffic
- 2012 Stanford University - PhD Protecting Privacy when Mining and Sharing User Data
- 2012 Ekim, Tilburg University, Children‟s online privacy and data protection by self-regulation adopted on the EU level: a reality or an illusion?
- 2011 Lund University-Personal Data on the Social Networking Sites in Europe
- 2011 Vanderbilt University-Practical k-Anonymity on Large Datasets
DERGİLERDE YAYINLANAN MAKALELER
- 2017 Ocak, Özel Hayatın GizliliğininYansıması Olarak Kişisel Verilerin Korunması ve Bu Bağlamda Unutulma Hakkı, Yeşim ÇELİK
- 2014 Haziran, Kişisel Verilerin Korunması İle İlgili Türkiye’deki Kanun Tasarısının Avrupa Birliği Veri Koruma Direktifi Işığında Değerlendirilmesi, Nurullah TEKİN
- 2016 Türkiye Barolar Birliği Dergisi Sayı:124 Sayfa: 81 -152: Kişisel Verilerin Korunması Kanunu Hakkında Bir Değerlendirme İbrahim KORKMAZ
- 2016 Türkiye Barolar Birliği Dergisi Sayı:118 Sayfa: 199 -222: Kişisel Verilerin Korunması Bağlamında Biyometrik Yöntemlerin Kullanımı ve Danıştay Yaklaşımı, Aydın AKGÜL
- 2015 Türkiye Barolar Birliği Dergisi Sayı:116 Sayfa: 275-292: İnternet Yoluyla Elde Edilen Kişisel Verilerin Genel Boşanma Sebepleri Arasında Değerlendirilmesi Meselesi, Selin SERT
- 2015 Türkiye Barolar Birliği Dergisi Sayı:116 Sayfa: 11-38: Kişisel Verilerin Korunmasında Yeni Bir Hak: Unutulma Hakkı ve AB Adalet Divanı'nın "Google Kararı", Aydın AKGÜL
- 2013 Danıştay Dergisi Sayı:133 Sayfa:21-45 Danıştay Kararları Işığında Kişisel Sağlık Verilerinin Korunması, Dr Aydın AKGÜL
- 2013 TODAİE Amme İdaresi Dergisi Cilt 46, Sayı 1, Mart 2013, Sayfa: 127-152 Ekonomi Politik Açıdan Kişisel Verilerin Korunması, Serpil KARLIDAĞ
- 2012 Ankara Üniversitesi Hukuk Fakülteri Dergisi Cilt: 61 Sayı: 3 Sayfa: 1089-1169 Anayasal Bir Hak Olarak Kişisel Verilerin Korunması, Doğan KILINÇ
- 2010 Türkiye Barolar Birliği Dergisi Sayı:87 Sayfa: 90-120: Avrupa Konseyinin Kişisel Veriler Açısından Sağladığı Temel Güvenceler, Songül ATAK
- Bilginin Paylaşımı: Hayatınızda Bir Gün (Sharing Information: A Day in Your Life)
- Bir Siber Güvenlik Hikayesi (A Cyber Privacy Parable)
- Avrupa e-Mahremiyet Düzenlemesinin Etkileri (The Impact of t1he European e-Privacy Regulation)
- İnternet Mahremiyeti Muzipliği (Internet Privacy Prank)
- Bitcoin ve Alternatif Paralar (Bitcoins and Altcoins)
- Avrupa Birliği'nin yeni "Genel Veri Koruma Direktifi" (The new EU General Data Protection Regulation) (GDPR)
- Mahremiyet:Neden Dikkat Etmeliyiz? (Privacy: Why Should We Care?)
- Berkeley Üniversitesi 10. Geleneksel Mahremiyet Dersi (The 10th Annual BCLT Privacy Lecture)