KOLLUK TEŞKİLATINDA VE CEZA YARGILAMALARINDA KİŞİSEL VERİLERİN KORUNMASI: “UNUTULAN” DİREKTİFİN KAPSAMLI VE KARŞILAŞTIRMALI ANALİZ

vrupa Birliği Veri Koruma Reformu, 27 Nisan 2016 tarihinde kabul edilen iki düzenleme ile gerçekleşti. Bu düzenlemelerden ilki, dünya çapında büyük etki yaratmış; birçok çalışmaya, işleme, görüşe ve karara konu olmuş ve büyük bir ilgiyle karşılanmıştır. İkinci düzenleme ise kendine çok fazla tartışma ve çalışma alanı bulamamış, gösterilen ilgiyi “akran”ına kaptırmış ve ilk düzenlemenin gölgesinde kalmıştır. Bu düzenlemelerden ilki, henüz ismi dahi söylenmeden hemen akla gelmektedir: Avrupa Birliği Genel Veri Koruma Tüzüğü. Ancak ikinci düzenleme tabir-i caizse unutulmuştur: 2016/680 sayılı Direktif. Makalemizin odak noktasında yer alan bu “unutulan” düzenleme, kolluk ve cezai yargılama alanında kişisel verilerin korunmasını düzenler. Bu çalışmayla hedeflenen, Direktifin kapsamlı ve karşılaştırmalı analizinin okuyucuya sunularak, düzenlediği önemli konuların açığa kavuşturulmasıdır.

DATA PROTECTION IN THE FIELD OF LAW ENFORCEMENT AND CRIMINAL JUSTICE: COMPREHENSIVE AND COMPARATIVE ANALYSIS OF THE “FORGOTTEN” DIRECTIVE

The European Union Data Protection Reform took place on April 27, 2016 with two legal regulations. The first of these regulations has had a huge impact worldwide. It has been subject to many studies, process, opinions and decisions and received great interest. The second regulation did not find much discussion and research field and it has lost the all shown interest to its “peer”. In this sense, it can be said that it is overshadowed by first regulation. The first of these regulations comes to mind immediately without mentioning its name: European Union General Data Protection Regulation. However, the second regulation is “forgotten”: Directive 2016/680. This “forgotten” Directive, which is the focus of our article, regulates the protection of personal data in the field of law enforcement and criminal justice. The aim of this study is to present comprehensive and comparative analysis to the reader and to clarify the important issues regulated by the Directive.

Kaynakça

Alonso Blas Diana, “First Pillar and Third Pillar: Need for a Common Approach on Data Protection?”, in: Serge Gutwirth/Yves Poullet/Paul de Hert/Cecile de Terwangne/Sjaak Nouwt (eds.), Reinventing Data Protection?, Springer, Heidelberg, 2009, s. 225-238.

Ayözger Öngün A. Çiğdem, Kişisel Verilerin Korunması Hukuku: Elektronik Haberleşme Sektörüne İlişkin Düzenlemeler Dahil, Beta, İstanbul, 2019.

Bajovic Vanja, “Criminal Proceedings in Cyberspace: The Challenge of Digital Era”, in: Emilio C. Viano (ed.), Cybercrime, Organized Crime, and Societal Responses: International Approaches, Springer, Heidelberg, 2017, s. 87-102.

Balboni Paolo, “Let’s not Forget about Data Protection by Design”, (Çevrimiçi) https:// www.paolobalboni.eu/index.php/2018/07/11/lets-not-forget-about-data-protectionby-design/ (Erişim Tarihi: 10.04.2019).

Balboni Paolo, “Personal Data Protection and the Use of Information to Fight Online Terrorist Propaganda Recruitment and Radicalization: Part III”, (Çevrimiçi), https:// www.paolobalboni.eu/index.php/2019/02/10/personal-data-protection-and-the-useof-information-to-fight-online-terrorist-propaganda-recruitment-and-radicalizationpart-iii/ (Erişim Tarihi: 01.04.2019).

Bevitt Ann/ Carey Peter, “Data Security and Breach Notifications”, in: Peter Carey (ed.), Data Protection: A Practical Guide to UK and EU Law, Oxford University Press, Oxford, 2018, s. 88-104.

Blasi Casagran Cristina, Global Data Protection in the Field of Law Enforcement: An EU Perspective, Routledge Research in EU Law, Routledge, Oxford, 2016.

Boehm Franziska, Information Sharing and Data Protection in the Area of Freedom, Security and Justice: Towards Harmonised Data Protection Principles for Information Exchange at EU-Level, Springer, Heidelberg, 2011.

Bosco Francesca/Creemers Niklas/Ferraris Valeria/Guagnin Daniel/Koops Bert-Jaap, “Profiling Technologies and Fundamental Rights and Values: Regulatory Challenges and Perspectives from European Data Protection Authorities”, in: Serge Gutwirth/ Ronald Leenes/Paul de Hert (eds.), Reforming European Data Protection Law, Law, Governance and Technology Series 20, Springer, Heidelberg, 2015, s. 3-34.

Bostancı Bozbayındır Gülşah, “Avrupa Birliği Ceza Hukuku’nda Polis ve Ceza Adaleti Otoritelerine Yönelik 2018/680 Sayılı Direktif: Kişisel Verilerin Ceza Adalet Mekanizmalarında Korunmasına Getirilen Standartlar ve Direktife Yönelik Eleştiriler”, GSÜHFD, Beta, İstanbul, 2018/2, s. 51-103.

Börekçi Eşref Barış, Kişisel Verileri Verme, Yayma veya Ele Geçirme Suçu, Yayımlanmamış Yüksek Lisans Tezi, Yeditepe Üniversitesi Sosyal Bilimler Enstitüsü, İstanbul, 2019.

Bygrave Lee A., “Automated Profiling: Minding the Machine: Article 15 of the EC Data Protection Directive and Automated Profiling”, Computer Law & Security Review: The International Journal of Technology Law and Practice, Elsevier, London, 2001, V. 17, I. 1, s. 17-24.

Bygrave Lee A., “Data Protection by Design and by Default: Deciphering the EU’s Legislative Requirements”, Oslo Law Review, Oslo, 2017, V. 4, No. 2, s. 105-120.

Carey Peter, “Data Protection Principles”, in: Peter Carey (ed.), Data Protection: A Practical Guide to UK and EU Law, Oxford University Press, Oxford, 2018, s. 32-41.

Cole Simon, Suspect Identities: A History of Fingerprinting and Criminal Identification, Harvard University Press, Cambridge, 2002.

Custers Bart/Sears Alan M./Dechesne Francien/Georgieva Ilina/Tani Tommaso/van der Hof Simone, EU Personal Data Protection in Policy and Practice, Information Technology and Law Series Volume 29, Springer, Heidelberg, 2019.

de Hert Paul/Papakonstantinou, Vagelis, “The Data Protection Framework Decision of 27 November 2008 regarding Police and Judicial Cooperation in Criminal Matters - A Modest Achievement However not the Improvement Some Have Hoped for”, Computer Law & Security Review: The International Journal of Technology Law and Practice, Elsevier, London, 2009, V. 25, I. 5, s. 403-414. (Not The Improvement Some Have Hoped For).

de Hert Paul/Papakonstantinou Vagelis, “Three Scenarios for International Governance of Data Privacy: Towards an International Data Privacy Organization, Preferably a UN Agency”, I/S: A Journal of Law and Policy for the Information Society, V. 9., I. 2, s. 271-324. (Three Scenarios).

de Hert Paul/Sajfert Juraj, “Police, Privacy and Data Protection from a Comparative Legal Perspective” in: Monica den Boer (ed.), Comparative Policing from a Legal Perspective, Edwar Elgar Publishing, Cheltenham, 2018, s. 306-328.

de Hert Paul, “A Human Rights Perspective on Privacy and Data Protection Impact Assessments”, in: David Wright/Paul de Hert (eds.), Privacy Impact Assessment, Law, Governance and Technology Series 6, Springer, Heidelberg, 2012, s. 33-76.

de Hert Paul/Dimitrova Diana, “The Right of Access Under the Police Directive: Small Steps Forward”, in: Manel Medina/Andreas Mitrakas/Kai Rannenberg/Erich Schweighofer/Nikolaos Tsouroulas (eds.), Privacy Technologies and Policy, 6th Annual Privacy Forum, APF 2018, Barcelona, Spain, June 13-14, 2018, Revised Selected Papers, Springer, Heidelberg, 2018, s. 111-130.

Dehon Estelle/Carey Peter, “Fair, Lawful and Transparent Processing”, in: Peter Carey (ed.), Data Protection: A Practical Guide to UK and EU Law, Oxford University Press, Oxford, 2018, s. 42-65.

Develioğlu Hüseyin Murat, 6698 sayılı Kişisel Verilerin Korunması Kanunu ile Karşılaştırmalı Olarak Avrupa Birliği Genel Veri Koruma Tüzüğü Uyarınca Kişisel Verilerin Korunması Hukuku, On İki Levha, İstanbul, 2017.

Di Francesco Maesa Costanza, “Balance between Security and Fundamental Rights Protection: An Analysis of the Directive 2016/680 for Data Protection in the Police and Justice Sectors and the Directive 2016/681 on the Use of Passenger Name Record (PNR)”, (Çevrimiçi) http://rivista.eurojus.it/balance-between-securityand-fundamental-rights-protection-an-analysis-of-the-directive-2016680-for-dataprotection-in-the-police-and-justice-sectors-and-the-directive-2016681-on-the-useof-passen/, Eurojus, 24/05/2016, (Erişim Tarihi: 10.04.2019).

Dülger Murat Volkan, Kişisel Verilerin Korunması Hukuku, Hukuk Akademisi, İstanbul, 2019.

Erman Ragıp Barış, “Ceza yargılamasında Yargı Sisteminde DNA Örnekleri ve Profilleri - S. ve Marper - Birleşik Krallık Davası”, Fasikül Hukuk Dergisi, Seçkin, Ankara, 2010, C. 2, S. 10, s. 20-23.

Foitzik Piotr, “Privacy by Default in Online Services”, (Çevrimiçi) https://iapp.org/ news/a/privacy-by-default-in-online-services/, (Erişim Tarihi: 10.04.2019). Foucault Michel, Özne ve İktidar, Seçme Yazılar 2, (Çev: Işık Ergüden-Osman Akınhay), 4. Bası, Ayrıntı, İstanbul, 2014.

Geminn Christian Ludwig, “The New Federal Data Protection Act - Implementation of the GDPR in Germany”, Blog Droit Européen, E-conférence: National Adaptations of the GDPR, Haziran 2018, (Çevrimiçi) https://blogdroiteuropeen.files.wordpress. com/2018/06/christian-1.pdf, (Erişim Tarihi: 10.04.2019).

Giddens Anthony, The Nation-State and Violence: Volume Two of a Contemporary Critique of Historical Materialism, Polity Press, Cambridge, 1985.

Gilbert Francoise, “EU General Data Protection Regulation: What Impact for Business Established Outside the European Union”, Journal of Internet Law, Mayıs 2016.

González Fuster Gloria, The Emergence of Personal Data Protection as a Fundamental Right of the EU, Law, Governance and Technology Series 16, Springer, Heidelberg, 2014.

Grazia Porcedda Maria, “Privacy by Design” in: Manel Medina/Andreas Mitrakas/Kai Rannenberg/Erich Schweighofer/Nikolaos Tsouroulas (eds.), Privacy Technologies and Policy, 6th Annual Privacy Forum, APF 2018, Barcelona, Spain, June 13-14, 2018, Revised Selected Papers, Springer, Heidelberg, 2018, s. 183-205.

Greenwald Glenn, No Place to Hide, Penguin Books, London, 2014.

Gutiérrez Zarza Ángeles, Exchange of Information and Data Protection in Cross-border Criminal Proceedings in Europe, Springer, Heidelberg, 2015.

Handbook on European Data Protection Law: 2018 Edition, Publications Office of the European Union, Luxembourg, 2018.

Hijmans Hielke / Raab Charles D., “Ethical Dimensions of the GDPR” in: Mark Cole/ Franziska Boehm (eds.), Commentary on the General Data Protection Regulation, Edward Elgar, Cheltenham, 2019, Forthcoming, (Çevrimiçi) https://ssrn.com/abstract=3222677, (Erişim Tarihi: 10.04.2019).

Hijmans Hielke, The European Union as Guardian of Internet Privacy: The Story of Art 16 TFEU, Springer, Heidelberg, 2016.

Hornung Gerrit, “A General Data Protection Regulation for Europe: Light and Shade in the Commission’s Draft of 25 January 2012”, SCRIPTed, 9, 2012.

Hustinx Peter, “The Role of Data Protection Authorities”, in: Serge Gutwirth, Yves Poullet, Paul de Hert, Cecile de Terwangne, Sjaak Nouwt (eds.), Reinventing Data Protection?, Springer, Heidelberg, 2009, s. 131-139.

Kızılırmak Baran, Önleyici Amaçla Elde Edilen Verilerin Ceza Muhakemesinde Kullanılabilirliği, Yayımlanmamış Yüksek Lisans Tezi, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü, İstanbul, 2018.

Kierkegaard Sylvia/Waters Nigel/Greenleaf Graham/Bygrave Lee A./Lloyd Ian/Saxby Stephen, “30 Years on - The Review of the Council of Europe Data Protection Convention 108”, Computer Law & Security Review, Elsevier, 2011, V. 27 I. 3, s. 223-231.

Küzeci Elif, Kişisel Verilerin Korunması, 3. Bası, Turhan Kitabevi, Ankara, 2019. Lambert Paul, Understanding the New European Data Protection Rules, CRC Press, Boca Raton, 2017.

Lambert Paul, The Data Protection Officer: Profession, Rules and Role, CRC Press, Boca Raton, 2017.

Le Métayer Daniel, “Privacy by Design: A Matter of Choice”, in: Serge Gutwirth, Yves Poullet, Paul de Hert (eds.), Data Protection in a Profiled World, Springer, Heidelberg, 2010, s. 323-332.

Leiser Marc, “The Law Enforcement Directive: The ‘Forgotten Directive’s Delicate Interplay with the GDPR”, Avrupa ve Türk Hukukunda Kişisel Verilerin Korunmasına İlişkin Güncel Sorunlar Sempozyumu, Yeditepe Üniversitesi, 9 Aralık 2018.

Lynskey Orla, The Foundations of EU Data Protection Law, Oxford Studies in European Law, Oxford University Press, Oxford, 2015.

Lyon David, “Surveillance, Power, and Everyday Life”, in: Danny Quah/Chrisanthi Avgerou/Robin Mansell/Roger Silverstone (eds.), The Oxford Handbook of Information and Communication Technologies, Oxford University Press, Oxford, 2007, s. 449- 473.

Marquenie Thomas, “The Police and Criminal Justice Authorities Directive: Data Protection Standarts and Impact on the Legal Framework”, Computer Law and Security Review: The International Journal of Technology Law and Practice, Elsevier, London, 2017, V. 33, I. 3, s. 324-340.

Minnaar Anthony, “Cybercrime, Cyberattacks, and Problems of Implementing Organizational Cybersecurity”, in: John A. Eterno/Arvind Verma/Aiedeo Mintie Das/Dilip K. Das, (eds.), Global Issues in Contemporary Policing, CRC Press, Boca Raton, 2017, s. 121-138.

Nino Michele, “The Protection of Personal Data in the Fight Against Terrorism: New Perspectives of Pnr European Union Instruments in the Light of the Treaty of Lisbon” Utrecht Law Review, Utrecht, 2010, Vol. 6, No. 1, s. 62-85.

Nissim Jenai, “Accountability and the Role of the Data Protection Officer”, in: Peter Carey (ed.), Data Protection: A Practical Guide to UK and EU Law, Oxford University Press, Oxford, 2018, s. 223-239.

Pajunoja Lauri, The Data Protection Directive on Police Matters 2016/680 Protects Privacy - The Evolution of EU´s Data Protection Law and Its Compatibility with the Right to Privacy, Yayımlanmamış Yüksek Lisans Tezi, University of Helsinki, Helsinki, 2017.

Reding Viviane, “The European Data Protection Framework for the Twenty-First Century”, International Data Privacy Law, Oxford Academic, Oxford, 2012, V. 2, I. 3, s. 119-129.

Reding Viviane, “Privacy Matters - Why the EU Needs New Personal Data Protection Rules”, EU Commission, (Çevrimiçi) http://europa.eu/rapid/press-release_SPEECH-10-700_en.htm?locale=en (Erişim Tarihi: 01.04.2019).

Sajfert Juraj/Quintel Teresa, “Data Protection Directive (EU) 2016/680 for Police and Criminal Justice Authorities”, in: Mark Cole/Franziska Boehm (eds.), GDPR Commentary, Edward, Elgar Publishing, Cheltenham, 2019, Forthcoming, (Çevrimiçi) https://ssrn.com/abstract=3285873, (Erişim Tarihi: 01.04.2019).

Salami Emmanuel, “The Impact of Directive (EU) 2016/680 on the Processing of Personal Data by Competent Authorities for the Purposes of the Prevention, Investigation, Detection or Prosecution of Criminal Offences or the Execution of Criminal Penalties and on the Free Movement of Such Data on the Existing Privacy Regime” (Çevrimiçi) http://dx.doi.org/10.2139/ssrn.2912449, (Erişim Tarihi: 10.04.2019).

Tambou Olivia, “Que retenir du projet de loi relative à la protection des données personnelles ? Partie II: L’amélioration relative du régime des traitements pénaux par la transposition de la directive n°2016/680” (Çevrimiçi) https://www.village-justice.com/articles/que-retenir-projet-loi-relatif-protection-des-donnees-personnellespartie,28175.html, (Erişim Tarihi: 18.04.2019).

Tamò-Larrieux Aurelia, Designing for Privacy and its Legal Framework: Data Protection by Design and Default for the Internet of Things, Law, Governance and Technology Series 40, Springer, Heidelberg, 2018.

Taylor Roger, “No Privacy without Transparency” in: Ronald Leenes/Rosamunde van Brakel/Serge Gutwirth/Paul De Hert (eds.), Data Protection and Privacy: The Age of Intelligent Machines, Computers, Privacy and Data Protection Series, V. 10, Hart Publishing, Oxford, 2017, s. 63-88.

Voigt Paul/von dem Bussche Axel, The EU General Data Protection Regulation (GDPR): A Practical Guide, Springer, Heidelberg, 2017.

Weigend Thomas, “Information Society and Penal Law: General Report”, Revue Internationale de Droit Penal, 2013/1-2 (V. 84).

Wright David/de Hert Paul, “Introduction to Privacy Assessment”, in: David Wright/Paul de Hert (eds.), Privacy Impact Assessment, Law, Governance and Technology Series 6, Springer, Heidelberg, 2012, s. 3-32.

Zouave Erik/Schroers Jessica, “You’ve been Measured, You’ve been Weighed and You’ve been Found Suspicious: Biometrics and Data Protection in Criminal Justice Processing” in: Ronald Leenes/Rosamunde van Brakel/Serge Gutwirth/Paul De Hert (eds.), Data Protection and Privacy: The Internet of Bodies, Computers, Privacy and Data Protection Series, V. 11, Hart Publishing, Oxford, 2018, s. 1-20.

Anti-Phishing Working Group (APWG), “Unifying the Global Response to Cybercrime”, (Çevrimiçi) https://www.antiphishing.org/resources/apwg-reports/ (Erişim Tarihi: 01.04.2019).

Cannataci Joseph / Caruana Mireille, Report: Recommendation R (87) 15 - Twenty-Five Years Down the Line, Council of Europe 2013.

Commission Nationale de l’Informatique et des Libertés (CNIL), “Délibération n° 2017- 299 du 30 novembre 2017 portant avis sur un projet de loi d’adaptation au droit de l’Union européenne de la loi n°78-17 du janvier 1978”, (Çevrimiçi) https://www.cnil. fr/sites/default/files/atoms/files/projet_davis_cnil.pdf, (Erişim Tarihi: 18.04.2019).

Commission Nationale de l’Informatique et des Libertés (CNIL), “Délibération n° 2017- 299 du 30 novembre 2017 portant avis sur un projet de loi d’adaptation au droit de l’Union européenne de la loi n°78-17 du janvier 1978”

Convention for The Protection of Individuals with Regard to Automatic Processing of Personal Data. (Çevrimiçi) https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/108, (Erişim Tarihi: 10.04.2019).

Council Framework Decision on the Protection of Personal Data Processed in the Framework of Police and Judicial Cooperation in Criminal Matters, (Çevrimiçi) https:// eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32008F0977, (Erişim Tarihi: 01.04.2019).

Danezis George/Domingo-Ferrer Josep/Hansen Marit/Hoepman Jaap-Henk/Le Métayer Daniel/Tirtea, Rodica/Schiffner, Stefan, Privacy and Data Protection by Design - from policy to engineering, European Union Agency for Network and Information Security (ENISA) 2015.

de Hert Paul/Bellanova Rocco, Data Protection in the Area of Freedom, Security and Justice: A System Still to be Fully Developed?, European Parliament, (Çevrimiçi) http://www.europarl.europa.eu/RegData/etudes/note/join/2009/410692/IPOL LIBE_ NT(2009)410692_EN.pdf, Mart 2009.

Department for Digital, Culture, Media and Sport (DCMS) / Home Office, Data Protection Bill: Explanatory Notes (Çevrimiçi) https://publications.parliament.uk/pa/bills/ cbill/2017-2019/0153/en/18153-EN.pdf, Erişim Tarihi: 10.04.2019).

Directive (EU) 2016/680 of the European Parliament and of the Council on the Protection of Natural Persons with regard to the Processing of Personal Data by Competent Authorities for the Purposes of the Prevention, Investigation, Detection or Prosecution of Criminal Offences or the Execution of Criminal Penalties, and on the Free Movement of such Data (Çevrimiçi) https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriser v%3AOJ.L_.2016.119.01.0089.01.ENG (Erişim Tarihi: 01.04.2019).

European Commission, “Communication from the Commission to the European Parliament and the Council: Overview of Information Management in the Area of Freedom, Security and Justice”, (Çevrimiçi) https://eur-lex.europa.eu/legal-content/ EN/TXT/PDF/?uri=CELEX:52010DC0385&from=EN, 20/7/2010, (Erişim Tarihi: 01.04.2019).

European Commission, “Safeguarding Privacy in a Connected World a European Data Protection Framework for the 21st Century”, (Çevrimiçi) https://eur-lex.europa.eu/ LexUriServ/LexUriServ.do?uri=COM:2012:0009:FIN:EN:PDF, 25/1/2012, (Erişim Tarihi: 10.04.2019).

European Commission, Proposal for a Directive of the European Parliament and of the Council on the Protection of Individual with regard to the Processing of Personal Data by Competent Authorities for the Purposes of Prevention, Investigation, Detection or Prosecution of Criminal Offences or the Execution of Criminal Penalties, and the Free Movement of such Data, (Çevrimiçi) https://eur-lex.europa.eu/LexUriServ/ LexUriServ.do?uri=COM:2012:0010:FIN:EN:PDF, (Erişim Tarihi: 01.04.2019) (Avrupa Komisyonu Tasarısı).

European Data Protection Supervisor (EDPS), “Opinion of the European Data Protection Supervisor for a Directive of the European Parliament and of the Council regarding the European Investigation Order in Criminal Matters”, (Çevrimiçi) https://eur-lex. europa.eu/legal-content/EN/TXT/?uri=CELEX: 52010XX1229(01), 29/12/2010, (Erişim Tarihi: 10.04.2019).

European Union Agency for Network and Information Security (ENISA), Handbook on Security of Personal Data Processing, 2018.

House of Lords, The European Union Committee, Brexit: the EU data protection package, (Çevrimiçi) https://publications.parliament.uk/pa/ld201719/ldselect/ldeucom/7/7. pdf, Authority of the House of Lords18/07/2017, (Erişim Tarihi: 10.04.2019).

Kişisel Verileri Koruma Kurumu, Kişisel Verilerin İşlenmesine İlişkin Temel İlkeler, (Çevrimiçi) https://www.kvkk.gov.tr/Icerik/4189/Kisisel-Verilerin-Islenmesine-Iliskin-Temel-Ilkeler, (Erişim Tarihi: 10.04.2019).

Recommendation R (87) 15 of the Committee of Ministers to Member States Regulating the use of Personal Data in the Police Sector, (Çevrimiçi) https://rm.coe. int/168062dfd4, (Erişim Tarihi: 01.04.2019).

Statewatch, Implementing the “principle of availability”: The European Criminal Records Information System, The European Police Records Index System, The Information Exchange Platform for Law Enforcement Authorities, (Çevrimiçi) http://www. statewatch.org/analyses/no-145-ecris-epris-ixp.pdf (Erişim Tarihi: 10.04.2019).

Statewatch, The Directive on Data Protection and Law Enforcement: A Missed Opportunity?, (Çevrimiçi) https://www.statewatch.org/analyses/no-176-leas-data%20protection.pdf (Erişim Tarihi: 10.04.2019).

TBMM Başkanlığı, “Kişisel Verilerin Otomatik İşlenme Tabi Tutulması Karşısında Bireylerin Korunması Sözleşmesinin Onaylanmasının Uygun Bulunduğuna Dair Kanun Tasarısı”, (Çevrimiçi) https://www2.tbmm.gov.tr/d24/1/1-0966.pdf, 1/8/2014, (Erişim Tarihi: 01.04.2019).

The Article 29 Working Party, “Guidelines on Automated Individual Decision-Making and Profiling for the Purposes of Regulation 2016/679”, (Çevrimiçi) https://ec.europa. eu/newsroom/article29/item-detail.cfm?item_id=612053, 06/02/2018, (Erişim Tarihi: 10.04.2019).

The Article 29 Working Party, “Guidelines on Data Protection Impact Assessment (DPIA)”, (Çevrimiçi), https://ec.europa.eu/newsroom/article29/item-detail. cfm?item_id=611236, 04/04/2017, s. 19, (Erişim Tarihi: 10.04.2019).

The Article 29 Working Party, “Guidelines on Data Protection Officers (‘DPOs’)”, (Çevrimiçi), https://ec.europa.eu/information_society/newsroom/image/document/2016-51/ wp243_en_40855.pdf, 13/12/2016, s. 4, (Erişim Tarihi: 10.04.2019).

The Article 29 Working Party, “Guidelines on Transparency Under Regulation 2016/679”, (Çevrimiçi), https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_ id=622227, 22/08/2018, (Erişim Tarihi: 10.04.2019).

The Article 29 Working Party, “Opinion 01/2014 on the Application of Necessity and Proportionality Concepts and Data Protection within the Law Enforcement Sector”, (Çevrimiçi) https://www.pdpjournals.com/docs/88168.pdf, 27/02/2014, (Erişim Tarihi: 10.04.2019).

The Article 29 Working Party, “Opinion on Some Key Issues of the Law Enforcement Directive (EU 2016/680)”, (Çevrimiçi) https://ec.europa.eu/newsroom/article29/ item-detail.cfm?item_id=610178, 29/11/2017, (Erişim Tarihi: 10.04.2019).

The Article 29 Working Party, “The Future of Privacy”, (Çevrimiçi) https://ec.europa.eu/ justice/article-29/documentation/opinion-recommendation/files/2009/wp168_en.pdf, 01/12/2009, s. 26, (Erişim Tarihi: 10.04.2019).

The Council of Europe (CoE), Practical Guide on the use of Personal Data in the Police Sector (Çevrimiçi) https://rm.coe.int/t-pd-201-01-practical-guide-on-the-use-ofpersonal-data-in-the-police-/16807927d5, (Erişim Tarihi: 10.04.2019).

The Information Commissioner’s Office (ICO), Accountability and Governance: Data Protection Impact Assessments (DPIAs) (Çevrimiçi) https://www.pdpjournals.com/ docs/887901.pdf, 22/03/2018, s. 19 (Erişim Tarihi: 10.04.2019).

The Information Commissioner’s Office (ICO), Data Protection Officers (Çevrimiçi) https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-generaldata-protection-regulation-gdpr/accountability-and-governance/data-protection-officers/ (Erişim Tarihi: 10.04.2019).

The Information Commissioner’s Office (ICO), Guide Law Enforcement Processing (Part III of the Bill), (Çevrimiçi) https://www.pdpjournals.com/docs/887918.pdf, 05/04/2018, (Erişim Tarihi: 10.04.2019).

The Information Commissioner’s Office (ICO), Guide to Law Enforcement Processing (Part 3 of the Bill) (Çevrimiçi) https://www.pdpjournals.com/docs/887918.pdf, (Erişim Tarihi: 10.04.2019).

The Information Commissioner’s Office (ICO), Guide to the General Data Protection Regulation (GDPR), (Çevrimiçi) https://ico.org.uk/media/for-organisations/guide-tothe-general-data-protection-regulation-gdpr-1-0.pdf, (Erişim Tarihi: 10.04.2019).

The Organization for Economic Cooperation and Development (OECD), “The OECD Privacy Framework” s. 15-16, (Çevrimiçi) https://www.oecd.org/internet/ieconomy/ oecd_privacy_framework.pdf (Erişim Tarihi: 10.04.2019).

The Organization for Security and Co-operation in Europe (OSCE), Guidebook on Democratic Policing, (Çevrimiçi) https://www.osce.org/secretariat/23804?download=true (Erişim Tarihi: 01.04.2019).

UK Government Department for Digital, Culture, Media and Sport (DCMS) / University of Portsmouth, “Cyber Security Breaches Survey 2019”, (Çevrimiçi) https://assets. publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/ file/791940/Cyber_Security_Breaches_Survey_2019_-_Main_Report.PDF (Erişim Tarihi: 01.04.2019).

UK Legislation, Data Protection Act 2018 (“DPA”) (Çevrimiçi) http://www.legislation. gov.uk/ukpga/2018/12/pdfs/ukpga_20180012_en.pdf (Erişim Tarihi: 10.04.2019).

ABAD, Maximillian Schrems v. Data Protection Commissioner and Digital Rights Ireland Ltd., C-362/14, 6 Ekim 2015.

AİHM, Liberty ve Diğerleri v. Birleşik Krallık, Başvuru no: 58243/00, 1 Ekim 2008.

AİHM, Rotaru v. Romanya, Başvuru no: 28341/95, 4 Mayıs 2000.

AİHM, S. ve Marper v. Birleşik Krallık, Başvuru no: 30562/04, 30566/04, 4 Aralık 2008.

Kaynak Göster