Research Article
BibTex RIS Cite

Examınatıon of The Concept of Personal Data From The Perspectıve of The Consumer And Applications to Protect Consumer Data Technically

Year 2023, , 37 - 74, 30.06.2023
https://doi.org/10.55009/bilisimhukukudergisi.1230809

Abstract

Personal data is “any information relating to an identified or identifiable natural person”. The fact that personal data includes a wide area of information, paves the way for the production of personal data through different processes and when people are in different locations. One of these situations is when people produce personal data while they are consumers. With the development of technology, consumers have started to create different types of personal data. In addition, the sources of personal data have increased. This situation necessitated a technical approach to the protection of personal data. The technical protection of personal data can be examined within the framework of the opt-in system, which operates on the basis of information. Because in this system, consumers both have control over their personal data and can be sure that data processing is carried out for legitimate purposes. The purpose of this comprehensive article is to examine the perspectives of the concept of personal data and to evaluate what kind of applications can protect technical data.

References

  • Acquisti, Alessandro. “The Economics of Personal Data and the Economics of Privacy”, The Economics of Personal Data and Privacy: 30 Years after the OECD Privacy Guidelines, Erişim Tarihi Aralık 21, 2022, https://www.oecd.org/sti/ieconomy/46968784.pdf.
  • Aksoy,Hüseyin Can ve Halıcıoğlu, Mesut. “AB ve Türk Hukuklarında Çerezler: Kişisel Verilerin Korunması Açısından Karşılaştırmalı Bir Değerlendirme”, Kişisel Verileri Koruma Dergisi, no:1,(2021): 61-88.
  • Article 29 Data Protection Working Party. Opinion 4/2007 on the concept of personal data, Erişim Tarihi Aralık 21, 2022, 12251/03/EN (clinicalstudydatarequest.com.
  • Article 29 Data Proteciton Working Party. Opinion 04/2012 on Cookie Consent Exemption, (2012), Erişim Tarihi Aralık 23, 2022, https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2012/wp194_en.pdf.
  • Article 29 Working Party. Guidelines on consent under Regulation 2016/679, (2018), Erişim Tarihi Ocak 1, 2023, https://ec.europa.eu/newsroom/article29/items/623051.
  • Ateş, Emre Cihan ve Bostancı, Erkan ve Güzel, Mehmet Serdar. “Big Data, Data Mining, Machine Learning, and Deep Learning Concepts in Crime Data”, Ceza Hukuku ve Kriminoloji Dergisi, no: 2, (2021): 293-319.
  • Banterle, Francesco. “The Interface Between Data Protection and IP Law: The Case of Trade Secrets and the Database sui generis Right in Marketing Operations, and the Ownership of Raw Data in Big Data Analysis”, Personal Data in Competition, Consumer Protection and Intellectual Property Law, Ed. Mor Bakhoum · Beatriz Conde Gallego Mark-Oliver Mackenrodt Gintarė Surblytė-Namavičienė, (Berlin, part of Springer Nature, 2018): 411-443. DOI: https://doi.org/10.1007/978-3-662-57646-5
  • Catanzariti, Mariavittoria. “Algorithmic Law: Law Production by Data or Data Production by Law?”, Constitutional Challenges in the Algoritmic Society, Edit. Hans-W. Micklitz, Oreste Pollicino, Amnon Reichman, Andrea Simoncini, Giovanni Sartor, Giovanni De Gregorio, (Cambridge University Press, 2021): 78-92. DOI: https://doi.org/10.1017/9781108914857.006
  • Cate Fred H. Ve Staten, Michael E.. “Protecting Privacy in the New Millennium: The Fallacy Of "Opt-In””, Erişim Tarihi: Ocak 29, 2022, http://home.uchicago.edu/~mferzige/fallacyofoptin.pdf.
  • Chirita, Anca D.. “The Rise of Big Data and the Loss of Privacy”, Personal Data in Competition, Consumer Protection and Intellectual Property Law Towards a Holistic Approach?, Ed. Mor Bakhoum, Beatriz Conde Gallego, Mark-Oliver Mackenrodt, Gintarė Surblytė-Namavičienė, (Germany, part of Springer Nature, 2018): 153-189. DOI: 10.1007/978-3-662-57646-5_7
  • CMA. The Commercial Use of Consumer Data, (2015), Erişim Tarihi Aralık 21, 2022, https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/435817/The_commercial_use_of_consumer_data.pdf.
  • Çekin, Mesut Serdar. Avrupa Birliği Hukukuyla Mukayeseli Olarak 6698 Sayılı Kanun Çerçevesinde Kişisel Verilerin Korunması Hukuku. İstanbul: Oniki Levha Yayınları, 2020.
  • Dreier, Thomas. “Opt in’’ and ‘‘opt out’’ mechanisms in the internet era – towards a common theory”, Computer and Security Review, no: 2, (2010):144-150.
  • Dülger, Murat Volkan. Kişisel Verilerin Korunması Hukuku. İstanbul: Seçkin Yayınevi, 2020.
  • ENISA. Recommendations on shaping technology according to GDPR provisions, Exploring the notion of data protection by default, (2018), Aralık 29, 2022, https://www.enisa.europa.eu/publications/recommendations-on-shaping-technology-according-to-gdpr-provisions-part-2.
  • ENISA. Privacy and Data Protection by Design – from policy to engineering, (2014), Erişim Tarihi Aralık 28, 2022, https://www.enisa.europa.eu/.
  • Forgó, Nikolaus ve Hänold, Stefanie ve Schütze, Benjamin . “The Principle of Purpose Limitation and Big Data”, New Technology, Big Data and the Law, Ed: Marcelo Corrales, Mark Fenwick, Nikolaus Forgó, (Singapore, part of Springer Natur, 2017): 17-42. DOI 10.1007/978-981-10-5038-1
  • Gasser, Urs. Big Data and Global Trade Law, Futuring Digital Privacy Reimaging the Law/Tech Interplay, Edit. Mira Burri, (Cambridge University Press, 2021): 195-211. DOI:https://proxy.hacibayram.edu.tr:2079/10.1017/9781108919234
  • Gregorio, Giovanni De, Digital Constitutionalism in Europe, (Cambridge University Press, 2022), DOI: https://doi.org/10.1017/9781009071215.
  • Hodges, Sarah. “Examining the Gramm–Leach–Bliley Act's opt-out method for protecting consumer data privacy rights on the Internet”, Information and Communications Technology Law, no:1, (2013): 60-85.
  • Hoepman, Jaap-Henk.“Privacy Design Strategies (The Little Blue Book)”, (2022), Erişim Tarihi Ocak 28, 2022, https://www.cs.ru.nl/~jhh/publications/pds-booklet.pdf.
  • Information Commissioner‘s Office (ICO). How do we comply with the cookie rules?, (2019), Erişim Tarihi 1 Ocak, 2023, https://ico.org.uk/for-organisations/guide-to-pecr/guidance-on-the-use-of-cookies-and-similar-technologies/how-do-we-comply-with-the-cookie-rules/.
  • Jezova, Daniela. “Principle of Privacy by Design and Privacy by Default”, Regional Law Review, (Şubat, 2021), Erişim Tarihi Ocak 28, 2022, SSRN: https://ssrn.com/abstract=3755514.
  • Kemp, Katharine. “Concealed data practices and competition law: why privacy matters”, European Competition Journal”, (2020): 628-672. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3432769.
  • Keser, Yıldırım. “Tüketicinin Kişisel Verisinin İşlenmesinde Açık Rıza”, Selçuk Üniversitesi Hukuk Fakültesi Dergisi, no:3, (2020): 1181 – 1215.
  • King, Nancy J. ve Forder, Jay. “Data analytics and consumer profiling: Finding appropriate privacy principles for discovered data”, Computer Law & Security Review, no:5, (2016): 696-714.
  • Kişisel Verileri Koruma Kurumu. Çerez Uygulamaları Hakkında Rehber, (2022), Erişim Tarihi Aralık 23, 2022, https://www.kvkk.gov.tr/SharedFolderServer/CMSFiles/fb193dbb-b159-4221-8a7b-3addc083d33f.pdf.
  • Kişisel Verileri Koruma Kurulu, 27/02/2020 Tarihli ve 2020/173 sayılı Amazon Turkey Perakende Hizmetleri Limited Şirketi hakkındaki başvuru ile ilgili karar, Erişim Tarihi Aralık 29, 2022, https://www.kvkk.gov.tr/Icerik/6739/2020-173.
  • Kobsa, Alfred ve Wang, Yang, Privacy-Enhancing Technologies. (2008), Erişim Tarihi Aralık 28, 2022, https://www.ics.uci.edu/~kobsa/papers/2008-Handbook-LiabSec-kobsa.pdf.
  • Lavin, Marilyn. “Cookies: What do consumers know and what can they learn?”, Journal of Targeting, Measurement and Analysis for Marketing, (2006): 279-288.
  • Nagenborg, Michael. “Surveillance and persuasion”, Ethics and Information Technology, (2014): 43-49. OECD. Consumer Data Rights and Competition - Background note, (2020), Erişim Tarihi Aralık 21, 2022, https://www.oecd.org/competition/consumer-data-rights-and-competition.htm.
  • OECD. Consumer Protection in E-commerce, OECD Recommendation, (2016), Erişim Tarihi Aralık 22, 2022, https://www.oecd.org/sti/consumer/ECommerce-Recommendation-2016.pdf.
  • Ooijen, Iris van ve Vrabec, Helena U.. “Does the GDPR Enhance Consumers’ Control over Personal Data? An Analysis from a Behavioural Perspective”, Journal of Consumer Policy, (2018): 91-107.
  • Öğretmen Kotil, Zeynep. Kişisel Verilerin Korunması Çerçevesinde Yapay Zeka. İstanbul: Oniki Levha Yayınevi, 2022.
  • PISA (Privacy Incorporated Software Agent). Handbook of Privacy and Privacy-Enhancing Technologies The case of Intelligent Software Agents, Editors: G.W. van Blarkom, J.J. Borking, J.G.E. Olk, (2003), Erişim Tarihi Aralık 28, 2022, https://andrewpatrick.ca/pisa/handbook/Handbook_Privacy_and_PET_final.pdf.
  • Steinberg, Etye. “Big Data and Personalized Pricing”, Business Ethics Quaterly, no: 1, (2019): 97-117.
  • Zevkliler, Aydın ve Özel, Çağlar. Tüketicinin Korunması Hukuku. Ankara: Seçkin Yayınevi, 2016.

Kişisel Veri Kavramının Tüketici Açısından İncelenmesi ve Tüketici Verilerini Teknik Anlamda Korumaya Yönelik Uygulamalar

Year 2023, , 37 - 74, 30.06.2023
https://doi.org/10.55009/bilisimhukukudergisi.1230809

Abstract

Kişisel veri, “kimliği belirli veya belirlenebilir gerçek kişiye ilişkin her türlü bilgi” dir. Kişisel verinin sahip olduğu bilgi unsurunun, geniş bir alanı içine alması, farklı işlemler aracılığıyla ve kişiler farklı konumlardayken, kişisel veri üretiminin önünü açar. Bu durumlardan bir tanesi de kişilerin tüketici konumundayken kişisel veri üretmesidir. Teknolojinin gelişmesi ile tüketiciler farklı nitelikte kişisel veri oluşturmaya başlamıştır. Ayrıca kişisel verinin kaynakları da çoğalmıştır. Bu durum kişisel verilerin korunmasına teknik anlamda yaklaşılmasını gerekli kılmıştır. Kişisel verilerin teknik anlamda korunması bilgilendirme temelinde işleyen opt-in sistem çerçevesinde incelenebilir. Çünkü bu sistemde tüketiciler hem kişisel verileri üzerinde denetime sahip olurlar hem de veri işleme faaliyetinin meşru amaçlar için gerçekleştirildiğinden emin olabilirler. Bu anlamda makalenin amacı, kişisel veri kavramının tüketiciler açısından incelenmesi ve teknik anlamda verilerin ne tür uygulamalarla korunabileceğinin değerlendirilmesidir.

References

  • Acquisti, Alessandro. “The Economics of Personal Data and the Economics of Privacy”, The Economics of Personal Data and Privacy: 30 Years after the OECD Privacy Guidelines, Erişim Tarihi Aralık 21, 2022, https://www.oecd.org/sti/ieconomy/46968784.pdf.
  • Aksoy,Hüseyin Can ve Halıcıoğlu, Mesut. “AB ve Türk Hukuklarında Çerezler: Kişisel Verilerin Korunması Açısından Karşılaştırmalı Bir Değerlendirme”, Kişisel Verileri Koruma Dergisi, no:1,(2021): 61-88.
  • Article 29 Data Protection Working Party. Opinion 4/2007 on the concept of personal data, Erişim Tarihi Aralık 21, 2022, 12251/03/EN (clinicalstudydatarequest.com.
  • Article 29 Data Proteciton Working Party. Opinion 04/2012 on Cookie Consent Exemption, (2012), Erişim Tarihi Aralık 23, 2022, https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2012/wp194_en.pdf.
  • Article 29 Working Party. Guidelines on consent under Regulation 2016/679, (2018), Erişim Tarihi Ocak 1, 2023, https://ec.europa.eu/newsroom/article29/items/623051.
  • Ateş, Emre Cihan ve Bostancı, Erkan ve Güzel, Mehmet Serdar. “Big Data, Data Mining, Machine Learning, and Deep Learning Concepts in Crime Data”, Ceza Hukuku ve Kriminoloji Dergisi, no: 2, (2021): 293-319.
  • Banterle, Francesco. “The Interface Between Data Protection and IP Law: The Case of Trade Secrets and the Database sui generis Right in Marketing Operations, and the Ownership of Raw Data in Big Data Analysis”, Personal Data in Competition, Consumer Protection and Intellectual Property Law, Ed. Mor Bakhoum · Beatriz Conde Gallego Mark-Oliver Mackenrodt Gintarė Surblytė-Namavičienė, (Berlin, part of Springer Nature, 2018): 411-443. DOI: https://doi.org/10.1007/978-3-662-57646-5
  • Catanzariti, Mariavittoria. “Algorithmic Law: Law Production by Data or Data Production by Law?”, Constitutional Challenges in the Algoritmic Society, Edit. Hans-W. Micklitz, Oreste Pollicino, Amnon Reichman, Andrea Simoncini, Giovanni Sartor, Giovanni De Gregorio, (Cambridge University Press, 2021): 78-92. DOI: https://doi.org/10.1017/9781108914857.006
  • Cate Fred H. Ve Staten, Michael E.. “Protecting Privacy in the New Millennium: The Fallacy Of "Opt-In””, Erişim Tarihi: Ocak 29, 2022, http://home.uchicago.edu/~mferzige/fallacyofoptin.pdf.
  • Chirita, Anca D.. “The Rise of Big Data and the Loss of Privacy”, Personal Data in Competition, Consumer Protection and Intellectual Property Law Towards a Holistic Approach?, Ed. Mor Bakhoum, Beatriz Conde Gallego, Mark-Oliver Mackenrodt, Gintarė Surblytė-Namavičienė, (Germany, part of Springer Nature, 2018): 153-189. DOI: 10.1007/978-3-662-57646-5_7
  • CMA. The Commercial Use of Consumer Data, (2015), Erişim Tarihi Aralık 21, 2022, https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/435817/The_commercial_use_of_consumer_data.pdf.
  • Çekin, Mesut Serdar. Avrupa Birliği Hukukuyla Mukayeseli Olarak 6698 Sayılı Kanun Çerçevesinde Kişisel Verilerin Korunması Hukuku. İstanbul: Oniki Levha Yayınları, 2020.
  • Dreier, Thomas. “Opt in’’ and ‘‘opt out’’ mechanisms in the internet era – towards a common theory”, Computer and Security Review, no: 2, (2010):144-150.
  • Dülger, Murat Volkan. Kişisel Verilerin Korunması Hukuku. İstanbul: Seçkin Yayınevi, 2020.
  • ENISA. Recommendations on shaping technology according to GDPR provisions, Exploring the notion of data protection by default, (2018), Aralık 29, 2022, https://www.enisa.europa.eu/publications/recommendations-on-shaping-technology-according-to-gdpr-provisions-part-2.
  • ENISA. Privacy and Data Protection by Design – from policy to engineering, (2014), Erişim Tarihi Aralık 28, 2022, https://www.enisa.europa.eu/.
  • Forgó, Nikolaus ve Hänold, Stefanie ve Schütze, Benjamin . “The Principle of Purpose Limitation and Big Data”, New Technology, Big Data and the Law, Ed: Marcelo Corrales, Mark Fenwick, Nikolaus Forgó, (Singapore, part of Springer Natur, 2017): 17-42. DOI 10.1007/978-981-10-5038-1
  • Gasser, Urs. Big Data and Global Trade Law, Futuring Digital Privacy Reimaging the Law/Tech Interplay, Edit. Mira Burri, (Cambridge University Press, 2021): 195-211. DOI:https://proxy.hacibayram.edu.tr:2079/10.1017/9781108919234
  • Gregorio, Giovanni De, Digital Constitutionalism in Europe, (Cambridge University Press, 2022), DOI: https://doi.org/10.1017/9781009071215.
  • Hodges, Sarah. “Examining the Gramm–Leach–Bliley Act's opt-out method for protecting consumer data privacy rights on the Internet”, Information and Communications Technology Law, no:1, (2013): 60-85.
  • Hoepman, Jaap-Henk.“Privacy Design Strategies (The Little Blue Book)”, (2022), Erişim Tarihi Ocak 28, 2022, https://www.cs.ru.nl/~jhh/publications/pds-booklet.pdf.
  • Information Commissioner‘s Office (ICO). How do we comply with the cookie rules?, (2019), Erişim Tarihi 1 Ocak, 2023, https://ico.org.uk/for-organisations/guide-to-pecr/guidance-on-the-use-of-cookies-and-similar-technologies/how-do-we-comply-with-the-cookie-rules/.
  • Jezova, Daniela. “Principle of Privacy by Design and Privacy by Default”, Regional Law Review, (Şubat, 2021), Erişim Tarihi Ocak 28, 2022, SSRN: https://ssrn.com/abstract=3755514.
  • Kemp, Katharine. “Concealed data practices and competition law: why privacy matters”, European Competition Journal”, (2020): 628-672. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3432769.
  • Keser, Yıldırım. “Tüketicinin Kişisel Verisinin İşlenmesinde Açık Rıza”, Selçuk Üniversitesi Hukuk Fakültesi Dergisi, no:3, (2020): 1181 – 1215.
  • King, Nancy J. ve Forder, Jay. “Data analytics and consumer profiling: Finding appropriate privacy principles for discovered data”, Computer Law & Security Review, no:5, (2016): 696-714.
  • Kişisel Verileri Koruma Kurumu. Çerez Uygulamaları Hakkında Rehber, (2022), Erişim Tarihi Aralık 23, 2022, https://www.kvkk.gov.tr/SharedFolderServer/CMSFiles/fb193dbb-b159-4221-8a7b-3addc083d33f.pdf.
  • Kişisel Verileri Koruma Kurulu, 27/02/2020 Tarihli ve 2020/173 sayılı Amazon Turkey Perakende Hizmetleri Limited Şirketi hakkındaki başvuru ile ilgili karar, Erişim Tarihi Aralık 29, 2022, https://www.kvkk.gov.tr/Icerik/6739/2020-173.
  • Kobsa, Alfred ve Wang, Yang, Privacy-Enhancing Technologies. (2008), Erişim Tarihi Aralık 28, 2022, https://www.ics.uci.edu/~kobsa/papers/2008-Handbook-LiabSec-kobsa.pdf.
  • Lavin, Marilyn. “Cookies: What do consumers know and what can they learn?”, Journal of Targeting, Measurement and Analysis for Marketing, (2006): 279-288.
  • Nagenborg, Michael. “Surveillance and persuasion”, Ethics and Information Technology, (2014): 43-49. OECD. Consumer Data Rights and Competition - Background note, (2020), Erişim Tarihi Aralık 21, 2022, https://www.oecd.org/competition/consumer-data-rights-and-competition.htm.
  • OECD. Consumer Protection in E-commerce, OECD Recommendation, (2016), Erişim Tarihi Aralık 22, 2022, https://www.oecd.org/sti/consumer/ECommerce-Recommendation-2016.pdf.
  • Ooijen, Iris van ve Vrabec, Helena U.. “Does the GDPR Enhance Consumers’ Control over Personal Data? An Analysis from a Behavioural Perspective”, Journal of Consumer Policy, (2018): 91-107.
  • Öğretmen Kotil, Zeynep. Kişisel Verilerin Korunması Çerçevesinde Yapay Zeka. İstanbul: Oniki Levha Yayınevi, 2022.
  • PISA (Privacy Incorporated Software Agent). Handbook of Privacy and Privacy-Enhancing Technologies The case of Intelligent Software Agents, Editors: G.W. van Blarkom, J.J. Borking, J.G.E. Olk, (2003), Erişim Tarihi Aralık 28, 2022, https://andrewpatrick.ca/pisa/handbook/Handbook_Privacy_and_PET_final.pdf.
  • Steinberg, Etye. “Big Data and Personalized Pricing”, Business Ethics Quaterly, no: 1, (2019): 97-117.
  • Zevkliler, Aydın ve Özel, Çağlar. Tüketicinin Korunması Hukuku. Ankara: Seçkin Yayınevi, 2016.
There are 37 citations in total.

Details

Primary Language Turkish
Subjects Law in Context
Journal Section Research Articles
Authors

Dila Nur Halaçoğlu 0000-0003-1001-9373

Publication Date June 30, 2023
Acceptance Date April 6, 2023
Published in Issue Year 2023

Cite

Chicago Halaçoğlu, Dila Nur. “Kişisel Veri Kavramının Tüketici Açısından İncelenmesi Ve Tüketici Verilerini Teknik Anlamda Korumaya Yönelik Uygulamalar”. Bilişim Hukuku Dergisi 5, no. 1 (June 2023): 37-74. https://doi.org/10.55009/bilisimhukukudergisi.1230809.

23439

Bilişim Hukuku Dergisi Creative Commons Atıf-GayriTicari 4.0 Uluslararası Lisansı ile lisanslanmıştır.