CONSTITUTIONAL COURT DECISION BULLETIN
İçindekiler
Toggle
In the Decision of the Constitutional Court dated 11/01/2023 and numbered 2019/4055, the application concerns the claim that the right to request the protection of personal data within the scope of the right to respect for private life was violated due to the inclusion of arrest, crime type and identity information without consent in the cover letters of the petitions sent to other institutions and organisations through the institution.
Pursuant to Article 28/1-ç of the Law on the Protection of Personal Data (“Law”), personal data may be processed or transferred by these public institutions and organisations, judicial authorities or execution authorities without the explicit consent of the applicant if they are processed within the scope of preventive, protective and intelligence activities carried out by public institutions and organisations entrusted with the duty and authority by law to ensure national defence, national security, public safety, public order or economic security.
However, there is no doubt that the processing or sharing of the applicant’s personal data of general nature other than these situations is separately and explicitly regulated by a law or requires the explicit consent of the applicant. Although there is no clear definition of what execution procedures are in the legislation, it is not possible to say that all procedures regarding convicts in penal execution institutions are execution procedures.
In the concrete case, it was observed that the applicant’s personal data were included in the cover letters of the petitions regarding his private life written by the applicant to institutions and organisations such as universities, governorships and banks. It is clear that these institutions are not authorities related to the judicial process. Moreover, the applicant has not demonstrated that the personal data in question were shared within the scope of preventive, protective and intelligence activities aimed at ensuring national defence, national security, public security, public order or economic security.
Pursuant to Article 21/3 of the Law on the Execution of Criminal and Security Measures (“Law No. 5275”), “For identification purposes, finger and palm prints of convicts are taken, photographs are taken, blood groups, external characteristics and measurements of their bodies are determined. Such recorded information is kept in the convict’s personal file or electronically. This information cannot be given to any institution or person except as required by the Law.”
The data mentioned in the relevant provision are related to biometric and genetic data, and it is understood that they fall within the scope of special categories of personal data under Article 6 of the Law. Personal data other than the special categories of personal data in the regulation can be written in the cover letters of the petitions sent by convicts and detainees to institutions and organisations. In the concrete case, the data that the applicant did not want to be included in the cover letter are not among the special categories of data specified in the relevant provision of Law No. 5275.
The aforementioned provision of Law No. 5275 does not contain clear and detailed rules on the procedure for the inclusion of personal data in cover letters, and no other legislation on the subject has been identified.
This situation allows the inclusion of general personal data in the cover letters of all petitions sent by detainees and convicts to institutions and organisations within the scope of preventive, protective and intelligence activities carried out by public institutions and organisations entrusted with the duty and authority by law to ensure national defence, national security, public security, public order or economic security, or regardless of whether they are related to execution proceedings or not, and regardless of whether they are sent to the authorities and other institutions related to the judicial process.
For the reasons explained, it has been decided that the claim that the applicant’s right to request the protection of personal data within the scope of the right to respect for private life guaranteed in Article 20 of the Constitution has been violated is ACCEPTABLE.