ARTICLE
27 October 2020

The Personal Data Protection Board Has Made An Assessment Regarding The Use Of Biometric Signature Data.

SL
SRP Legal

Contributor

SRP Legal logo
SRP-Legal is providing legal service to clients in a wide range of legal areas and providing legal consultancy services in sectors transformed by new business models, information and communication technologies. SRP-Legal focuses on Technology and Privacy Law. SRP-Legal’s primary expertise areas are Commercial/E-Commerce Law, Competition Law, Corporate Law, Data Protection & Data Privacy Law, Financial Technology Law, Public Policy, Technology Law, Media Law, Communication Law. SRP-Legal’s blockchain practice has experience of advising on specific, complex regulatory matters in relation to the application of blockchain technology. SRP-Legal offers advice to clients on legal and regulatory matters in highly regulated markets and industries, as well as public policy support before the Governmantal Institutions. SRP-Legal is committed to its clients’ expectations and needs and seeking their views and feedback. SRP-Legal’s target is to provide a bespoke legal, regulatory, policy and strategic advice that is fit
Explore
In its recent decision numbered 2020/649, dated 27/08/2020, ("Decision") the Personal Data Protection Board in Turkey ("Board") rendered upon the evaluations on the inquiry...
Turkey Privacy
Person photo placeholder
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

In its recent decision numbered 2020/649, dated 27/08/2020, (“Decision”) the Personal Data Protection Board in Turkey (“Board”) rendered upon the evaluations on the inquiry asking whether the biometric signatures could be processed without seeking the explicit consent of the data subject in cases stipulated by the law can be evaluated where the only requirement is to be signed by hand according to the Personal Data Protection Law numbered 6698 (“PDP Law”). As a result of the examination, the Board made an assessment that:

(i) the scope of the regulation in relation to the  “signature” is in accordance with the form requirement of the contracts included in the 14th and 15th Articles of the Turkish Code of Obligations numbered 6098 (“Code of Obligations”) consists of the signature and secure electronic signature and even if the legal consequences of these two are the same, these signature types are regulated separately in the law,

(ii) the interpretation of the regulations within the scope of the Code of Obligations in a way to cover the biometric signature will lead to a broad interpretation of the “cases stipulated in the laws” in the third paragraph of the Article 6 of the PDP Law and will be contrary to the principle of proportionality.

As a result of the Board's assessment:

  • Biometric signature has the quality of biometric data,
  • In order to process the biometric data, it must be stipulated in the law or it is possible with the explicit consent of the data subject,
  • The provision on the form of signature in the Code of Obligations does not meet the “prescribed by law” requirement in the PDP Law,
  • Therefore, the biometric signature data could only be processed on lawful grounds if: (i) the explicit consent of the data subject is obtained, (ii) the information notice is made, (iii) the “Adequate Measures to be Taken by the Data Controller in the Processing of Special Categories of Personal Data” determined by the Board are complied with,

has been decided.

We are pleased to assist you in any issue, your Company may need, regarding Data Protection and Privacy.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Person photo placeholder
SRP Legal
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More