05 Jun, 2023

Personal Data Protection Board (KVKK) Ruled a Fine of 300 Thousand TL to the Employer who Followed the Work Time with Fingerprint in the Workplace

While the discussions on the violation of the Personal Data Protection Law to obtain the identity information of individuals with fingerprints, a precedent decision was made by the KVKK.

Of the Council of State; After the decision that biometric methods such as fingerprint or face scanning system are within the framework of the principle of "privacy of private life" even in the public domain, and there is no guarantee that the collected data cannot be used in any other way in the future, the KVKK also set a precedent. (The 5th Department of the Council of State T: 10.12.2013 E. 2013/5342 K. 2013/9525.)

“IT IS CLEAR THAT THE ELEMENTS OF EXPRESS CONSENT ARE NOT FULLY PROVIDED”

The KVKK Presidency has ruled that the practice of working with fingerprints is against the law with the decision taken recently. The decision said:

“It is obvious that the elements of express consent, which is one of the processing conditions in Article 6 of the Law, regarding the processing of biometric data in the concrete case are not fully met. On the other hand, even if the elements of explicit consent are provided, it should be kept in mind that the processing of the fingerprint information in the biometric data category, which is the special quality personal data of the persons concerned, for the purpose of overtime tracking is contrary to the principle of being limited and proportional to the purpose for which they are processed, which is included in Article 4 of the Law.

It has been unanimously decided to impose an administrative fine of 300,000 TL in accordance with subparagraph (b) of the first paragraph of Article 18 of the Law, for the data controller who is deemed to have acted in violation of the obligation to "prevent the unlawful processing of personal data" within the framework of the first paragraph of Article 12 of the Law.

Source: Parmak iziyle mesai takibine 300 bin TL ceza – Son Dakika Türkiye Haberleri | NTV Haber

To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.

About Content:
300 thousand TL penalty to employer from KVKK. You can review the details from our content.
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram