1. General Principles of Serial Crime in the Offense of Disseminating Personal Data

When is Serial Crime Applied in the Offense of Disseminating Personal Data under Article 136 of the TCK? Supreme Court Practice. According to the established jurisprudence of the Supreme Court Criminal General Assembly and the relevant criminal chambers, the offense under Article 136 of the TCK is amenable to being committed serially. In this context, two main practices stand out:

TCK Art. 43/1 (Against the Same Victim at Different Times): It applies when personal data belonging to the same person is given to others, disseminated, or seized at different times, within the scope of the same criminal intent. It is not a prerequisite for the data to be of the same nature. For example; if a person’s photograph is shared first, and then their identity information, a single increased penalty is imposed under the provisions of serial crime (YCGK-2019/258K).

TCK Art. 43/2 (Against More Than One Victim with a Single Act): If the same offense is committed against more than one person with a single act, the penalty for serial crime is increased in accordance with the provisions of “ideal concurrence of offenses of the same type.”

2. Application Examples Under TCK Art. 43/1 (Same Victim)

In judicial decisions, the circumstances under which actions directed at the same victim are considered within the scope of serial offenses have been clarified with the following examples:

Sharing Across Different Platforms: It has been stated that if the defendant publishes a photograph belonging to the same victim in a magazine, a newspaper, and on an internet website, the penalty should be increased in accordance with TCK Art. 43/1 (Supreme Court 4th Criminal Chamber-2011/11771).

Sharing at Different Times: The accused, who published the victim’s images without their consent on their social media account at different times, was convicted under chain crime provisions (Court of Cassation 12th Penal Chamber-2020/1619). Similarly, the acts of distributing pieces of paper containing the victim’s photograph and phone number and publishing the same information on the internet were also considered chain crimes (Court of Cassation 12th Penal Chamber-2015/10835).

Data Sharing with Multiple Petitions: The accused’s inclusion of the same victim’s TR identity number and name-surname information in petitions submitted on two separate dates (03.09.2012 and 01.11.2012) constitutes the conditions for a chain crime (Court of Cassation 12th Penal Chamber-2015/9422).

3. Application Examples Under TCC Article 43/2 (Multiple Victims)

In cases where the data of more than one person is violated by a single act, courts apply the following criteria:

Multiple Persons in a Single Share: The accused’s act of sharing a group photo of the participants on their social media account was evaluated under TCC 43/2 because it was carried out against multiple persons with a single action (Court of Cassation 12th Penal Chamber-2023/3439.

Database and Bulk Records: In cases where credit card information, email addresses, and birth dates belonging to many individuals are obtained in a single action and recorded on a flash drive, not a separate crime for each victim, but a chain crime provision should be applied in accordance with TCC 43/2 (Bursa Regional Court of Justice 8th Penal Chamber-2018/1643).

ATM Skimming Operations: The act of acquiring card information of multiple victims through a skimming device attached to the same ATM requires punishment in accordance with TPC 43/1 via 43/2 (Court of Cassation 8th CD-2020/18328)

Sale of Corporate Data: If a telecommunication employee sells data belonging to multiple customers to a third party with a single act, the provisions regarding a chain crime should be applied (Court of Cassation 12th CD-2017/1636).

4. Cases Where the Principle of Cumulative Offense (Teselsül) Cannot Be Applied and Are Considered Separate Crimes

The Court of Cassation emphasizes that in some cases, the acts do not constitute a single deed in a legal sense, or the conditions for a chain crime are not met, thus requiring separate punishment for each victim:

Acquisition of Data at Different Times: In cases where there is no evidence that the defendant acquired personal data belonging to different individuals simultaneously, it is accepted that these data were acquired at different times, and thus, “separate” crimes are constituted for each victim (YCGK-2019/258).

Conviction Based on the Number of Victims: In the act of the defendant opening a fake account bearing the victim’s name and publishing the victim’s pictures and their father’s phone number at different times, it has been stated that two separate convictions should be established based on the number of victims, and a single chain crime provision would be insufficient (Court of Cassation 12th CD-2018/8366).

Single Continuing Offense: If the act continues uninterrupted under the same intent and the criterion of “at different times” is not met, the provisions for a chain crime cannot be applied (Court of Cassation 8th CD-2019/26399).

5. Procedural Rules and Proof Criteria

Right to Additional Defense: If the application of Article 43 of the TPC has not been requested in the indictment, a consecutive offense (chain crime) sentence increase cannot be applied without granting the defendant the right to additional defense pursuant to Article 226 of the CPC (Court of Cassation 12th Criminal Chamber – 2019/101).

Principle of “In Dubio Pro Reo” (Benefit of the Doubt to the Accused): In cases where the dates of the offenses cannot be clearly determined and it is unclear whether the act was committed at different times or as a single act, the interpretation should be made in favor of the defendant, and a single consecutive offense (chain crime) ruling should be established pursuant to Article 43/2 of the TPC (Court of Cassation 12th Criminal Chamber – 2019/10395).

Conclusion: In the crime of disseminating personal data, the provisions regarding consecutive offenses vary depending on whether the act is committed against the same victim at different times (TPC 43/1) or against multiple victims with a single act (TPC 43/2). The Court of Cassation meticulously examines the unity of action, especially at the moment of data acquisition and during the dissemination process, and in case of doubt, applies the consecutive offense (chain crime) provision in favor of the defendant.

Why is Expert Legal Support Necessary in the Crime of Disseminating Personal Data?

The crime of unlawfully disseminating personal data (TPC Art. 136), is one of the crime types where consecutive offense (chain crime) (TPC Art. 43) discussions are most frequently encountered in practice and which directly affects the amount of punishment. Especially the distinction between disclosures made at different times to the same victim and situations where multiple victims are affected by a single act, can fundamentally change the rate of sentence increase and even the number of offenses.

Therefore, in investigations and lawsuits concerning personal data breaches, working with a criminal lawyer specializing in the field is of vital importance. Because;

The incorrect application of successive offense provisions (TCK 43/1 – 43/2) can lead to much harsher penalties for the defendant than what is warranted.

The court’s increase [in penalty], despite TCK 43 not being explicitly included in the indictment, constitutes a violation of the right to defense under CMK 226, and this point can only be effectively raised by an expert lawyer.

Technical elements such as the time of data acquisition, method of dissemination, unity of action, and continuity of intent, if not correctly analyzed in light of Supreme Court precedents, lead to difficult-to-remedy loss of rights.

Especially when it comes to social media posts, petitions, corporate data breaches, and digital materials, the legality of evidence and the standard of proof must be meticulously evaluated.

Expert Legal Support for Personal Data Crimes in Istanbul and Tuzla

Especially in Istanbul, throughout Tuzla, Pendik, Kartal, Gebze, and the Anatolian Side, expert lawyer support in criminal cases concerning the unlawful disclosure, dissemination, and acquisition of personal data is crucial for the correct management of the process.

At this point, 2M Law Office, experienced in criminal law and particularly in the field of personal data crimes, offers professional legal support within the scope of representation for both the suspect/accused and the victim/intervenor, with defense strategies based on Supreme Court and Regional Courts of Justice precedents.