<![CDATA[The rapid expansion of big data, Internet of Things (IoT) systems, and artificial intelligence (AI) has transformed the conditions under which privacy and personal data protection operate. In the algorithmic age, privacy is increasingly challenged not only as an individual right but also as a structural condition of socio-technical systems. This article examines whether privacy is merely adapting to technological change or undergoing a deeper paradigmatic transformation. Focusing on Türkiye’s Personal Data Protection Law (KVKK No. 6698) in comparison with the European Union’s General Data Protection Regulation (GDPR), the study investigates the changing legal and operational foundations of personal data protection, particularly the declining centrality of explicit consent and the growing role of broader governance mechanisms. Methodologically, the article adopts a qualitative multi-method design combining comparative legal analysis, doctrinal examination, and a socio-technical case study of six smart city applications in Türkiye. The findings reveal a gap between formal regulatory alignment and substantively effective protection, especially in smart city systems characterized by ambient data collection, system interoperability, and limited user contestability. The study concludes that privacy is being restructured from an individual consent-based model toward a more systemic governance condition. Accordingly, sustainable privacy protection requires integrated legal, technical, and societal governance mechanisms.]]>
Copyrights © 2026
