Information Technology Crimes
Informatics is defined as the regular and reasonable processing of information’s, especially via electronical devices, which is the basis of science, used by human beings in its communication in technical, economics and social fields, according to Turkish Language Association.
Information system is a magnetic system that allows data to be subjected to automated processes after collecting and placing it, as stated in the reason of Article 243 of the Turkish Criminal Code (“TCC”) no. 5237. In addition, the information system in accordance with the Regulation on the Use of the Audio and Video Information System in Criminal Procedure, Article 3/1-b, is defined as the “data processing, storage and transmission system consisting of computers, peripherals, communication infrastructure and programs”.
In a decision made by the Criminal General Assembly of the Supreme Court on 05.03.2019, which referring the importance of informatics in our lives, “Audio-visual communication, acceptance of electronic signature, new commercial relations, internet banking service and money transfers and many other innovations such as these have entered social life through the information systems. IT has reached an indispensable point in both business and daily life, and because information technologies have a faster and cheaper quality, they have become more preferred than classical methods.” expressions were used.
The requirements of protecting the processed information, preventing its being destroyed or changed have emerged as an undeniable reality with the development of technology and the introduction of technological devices into our lives. Considering these facts, the legislator has introduced various regulations in the field of IT crimes.
Although there are many recipes in terms of informatics crimes, the most widely accepted one is "any act that is performed illegally, immorally in a system that processes the information automatically or transfers the data" which defined at the Paris Meeting of the European Economic Community Experts Commission. As it can be understood from the description of IT crimes, the legal benefit to be protected with the mentioned crimes is basically the protection of the trust in the information system of the society, the rights of individuals and the privacy of private life.
It is deemed appropriate to examine the crimes which is in the tenth chapter titled “Crimes in the Informatics Area” of the TCC, under the separate headings due to the close relationship between them. Accordingly, the crimes will be evaluated within the framework of the following titles;
- The Crime of Entering Information System (Article 243 of TCC)
- The Crime of Blocking, Disrupting, Making Inaccessible, Destroying or Changing Data (Article 244 of TCC)
- The Crime of Abuse of Bank or Credit Card (Article 245 of TCC)
- The Crime of Using Banned Devices or Programs (Article 245/A of TCC)
II. The Crime Of Entering Information System (Article 243 of TCC)
In Article 2 of the Council of Europe's Cybercrime Convention titled "Unlawful Access" is "Each State party should make the necessary legal arrangements and take the necessary precautions in order to include the unfair and deliberate access to any part of a computer system." It can be seen crime of entering information system regulated in Article 243 of the TCC, comply with the European Convention on Cybercrime. The crime of entering information system is processed by the perpetrator who illegally enters or remains, entire or part of an information system. The reason of the Article stated that it is not important for the person who entered the system illegally to act in order to obtain certain data, and that it would be considered sufficient for the crime to occur to be wrongful and deliberately entered into the system. The Decision of the 12th Criminal Chamber of the Supreme Court, which could set an example to this issue, “The act of unauthorized and illegal entry into the company computer with the password obtained by the defendant is considering that it will constitute the crime of entering the information system that complies with the Article 243/1...” statements were used.
If the action is committed by the perpetrator about the systems that can be used for a price, the penalty to be imposed must be reduced to half the rate. For instance, a penalty will be reduced for entering a platform that offers people the opportunity to watch TV series or movies for a certain fee by entering someone else's password.
If the data contained in the system disappears or changes due to the act performed, this situation has been regulated as a qualified condition under Article 243/3 of TCC and has been shown as the reason for the increase in the penalty. It can be seen in the reason of the Article to apply this provision; it is stated that the perpetrator should not have the motive to destroy or change the data. Otherwise, there will be a crime of destroying the data described in more detail later in this article. For example, the spontaneous disappearance of any of the data in the e-mail due to entering the e-mail address of the person without permission is within the scope of Article 243/3 of TCC. However, in case the perpetrator enters his e-mail address and deliberately deletes an e-mail, this situation will be evaluated within the scope of the crime of blocking, destroying, making it inaccessible, destroying or changing the information system within the meaning of Article 244 of TCC.
Person who monitors the data transfers that occur within or between the information systems by the technical devices, without entering the system, will have materialized the crime of entering the information system according to Article 243/4 of TCC and the penalty will be increased. As can be seen, it is a crime by itself to monitor a network traffic illegally without entering the IT system with this provision. For example, if a VPN service's monitors of its users' data, it should be considered a crime in this context.
In the crime of entering the information system, the consent of the victim is the reason for compliance with the law. For example, while unauthorized access to someone's e-mail account is considered under this crime, if the consent of the e-mail owner was received at the entrance, this will be considered as a reason for compliance. However, it should be noted that the consent must be given by the right owner.
The question of whether illegally entering or staying in a piece of the information system can be considered as a crime or not, is controversial in the doctrine. According to one view; due to the fact that the legislator includes the expressions of “the whole or a part of an information system” in the text of the article, it is illegal to examine the piece of the information system such as virtual memory, disk, CD that can be used in connection with the information system. Although piece of the information system is not an inseparable part of the information system but it provide almost inseparable part. Hence, it would be equitable to punish unlawful acts against them. The authors who advocate otherwise argue that the tools such as CD, disk and virtual memory will not be included in the concept of the information system because of their only data storage function. In our opinion, perceiving the piece of information system as whole and they should be evaluated within the scope of the crime of illegally entering or staying in the parts of the system.
Since no characteristics are specified in terms of the perpetrator and the victim, the victim and perpetrator of the crime can be anyone. Anyone who enters the whole or part of an information system illegally or continues to stay there will be a perpetrator. Victims of crime are those whose rights have been violated or their interests have been damaged due to entering or staying in the information system.
In terms of committing crimes, the general wrongful intention will suffice since no special intention is prescribed in the law.
The crime of entering the information system is suitable for the criminal attempt. If the perpetrator wants to enter the information system and starts with the actions that are conducive to the execution of the crime, but cannot complete the enforcement actions due to the reasons that are not in his/her possession, the act will remain in the attempt stage.
It is possible to commit the crime in participation. Participation in terms of the crime of entering the information system will generally be carried out in the form of providing the devices used in the crime and incentive to commit crime.
If the perpetrator commits a crime of entering or staying in the information system more than once against a person at different times, one penalty will be imposed but it will be increased. In case the perpetrator commits the crime against more than one person, one penalty will be imposed but it will be also, increased.
III. The Crime of Blocking, Disrupting, Making Inaccessible, Destroying or Changing Data (Article 244 of TCC)
The crime of blocking, disrupting, making inaccessible, destroying, or changing data regulated in Article 244 is an optional crime. If one of the acts prescribed by the legislator in the first or second paragraph of the article is realized by the perpetrator, a crime will occur. In the third paragraph, the carrying out of acts in an information system that belongs to a bank or credit institution or a public institution or organization is determined as a reason of increase in the penalty. In the fourth paragraph of the article, acts specified in the first or second paragraph constitutes and the perpetrator or someone else gain advantage it is regulated that the penalty will be increased. It should be noted that this situation should not constitute another crime.
Crime of Preventing or Disrupting the Information System
The person who prevents or disrupts an information system’s proceeding in accordance with Article 244/1 of TCC, is punished with imprisonment from one to five years. The prevention of the information system is interfering the proceeding system by preventing the proper use or transferring data of the system. Disrupting the information system is loss of the system’s function due to the intervention of the perpetrator. Whether the intervention is concrete or abstract will not change the nature of the perpetrator's action on the system. To slow down the system by using harmful viruses, cut off the system electricity, lock the system through e-mail bombardment are examples of the crime of preventing the information system. Demolitions of the system or changing the program flow are examples of the crime of disrupting the information system.
It should also be noted that, unless someone else's right is violated, it is not considered a crime to prevent or disrupt the functioning of one's own system or interfere with the data.
Crime Of Corrupting, Destroying, Changing, Making Inaccessible, Placing The Data In The Information System or Sending Existing Data to Another Place
In accordance with Article 244 of the TCC, the person who corrupts, destroys, changes, makes inaccessible, places the data in an information system or sends the existing data to another place is sentenced to six months to three years in prison. The decision of the 15th Criminal Chamber of the Supreme Court on 17.04.2018 is exemplary to the issue and in the decision; “The action of the defendant by preventing the access of the defendant by breaking the passwords of the participant's e-mail address and facebook account and changing their login passwords is crime which defined in the Article 244/2 of TCC. It is against the law to establish a conviction provision under Article 136/1 of the same Code.” expressions were used. Hence, breaking social media account password and subsequently changed it and accordingly prevents access to the account, constitutes the elements of the crime in Article 244 of TCC.
To absorb the subject, the concepts in the text of the article should be examined one by one. Corrupting data is damaging the usability of the data. Destroying the data is to make the data inaccessible by giving the command “delete”. Changing the data is replacing the data with another data or converting the data from its original state to another. Making the data inaccessible means that the data owner or the person concerned is prevented from accessing the desired data at any time. Placing new data in the system is the inclusion of data that is not present in the original information system. Transferring the existing data to another place is the act of moving, transferring, and sending the existing data to another place in the system.
The actions of preventing or disrupting or corrupting, destroying, changing, making inaccessible, placing the data or sending existing data to another place constitutes on the information system belonging to a bank or credit institution or a public institution or organization, the penalty to be imposed will be increased by half. If the crime specified by the perpetrator is committed, everyone who forms the society will be the victim.
If the perpetrator’s actions of preventing or disrupting or corrupting, destroying, changing, making inaccessible, placing the data or sending existing data to another place constitutes on the information system cause to obtain a benefit by him/herself or anyone else’s, the perpetrator will be punished in accordance with Article 244. In this case, the penalty will be increased. However, it is important to note that the act does not constitute another crime. In the reason of the Article if the act constitutes another crime such as fraud, theft, abuse of trust or embezzlement, the perpetrator will not be punished according to Article 244 of TCC. In the Criminal General Assembly of Supreme Court Decision dated 17.11.2009, "... if an unfair interest has been obtained through information systems, first of all, it should be evaluated whether any other crimes that can be committed by using the information systems regulated by the Law have occurred, if the action taken is not in accordance with the definition of any of these crimes, then application should be made in accordance with the provisions of the paragraph 4 of Article 244." expressions were used.
The crime of destroying, changing, making inaccessible, placing the data, or sending existing data to another place in the information system is appropriate to criminal attempt. For instance, if the system immediately realizes the virus which is placed by the perpetrator, and destroyed it without any damage or interference, the act will remain in the attempt stage.
It is possible to commit the crime in participation.
If the perpetrator commits a crime of destroying, changing, making inaccessible, placing the data, or sending existing data to another place in the information system more than once against a person at different times, one penalty will be imposed but it will be increased. In case the perpetrator commits the crime against more than one person, one penalty will be imposed but it will be also, increased.
Conceptual aggregation means if person who caused more than one different crime with a single act, the person punishes the heaviest punishment according to Article 44 of TCC. According to this provision, the perpetrator who caused the crimes envisaged in the Article 243 and Article 244 of TCC to be formed with a single act, must be punished for the Article 244, which envisages a more severe penalty in accordance with the conceptual aggregation rules.
The crime of destroying, changing, making inaccessible, placing the data, or sending existing data to another place in the information system regulated in Article 244 of TCC and crime of theft by using information systems regulated in Article 144/2-e of TCC are suitable for confusion due to the similarities between them. However, the main factor in separating the two types of crime is the subject of the crimes. Subject of the crime of theft by using the information system constitutes on a movable property, the subject of the crime regulated in Article 224/2 is the data. In a decision made by the 2nd Criminal Chamber of the Supreme Court; “Even if the data is illegally seized and benefiting from it, it will not make the data movable property even if it has economic value. In this respect, the illegal capture of the character in the game of Knight Online will cause the crime of Article 244/2 of TCC.” expressions were used.
The person who unlawfully transmits, spreads, or captures personal data to someone else, will have committed the crime of illegally giving or capturing data in accordance with Article 136 of the TCC. If the perpetrator transmits someone else’s personal data from its current location to another location by using the information system, it may also result in the illegal transfer or spread of personal data. In this case, the crimes envisaged in the Article 136 and Article 244 of TCC will occur, but in accordance with the conceptual aggregation rules, the perpetrator will only be punished with the most severe one.
Crime of fraud regulated in Article 157 of TCC occurs by deceiving anyone with fraudulent behavior. Using the information systems as a tool to commit the crime of fraud has been shown as an increase in punishment according to Article 158 of TCC. Due to the way they are regulated in the law, it is quite suitable to be confused whether the act of the perpetrator will be evaluated within the scope of IT crimes or Article 158/1-F of TCC. In a decision issued by the 11th Criminal Chamber of the Supreme Court on 07.10.2009, “Crime of fraud constitutes when someone is deceived after the perpetrator behave fraudulently and the perpetrator himself or someone else gain benefits from the harm of one or another. The movements that constitute the material part of the crime must be directed to a real person and it must be deceived. In the crime of fraud by using information systems as tools, magnetic systems that provide the opportunity to automate them after collecting and placing data are used as tools, and real people are deceived. If the financial assets of the banks, such as checks, passbooks and receipts, which have an effective function, are used, crime of fraud will occur by using the bank. In case it is obtained directly by using the information system without confronting with a real person, face-to-face or using any other devices such as phone, computer, informatics, etc., the "crime of making an unfair advantage by entering the information system" will occur.” expressions were used. While determining the difference between the two crimes, it is stated in the doctrine that the benefits obtained should be evaluated. Article 244/4 of the TCC should be applied if the benefit obtained by the intervention of the perpetrator in the information system or data arises automatically, and if the intervention of a real person is required for the benefit to occur, Article 158/1-f of the TCC should be applied.
The Crime of Abuse of Bank or Credit Card (Article 245 of TCC)
It is useful to define the notion of debit card and credit card before specifying the elements and features of the crime. Debit card is the card that enables the use of banking services, including the bank card deposit account or the use of special current accounts, in accordance with the subparagraph d of the Article 3 of the Bank Cards and Credit Cards Law No. 5464 (“BCCCL”). In the reason of Article 245 of TCC it is defined as allows to enter the system established by the bank. Also, legislative added that, the debit card, with the help of a number identified and known by the cardholder, allows the cardholder to withdraw money from her/his account without the help of the bank official. Credit card in accordance with the subparagraph e of article 3 of the BCCCL, a printed card that provides the opportunity to purchase goods or services or withdraw cash without the use of cash, or a card number without physical assets. In the reason of Article 245 of TCC in accordance with a contract between the bank and the person who has been given a card, credit card is defined as the means by which the person can use the credit facility provided by the bank under certain conditions.
In addition, in the reason of Article 245 of TCC, which regulates the crime of abuse of bank or credit card; it was stated that the article was written in order to prevent the banks or credit owners from harming, to gain benefits in this way and to punish the perpetrators by using the bank or credit cards illegally.
Crime can be basically committed in three different ways. In accordance with the first paragraph of Article 245 of the TCC, it is a crime that any person who seizes or holds a bank or credit card belonging to someone else, by using it without the consent of the cardholder or the person to whom the card should be given, is a crime. In the third article of the BCCCL titled definitions, the card holder; expressed as real or legal person benefiting from debit or credit card services. It is stated in the doctrine that it would be appropriate to use the concept of "card holder" instead of the term "card owner" in the text of the article. The cardholder is the beneficiary of the card while the main owner of the card is the bank or financial institution. On the other hand, in the article text legislative prefer to use the statement of "without the consent of the person to be given to the card" that’s why there is no distinction whether the card has been received by the holder or not.
Since the phrase “in any way” is used in the text of the article, regardless of the way the perpetrator seizes the card, the crime will occur. In a decision of the Supreme Court that could set an example regarding the issue; It is stated that the act of the perpetrator, who unfairly took credit card information and transferred money to his bank account over the internet, would constitute the crime of abuse of bank or credit cards in accordance with Article 245/1 of TCC. However, if the perpetrator commits crimes such as theft, abuse of trust, fraud while taking over the credit or debit card, the perpetrator will also be punished for these crimes. In a decision of the Criminal General Assembly of Supreme Court; after the defendant stole credit card from his relative’s bag in the house, he used the it for shopping. It is stated that the action of stealing credit card from the relative’s bag evaluated as a crime of theft and the action of shopping with the card from different workplaces should be evaluated within the scope of Article 245/1 of TCC.
While the perpetrator uses the card that is obtained which is specified in Article 245 of TCC, the perpetrator may also enter an information system (Article 243/1) or send the existing data elsewhere (Article 244/2). It is stated in the doctrine that in such cases, it is necessary to accept the conceptual aggregation rules and it would be appropriate to punish the perpetrator with a penalty of Article 245/1, which envisages a more severe penalty.
Producing, selling, transferring, buying, or accepting a fake bank or credit card by associating with bank accounts of others constitutes the crime within the scope of the second paragraph. The bank or credit card must be fake according this paragraph Article 245.
It is a crime within the scope of the third paragraph of Article 245 to benefit yourself or anyone else by using a fake bank or credit card. It is stated in the text of the article that if the act does not constitute any other crime that requires more severe punishment, it will be punished in accordance with Article 245 of the TCC. In a decision made by the 11th Criminal Chamber of the Supreme Court on 23.09.2008; It is stated that the defendant, who gained benefit from using the credit card he received by applying to the participating bank with his fake identity card, which has been photographed on his own, should constitute the crime of "benefiting him or anyone else by using a fake bank or credit card."
If the perpetrator acts in accordance with the type of crime envisaged in both Article 245/2 and Article 245/3, in our opinion, the perpetrator must be only punished from the third paragraph which stipulates more punishment since provision of the third paragraph cannot occur before the provision of the second paragraph is formed. However, it is stated by the Supreme Court, Article 245/2 and Article 245/3 indicates two separate crimes.
If the crime was committed by one of the people below, it is a reason for personal impunity.
- One of the spouses for whom no separation decision has been made,
- Kinship in the direct line, or one of the relatives of this degree affinity by marriage, or adoptive or adopted,
- One of the brothers or sisters living together in the same residence
After the completion of some of the crimes stipulated by the law, effective remorse provisions will apply if the perpetrator regrets the crime committed and removes the negative effects of this crime until a certain level of judgment. In this case, the sentence of the perpetrator will be reduced, or the punishment will be eliminated altogether. However, effective remorse provisions can be applied only when clearly prescribed by law such as Article 245. Accordingly, a person who seizes or holds a bank or credit card belonging to someone else and uses it without the consent of the card holder or the person to be given regrets it effective remorse provisions will be applied according to Article 245/5. When the Article 245/5 related to effective regret is examined, it is seen that the crimes against the assets regulated in Article 168 of the TCC are referred. When the two provisions which are about effective remorse are examined together, before the prosecution is initiated, if the perpetrator, the instigator or the assistant fully remedies the damage suffered by the victim, by repentance or compensation after the crime is completed, up to two-thirds of the penalty will be deducted. Also, after the prosecution has started but before the verdict is made, half of the sentence will be reduced. Since the statement is used” before the verdict is made” in the text of the Article, it is not essential whether the provision is finalized or not. To apply effective remorse in case of partial refunds or compensation, the consent of the victim is also sought.
The Crime of Using Banned Devices or Programs (Article 245/A of TCC)
If a device, computer program, password or other security code are created or used in order to the purpose of committing crimes in the TCC's IT Crimes Section or other crimes that can be committed by using information systems as a devices, people who produces, imports, transfers, stores, accepts, sells, gives or keeps it will be punished pursuant to Article 2445/A of TCC.
It appears that the legislator established the regulation to prevent the processing of crimes related to informatics. For this crime to occur, the perpetrator must first commit a crime and act against the law. To give an example regarding the act of the crime and the reasons for compliance with the law, test companies’ act remains within the lawful if they use the tools in accordance with the contract signed with the information system owner.
Information systems have a great impact on the life flow of individuals, public institutions, and organizations as well as legal entities. It is seen that the legislator envisages various sanctions to protect the systems and the data contained in the systems. The purpose of these envisaged sanctions is to protect both the personal and public security by protecting the data in the system with information systems. Nowadays, several works and processes in almost all areas of life are carried out through information systems. For this reason, the protection of these systems through criminal law is essential for maintaining the normal course of life. The legislator envisaged separate offenses against illegal actions on information systems and aimed to protect the rights violated by using these systems illegally.
 Criminal General Assembly of the Supreme Court 2015/15-118 B. 2019/148 D. 5.3.2019 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=cgk-2015-15-118.htm&kw 19.05.2020
 Ebru Altunok ve Ali Fatih Vural, Bilişim Suçları, Online, http://static.dergipark.org.tr/article-download/f255/cc55/7e81/imp-JA48KA55MK-0.pdf?, 19.05.2020.
 Doç. Dr. Yılmaz Yazıcıoğlu, Bilgisayar Suçları, Alfa Yayınları, 1997, s.205.
 12th Criminal Chamber of the Supreme Court, 2014/2525 B. 2014/17259 D. 8.9.2014 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=12cd-2014-2525.htm&kw= 19.05.2020
 Sertel Şıracı, Dikkat Yeni Bilişim Suçlarımız Oldu, Online, https://www.linkedin.com/pulse/dikkat-yeni-bili%C5%9Fim-su%C3%A7larimiz-oldu-sertel-%C5%9F%C4%B1rac%C4%B1, 19.05.2020.
 Muammer Ketizmen, Türk Ceza Hukukunda Bilişim Suçları, Adalet Yayınevi, Ankara, 2008, s.107,108
 Levent Kurt, Bilişim Suçları, Seçkin Yayınevi, Ankara 2005, s.156.
 Özge Apiş, Bilişim Sistemine Girme Suçu Bakımından Bilgisayarlarda, Bilgisayar Programlarında ve Kütüklerinde Arama Kopyalama Elkoyma Koruma Tedbiri, Yasama Dergisi, sayı 37, 2018, s.61.
 Prof. Dr. Mahmut Koca ve Prof. Dr. İlhan Üzülmez, Türk Ceza Hukuku Özel Hükümler, Adalet Yayınevi, Ankara, 2016, s.826, s.827.
 Av. İsmail Gürocak, Bilişim Sistemine Girme Suçu, s.8, Online, http://www.ismailgurocak.av.tr/makale/B%C4%B0L%C4%B0%C5%9E%C4%B0M%20S%C4%B0STEM%C4%B0NE%20G%C4%B0RME%20SU%C3%87U-%C4%B0SMA%C4%B0L%20G%C3%9CROCAK.pdf, 08.06.2020
 Dr. Yavuz Erdoğan, “Bilişim Sistemine Girme ve Kalma Suçu” Dokuz Eylül Üniversitesi Hukuk Fakültesi Dergisi Cilt: 12, Özel S., 2010, s.1416.
 Doç. Dr. Berrin Akbulut, Sistemi Engelleme, Bozma, Verileri Yok Etme veya Değiştirme, Selçuk Üniversitesi Hukuk Fakültesi Dergisi, Cilt 24, Sayı 2, 2016, s.27, s.29, s.30.
 Yazıcıoğlu, s. 263.
 Levent Kurt, Tüm Yönleriyle Bilişim Suçları ve Türk Ceza Kanunundaki Uygulaması, Ankara, Seçkin Yayınları, 2005, s.165.
 Akbulut., s.19.
 15th Criminal Chamber of the Supreme Court 2017/11652 B. 2018/2663 D. 17.04.2018 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=15cd-2017-11652.htm&kw=, 19.05.2020
 Akbulut., s.32
 Mehmet Burak Kızıltan, 5237 Sayılı Türk Ceza Kanunu’nda Bilişim Sistemine Girme, Sistemi Engelleme ve Bozma Suçları, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Yüksek Lisans Tezi, İstanbul, 2007, s.81-82.
 Murat Volkan Dülger, Bilişim Suçları, İstanbul, Seçkin Yayınları, 2004, s.237
 Ö. Umut Eker, Türk Ceza Hukuku’nda Bilişim Suçları, TBBD, Y.: 19, S.: 62, Ocak-Şubat 2006, Ankara, s.125.
 Criminal General Assembly of the Supreme Court 2009/11-193 B. 2009/268 D. 17.11.2009 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=cgk-2009-11-193.htm&kw=, 19.05.2020.
 Akbulut., s.45
 2nd Criminal Chamber of the Supreme Court 2019/11010 B. 2020/568 D. 13.1.2020 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=2cd-2019-11010.htm&kw, 19.05.2020
 İrem Geçmez, Bilişim Sistemini Engelleme, Bozma, Verileri Yok Etme veya Değiştirme Suçları Marmara Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Yüksek Lisans Tezi İstanbul, 2019, s.126
 11th Criminal Chamber of the Supreme Court 2009/1616 B. 2009/11328 D. 7.10.2009 D. Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=11cd-2009-1616.htm&kw=, 19.05.2020
 Yavuz Erdoğan “Türk Ceza Kanunu’nda Bilişim Suçları (Avrupa Konseyi Siber Suç Sözleşmesi ve Yargıtay
Kararları İle)” Legal Yayınları, 2012, s. 247.
 Doç. Dr. Veli Özer Özbek, Banka veya Kredi Kartlarının Kötüye Kullanılması Suçu (TCK m.245), Dokuz Eylül Üniversitesi Hukuk Fakültesi Dergisi Cilt: 9, Özel Sayı, 2007, s.1030.
 Serkan Sazak, Ceza Hukukunda Banka ve Kredi Kartlarının Kötüye Kullanılması, İstanbul Üniversitesi Sosyal Bilimler Enstitüsü Kamu Hukuku Anabilim Dalı Yüksek Lisans Tezi, İstanbul, 2008, s.52
 11th Criminal Chamber of the Supreme Court 2010/7788 B. 2010/11083 D. 13.10.2010 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=11cd-2010-7788.htm&kw=, 19.05.2020
 Criminal General Assembly of Supreme Court 2012/15-1368 B. 2014/179 D. 8.04.2014 D., Online, http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=cgk-2012-15-1368.htm&kw=, 19.05.2020.
 Özbek, s.1043
11th Criminal Chamber of the Supreme Court 2008/9636 B. 2008/9181 D. 23.09.2008 D., Online http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=11cd-2008-9636.htm&kw=, 20.05.2020.
 8th Criminal Chamber of Supreme Court 2019/26253 B. 2019/15866 D. 26.12.2019 D. Online http://www.kazanci.com/kho2/ibb/files/dsp.php?fn=8cd-2019-26253.htm&kw=, 20.05.2020
 Özbek., s.1038.
 Dr. Cengiz Apaydın, Bilişim Suçları, Online, https://www.hukukihaber.net/bilisim-suclari-makale,6501.html, 14.05.2020.