Turkey's Adoption of Data Protection Law 'Marks New Era'
The Turkish Parliament adopted, on 24 March 2016, the Law on Personal Data Protection after over nine years of efforts. The Law is Turkey's first specific privacy and data protection legislation and its adoption follows Turkey's recent ratification of Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, 35 years after Turkey first signed it. "The enactment of the Law marks the beginning of a new era, as personal data will now be processed in compliance with the Law," said Yasin Beceni and Ipek Asikoglu,
Partner and Associate respectively at BTS Legal. In particular, the Law has been prepared to ensure protection during the processing of personal data in line with the Data Protection Directive and defines key terms. According to the Law, data controllers will be responsible for taking necessary security measures to prevent unlawful access to personal data, including carrying out or making third parties conduct audits to ensure that such security measures are taken. Data controllers will be obliged to notify the Board where they become aware of any unlawful access.