Turkey chapter of “Lexology GTDT – Cybersecurity 2020” written by Stéphanie Beghe Sönmez and Neslihan Kasap is published.
Turkey does not have any dedicated cybersecurity laws. The data protection legislation, including the Personal Data Protection Law No. 6698 (PDPL), however, contains general requirements with regard to the security of personal data. Cybersecurity breaches can therefore lead to a breach of data protection law. The Council of Ministers issued a decision on national cybersecurity strategy, published in the Ofcial Gazette on 20 June 2013, in the form of an action plan aimed at ensuring the protection of ser vices, transactions and data provided by the government through IT systems and critical IT infrastructure operated by the public and pri vate sectors. On that basis, the Ministry of Transport, Maritime Affairs and Communication prepared a 2016–2019 national cybersecurity strategy and action plan, under which defnitions, principles, cyberse curity risks and strategic cybersecurity purposes and actions are pre sented. This plan aimed to shape Turkey’s cybersecurity legislation in accordance with international standards and establish a public authority that ensures coordination in the feld of cybersecurity.
The 11th Development Plan of the Turkish Republic for the 2019–2023 period (the Plan) states that to mitigate national security and ensure technological transformation in primary sectors (eg, chemical industry, medicine and medical equipment, electronics, automotive and rail system equipment), Turkey must enhance its ability to develop cybersecurity and data privacy technologies, fll the gap in the number of qualifed persons, further develop its administrative structures and keep its legislation in pace with ever-developing technology. Various plans and strategies are expected to be implemented within the period covered by the Plan, including the establishment of new public organisations and committees dealing with cybersecurity. On the other hand, the Turkish Presidency’s Digital Transformation Ofce (DTO), which was established in 2018, has been carrying out a series of studies and projects in the area of cybersecurity and data security for the purpose of ensuring digitalisation in public services and increasing public awareness thereof.
You may reach the entire publication here.
Share
Related persons
You can contact us for detailed information.
Legal Information
This briefing is for information purposes; it is not legal advice. If you have questions, please call us. All rights reserved.
You May Be Interested In
7 October 2025
Turkish Data Protection Authority eases registration requirements for organisations processing sensitive data
In Decision No. 2025/1572 dated 4 September 2025, the Turkish Data Protection Authority introduced an exemption for data controllers…
6 October 2025
New Communiqué on the Right of Access to the File has been Published
With the Communiqué Amending the Communiqué (Communiqué No: 2010/3) on the Regulation of the Right of Access to the File and Protection of…
3 September 2025
A Milestone for Eurasian Connectivity: The Middle Corridor’s Strategic Emergence and Türkiye’s Geopolitical Role
The launch of the first direct freight train service from China to Europe via the Trans-Caspian International Transport Route (TITR),…
28 July 2025
Recent Changes in Mining, Renewable Energy and Electricity Legislation
Law No. 7554 on Amendments to Certain Laws, which introduces changes to many fundamental pieces of legislation applicable to the energy…
25 July 2025
The United Kingdom Sanctions: Risks and Roadmap for Turkish Companies
On June 27, 2025, the UK Foreign, Commonwealth and Development Office (“FCDO“) published Sanctions Guidance for Non-UK Businesses…
21 July 2025
Recent Developments in Healthcare Legislation – Q2 2025
Amendment to the Regulation on the Clinical Trials of Medicinal Products for Human Use. On 5 June 2025, the Regulation on Clinical Trials…