Turkey chapter of “Lexology GTDT – Cybersecurity 2020” written by Stéphanie Beghe Sönmez and Neslihan Kasap is published.

Turkey does not have any dedicated cybersecurity laws. The data protection legislation, including the Personal Data Protection Law No. 6698 (PDPL), however, contains general requirements with regard to the security of personal data. Cybersecurity breaches can therefore lead to a breach of data protection law. The Council of Ministers issued a decision on national cybersecurity strategy, published in the Ofcial Gazette on 20 June 2013, in the form of an action plan aimed at ensuring the protection of ser vices, transactions and data provided by the government through IT systems and critical IT infrastructure operated by the public and pri vate sectors. On that basis, the Ministry of Transport, Maritime Affairs and Communication prepared a 2016–2019 national cybersecurity strategy and action plan, under which defnitions, principles, cyberse curity risks and strategic cybersecurity purposes and actions are pre sented. This plan aimed to shape Turkey’s cybersecurity legislation in accordance with international standards and establish a public authority that ensures coordination in the feld of cybersecurity.

The 11th Development Plan of the Turkish Republic for the 2019–2023 period (the Plan) states that to mitigate national security and ensure technological transformation in primary sectors (eg, chemical industry, medicine and medical equipment, electronics, automotive and rail system equipment), Turkey must enhance its ability to develop cybersecurity and data privacy technologies, fll the gap in the number of qualifed persons, further develop its administrative structures and keep its legislation in pace with ever-developing technology. Various plans and strategies are expected to be implemented within the period covered by the Plan, including the establishment of new public organisations and committees dealing with cybersecurity. On the other hand, the Turkish Presidency’s Digital Transformation Ofce (DTO), which was established in 2018, has been carrying out a series of studies and projects in the area of cybersecurity and data security for the purpose of ensuring digitalisation in public services and increasing public awareness thereof.

You may reach the entire publication here.