NEW REGULATION ON PROCESSING OF PERSONAL DATA IN ELECTRONIC COMMMUNICATIONS SECTOR PUBLISHED 23 December 2020
REGULATION ON OF PERSONAL DATA IN ELECTRONIC COMMUNICATIONS SECTOR (“The Regulation”) was published in the Official Gazette dated 4 December 2020 and numbered 31324. The Regulation regulates the procedures and principles for the processing of personal data and protection of privacy in the electronic communications sector, and aims to ensure the protection of privacy and fundamental rights and freedoms of individuals. |
What did the regulation bring with it? |
The Regulation regulates the procedures and principles that the operators operating in the electronic communications sector will comply with in terms of the data they obtain within the scope of providing electronic communication services to legal and natural person subscribers. |
With this Regulation, principles have been introduced in parallel with the Personal Data Protection Law No. 6698 (“DPL”), which must be followed in the processing of personal data. In addition to these principles that are in line with the law, a separate situation has been brought at this point. It is essential that traffic and location data be not transferred outside Turkey for national security reasons. |
With the regulation, the obligation of the Operators to ensure the security of the personal data of their subscribers or users has been brought. In this context, Operators are obliged to take all necessary measures in accordance with the national and international standards regarding the protection of these data, provided that they keep the minimum measures specified in the Regulation in any case. |
The Information Technologies and Communication Authority ("Authority") may request information and documents from the operators and request changes in measures. Another obligation imposed on operators here is the obligation of the operators to keep their records regarding access to personal data and other related systems for two years. |
Operators will also notify the Information Technologies Authority in addition to the Personal Data Protection Authority, subscribers or users in case of any personal data breach. |
In cases requiring explicit consent, some additional conditions have been introduced to the conditions specified in the DPL. It is also clearly regulated in the Regulation that express consent can be requested from the subscriber/ user in exchange for additional benefits such as gift minutes, SMS and data. |
The regulation states that the explicit consent of the subscriber/ user must be obtained in written or electronic form and that the records regarding this will be kept for the minimum subscription period. In addition, operators will remind relevant subscribers/ users in the third quarter of each year for processing purposes based on explicit consent. Otherwise, personal data processing activity based on explicit consent will be stopped until notification is made. |
The Regulation also stipulates that the explicit consent given by the subscriber will be automatically withdrawn if the subscription is terminated as of the expiration date, unless otherwise requested by the subscriber. |
In cases where traffic and location data are transferred to third parties, it is stipulated to also obtain explicit consent by including the data specified within the scope of subparagraph e of paragraph 1 of Article 8 of the Regulation. |
In cases where traffic and location data can be processed, the operators are obliged to inform the subscribers/ users about the types, processing purposes and periods of these data and the scope of the information obligation specified in the DPL has been expanded specifically for these data. |
It has been stated that if the operators violate their obligations specified in this Regulation, sanctions in the form of administrative fines and cancellation of their authorization will be applied by the Authority in accordance with the Administrative Sanctions Regulation. |
The Regulation will enter into force six months after its publication in the Official Gazette, in other words, on June 4, 2021. |
As a result, with this Regulation published, additional obligations have been imposed on the operators providing electronic communication services within the scope of personal data, and it is planned to secure the personal data of subscribers / users with these obligations. In this context, complying with the provisions of this Regulation while processing personal data of the operators in this sector will prevent them from facing any administrative sanctions. |
Other News
-
21.11.2024
The Procedure of Sale by Auction and The Legal Aspect of New Regulations Brought by the 9th Judicial Package
By new regulations brought by the 9th Judicial Package, a new legal frame for the sale of seized goods electronically is instructed according to Enforcement and Bankruptcy Law Article 111/b. Transactions about the sales of seized goods are made via a sale portal integrated with the National Judicial Network Information System (UYAP) by auction. However, because of the legal gaps of the law, an application about the sale transactions cannot be displayed. The amendments introduced by legislators to the law regarding electronic sales in the 8th and 9th Judicial Packages, as well as the newly established regulations, are considered an important step toward making foreclosure processes faster and ensuring that sales transactions are conducted in a safer and more transparent environment.
-
14.11.2024
Law Numbered 7531 On Amendments To Certain Laws Was Published
Law1 No. 7531 on the Amendment of Certain Laws ("Law"), also known as the 9th Judicial Package, was published in the Official Gazette dated 14.11.2024 and numbered 32722 and contains significant amendments to 17 different laws.
-
12.11.2024
E-Government Era Begins In Lease Agreements!
The Ministry of Treasury and Finance ("Ministry") announced in the 2023-2025 period of its 2022 Action Plan for Combating the Informal Economy ("Action Plan") that lease agreements could be concluded through the e-Government portal to support the decision-making processes of the parties involved and conduct risk analysis studies. The first phase of this activity was launched on November 4, 2024, through the e-Government portal, and the second phase is expected to be implemented by the end of the year.
-
10.11.2024
A New Era in Digital Markets: The Competition Authori's The Competition Authority's 2024-2028 Strategic Plan Published
The Competition Authority ("the Authority") has published its 2024-2028 Strategic Plan ("the Strategic Plan") with the aim of adapting to the rapidly evolving dynamics of digital markets and maintaining a competitive economic order. Developed in light of recent shifts in the global competitive environment, the Strategic Plan focuses on new regulations in digital markets and emerging technologies. The Authority aims to ensure fair and competitive markets through this plan, with a clear focus on enhancing consumer welfare.
-
30.10.2024
Public Announcement on Standard Contract Notification Module Published
Public Announcement on Standard Contract Notification Module published on 24.10.2024 on the official website of Personal Data Protection Authority ("Authority"). By the decision dated 17.10.2024, the Personal Data Protection Board ("Board") created "Standard Contract Notification Module" ("Module") in order to carry out standard contract notification processes in a faster and more efficient manner and decided that the notifications could also be carried out online via the Module.
-
27.10.2024
Warning To Research Companies: Inform First, Then Obtain Consent
After the number of complaints to the Personal Data Protection Authority ("Authority"), the Authority published a Public Announcement on "Personal Data Processing Activities of Research Companies by Using "Random-Digit Dialing as a Method of Telephone Sampling" for the purpose of Statistical Research" ("Public Announcement").
-
20.10.2024
EU Data Act
In today's world, where digitalization is gaining significant pace, data sharing and management are of vital importance for all sectors. In this context, the European Union has adopted the EU Data Act, which reshapes the regulations on data sharing. It aims to promote the wider use of data generated by digital devices and services while introducing new rules for a fair data economy.
-
1.10.2024
Regulation No.2023/1115 on the Prevention of Deforestation and Rules for Companies Exporting Products to the European Union
According to data from the United Nations Food and Agriculture Organization, it has been determined that the world's forests decreased by 178 million hectares over the 30-year period from 1990 to 2020.
-
30.9.2024
SEC Climate Disclosure Rule
For the sake of a livable environment and the future of our world, sustainability and ecosystem protection are becoming increasingly important. In this context, governments are introducing environmental reporting standards for companies, which are among the actors that most significantly impact the ecosystem.
-
25.7.2024
2024-2025 Action Plan For The National Artificial Intelligence Strategy Has Entered Into Force
Presidency of the Republic of Türkiye Digital Transformation Office published 2024-2025 Action Plan for the National Artificial Intelligence Strategy within the framework of the 12th Development Plan in order to further Turkey's progress in the field of artificial intelligence and to achieve the set targets.
-
29.5.2024
Important Amendments Introduced to the Turkish Commercial Code by Law No.7511
The Law on Amendments on Turkish Commercial Code and Certain Laws (the "Law") was published in the Official Gazette dated 29 May 2024 and numbered 32560.
-
7.5.2024
Law Proposal on the Amendments on the Turkish Commercial Code Numbered 6102 and Certain Laws in Offered to the Parliament
Law Proposal on the Amendments on the Turkish Commercial Code and Certain Laws is offered to the parliament. Within the scope of the proposal, it is planned to make important amendments to a number of laws, particularly the Turkish Commercial Code, the Cooperatives Law, the Law on the Protection of Competition and the Law on Consumer Protection.
-
18.4.2024
The Constitutional Court Decision Annulled The Regulation Envisaging Liability For Litigation Expenses Within The Scope Of Mediation In Civil Disputes
In accordance with paragraph 11 of Article 18/A of Law No. 6325 on Mediation in Civil Disputes1 ("the Code"), a party shall be held liable for the entire cost of the litigation, nothwithstanding justification at the conclusion of the proceedings, and shall not be granted power of attorney fee if he or she fails to appear for the initial session of mandatory mediation without providing an explanation.The aforementioned regulation is outlined as follows:
-
7.4.2024
E-Application" Period In Capital Markets Board Applications
With its announcement dated 5 February 2024, the Capital Markets Board ("Board") announced to the public that capital market institutions, organisations and partnerships will be able to make their applications more quickly and effectively through the e-Application System.
-
4.4.2024
The Amounts In The Pre-Conditions To Be Complied With Before The Initial Public Offering Of Shares In Several Sectors Were Decreased
The Capital Markets Board ("Board" or "CMB") decreased the financial thresholds for financial statements, especially considering the sectoral differences of the companies that submitting to the Board for initial public offering and the 12th Development Plan ("Plan") prepared by the Presidency of the Strategy and Budget Directorate.