Privacy and Data Protection in Turkey: (Inching) Towards a European Framework

Turkey, the land which national poet Nazim Hikmet described as “stretching like a mare’s head into the Mediterranean” is asserting itself as a regional power – economically (with 8% GDP growth; 63 million mobile subscribers; and 30 million Facebook users); diplomatically (with the Arab world in turmoil; Iran isolated; and Israel suffering from listless leadership); and culturally (see the Economist’s review of the Istanbul biennial here). Yet despite many years of political and public debate, Turkey remains without a comprehensive legal framework for privacy and data protection. Besides constituting an obstacle in Turkey’s quest to become a member of the European Union, the lack of a modern data protection law limits business opportunities and potential collaboration between Turkish and foreign businesses and law enforcement entities and compromises the fundamental rights of Turkish individuals. (See here the European Commission’s 2009 Progress Report for Turkey’s integration, criticizing its lack of modern privacy legislation).

In a short article in BNA’s Privacy and Security Law Report, my friend and colleague Yucel Saygin, Associate Professor with the Faculty of Engineering and Natural Sciences at Sabanci University in Istanbul, and I describe the existing constitutional, statutory and regulatory framework for privacy in Turkey. We suggest Turkey should adopt privacy legislation based on the fair information principles (“FIPs”) set forth in the 1980 OECD Privacy Guidelines. In addition, Turkey should establish a privacy and data protection authority charged with enforcing data protection legislation against both the private and public sector, in a manner commensurate with the structure of Turkey’s constitutional and administrative law.

The article is available for download here . We look forward to your comments.