Law on data protection approved by president
ANKARA
The law aiming to bring new measures to protect personal data was published on the Official Gazette on April 7 and came into effect.The bill came shortly after reports of a fresh data leak began circulating early on April 5, after the Associated Press released a report on hackers who posted a database online which included the personal information of nearly 50 million Turkish citizens, describing the incident as “one of the largest leaks of its kind.”
According to the new law, personal data cannot be processed without the open consent of individuals, and in cases where an individual’s or Turkey’s interest may be seriously harmed, data can be transferred to other countries only with the permission of a newly-formed Council of Protection of Personal Data.
As far as the content of personal data is concerned, the bill recognizes individuals’ race, ethnicity, political views, philosophical beliefs, religion, sect, as well as their other beliefs, appearance, membership of any association, foundation or syndicate, health, sexual life, information on past convictions, and biometric and genetic information as special quality personal data. The law also enables individuals to know if their personal data is processed, and if there is any mistake or missing information during the process, the individuals will be able to demand their correction and removal. Individuals will also be able to apply for reparations if they face any kind of loss due to the illegal processing of their data.