Cybersecurity 2025

TÜRKIYE Law and Practice Contributed by: Bora Yazıcıoğlu, Kübra İslamoğlu Bayer, Aslı Rabia Savaş and Yağmur Yaren Özdabakoğlu, YAZICIOGLU Legal

• using SSL or more secure methods for data collection from different websites and/or mobile application channels. There are stricter requirements for the process - ing of special categories of data per the DPA Decision No 2018/10. The DPA may also specify case-specific measures in its published deci - sions. Administrative fines for failure to take necessary technical and organisational measures (interpret - ed very broadly, including unlawful data transfer abroad and violation of fundamental principles) range between TRY204,285 and TRY13,620,402 for 2025. Also refer to the data breach notification duty explained under 2.3 Incident Response and Notification Obligations , where failing to com - ply with this obligation results in a data breach. 6.2 Cybersecurity and AI Currently, there is no legislation in Türkiye regu - lating AI or providing obligations regarding AI. However, on 5 October 2024, the Turkish Par - liament published a decision on the establish - ment of a parliamentary research commission to determine the steps to be taken toward the achievements of AI, to establish a legal infra - structure in this field and to determine measures to prevent the risks of the use of AI. Members of this commission were elected recently. However, there is no public information on the progress of the commission’s work. In addition, a proposal for an AI Act was submit - ted to parliament on 25 June 2024. The proposal included provisions on risk management in pro - duction and use of AI and auditing AI operators. Although its approval is unlikely, it marks a sig -

nificant milestone as the first legislative initiative in this field. The DTO’s National Artificial Intelligence Strategy for 2021–2025 The strategy is a framework document outlin - ing strategic priorities, goals and measures. The strategic priorities are as follows: • training AI experts and increasing employ - ment in the field of AI; • supporting research, entrepreneurship and innovation; • broadening access opportunities to quality data and technical infrastructure; • taking regulatory actions to expedite socio - economic compliance; • strengthening co-operation at the interna - tional level; and • expediting structural and workforce transfor - mation. The Action Plan of National Artificial Intelligence Strategy for 2024–2025 includes the following: • improving the data governance regulations in the AI ecosystem; • enacting a national regulation on the develop - ment and use of AI systems and the market supply of systems containing AI, which fol - lows international norms; • preparing a Legal Evaluation Guide for AI Applications; and • developing an AI Values and Principles Impact Analysis Framework. There are recommended security measures con - cerning AI under the following documents:

315 CHAMBERS.COM

Powered by