Turkish Constitutional Court recently decided in favour of an applicant, who suffered from two piece of internet-news dated 1998 and 1999; and decided that such news be removed from the website of the concerning newspaper based on the ground of “right to be forgotten”. The news subject to the ruling reported the applicant’s use of drugs and sentence of monetary fine due to such usage.
The court ruled that:
I must point out that this decision is not the first high court decision rendered on the ground of “right to be forgotten” in Turkey. The General Chamber of Court of Appeals has already made a ruling in June 2015, which provided a very detailed definition of “right to be forgotten”. Actually, Constitutional Court’s reasoning includes a reference to such decision of General Chamber of Court of Appeals as well as several decisions of Court of Justice including the famous Google-Costeja Decision.
On the other hand, this decision is still particularly important; because it recognizes the "right to be forgotten" in a constitutional level in Turkey and links it to a constitutional provision.
Constitutional Court rendered this decision on 3 March 2016 and this decision was published in the Official Gazette on 24 August 2016.
For the Turkish language version of this decision you can click on the following link: Constitutional Court Decision on Right to be Forgotten (in TR)
Publication Date: 26 August 2016
A new regulation, which amends the Regulation on Application of Turkish Citizenship Law, published in yesterday’s Official Gazette (12 January 2017) (“Regulation”).
This Regulation introduces an opportunity for acquiring Turkish citizenship by means of investment in Turkey.
According to this Regulation, a non-Turkish investor may acquire Turkish citizenship by the proposal of Ministry of Internal Affairs and decision of the Council of Minister’s if such person:
In order Ministry of Internal Affairs to make a proposal to the Council of Ministers for granting Turkish citizenship to the concerning investor, the relevant Turkish public authority must confirm that such investor has met the relevant condition (e.g. Ministry of Economy, Ministry of Environment and Urbanization, Ministry of Labor and Social Security). Hence, such investor should be ready to go through several application and evaluation stages. In this regard, if you think of initiating this application preceding, I kindly advise you to liaise with a legal and a financial advisor in order to finalize the application process in the most time and cost efficient manner.
Publication Date: 13 January 2017
In order to explain this awkwardness better, I have to start with the applicable legal measures on data protection before the entry into force of Turkish Data Protection Law’ (“DPL”).
Before the DPL, the Turkish Constitution has already had provision for the protection of data personal data. It is somewhat a summary of the general principles set forth in the current DPL. It even stipulates that an explicit consent of the data subject must be obtained in order to process his/her personal data.
Moreover, even the Turkish Criminal Code (“TCC”), which entered into force as of 1 June 2005, introduced several sanctions on breach of privacy rights of individuals such as obtaining, recording, transferring personal data illegally. Well, believe it or not when the DPL was published in 7 April 2016, these provisions were already in place and in force (I intentionally avoid to explain data protection provisions in some sectoral regulations back then, as they are not relevant to the subject matter of this article).
Of course, without a dedicated data protection law; there was no clear definition of personal data. Hence, it was very hard to enforce these provisions and most of the public prosecutors were hesitant to do so. Also, this ambiguity was highly criticized from a criminal law perspective on the ground that it was against the “no punishment without law” principle (lat. nulla poena sine lege). However please note that, the Constitutional Court recently decided that there was no need for a written definition of a data protection for application of TCC. Well, this decision is highly criticised as well.
Now, we are ready to talk about the DPL: As some of you may know, (at least the ones, who are into data protection, privacy and all that jazz…) the DPL was published in the Official Gazette on 7 April 2016. This law includes some administrative fines for the non-fulfillment of certain requirements; and refer to TCC for criminal sanctions.
Well, what you would normally expect from a regulatory law was to introduce a time period for the application of certain requirements. Yes, it did for some; but not for the major requirements such as obtaining an explicit consent or informing data subject on data processing activities. These provisions entered into force on the date of the DPL’s publication… Why? Because Turkey was trying to secure a deal with the EU for visa exemption; and data protection was one of the main subjects…
So, what the law did was to introduce a transition period for 6 months for the application of (i) administrative sanctions, -well, unusual choice, but okay, understandable- (ii) also a transition period for its reference to criminal sanctions (!)
Well, let’s observe the current situation, requirements are in force; but without any sanctions.
According to some criminal law experts, the DPL even indirectly provides a general exemption from the TCC provisions during such transition period.
From this perspective, current ambiguous situation may be interpreted as everyone is free to breach TCC provisions during this 6-month-transition-period of DPL. Such actions may be defended based on the grounds that “recent/dedicated law prevails over general former law” as well as “there should be no punishment without law”. So, currently what we have at hand is an ambiguous criminal sanctions on data protection, created by recently enacted data protection law…
Please finally note that this article is not intended to encourage anyone to commit any breach of the DPL or the TCC. This article is only intended to point out the ambiguity created by the 6-month-transition period in the DPL... And just to give the readers a humble advice: In Turkey, if you are in an ambiguous legal position, don’t blame yourself; blame the system…
Publication Date: 02 September 2016
I will reply to this very shortly: No, they are not.
In the event that a non-patented invention is counterfeited in Turkey, the rightful owner of the invention is entitled to pursue the counterfeiter under “Unfair Competition” provisions in Turkish Commercial Code.
Under these provisions, the rightful owner of the invention may request from the court:
(i) determination as to whether the concerning act is unfair;
(ii) prevention of an unfair act;
(iii) elimination of the unlawful consequences (i.e. destroying the counterfeit products);
(iv) compensation for damages (i.e. the court may rule that the defendant’s prospected gain related to the unfair competition act be provided as compensation to the claimant) and
(v) moral compensation.
The statute of limitations for any lawsuit under “Unfair Competition” is 1 year after the rightful owner of the invention becomes aware of such unfair act; and in any case 3 years upon accruing of such act.
Unfair competition also constitutes a criminal act with a penalty of 2 year-imprisonment; but the prosecution and/or trials would not usually result in imprisonment; however, this measure can be used as a tool to pressurize the counterfeiter.
I must emphasise that as there will be no patent registration in Turkey, evidencing that “the claimant is the rightful owner of such invention” is one of the challenges in these lawsuits. However, if the invention is protected under a patent in another jurisdiction, these records can be used as a solid evidence for proving the identity of the rightful owner.
Please finally note that the application of “Unfair Competition” is very broad under Turkish law. These provisions may apply to any “unregistered” intellectual property rights such as unregistered trademarks, trade names or industrial designs (if not protected by copyright). Moreover a work product, which does not enjoy any kind of intellectual property protection such as “non-public know-how”, may be protected under these provisions.
So don’t lose your hope when your non-patented invention, unregistered trade mark or any work product, which does not enjoy any kind of intellectual property protection, is counterfeited in Turkey; trust Unfair Competition provisions.
Publication Date: 2 December 2016
Turkish International Arbitration Law (“Turkish IAL”) empowers arbitrators to issue “precautionary injunctions” and “precautionary attachments”. These measures do not require to be “in respect of subject matter of the dispute”, which is in line with the Art 17 of the UNCITRAL Model Law.
“Preservation of evidence” is not included as one of the interim measures that may be issued by the arbitrators under the Turkish IAL. I am of the view that this is an error rather than a conscious preference of the Turkish lawmaker; thus, it must be accepted in Turkish international arbitration practice that the arbitrators have the power to issue interim measure for “preservation of evidence”.
However, such power does not extend to the issuance of interim measures, which binds third parties, and also interim measures which should be enforced by the state. In light of this principle, arbitrator’s powers on issuing “precautionary attachments” is highly criticised in Turkey; because a “precautionary attachment” cannot be enforced by a party voluntarily, but requires state’s intervention.
Turkish IAL is silent in respect of conditions to issue interim measures. In this respect, the conditions that are established in international arbitration practice should be taken into account. If it is accepted that arbitrators may issue a “precautionary attachment” in Turkey, then, the specific conditions set out in Turkish Code Enforcement and Bankruptcy should also be taken into account.
Turkish IAL provides parallel jurisdiction of the courts and arbitrators in respect of the issuance of interim measures. This provision does not stipulate any priority either to courts or to arbitrators.
Turkish IAL also provides that one of the parties may apply to the court for enforcement of interim measures issued by the arbitrators. In this connection, it should be possible for the courts to modify the interim measures issued by the arbitrators that are not eligible for enforcement under Turkish enforcement law. In principle, arbitrators and the courts should have a right to modify or revoke interim measures that they issued.
Turkish IAL is silent on ex parte (issued in the absence of the counter party) interim measures. Considering the approach taken in the UNCITRAL Model Law in this respect (i.e., “no ex parte interim measures; but ex parte preliminary orders”) it should not be accepted that ex parte interim measures can be issued by the arbitrators without a clear authorization within the Turkish IAL. On the other hand, in respect of lex feranda (future law), the Turkish IAL should be amended taking UNCITRAL Model Law as the basis in respect of ex parte interim measures/preliminary orders.
Publication Date:16 December 2016
1. Background and Turkish President’s decision
As the value of Turkish Lira was going down, on 12 September 2018, the President of Turkey issued a decision (Decision) (published on 13 September), which prohibits residents in Turkey to agree on their payment obligations in (or indexed to) foreign currencies in the following agreements: (i) sale and purchase of movables and immovables, (ii) lease of movables and immovables including vehicle leases and financial leases, (iii) employment, (iv) service and (v) contract for works (including construction agreements) (“Prohibited Agreements”)
Decision goes further and imposes an obligation to the parties of the Prohibited Agreements (which were already in force back then) to re-agree the agreement price in Turkish Liras until 13 October 2018 (“Transition Requirement”).
Finally, the Decision entitles the Ministry of Treasury and Finance (“Ministry”) to determine the exemptions to such ban.
Although, one may claim that Decision is against the “freedom of contract principle” under Turkish Constitution and Turkish Contracts Law (i.e. Code of Obligations), as of today, the Decision has not been overturned by a court, hence it is in effect.
2. Foreign direct investments exemptions, introduced by the Communique published by the Ministry on 6 October 2018
The Communique introduced, among others, an exemption in favour of the foreign direct investment for (i) service agreements and (i) employment agreements.
According to this exemption, (i) Turkish branches, representative offices or liaison offices of the residents outside of Turkey and (ii) Turkish companies, 50% or more shareholding of which belongs to the same (i.e. the residents outside of Turkey) (“Foreign Capital Entity”) shall be entitled to execute (i) service agreements and (i) employment agreements in foreign currencies. Moreover, Transition Requirement shall not be applicable to these companies.
On the other hand, the Communique stated that if a Foreign Capital Entity does not wish to exercise its right (exemption): (i) its service and employment agreements may be executed in Turkish Liras and (ii) the Transition Requirement shall be applicable to its already executed agreements (“Right to Not Exercise the Exemption”).
The Communique also provided a mandatory calculation method for determining the agreement price in Turkish Liras, which shall be applicable if the parties are not able to re-agree on the price of the agreement until the completion of the transition period.
3. Amendments to foreign direct investments exemptions made by the Amendment Communique published by the Ministry on 16 November 2018
The Amendment Communique, which was issued after the completion of the transition period, introduced some additional exemptions but also limited the previous ones:
a) The Foreign Capital Entity definition is expanded to include Turkish companies, which are directly controlled or under common control of a resident outside of Turkey;
b) Exemptions, applicable to the agreements, to which a Foreign Capital Entity is a party, are amended to be read as follows:
(i) Service agreements in which the Foreign Capital Entity is the customer,
(ii) Employment agreements, in which the Foreign Capital Entity is the employer,
(iii) Real estate sale/purchase agreements, in which the Foreign Capital Entity is the purchaser,
(iv) Real estate lease agreements, in which the Foreign Capital Entity is the lessee are exempted from foreign currency ban (“Exempted Agreements”)
As it is obvious from above, the exemptions to a Foreign Capital Entity are now applicable only if such Foreign Capital Entity is “paying money” to the counter party.
Moreover, the Amendment Communique also does not include the Right to Not Exercise the Exemption.
Consequently, the Amendment Communique left Foreign Capital Entities to be stuck with foreign currency agreements, according to which they are paying money, while these companies are required to provide their services in return for Turkish Liras.
For instance, in business centre or a shopping mall, a Turkish company lessee’s lease agreement price, which was initially agreed in foreign currency, must be re-agreed in Turkish Liras, but the lease price to be paid by the Foreign Capital Entity lessee, which is in the same position of such Turkish company, will continue to be in foreign currency; but both of these companies will be required to provide their services in return for Turkish Liras.
In this context, it may be argued that the Amendment Communique is against the “equal treatment principle” under the Turkish Foreign Direct Investment Law. On the other hand, as of today, the Amendment Communique has not been overturned by a court; hence it is currently in effect.
4. What will happen now?
a) If the parties to an agreement (one of which is a Foreign Capital Entity) have not re-agreed the agreement price in Turkish Liras (voluntarily or by applying mandatory calculation method): We are of the view that prices of these agreements are not required to be re-agreed in Turkish Liras.
b) If the parties to an agreement (one of which is a Foreign Capital Entity) have already re-agreed the agreement price in Turkish Liras (voluntarily or by applying mandatory calculation method): The party, who wish to return the price to foreign currency may try to rely on invalidity of the “re-agreement” or adaptation of the contract to the new situation, but it is not clear whether such arguments will be acceptable by the courts. It would not be a surprise to see several disputes before Turkish courts on this matter.
Publication Date: 30 November 2018
1. What is it? Is it in force? Is it practicable?
Regulation on Data Controllers Registry (“Regulation”) was published in the Official Gazette on 30 December 2017 and entered into force as of 1 January 2018.
The Regulation requires a data controller (a real/legal person, who directly or through a third party carries out and has the overall responsibility for personal data processing activities) to register with Turkey’s Data Controllers Registry (“Registry”). According to the Regulation such registration must made before the data controller engages in any personal data processing activities.
Submission for registration shall be made through an online registry system called VERBIS (“VERBIS”).
Turkish Data Protection Authority (“DPA”) may impose a fine up to TRY 1,000,000 (approximately EUR 215,000 as of the date of this note) for not registering with the Registry.
On the other hand, despite the fact that the Regulation has already entered into force, DPA recently announced on its website that that (i) works on VERBIS has not yet finished; (ii) DPA will announce the exemptions to the Regulation; (iii) obligation to register with the Registry has not yet started.
It seems like data protection professionals will need to continue to follow up DPA’s decisions and announcement on this matter.
2. Is this Regulation also relevant to the data controllers based outside of Turkey?
Yes, the Regulation stipulates that a data controller, who is based outside of Turkey, must appoint and authorise a representative in Turkey (“Representative”) and register with the Registry via such Representative.
Such Representative may be either (i) a Turkish legal person or (ii) a Turkish citizen based in Turkey.
Such Representative must be authorised by the relevant data controller to (at least):
(a) receive and accept official communication from DPA on behalf of the data controller;
(b) deliver DPA’s request to the data controller and data controller’s responses to such requests to DPA;
(c) deliver applications of data subjects to the data to data controller and data controller’s responses to the data subjects;
(d) carry out transactions before the Registry on behalf of the data controller.
A certified copy of the authorisation decision of the data controller must be submitted to VERBIS by the Representative in the course of making a submission to VERBIS for registration to the Registry.
3. How will a data controller register with the Registry? What is the information to be submitted?
A data controller will register to the Registry via VERBIS (online registry system). The information required to be submitted to VERBIS is as follows:
(a) Identity and contact information of the data controller, its Representative (if any) and contact person (explained in Section 4(a) below), (any other relevant information to be determined by DPA),
(b) Purposes for processing personal data,
(c) Data categories relating to data subject groups,
(d) Recipients of the personal data,
(e) Personal data, which may be transferred abroad,
(f) Data security measures implemented by the data controller,
(g) The maximum period of data retention (i) stipulated by law or (ii) required by the purpose of processing.
Information set forth in (b), (c), (d), (e) above shall be based on the Data Processing Inventory (as explained in Section 4(b) below) to be prepared by the data controller.
Moreover, data controllers are also obliged to prepare and retain a Personal Data Retention and Destruction Policy (“Policy”). Information set forth in (g) above shall be in line with such Policy.
4. Additional Obligations: (a) appointment of a contact person, (b) preparing a Data Processing Inventory, (c) Preparing Data Retention and Destruction Policy:
(a) Appointment of a contact person: A data controller must appoint a contact person, who will facilitate to communication between the data controller and DPA. Please however note that such person’s responsibility shall be limited to facilitating the communication; hence the decision body of the data controller (e.g. board of directors in a joint stock company) shall remain liable for fulfilling the obligations under Turkish data protection legislation. Please kindly note that role of the contact person, who must be appointed by all data controllers, who are required to register with the Registry, is merely facilitating the communication between the data controller and DPA. On the other hand, the Representative, who must be appointed by data controllers based outside of Turkey, will be able to represent the data controller with respect to transactions relating to the Registry. Finally, neither of these roles corresponds to the role of data protection officer under the General Data Protection Regulation.
(b) Preparing a Data Processing Inventory: Data controllers are obliged to prepare a Data Processing Inventory which must include information on the following (almost the same with the information to be submitted to VERBIS for registration):
(i) Personal data processing activities,
(ii) Purposes of personal data processing,
(iii) Personal data categories,
(iv) Personal data recipients,
(v) Categories of data subjects,
(vi) Maximum periods for purposes of personal data processing activities,
(vii) Personal data, which may be transferred abroad,
(viii) Implemented data security measures.
(c) Preparing Data Retention and Destruction Policy: Details of this obligation are regulated in another regulation titled Regulation on Erasing, Deleting or Anonymising Personal Data (“Deletion Regulation”), which is published in the Official Gazette on 28 October 2017, also entered into force as of 1 January 2018. According to the Deletion Regulation, data controllers, who are obliged to register with the Registry, are also obliged to prepare a Data Retention and Destruction Policy, which must include information on the following:
(i) The purpose of preparing Policy,
(ii) Data recording mediums regulated by the Policy,
(iii) Definitions of the legal and technical terms set forth in the Policy,
(vi) Explanation on the legal, technical or other reasons for retention and destruction of data,
(v) Technical and administrative measures for retaining data safely, preventing data to be processed or reached illegally,
(vi) Technical and administrative measures for technical and administrative measures for legally destroying data,
(vii) Titles, departments, position definition of the persons, who are involved in retention and destruction processes,
(viii) Table showing periods for data retention and destruction,
(ix) Destruction periods,
(x) Updates and amendments to Policy, if any.
5. Our Comment
Although, Turkish Data Protection Law, which was published in the Official Gazette on 7 April 2016 (“Law”), has not clearly determined the territorial scope of the Law, the Regulation implicitly determined the territorial scope of the Law to cover data controllers based outside of Turkey. Hence, currently, persons, who are carrying out data protection activities that involve Turkey; but who are based outside of Turkey, are still obliged to comply with the Law, appoint a Representative and register with the Registry via such Representative.
Publication Date: 16 January 2018
Turkey’s Draft Regulation on Provision of Radio, Television and On-demand Broadcasting Services through the Internet (Draft Regulation) is jointly drafted by Turkish Radio and Television Supreme Council (RTSC) and Turkish Information and Communication Technologies Authority (ICTA). The Draft Regulation is open for public comment as of 27 September 2018 and it is expected to come into force soon.
1. Who are within the scope of the Draft Regulation?
Draft Regulation will apply to:
The Draft Regulation also clarifies that regardless of the location of their content providers or hosting providers, the below-mentioned non-Turkish media service providers and platform operators are within the scope of the Draft Regulation:
(i) media service provides/platform operators who broadcast through the internet in Turkish language, targeting Turkish audience and
(ii) media service provides/platform operators, who provides marketing communications targeting Turkish audience even though their broadcasting language is not in Turkish,
Although the definitions in the Draft Regulation are not clear yet, we expect that the online on-demand streaming platforms such as Netflix will be deemed under the scope of the Draft Regulation either as a media service provider or as a platform operator.
2. Who are outside of scope of the Draft Regulation?
According to the Draft Regulation:
are outside of the scope of the Draft Regulation.
We are of the view that Facebook, YouTube would be deemed out of the scope of the Draft Regulation based on the exclusions above.
3. Is there a licence/permit requirement?
Media service providers providing broadcast services only on the internet are required to obtain different licences based on their broadcasting service such as (i) radio, (ii) television and (iii) on-demand broadcasting.
Such media service providers must fulfil certain requirements such as (among others):
Such licenses will be valid for 10 years. License fees vary from TRY 10.000 to TRY 100.000.
Media service providers, who already have a “temporary broadcasting right” and/or “broadcasting permit” for conventional broadcasting (e.g. territorial, satellite, radio etc.) are not required to obtain an additional license for internet broadcasting but must fulfil some notification obligations and obtain a permit for this purpose.
Platform operators are required to obtain an internet broadcast transmission permit. Such operators must fulfil certain requirements such as (among others):
Internet broadcast transmission permit annual fee is TRY 100.000.
4. What are the notable restrictions?
Media service providers are obliged to remove from their broadcast catalogue, the broadcasts that are found inappropriate by the RTSC.
Platform operators shall not to transmit broadcasts of media service providers which do not have license.
5. What are the sanctions?
In case of (i) providing broadcasting services without license or (ii) transmission of broadcasts without broadcast transmission permit, the magistrate court may decide to block the access to such broadcasts upon application.
In addition to this, ICTA may impose an administrative fine to content providers, hosting providers or access providers which do not fulfil such decision.
In certain cases, RTSC has authority to cancel the broadcasting licenses.
Please see link below for the full text of the Draft Regulation (only available in Turkish):
Publication Date: 5 October 2018