Turkey has published details of the Data Protection Authority’s (“Authority”) organizational structure, department duties, powers and responsibilities, as well as the Authority’s working procedures and principles.

The Regulation on Organization of the Data Protection Authority (“Regulation”) was published in Official Gazette number 30403 on 26 March 2018.

The Regulation states that the Authority will consist of a presidency (“Presidency”), plus a nine-member board (“Board”). The Board will include the Authority’s president and the second president.

The Presidency will consist of:

  • President.
  • Vice-president.
  • Seven departments:
    • Data Management.
    • Enquiry.
    • Legal.
    • Data Security and Information Systems.
    • Guidance, Research and Corporate
    • Communication.
    • Human Resources and Support Services.
    • Strategy Development.

The President will appoint people to carry out internal audit, enquiry and investigations. The results of these activities will be submitted to the Authority.

The President is empowered to appoint individuals and allocate them among the Presidency’s departments.

The Board is authorized to issue rules and guides for any matters which are not addressed or clarified in the Regulation.

Please see this link for the full text of the Regulation (only available in Turkish).

Information first published in the MA | Gazette, a fortnightly legal update newsletter produced by Moroğlu Arseven.

Article co-authored by Ülkü Solak