Turkey’s first data protection law, introduced in 2016 and inspired by the EU’s 95/46 Directive, was a strategic choice aimed at fostering a culture of data protection with less complex norms. After 2020, various policy documents, including the Human Rights Action Plan and the Medium Term Program, demonstrated a significant shift toward alignment with the EU General Data Protection Regulation.
This pivot was driven by the evolving needs of the business ecosystem. Challenges, such as the cumbersome use of cloud computing software and the processing of special categories of personal data, particularly for employers and the health care sector, underscored the urgent need for reform.
