Select a country to see some of the opportunities and policy challenges we are tracking across the region.
We are not covering this country at the moment. Get in touch and we will customize a regulatory scan for your needs.
Get In Touch
The policies, politics, and tech shaping the MENA+
Recent Developments
We look forward to reviewing your information and learning more about your needs. In the meantime, we invite you to learn about our capabilities, view some of the great work we do, and explore our insights.
Responsible for regulating telecommunications and information technologies by protecting consumer rights, promoting fair competition, and creating technical regulations.
Responsible for promoting industrial and technological development through funding research and development and partnering with the private sector on projects for economic growth.
Funds academic, industrial, and scientific research and programs as well as scholarships for students with a goal of augmenting Turkish scientific and technological capacities.
Identifies cyber security threats and partners with other agencies and the private sector to mitigate and eliminate potential attacks and incidents.
Responsible for developing and implementing policy relating to transportation, maritime affairs, communications, and information technologies.
Responsible for monitoring, regulating, and sanctioning radio and television, as well as content on streaming services.
Ensures the protection of personal data and promotes awareness for data privacy best practices.
Committee established under the Office of the President to lead in the development of strategies for growing the digital economy, digital trade, future cities and national technology initiatives.
Comprehensive strategy to support and enhance Turkey's development across all aspects of society, with a strong focus on digital transformation and technological innovation. Aims to boost GDP to $1.08 trillion and reduce unemployment to under 10%.
Aims to increase the number of software developers across Turkey to 500,000 and boost tech investment capacity is expected to reach $685 million. Other goals include establishing 10 Turkish unicorns ("Turcorns") and releasing 23 global disruptive technology services.
Strategy to create a security infrastructure capable of identifying and combating cyber security threats, emphasizing the protection of critical information systems and responding quickly to incidents in order to minimize negative effects of cyber attacks.
Emphasizes improving access to internet and broadband services, developing smart city and transportation operations, and developing 5G capabilities.
Aims to increase ease of access to information and ability to complete applications or file forms through the use of an e-government platform.
Strategy focusing on solving data governance issues, improving the security of AI algorithms, and applying or adjusting legal frameworks in the digital age.
E-Commerce Laws
Provides a legal definition of an electronic signature and establishes it as a valid method of signalling agreement to an online transaction or contract.
Defines and establishes a legal framework for electronic commerce including electronic communications, liabilities of service providers, contracts concluded electronically, and the information provided to consumers, as well as unsolicited electronic messages.
Expanded the legal definition of goods to include electronic products and established that contracts made through electronic means are governed by the previous Consumer Protection Law.
Cyber Security Laws
Establishes principles and procedures for coded or encrypted communication within the electronic communication service of public and private sector entities. Requires providers of encrypted systems provide encryption keys to the government.
Regulation on Principles and Procedures for Coded or Encrypted Communication within the Electronic Communication Service of Public Institutions and Organizations and Real and Legal Persons
Criminalizes the legitimization, glorification, and incitement of violence online, punishable by up to 5 years in prison.
Gives the National Intelligence Organization access to online and offline “information, documents, data, or records from public institutions, financial institutions, and entities” without a court order and protects individuals in the intelligence sector from legal ramifications.
Online Content Laws
Establishes protection of consumer rights as well as a framework for competition, through regulating and promoting technological development and new investments in the field of communication infrastructure, network and services.
Criminalizes the production of 7 key forms of content on the internet; incitement to suicide, facilitation of the use of narcotics, child pornography, obscenity, prostitution, facilitation of gambling, and slandering of the legacy of Ataturk. Stipulated that website can be blocked by a court order or an administrative order issued by the TIB if it is found to be committing one of these crimes.
Strengthens the powers of the Directorate of Telecommunication and Communication to issue blocking orders which hosting providers must implement within four hours. Also requires hosting providers to retain user information for 1-2 years and enables a URL-based blocking system, making it possible to block individual posts or all posts from a specific social media user.
Requires that all online content providers obtain broadcasting licenses from the Radio and Television Supreme Council, which has the power to revoke licences, impose fines, and selectively censor content.
Data Privacy Laws
Regulates the legal and technical aspects and operation of the registered electronic mail system, including protection of the rights to privacy of the receiver and the sender as well as ensuring information security.
Requires the registration of devices that have electronic identity information (e.g. smartphones, computers) and outlines operators' responsibilities in connection with the requirements of those devices.
Establishes protections on personal data privacy, including the prohibition of service providers from processing or storing personal data without explicit consent from the user. Also establishes the Data Protection Authority.
Establishes principles and procedures regarding the erasure, destruction and anonymization of personal data that is processed both by automated and non-automated means.
