ARTICLE
6 May 2020

Turkish Data Protection Authority Issues Announcement On Processing Location Data During COVID-19 Outbreak

EA
Esin Attorney Partnership

Contributor

Esin Attorney Partnership logo
Esin Attorney Partnership, a member firm of Baker & McKenzie International, has long been a leading provider of legal services in the Turkish market. We have a total of nearly 140 staff, including over 90 lawyers, serving some of the largest Turkish and multinational corporations. Our clients benefit from on-the-ground assistance that reflects a deep understanding of the country's legal, regulatory and commercial practices, while also having access to the full-service, international and foreign law advice of the world's leading global law firm. We help our clients capture and optimize opportunities in Turkey's dynamic market, including the key growth areas of mergers and acquisitions, infrastructure development, private equity and real estate. In addition, we are one of the few firms that can offer services in areas such as compliance, tax, employment, and competition law — vital for companies doing business in Turkey.
Explore
On April 9, 2020, the Personal Data Protection Authority ("DPA") issued an announcement on the processing of location data and mobility tracking during the COVID-19 outbreak.
Turkey Privacy
Photo of Ilay Yilmaz
Photo of Can Sozer
Photo of Yigit Acar
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

Recent Development

On April 9, 2020, the Personal Data Protection Authority ("DPA") issued an announcement on the processing of location data and mobility tracking during the COVID-19 outbreak. The DPA regarded location data as personal data and stated that the processing of location data by public institutions and organizations in the scope of public health measures complies with the Law on Personal Data Protection ("Law"). The DPA's announcement is available online here (in Turkish).

What's New?

The DPA stated that data subjects' health, location and contact information are processed through mobile applications and other mediums with the purpose of detecting infected citizens; mapping the spread of COVID-19; quarantine measures; monitoring quarantined citizens; curfew implementation; and detection of crowded areas in order to prevent the spread of COVID-19.

According to Article 28 of the Law, provisions of the Law do not apply to the data processing activities in the scope of preventive, protective and intelligence acts of the competent public authorities and institutions to ensure public safety and public order. In cases of threats to public order and safety such as pandemics, the DPA assessed that public authorities and organizations' data processing activities, such as ensuring the isolation of COVID-19 positive citizens; detection of crowded areas through location data; and developing adequate measures fall within the scope of the foregoing exception.

The DPA underlined the sensitive nature of the personal data collected, and expressed that the relevant public authorities and organizations must take the necessary technical and organizational measures to ensure data protection, and delete or destroy the data they collected when the processing purposes no longer exist.

Conclusion
Turkey continues to take active steps to combat the COVID-19 pandemic. All data controllers must carry out their data processing activities during the COVID-19 outbreak in accordance with the Law and the guidance of the DPA, and closely follow the DPA's announcements and explanations in this regard.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Ilay Yilmaz
Ilay Yilmaz
Photo of Can Sozer
Can Sozer
Photo of Yigit Acar
Yigit Acar
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More