Turkish DPA shared the statistics with the public

On 18 September 2024, speaking at the event “Cyber World and Personal Data Protection”, President of the DPA declared statistical information. Accordingly, from the day the DPA started its operations until today:

• The DPA received 43,665 reports, complaints and applications.
• The DPA concluded 42,033 reports, complaints and applications.
• As a result of the investigations, administrative fines totaling EUR 23 million were imposed.
• Out of 1519 data breach notifications received by the DPA, 345 were announced on the DPA’s website.
• The DPA issued 1153 legal opinions on matters within its area of responsibility.
• The DPA has approved 10 adequately qualified undertakings regarding the cross-border transfer of personal data.
• The number of standard contracts submitted to the DPA is 469.

Türkiye’s medium-term program

In 2025-2027 Medium-Term Program, Türkiye emphasizes aligning its data protection regulations with the EU harmonization. This alignment is critical for ensuring that Türkiye’s data privacy standards meet international norms, particularly as the country enhances its digital infrastructure. Strengthening the DPA’s role in protecting personal data is key to achieving compliance with both national goals and broader European regulatory frameworks under the EU harmonization.

Türkiye’s strategy focuses on big data

Türkiye’s Ministry of Transport and Infrastructure announced the 2024-2028 National Cybersecurity Strategy. The plan includes 18 goals, aiming to reduce foreign dependency through local and national technologies while strengthening national security and economic resilience. Key focuses include AI and big data for threat detection, “zero trust” measures to combat 5G and IoT risks, and bolstering national cybersecurity capabilities. The strategy underscores the importance of proactive defense, risk analysis, and local tech development for long-term cyber resilience.

The DPA announced the following data breach notifications in September: