Copyright protection in Turkey is regulated under the Intellectual and Artistic Works Law No 5846. Turkey has unfortunately become one of the hubs for digital copyright infringement especially for movies and TV shows. Due to the high income generated through ads, the business models of many new web sites in Turkey are based on publishing copyright infringing content.
In 2004 a fast two-stage solution was introduced under the supplemental Article 4 of Law No 5846 to combat these digital copyright infringements.
First stage is the notice and takedown for copyright infringements , which requires the content provider to takedown the infringing content from the website within three days following the notice to be made by the right holders.
Second stage starts if the content provider does not take down the infringing content in the given time. In this case, a request shall be made to the public prosecutor requiring the service provider to cease the services being provided to the content provider persisting in the violation, within three days. In case the violation is ceased, the service being provided to the content provider shall be restored.
Lastly, if the service provider does not comply with the order of the public prosecutor, criminal lawsuits may be initiated against non-complying service providers.
There are two separate systems provided in the Turkish Labor Law (the Law) for the termination of employment contracts. The first system is noted as the ‘freedom of termination’ (Art. 17), which essentially means that the employer is free to terminate employment contracts as it deems fit, provided that the contract is an employment contract for an indefinite duration. In this system, the employer is not required to provide any justification for the termination and can terminate the contracts without any just cause by only paying the severance compensations.
However, the Law also introduced a second system called “employment security” (Art. 18), under which the employers are required to provide valid or righful causes for terminations for a termination to be deemed valid. Accordingly, employers cannot terminate the employees benefiting from this employment security system as they deem fit and without any rightful or just cause, as such terminations will not be deemed as valid terminations as per Article 18 of the Law.
II. CONDITIONS FOR EMPLOYMENT SECURITY
Article 18 of the law clearly defines the conditions of employment security. Accordingly, any worker/employee who has been working for at least six months in a workplace that employs at least 30 employees shall benefit from the employment security rules.
Although the conditions set forth for the employment security system seem simple, determining the total employee count in a specific workplace can be quite complex in certain situations. First and foremost, it should be noted that if an employer company has more than one workplace (for example two or more different shops or factories in different locations), the employee count of that employer shall be total employees employed in all its workplaces. For example, if an employer has 20 employees working in factory ‘A’ and 15 employees in factory ‘B’, then the total employee count of that employer shall be noted as 35, and any employee working in either factory A or B shall benefit from the employment security rules.
Another issue in determining the employee count is when that determination shall be made. Consider a company where the employee count changes often, where most employees are working for very short terms and the total employee count fluctuates (for example, in some months the total employee count exceeds 30, and in others it is less than 30). In this case, the time of determination of the employee count is very important, as depending on the employee count in a specific timeframe, the applicability of employment security rules will change. It should be noted that the Law does not provide clear instructions regarding this issue and therefore it is not clear which employee count shall be considered in determining the applicability of employment security rules. Although the Law does provide specific instructions, the Court of Appeals precedents cleared this issue by stating that in determining whether the employment security rules apply to a termination, the total employee count at the date of the termination shall be taken into account.
III. TERMINATION OF EMPLOYMENT CONTRACTS BENEFITING FROM EMPLOYMENT SECURITY
As noted above, the employment contracts of employees not benefiting from employment security rules can be terminated without providing any rightful cause/reason, meaning the employers can terminate any contract as and when they deem fit, as long as the employment security rules do not apply to that contract. If, however, an employment contract is protected by the employment security rules, then such a contract can only be terminated with either a valid cause (Art. 18) or a rightful cause (Art. 25). Any other termination (without providing a valid or a rightful cause) of a contract protected by employment security rules shall be deemed invalid.
a) Termination Based on Valid Cause
This type of termination is based on Article 18 of the Law. In this termination method, the employer can validly terminate an employment contract (provided it satisfies the relevant conditions) by paying the severance compensation of the employee. According to Article 18 an employment contract can be validly terminated due to the inadequacy of the employee, the behavior of the employee or due to the necessities of the workplace and the work.
Unfortunately, the Law does not provide clear instructions on what constitutes a valid cause, but rather provides general and vague definitions. It is therefore essential to review the precedents of the Court of Appeals to determine what type of behaviors or inadequacies of the employee or what kind of necessities of the workplace can be deemed as valid causes for termination. The Court of Appeals precedents provide extensive information and guidelines in determining whether a specific action or condition or omission constitutes a valid cause for the purposes. Accordingly, each case should be reviewed based on its own merits and facts in determining whether a termination of a contract based a specific cause will be deemed as a valid termination. It crucial to note at this point that the general rule for employment terminations is that the termination shall only be considered as a last resort and that the employers are obligated by the law to try to avoid termination if any other option other than termination is available (such as offering a different position and/or less salary to the employee etc.). Therefore, it is extremely important to determine whether the planned termination will be deemed valid before the courts, before proceeding with the termination.
b) Termination Based on Rightful Cause
Unlike the above noted termination based on valid cause, the conditions for this type of termination are more clearly defined and listed exhaustively in Article 25 of the Law. The causes noted in this article are separated into three categories; health reasons, behavior violating moral principles and the principle of good faith, and compelling reasons. The listed causes can be summarized as below:
Health Reasons:
If the employee becomes ill or incapacitated due his/her own gross negligence or way of life, or his/her fondness of alcohol, and his/her absence in work exceeds three back to back days or exceeds five days within a single month.
If the Medical Board determines that the illness of the employee cannot be cured and that it is dangerous for the employee to continue working in the workplace.
Employees behavior violating moral principles and the principle of good faith:
Misleading/deceiving the employer
Words and deeds/acts violating honor and dignity of the employer,
Sexual harassment by the employee,
Taunting/bullying the employer and intoxication,
Acts/deeds contrary to the principle of truthfulness and loyalty,
Committing a criminal offense in the workplace,
Absence from work,
Failure to fulfill his/her duties
Compelling Reasons: The Law does not list specific examples for this category, but rather states that in case of a force majeure event that prevents the employee from resuming work for more than one week, the employer shall have the right to termination based on rightful cause.
IV. CONCLUSION
As noted above, the system introduced by the Law for termination of employment contracts is quite complex. It should also be noted that the Law is designed in such a way as to favor the employees over the employers. This is because employers are, due to the nature of their position as work providers, are much more powerful and have more resources than employees. Therefore, the Law aims to balance this inequality of power and resources between the employers and the employees by mostly favoring the employees. The courts are of the same opinion and generally rule in favor of the employees. Due to these facts, it is extremely important for businesses to diligently review the status of each of their employees and to carefully handle the termination procedures in order to avoid any litigation and any additional costs. For further information and assistance regarding the matter, please do not hesitate to contact us here
Debt collection procedures in Turkey can be quite complex and can take a lot longer on average than most EU countries. The complexities arise from the lack of transparency and visibility within the domestic market along with the complex nature of legal proceedings for debt collection and the associated costs for such legal action.
Due to the closed nature of the market, it is extremely difficult to obtain the financial information of debtor companies. This uncertainty, coupled with the complexity of the legal proceedings and the associated costs, presents a significant issue for most foreign companies and nationals, as most of the creditors would like to obtain some sort of financial information of the debtor before starting the complex legal procedures and paying the relevant legal fees.
If, for example, the debtor company is found to be insolvent after filing the execution proceedings, there would be very little chance of recovering the debt and any legal fees paid for such claim will also be lost (since it will not be possible to recover them from the debtor). There are, of course, alternative methods, such as preliminary market and financial checks regarding the debtor and amicable settlements, that the creditors can opt for, before proceeding with a execution claim filing.
II. DEBT COLLECTION PROCEDURES
Debt collection claims can be separated into two general categories, those that are based on an independent legal promissory note and those that are not. In both cases, the execution office submits an order of payment to the debtor once the claim is made. If the claim is not based on a legal note [such as a banking check, promissory note, an independent and assignable confirmed acceptance of debt by debtor etc.]
There could be an objection by the debtor against the filing within 7 days from the date of receipt of the order of payment. If there is no objection to the claim or payment of the debt, the claim is considered to be certified (finalized) and the execution procedure proceeds with attachment of assets and properties of the debtor for the purposes of collection.
In case of an objection to the debt (full or partial objection), the claiming party (creditor) may apply for a legal procedure (a motion) to the execution Court for removing such objection, which may turn into a full length commercial litigation in cases where the debt is not clear and/or based on contractual default.
If the debtor raises such objections to the execution filing and if later those objections are found to be groundless, then the debtor is penalized in creditor’s favor raising the debt amount starting by 20%. Either following such removal of objection or after the certification of debt, the procedure finalizes with the legal sale of assets and properties of debtor for the actual collection in favor of the creditor.
It should be noted that this execution procedure is for a direct execution claim, foreign judgments or arbitral awards may also be executed in Turkey after a procedure titled recognition. In such procedure, the creditor with a finalized judgment or arbitral award applies to the Turkish Courts for recognition of such decision and the Turkish Court resolves for such recognition (without reviewing merits but with only a procedural check) and the foreign decision becomes nationalized. Then this recognition judgment is executed as noted above like a local Court judgment.
III. SECURITY DEPOSITS FOR FOREIGN CREDITORS AND OTHER COSTS
In many cases where the creditors are foreign companies or nationals, execution office require a security deposit between 25% to 100% of the total claim to be paid by the creditor in order to proceed with the execution claim. This security deposit is only required from foreign and non-resident parties (either a foreign person or a company) filing for any litigation or execution claim and for attachment (lien) over the assets of the debtor is sought in the preliminary stages of an execution. This security deposit requirement is based on Article 48 of the Turkish Act on Private International and Procedural Law (Act No. 5718).
The amount of the security deposit varies depending on the execution office, the amount and the nature of the debt subject to execution. For smaller amounts, the execution offices tend to request a full security deposit (100% of the claimed amount) to be deposited before proceeding with the execution claim (even in cases where there is a court order submitted as the basis of the execution claim). However, these deposits are requested merely as guarantees and are refunded to the claimant once the execution proceedings are finalized.
However, there are ways to circumvent this security deposit requirement. Subparagraph 2 of Article 48 of the Law sets forth that “the court exempts the plaintiff, intervener, or applicant for execution from providing a security, on a reciprocity basis”, where reciprocity basis means any international agreements signed by and between Turkey and other countries where it is stated that such security deposit payments shall not be sought for countries party to those agreements.
IV. CONCLUSION
As noted above, the procedures for debt collection proceedings in Turkey can be very complex, even more so for foreign creditors. In order to ensure a swift collection proceeding and to avoid paying any unnecessary legal fees, we highly recommend foreign creditors to seek legal assistance from legal professionals who are experienced in the field. For further information and assistance regarding the matter, please do not hesitate to contact us here.
The lawsuit for the dissolution of the partnership is also known as izale-i Şuyu. With the lawsuit for dissolution of the partnership, the partnership between the stakeholders who have rights on the movable or immovable property subject to shared or joint ownership is terminated and the transition to personal property is ensured. It is filed against all stakeholders by any stakeholder, and there is compulsory companionship between the stakeholders. It is obligatory for all stakeholders to be present in the case of dissolution of the partnership. In the event of the death of one of the stakeholders, all heirs of the stakeholder must be included in the case.
In the case of dissolution of the partnership, the court in charge is the civil court of peace, and if the subject of the lawsuit is a movable, it is the last place of residence of the testator.
The stakeholder who brought the case in the Izale-i Şuyu case is liable to cover the printed fees and expenses, but at the end of the lawsuit, the court expenses and attorney’s fees paid by the plaintiff stakeholder are shared among the stakeholders in proportion to their shares.
If the stakeholders agree among themselves and submit this sharing plan to the judge, the dominant partnership may decide to share the partnership as agreed by the parties.
In the event that an agreement cannot be reached by the parties on this matter, there are three ways to dissolve the partnership: the same division, sale and establishment of condominium. The main rule in the case of dissolution of the partnership is to apply for the same division first; In other words, it is the termination of the partnership between the stakeholders by dividing the real estate in proportion to their shares without going to the sale way. If there is no demand in this regard, the judge cannot automatically proceed to the division of the immovable property.
The dissolution of the partnership through sale is also regulated in the third paragraph of Article 699 of the Turkish Civil Code. In the event that the division process is not found to be suitable for the situation and conditions, and especially if it is not possible to divide the shared property without a significant loss of value, it shall be judged to be sold by auction. The decision to make the sale by auction is possible with the unanimous vote of all stakeholders.
If an immovable property that can be established as a condominium is in question, it is possible to dissolve the partnership by ensuring that the independent sections subject to condominium are shared among the stakeholders in proportion to their shares. If there is a difference in value between the divided parts, this difference is compensated by adding money to the missing value, if the values of the divided parts do not coincide, as clearly stated in article 699 of the Turkish Civil Code.
On a broader sense Due Diligence means the assessment of a company by a prospective buyer through an investigation and analysis of a target company. In this Article our aim is to provide an overview on how to draft a due diligence report (hereinafter referred as “DD”) and with a specific focus on Intellectual Property and Information Technology part of the DD.
In Turkish law there is no special regulation on Mergers & Acquisition, so the Turkish Law of Obligations shall be applied to all contracts signed during the M&A process. Following the letter of intent or memorandum of understanding between the Buyer and Target Companies, it is necessary to prepare a legal due diligence report to avoid the legal risks and get a good analysis for the buying party before the acquisition.
Although reviewing all the contracts and commitments of the target company is the most time consuming element of drafting a legal DD, it is a the most vital part. Especially the contracts bearing change of control clauses must be pointed out at the report.
Intellectual Property of a company in most of the cases determines the price of the company and should be carefully analyzed during the DD process. Especially the national and international patents and pending patents of the Company should be reviewed. It is also important to check if any rights are guaranteed to any of the employees due to an employee invention.
The Status of the registered and pending national and international trademarks of the target company must be controlled and if the company is using any copyrighted material, it should be stated in the DD. Furthermore, during IP checks and controls, it is important to review any ongoing and previous lawsuits of the target company along with any possible infringement of IP’s by any third party or if the target company has ever infringed on the intellectual property rights of a third party.
Another important point is to check if there are liens and encumbrances on the intellectual property rights of the target company.
Technology transfer and license agreements are the most vital contracts in Intellectual Property part of the DD and must be analyzed very well, especially the exclusive intellectual property license agreements signed with third parties.
All the Software that the target company is using must be licensed appropriately and it must be also taken into account if the company is using any open source software for its products and if any disputes arising out of the incorporated open source software.
Drafting of the legal DD report shall be done by a local full service law firm where the target company has been incorporated. If you have further questions to this topic, please don’t hesitate to contact us anytime.
For further information and assistance regarding the matter, please do not hesitate to contact us here.
In some Mergers & Acquisitions, the Competition authority shall be notified and the approval of the Authority shall be sought for as per Article 7 of the Law on the Protection of Competition No. 4054
The European Parliament’s decision to approve the new EU Copyright Directive on 26 March 2019 saw huge protests and demonstrations against this directive. The main focus of these protests was Article 17, the so called “Upload Filter”, which aims to force tech giants like Google, YouTube, Facebook etc. to change their current upload system to include a new upload filter, and make every content uploaded to their site go through this filter. Those who oppose this directive claim that this new upload filter system will end the modern Internet as we know it. On the other hand, European Parliament is aiming to make a fairer remuneration to the copyright owners and change the status quo. The European Parliament’s justification regarding the Directive is as below:
“Currently, internet companies have little incentive to sign fair licensing agreements with rights holders, because they are not considered liable for the content that their users upload. They are only obliged to remove infringing content when a rights holder asks them to do so. However, this is cumbersome for rights holders and does not guarantee them a fair revenue. Making internet companies liable will enhance rights holders’ chances (notably musicians, performers and script authors, as well as news publishers and journalists) to secure fair licensing agreements, thereby obtaining fairer remuneration for the use of their works exploited digitally.”
Although tech giants might create their own Upload Filter, as they have more than enough resources to do so, the new directive will mostly hit the smaller platforms. The cost of deploying such a filter will not only solidify the tech giants place in the market, it will also make it harder for smaller platforms to penetrate this already monopolized market.
Another controversial article of the Directive is Article 15, also referred as the “Link Tax Article”. According to this Article 15, publishers are entitled to charge platforms like Google for the snippets of their news stories. In 2014 Google closed its news service in due to a similar requirement to pay royalties to Spanish publishers. Google’s Vice President of News Richard Gingras told The Guardian that Google won’t rule out shutting down Google News in EU countries if the European Parliament enforces a so-called “link tax.”
What is the next step?
The EU Members have two years to implement the Directive into their National Laws. We have to wait two years to see if the filter and the link-tax will be the end of the internet as we know it.
For further information and assistance regarding the matter, please do not hesitate to contact us here.
Turkey has a rather strict policy regarding foreign employment where the work permit applications procedures are tied to numerous criteria. It should be noted that the regulations regarding the work permit applications are quite complex and although the main regulation regarding work permits is the International Labor Law No. 6735 (the Law), most of these criteria are not listed within the Law or the subsequent regulations, but are rather determined directly by the Ministry of Labor and Social Security (the Ministry) as per Article 13 of the Regulation Regarding the Implementation of the Law Regarding Foreigner Work Permits (the Regulation).
II. METHODS OF WORK PERMIT APPLICATION
There are two methods to apply for a work permit; the first is overseas applications submitted to the relevant Turkish consulate at the appropriate country, and the second method is the domestic applications to be made directly to the Ministry of Labor and Social Security via the online application system. However, in order to submit a domestic application, the foreigner should have a valid residence permit issued for at least six months by the relevant authorities in Turkey.
The residence permit requirement is an important aspect for domestic applications, as without a legally valid residence permit, it will not be possible for foreigners to apply for a work permit within Turkey. In such a case, the foreigners will be required to first leave Turkey (if he/she is currently staying in Turkey) and go back to their home country or country of residence and submit a work permit application from the relevant Turkish consulates there. However, this prolongs the application process as the relevant consulates are required to convey the applications (once received) along with all the required documents to the Ministry. Ministry will then do a preliminary review of the application and if approved, will notify the consulate and provide a reference number for that specific application. Once the specific reference number is received, the potential employer (in Turkey) of the foreigner will need to make a separate application via the online application system, using this reference number. This process may take up to 3 months, whereas a domestic application will be processed much faster.
III. REQUIREMENTS FOR WORK PERMIT APPLICATIONS
There are other requirements which both the employer companies and the employee foreigners must fulfill in order to submit a successful work permit application. It should be noted that the requirements for foreigner employees are more ambiguous than those noted for employers, as the employers are required to satisfy the following criteria in order to be eligible to employ a foreigner (updated list for 2019):
The company should have at least (5) five Turkish citizen employees in its payroll for each foreigner employee application. This requirement is sought only at the second (6) six months of the permit to be provided if the foreign employee is also a shareholder in the company; if more than one foreign employee will be employed the same (5) five Turkish employee requirement will be sought for consequently;
The paid capital of the company shall be at least (TRL 100.000) one-hundred-thousand-Turkish-Lira or the gross sales of the company shall be at least TRL 800.000 or the exports of the company shall exceed ($250.000) two-hundred-fifty-thousand-U.S. Dollars for the previous year;
If the employee is also a shareholder in the company than shares of the foreign individual shall not be less than (TRL 40.000) forty-thousand-Turkish-Lira of the capital which shall not represent less than (20%) twenty-percent of the capital;
The base salary of the foreign employee shall not be less than the following amounts: a) for executives, pilots, engineers and architects applying for a preliminary permit: (6.5) six-point-five times of minimum wage, b) for branch or unit managers and engineers and architects: (4) four times of minimum wage, c) for works that require expertise and craftsmanship and for teachers: (3) three times of minimum wage, d) for household service providers and other employees: (1.5) one-point-five times of minimum wage.
It should be noted that although there are no clear criteria established for foreigner employees, it will not be possible to employ any foreigner without a justifiable cause. Aside from the legal restrictions set forth for certain job titles (which prohibit the employment of a foreigner), the general rule regarding foreigner employment is to protect the local Turkish workforce and only allow a foreigner to work in Turkey if it can be established that the work to be conducted by that specific foreigner cannot be reasonably conducted by his/her Turkish counterpart.
IV. EXEMPTIONS
As noted above, the criteria for foreigner employment is quite complex and most companies or employers may find it difficult to satisfy them. The Law does provide certain exemptions from these criteria under certain conditions, the most notable one being the employment of key personnel in Special Direct Foreign Investments, meaning for certain foreign investments, the above noted criteria may not be sought for. Accordingly, if the company where the expatriate will be employed could be deemed as a “Special Direct Foreign Investment” (“SDFI”) the foreign employee may benefit from these exemptions and employed without meeting the above criteria. According to the Regulation, if a foreign investment company satisfies one of the below conditions it shall be deemed as a SDFI (updated list for 2019):
The turnover of the company for the previous year shall be at least TRL 114,700,000.-; provided that the foreign shareholders of the company possess a minimum of TRL 1,526.057 of such company capital, or;
The exports of the company for the previous year shall be at least $1,000,000.-; provided that the foreign shareholders of the company possess a minimum of TRL 1,526.057 of such company capital, or;
The company should employ at least 250 personnel registered at the Social Security Administration as employees; again provided that the foreign shareholders of the company possess a minimum of TRL 1,526.057 of such company capital, or;
If the company is planning to make an investment with the projected fixed investment value of at least TRL 38,100,000.- or;
The investor shall have at least one other foreign direct investment entity located at a country different than the country where its registered (main) offices are located.
V. CONCLUSION
The requirements and application procedures of foreigner work permits are very complex. Especially the online application system can prove to be very challenging to foreigners as the system requires a lot of information and documents to be uploaded in specific manner, and even with the online application, certain documents will still need to be mailed to the Ministry via post. Applications submitted without first completing the required document sets may be rejected, which may lead to a ban of re-application or the cancellation of the work permit. It is therefore highly recommended for foreigners to submit their work permit applications through experienced lawyers, to avoid any complications.
For further information and assistance regarding the matter, please do not hesitate to contact us here.
Personal data protection was a controversial topic in Turkey for many years, mainly due to the European Union ascension procedures. Although Turkey signed and is therefore a party to the European Union Treaty No. 108 Convention for the Protection of Individuals with Regards to Automatic Processing of Personal Data (Treaty 108) back in 1981, the subsequent local regulations were never implemented and therefore the Treaty 108 never entered into force.
To remedy this, Turkey adopted a new law regarding personal data protection, the Law on the Protection of Personal Data No. 6698, which was published at the Legislative Journal dated April 7, 2016 and No. 29677 (the Law), therefore effectively implementing the Treaty 108 domestically.
This Law is seen as a much needed improvement in personal data protection, and sets forth new liabilities to data holders, supervisors and processors to keep such personal data private at all times. However, the Law has somewhat vague definitions when it comes to defining what constitutes personal data, which can also be found in the Treaty 108.
These vague definitions allow for a flexible definition of what constitutes personal data, which allows for different sets of data to be considered as personal data without the need for legislation amendments. However, it may also cause ambiguity and confusion regarding certain data sets, such as biometric data. Accordingly, in order to determine the rules regarding the usage of biometric data, the general principles and definition of personal data should be examined first.
II. DEFINITION OF PERSONAL DATA AND PROCESSING METHODS
Article 2 of the Law defines personal data as “all information relating to an identified or identifiable natural person”, whereas Article 6 sets forth that “personal data relating to the race, ethnic origin, political opinion, philosophical belief, religion, sect or other belief, clothing, membership to associations, foundations or trade-unions, health, sexual life, convictions and security measures, and the biometric and genetic data are deemed to be personal data of special nature”.
Article 2 also defines processing of personal data as “any operation performed upon personal data such as collection, recording, storage, retention, alteration, re-organization, disclosure, transferring, taking over, making retrievable, classification or preventing the use thereof, fully or partially through automatic means or provided that the process is a part of any data registry system, through non-automatic means”.
Accordingly, even the collection, recording and/or storage of personal data shall be deemed as data processing and shall therefore be subject to the strict rules of procedures stipulated by the Law. Therefore, any action set forth in Article 2 regarding any personal data shall be subject to the explicit consent of the data owner as per Article 5. Of course, there are certain exceptions to this rule. According to Article 5, a personal data may be processed without the explicit consent of the data owner if:
a) it is clearly provided for by the laws, b) it is mandatory for the protection of life or physical integrity of the person or of any other person who is bodily incapable of giving his/her consent or whose consent is not deemed legally valid, c) processing of personal data belonging to the parties of a contract, is required provided that it is directly related to the conclusion or fulfilment of that contract, d) it is mandatory for the controller to be able to perform his legal obligations, e) the data concerned is made available to the public by the data subject himself, f) data processing is mandatory for the establishment, exercise or protection of any right, g) it is mandatory for the legitimate interests of the controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.
III. OBLIGATIONS OF THE DATA CONTROLLER AND DATA OWNER RIGHTS
Obligations of the Data Controller
According to Article 10, during the data collection and/or processing, the data controller or persons authorized by the data controller, are required to inform the data owner regarding (a) the identity of the controller and all its representatives, (b) the purpose of data processing, (c) to whom and for what purposes the processed data may be transferred and (d) the method and legal reason of collection of personal data.
Furthermore, the data controllers are also required to take all necessary measures, technical and administrative, to prevent any unlawful access and/or processing of such data. If the data is being handled/processed by authorized third parties, then the data controller shall be jointly liable along with the third party for taking these preventive measures and ensuring the safety of the collected data.
Rights of the Data Owner
Apart from the obligations imposed upon the data controllers, data owners also have a fair amount of rights under the Law. According to Article 11, the data owners have the right to request from the data controller information regarding whether his/her personal data is being processed or otherwise stored and collected, if so then to what end and to what extent the personal data is being processed, information regarding the third parties that have access to such information, if any, to request the rectification of the incomplete or inaccurate information, if any, to request the erasure and/or destruction of the relevant personal data and to request compensation for damages incurred due to unlawful processing of personal data.
The two important rights for data owners here are the right to request the rectification of the incomplete or inaccurate information and the right to claim compensation for damages incurred due to unlawful processing of data. This effectively gives power to the data owner to delete and destroy his/her personal data that is being processed or was processed in the past, and also gives the right to claim compensation if the data controllers breach their obligations arising from the law.
IV. DEFINITION OF BIOMETRIC DATA
Until recently the legislation did not provide a separate definition for biometric data or a clear and extensive definition of what constitutes personal data. Instead, personal data was defined as “all information relating to an identified or identifiable natural person”. The only other classification regarding personal data is the definition of “personal data of special nature” set forth in Article 6 (as noted above).
Although this article 6 is a almost a direct translation of Article 6 of the Treaty 108, there is one crucial difference. Back in 1981, when the Treaty 108 was first implemented, the term biometric data did not exist, and therefore this term was not included in the original text of Treaty 108 and biometric data was not classified as personal data of special nature. Article 6 of the Law, however, does note that “biometric and genetic data” shall be deemed as personal data of special nature.
An interesting fact to note is the Court of Appeal’s precedent regarding the biometric data (issued prior to the implementation of the Law). According to the precedent set by the Court of Appeals, “fingerprints and biological samples such as DNA, hair, saliva and fingernail samples” shall be deemed as personal data.
Furthermore, the Constitutional Court, by referring to the relevant articles of the Treaty 108, ruled that “data obtained via biometric methods” shall be considered as personal data, however, such data cannot be considered as “extremely sensitive personal data such as political opinions, religious beliefs, health, sexual life or criminal convictions as noted in Article 6 of the Treaty 108”. It is therefore unclear how this Court precedent should be review in light of the new changes made in the Law, although it is expected the Court of Appeals to amend this precedent in accordance with the new Law.
V. BIOMETRIC DATA PROCESSING
With the recent technological advancements and biometric technologies becoming cheaper, demand and access to such technologies have increased drastically. Biometric scanners are increasingly used in security (especially in tech companies where confidential information are of high value and in big companies, holdings that have large number of employees) and for identification purposes (mostly in medical sector, in hospitals, clinics etc.).
The most important issue in using biometric data for security and/or identification purposes is obtaining the explicit consent of the data owner. If consent is needed from every data owner, then how can companies use security systems that require biometric data (such as safe/confidential rooms accessible by fingerprint scanners) if one or more of their employees refuse to provide it, or can companies require their employees to use biometric scanners to keep track of their shifts, or can the medical sector demand biometric data before providing medical assistance in order to verify the patients identity?
These are all controversial issues due to the recent development in technology that allows for such systems to be implemented at a much cheaper price. Furthermore, biometric scanners and security systems are arguably more secure than simple passwords, which can be cracked, or more secure ID systems than a person’s signature, which can be duplicated.
Unfortunately, the Law and subsequent regulations do not provide clear answers to these issues. Therefore, the high courts (mainly the Court of Appeals, the Council of State and the Constitutional Court) have made different rulings for different situations on a case by case basis, depending on the principle of proportionality.
Biometric Data in Medical Sector for Patient ID Purposes
According to Article 67 of the Social Security and General Health Insurance Law No. 5510, state hospitals in Turkey may require their patients to provide their biometric data as a means for verifying the patient’s identification (the article states that the patients are required to either prove their identity via biometric means or with an ID card, driver’s license, marriage certificate or a passport, in order to benefit from health services).
Accordingly, some state hospitals started using biometric checks to verify the applicant patient’s identity and this caused some controversy, as it was seen as a violation of the right to privacy.
Finally, in 2014, the Council of State submitted an appeal to the Constitutional Court for annulment of the relevant provisions in this Article 67 claiming that it violated Articles 2, 13 and 20 of the Constitution. The Constitutional Court rejected the application and ruled that biometric data can be requested by state hospitals to verify patient’s identity and this did not violate the right to privacy set forth in the Constitution.
The reasoning given by the Court in this decision was that, since the ID verification via biometric means is more secure against unauthorized usage, as such data cannot be faked, it is much more effective at combatting corruption in public offices.
In other words, the Court ruled that preventing the abuse of the healthcare system is of paramount importance and when compared to the violation of the right to privacy, this provision does not violate the principle of proportionality. Therefore, the Court ruled that this provision did not violate the constitution as there was proportionality between the rights being protected (the integrity of the healthcare system) and those that were being violated (the right to privacy).
Biometric Data for Employee Shift Controls
This is another issue, especially concerning big companies and holdings that have large numbers of employees. These companies use different systems in order to control and record the working hours of their employees, such as signature sheets or card systems. However, another system that can be used is a fingerprint scanning system where employees stamp their time of arrival and departure by scanning their fingerprints.
One state hospital in Turkey started to use such a shift control application that kept track of the employees shift hours via fingerprint scanners. Subsequently, a lawsuit was filed against this mandatory fingerprint scanning application, which was finally decided upon by the Council of State.
The Council of State ruled in this decision that, fingerprints of a person should be deemed as an inseparable entity of that person’s private life and therefore is under the protection of right to privacy as per Article 20 of the Constitution. Furthermore, the Court ruled that there are other and equally competent means of tracking employee shifts and the benefit to be gained from such tracking application, even in the public sector, is negligible when compared to the violation of right to privacy. Therefore, the Council of State ruled that such applications violate the Constitution and employees cannot be forced to use fingerprint scanning systems for shift tracking purposes even in the public sector.
Biometric Data for Secure/Confidential Rooms
Another trend in business, especially in tech companies, is the implementation of secure rooms to safely store confidential information. This is especially required by foreign companies from their Turkish counterparts in cases where highly classified and confidential information is being exchanged between the parties. These secure rooms used to be protected by systems using simple passwords, whereas currently, the companies require secure rooms that are only accessible via biometric data, such as fingerprints, retinal scanners or face ID (as it is considered safer than passwords).
However, secure rooms accessible by biometric data once again brings up the issue of consent. Since the companies need one or more of their employees to have access to these secure rooms, they need to obtain such employees’ biometric data in order to properly implement a secure room. Although there are no specific high court rulings regarding this issue yet, the Council of States’ decision regarding biometric data usage for employee shift controls (noted above) should serve as a good basis.
Applying that decision to this case, it is clear that the benefit to be gained from implementing a secure room (in private companies) will be negligible when compared to the violation of the right of privacy. Therefore, companies cannot demand biometric data from their employees for the implementation of secure rooms and cannot terminate employment contracts based on an employee’s rejection of providing such data. However, it is still possible to obtain such data from consenting employees (although such consent should be carefully worded to avoid violating any provisions of the Law).
VI. CONCLUSION
Regulations in Turkey regarding personal data protection are still quite new and therefore, there are no established court precedents so far. The currently available court rulings are generally dated before the implementation of the Law and although some of them do reference the Treaty 108, we will still need to wait a few more years for the high courts to establish a precedent specific to the Law itself, and its secondary regulations. It is therefore extremely important for companies to have comprehensive personal data protection texts (informative texts and consent forms) in order to avoid any possible future liability that may be imposed upon by the court precedents.
For further information and assistance regarding the matter, please do not hesitate to contact us here.
Turkey is a member to the WIPO and is a signatory to the major Intellectual Property related Agreements including Paris Convention, Patent Cooperation Treaty, Berne Convention, Trademark Law TreatyProtocol Relating to the Madrid Agreement Concerning the International Registration of Marks and as well as TRIPS Agreement.
Until January 10, 2017, trademark protection in Turkey was regulated through the Decree-Law on the Protection of Trademarks dated June 24, 1995 and No. 556. After January 10, 2017 however, this the Decree-Law No. 556 and other IP related Decrees were revoked and replaced by Industrial Property Law No. 6769 (hereinafter referred as “IP Law No. 6769”). IP Law No. 6769 covers not only Trademark Law but also Patent Law, Industrial Design Law, Geographical Indications Law, Plant Variety Law and Integrated Circuit Topography Law. These recent changes in legislation aim to more effectively combat the counterfeiting of goods, which is seen as a huge issue in Turkey.
According to a new report by the OECD and the EU’s Intellectual Property Office (EUIPO), Turkey now stands at 3.3% of global trade in counterfeit and pirated goods. Counterfeit products especially in sectors like medical products, cosmetics and food industry constitutes a serious health and safety hazard for the consumers.
There are some notable amendments regarding anti-counterfeiting raids:
According to Article 14 of IP Law No. 6769, it is stated that an international trademark application filed within the scope of the Madrid Protocol System shall have the same effect with an application filed directly to the Turkish Patent and Trademark Office.
As to anti-counterfeiting raids, Article 30 of IP Law No. 6769 infringers shall be liable to one to three years of prison time and a judicial fine of up to 20.000 days. Article 30 of IP Law No. 6769 broadens the scope of infringement and adds importing and exporting of counterfeit products, as well as buying, possessing, shipping or stocking them for commercial purposes.
There is a controversial impunity clause in Article 30(7) of IP Law No. 6769. This clause states that anyone who sells or offers to sell a counterfeited product whose rightsowner of the trademark is somebody else can not be granted a punishment in case they inform where they got the counterfeited product from and helps to identify the producers and enable the seizure of such counterfeit products. Although this clause caused quite a controversy, it remains to be seen whether the appeals courts will implement this clause and if so, then how will this clause be implemented on a case by case basis. The important issue here is that this clause can be used as a loophole and might be misused by the infringers to delay the punishment, and it will be up to the appeals courts to ensure that this impunity clause is implemented correctly.
Article 163 of IP Law NO. 6769 introduced a fast-track destruction procedure for the infringing products.
Trademark infringement is a criminal action and cannot be prosecuted without a duly submitted complaint (therefore cannot be prosecuted ex-officio). The complaint shall be made to the prosecutor’s office. If the prosecutor finds the evidence provided by the representatives of the rights holder, he may order the police to conduct a search and seizure operation on premises where the suspected trademark infringement is taking place based on a search warrant taken from the local criminal court. In most of the cases the prosecutors are willing to see evidence obtained from the production site.
The production sites are determined by the information given by the rightsholders or also another method used frequently in practice is the hiring of a private investigator. The evidence obtained through the private investigator should be legally obtained and therefore the actions of the investigators must be supervised by the representatives of the rightsholders.
Rightsholders are also entitled to make a claim for damages before the civil court. The purpose of this action is to restore the rightsholders to their original position before the infringing action took place.
Confidentiality Agreements or also known as Non-Disclosure Agreements (NDAs) are often used between companies in order to protect their confidential information, developed technology, know-how and/or trade secrets that might be given to the receiving party during their interaction.
The general industry practice is to keep these NDA’s as short as possible in order to make them appear as simple and straightforward agreements, so that they will not raise any red flags when reviewed by an uneducated eye. Unfortunately, many of the startups and/or small businesses fall for this trap and tend to sign these NDA’s without consulting an attorney first, which generally results in these companies agreeing to detrimental provisions that may potentially cause problems for them in the future. This is especially the case for small tech startups where technology and know-how are the most valuable assets of that company.
For such startups and small businesses, agreeing to such NDA’s without consulting an attorney first may lead to the unintentional free transfer of technology and know-how to another company looking to exploit these startups. Another common occurrence in practice is that bigger companies looking for a cooperation with small businesses and/or tech startups for the innovation of either a new technology or a product, tend to flat out decline to sign any NDAs prior to the related patent application of the disclosing party, which may also cause huge problems for the small businesses.
The general industry practice is to keep these NDA’s as short as possible in order to make them appear as simple and straightforward agreements, so that they will not raise any red flags when reviewed by an uneducated eye. Unfortunately, many of the startups and/or small businesses fall for this trap and tend to sign these NDA’s without consulting an attorney first, which generally results in these companies agreeing to detrimental provisions that may potentially cause problems for them in the future.
This is especially the case for small tech startups where technology and know-how are the most valuable assets of that company. For such startups and small businesses, agreeing to such NDA’s without consulting an attorney first may lead to the unintentional free transfer of technology and know-how to another company looking to exploit these startups.
Another common occurrence in practice is that bigger companies looking for a cooperation with small businesses and/or tech startups for the innovation of either a new technology or a product, tend to flat out decline to sign any NDAs prior to the related patent application of the disclosing party, which may also cause huge problems for the small businesses.
In order to guarantee the safety of the confidential information in any dealing, the following provisions should be thoroughly examined when signing an NDA:
The definition of Confidential Information: What is deemed as confidential information should clearly and strictly defined under an NDA, failure to do so might result in the unintended loss of confidential information to another company.
The term of the Agreement: A time limit should be set regarding the term of the obligation of the Receiving party. Setting a short term time limit to protect the confidential information risks losing the confidential status of the relevant information/technology which may again lead to the unintended free transfer of such information It is self-evident that some trade secrets define the market value of the company, therefore NDAs regarding such important trade secrets like the recipe of Coca Cola would incorporate and unlimited term of protection in order to guarantee the interests of the company. Therefore, the term should be determined according the nature of the information disclosed, as it can either be an ordinary confidential information or a trade secret. In case of a trade secret it is highly recommended to set an indefinite term for the contract.
Contractual penalty: In case of a breach of the NDA a contractual penalty could be set between parties due to the difficulty of calculation of the damages incurred.
Non-compete clauses: Some disclosing parties try to put non-compete clauses in the NDAs which might limit the options of your company, therefore they should be evaluated carefully.
Attorney and Court Fees: The attorney and court fees in case of a breach can be passed to the receiving party through an article in the NDA.
If you have further questions to this topic, please don’t hesitate to contact us via the inquiries section in our website.