Turkiye: Implemented Personal Data Protection Act including data protection authority governance

On 7 October 2016, the Personal Data Protection Act, including data protection authority governance, was implemented, 6 months after its publication in the official Gazette. The Act establishes the Personal Data Protection Board to enforce the data protection requirements outlined in the Act and would give it the power to conduct investigations based on its own initiative. Furthermore, the Personal Data Protection Board is required to assess the level of data protection offered in other jurisdictions and adopt adequacy decisions. Furthermore, the Board has the power to authorise personal data transfers based on the entities' commitments and establish and maintain a data registry.