Turkiye: Cybersecurity Law (Law No. 7545) including labour law regulation enters into force

On 19 March 2025, the Cybersecurity Law (Law No. 7545) entered into force. The scope of this Law encompasses public institutions, professional organisations, private entities, and individuals operating within the cyberspace domain, with exceptions for intelligence activities under national security laws. The Law provides definitions, basic principles and responsibilities for cybersecurity, including the protection of critical infrastructure, data security and the role of cybersecurity response teams. The Law stipulates that the Presidency is permitted to engage the services of contracted cybersecurity experts under specified conditions, without any guarantee of future public employment. All personnel are obligated to undergo security clearance and background checks. Furthermore, service time may be recognised towards obligations at other institutions with the requisite approval. Former staff are prohibited from cybersecurity roles or related activities for a period of two years without consent. Disclosure of confidential information is not allowed unless authorised.