Specific provisions related to cybercrime were included in the Turkish Penal Code No. 5237, Criminal Procedure Code No. 5271, Law No. 6706 regarding International Legal Cooperation in Criminal Matters and Law No. 5651 on Regulating Broadcasting in the Internet and Fighting Against Crimes Committed through Internet Broadcasting .

This legislation includes substantive offences, procedural rules and also rules on international cooperation.

The Turkish Penal Code includes the following crimes:

Article 243 - Illegal Access to a Computer Network System

Article 244 - Preventing the Functioning of a System and Deletion, Alteration or Corrupting of Data

Article 245 - Misuse of Bank or Credit cards

Article 245/A - Prohibited devices and programs

Article 246 - Implementation of Security Measures on Legal Entities

Article 103 - Child sexual abuse

Article 226 – Obscenity

Article 228 - Arranging a place or facility for gambling

Article 204 - Counterfeiting official documents

Article 207- Counterfeiting private documents

Article 158/1-f - Computer and communications fraud

Article 142/2.e - Larceny committed by use of data processing systems

Article 245/3 - Counterfeiting

The Law no. 5846 on Intellectual and Artistic Works provides:

Article 71 – (Amended: 23/1/2008-5728/Article 138) - Infringement of Moral, Economic or Related Rights

No preservation powers are provided in the national legislation. However, Article 5 (3) of the Law no. 5651 on regulating broadcasting in the internet and fighting against crimes committed through internet broadcasting requires hosting provider to retain traffic information concerning services it provides for the period specified in the regulation which cannot be less than one year and not more than two years. Article 6 (1) (b requires access provider to retain all traffic data about the services that it provides for the period specified in the regulation which cannot be less than six months and more than two years and to maintain accuracy, integrity and confidentiality of such data

Criminal Procedure Code no. 5271 provides for:

Article 134 - Search and seizure of computer data

Article 135 - Interception of communications

Article 140 - Surveillance with technical means.

The Constitution guarantees a series of fundamental rights and freedoms, among which:

Article 20 - Privacy of private life

Article 21 - Inviolability of the domicile

Article 22 – Freedom and privacy of communication

Article 26 - Freedom of expression

Article 13 of the Constitution provides that fundamental rights and freedoms may be restricted only by law and in conformity with the reasons mentioned in the relevant articles of the Constitution without infringing upon their essence. At the same time, restrictions shall not be contrary to the letter and spirit of the Constitution and the requirements of the democratic order of the society and the secular republic and the principle of proportionality.

Following the principle of protection of fundamental rights and freedoms the criminal legislation provides for safeguards and conditions for application of procedural measures during criminal proceedings. For example, for interception of communications and covert surveillance judicial authorisation is required.

Besides an extensive legal framework on technical aspects, there are important acts on this field respecting:

• Law No. 6698 on Protection of Personal Data
• Law No. 5809 on Electronic communication
• Law No 29166 on regulating electronic commerce in Turkey
• Law No. 5549 on Prevention of Laundering Proceeds of Crime
• Law No. 6415 on the Prevention of the Financing of Terrorism

Ministry of Justice, Directorate General of Foreign Relations and European Union Affairs is the designated central authority for mutual legal assistance in criminal matters.

The legal competence to commence and direct criminal investigations belongs to the Prosecution Service, with the technical support from the police. It is also the competence of the Prosecution Service to send and to receive international cooperation requests.

In compliance with Article 35 of the Budapest Convention, a 24/7 point of contact was established, since 2011, and it is based in the National Cybercrime Department (TNP). The same structure is used for the G8 network purposes and also for the INTERPOL Network.

The National Cybercrime Department has specific competence in undertaking urgent measures related to expedited preservation of traffic data. It could conduct urgent searches and seizure of data on the basis of a judicial authorisation under Article 134 of Code No. 5271 on “search of computers, computer programs and transcripts, copying and provisional seizure. Besides, local police forces play a significant role in combating cybercrime. They carry out operations and investigate cybercrime at the local level.”