“Over half of the society in Turkey remains unaware of the existence of the Personal Data Protection Agency”

In a world where the emphasis on the importance of data grows stronger each day, how our personal data is handled and how it can be protected against misuse is becoming increasingly central to discussions all around the world. In order to measure the extent to which the public is aware of the security risks, protection mechanisms, and relevant public institutions in Turkey, IER conducted Turkey’s first public opinion poll regarding the perception of the provision and the protection of personal data.

According to the survey results:

Internet use is considerably high across the society in Turkey. The wide range of situations in which Turkish users upload their personal information in cloud servers render the issues of regulation, supervision and security of heightened importance. 

82.7% of the population connects to the internet at home every day.

47.1% use online or mobile banking at least once a week.

People are “unhappy” to share

In the light of the results of the research, it is safe to say that the issue of personal data security is on the agenda of the society and the society is in the process of developing solid demands surrounding the topic.

Nearly seven out of ten participants of the survey state that sharing their information online constitutes an important problem for them.

Our research shows that the public is dissatisfied with having to share personal information, and with not having control over the data they share. One out of ten respondents express concerns that companies and institutions which have their personal information use it for a different purpose to that of the collection, without informing them (91.5%). In terms of safekeeping and honest use, the public trusts health institutions the most (58.6%), and online businesses, telecommunication companies and e-stores the least.

42.6% feel that they have partial control over the use of the data they provide online, while 26.9% feel that they have no control.

84.7% of participants expressed concern over their perceived lack of control over the use of their personal data.

The greatest risks related to the misuse of personal data are stated as “the use of my personal information without informing me” (41.9%), “being a victim of fraud” (40.3%) and "having my personal information shared with third parties without my approval".

How widely known and used are existing safety mechanisms against misuse of personal data?

Although the technical and legal aspects of data protection remain unclear, people seem to take certain measures to protect themselves in the web platforms they use frequently. 52.2% of respondents state that they have changed their privacy settings from the default settings offered by the social media platforms they are subscribed to. 61.8% of those who did change their settings, found it easy to do so. The participants who did not make any such attempt, indicated that the reason behind their inaction was that they “did not know how to change the settings” (16.4%) and that they “did not think they would be targeted” (15.5%).

Whose responsibility is it to protect citizens’ personal data?

The basis of the discussion of personal data protection lies in the question of who is responsible to protect the citizens' personal information during data collection, processing and storage. Today, a growing number of countries are looking for ways to distribute this responsibility in a fair and secure way between state institutions, private companies and the citizens themselves.

35.7% of the society believes that it is the responsibility of the public institutions entrusted with protecting citizens’ information, to ensure the secure collection, storage and sharing of online personal data.

24.1% places the responsibility on the online service provider, while 23.7% argue that it is the citizens’ own responsibility to protect their personal data.

Perhaps the most striking result, however, is that over half of the society remains unaware of the existence of the Personal Data Protection Agency (Kişisel Verileri Koruma Kurumu), the public institution responsible for creating an environment that will increase the international competitive capacity of private and public actors in the data-based economy, ensuring the protection of personal data, and raising awareness about the issue of personal data protection across Turkey.

For more information contact us at

 The survey was conducted via Computer Assisted Telephone Interview (CATI) with a Turkey-wide representative sample of 1.537 participants from 12 provinces between 12-18 January 2018.