Tasarım Başvurusunda Dikkat Edilmesi Gerekenler

6769 sayılı Sınai Mülkiyet Kanunu’nda ("SMK") tasarım, "ürünün tümü veya bir parçasının ya da üzerindeki süslemenin çizgi, şekil, biçim, renk, malzeme veya yüzey dokusu gibi özelliklerinden kaynaklanan görünümü" olarak tanımlanmaktadır. Bir tasarımın korunabilmesi için ise öncelikle "tasarım" ve "ürün" tanımlarına uyması ve "yenilik" ve "ayırt edici nitelik" kriterlerini karşılaması gerekmektedir.

Koruma ile elde edilen tasarım hakkı, sahibine tasarımın başkaları tarafından izinsiz olarak ticari amaçla kullanılmasını önleme imkanı verir. SMK uyarınca bir tasarım, tescilli tasarım olarak korunabileceği gibi, Türkiye'de ilk defa kamuya sunulmuş olması halinde tescilsiz tasarım olarak da korunabilir. Tescilsiz tasarımların koruma süresi 3 yıl iken, tescilli tasarımların koruma süresi 5 yıldır ve 5 yıllık yenilemelerle 25 yıla kadar uzatılabilir.

Tescil yoluyla koruma elde edebilmek için, Türk Patent ve Marka Kurumu'na ("Kurum") tasarım başvurusu yapılmalıdır ve bu başvuru aşağıdaki bilgileri içermelidir:

  • Başvuru sahibinin kimliğine ilişkin bilgiler
  • Tasarımın görünümünü yansıtan ve yayım yoluyla çoğaltılmaya elverişli görsel anlatım
  • İsteğe bağlı olarak tarifname (tasarım veya tasarımın uygulandığı ürünün görsel özelliklerinin ifade edilmesi)
  • Tasarımın kullanıldığı veya uygulandığı ürünün adı
  • Varsa tasarımcının veya tasarımcı grubundaki tasarımcıların adları ve varsa tasarımcının kimliğinin gizli tutulmasına ilişkin talebi
  • Tescil isteme hakkının tasarımcı veya tasarımcılardan ne şekilde elde edildiğine ilişkin bilgi
  • Varsa yayım erteleme talebi
  • Varsa rüçhan hakkı talebine ilişkin bilgi
  • Vekil tayin edilmişse, vekile ilişkin bilgi

Başvuruya ilişkin olarak göz önünde bulundurulması gereken bazı önemli unsurlar bulunmaktadır: (i) yayım erteleme talebi, başvuru aşamasından sonra yapılamaz, (ii) birden fazla tasarım varsa bu durum başvuruda belirtilmelidir, (iii) ürünün adı Türkçe olarak ve Locarno sınıflandırma sistemine uygun olarak Locarno Kodu ile belirtilmelidir, (iv) görsel temsil, resim, çizim, grafik veya fotoğraf fark etmeksizin çözünürlük, renk kontrastı ve netlik bakımından kaliteli olmalı ve genel olarak SMK ve Kurum’un kılavuz ilkelerine uygun olmalıdır ve (v) tarifname veriliyorsa, teknik ve fonksiyonel özelliklerden bahsedilmemeli veya sadece "şekilde görüldüğü gibi" ifadesinden oluşmamalıdır.

Yukarıdakilere ek olarak, yerine getirilmemesi halinde tasarım başvurusunun eksik kalmasına veya inceleme aşamasında Kurum tarafından reddedilmesine neden olabilecek bir dizi kritik hususun da dikkate alınması gerekmektedir.

Bu bağlamda, tescil edilecek tasarım;

  • Ürün tanımı ile uyumlu olmalıdır.
  • Yeni ve ayırt edici nitelikte olmalıdır.
  • Kamu düzenine ve genel ahlaka aykırı olmamalıdır.
  • Başka bir ürüne mekanik olarak monte edilebilmesi veya bağlanabilmesi için belirli şekil ve boyutlarda üretilmek zorunda olmamalıdır.
  • İstisnalar saklı kalmak kaydıyla, ilgili merciler tarafından tescil izni verilmemiş ve kamuyu ilgilendiren, dini, tarihi ve kültürel değerler bakımından halka mal olmuş işaret, arma, nişan veya adlandırmaların uygunsuz kullanımını içermemelidir.
  • Başvuru talebi, SMK’da düzenlenen gerçek veya tüzel kişiler tarafından yapılmalıdır.
  • Başvuru talebi kötü niyetle yapılmamalıdır.
  • Başvuru talebi bir fikri mülkiyet hakkının yetkisiz kullanımını içermemelidir.
  • Daha önce kamuya açıklanmış bir tasarımla aynı veya benzer olmamalıdır.

Son olarak her başvuru, başvuruda sunulan fotoğraf sayısına ve başvurunun diğer ayrıntılarına bağlı olarak değişen bir başvuru ücretine tabidir. Bu kapsamda başvuru ücretinin başvuru esnasında ödenmesi gerekmektedir.

Özetle, tasarım başvuruları basit bir başvuru mekanizmasına sahip olsa da Kurum’un bir tasarım başvurusunu incelerken dikkate aldığı belirli unsurlar vardır. Bu unsurların tasarım başvurusunda yer almaması veya eksik olması halinde Kurum, başvurunun reddine karar verebilir. Bu nedenle bir tasarım tescili için başvuruda bulunurken; SMK, ikincil mevzuat ve Kurum’un yerleşik uygulamaları mutlaka dikkate alınmalıdır.

 

Yazarlar: Hatice Ekici Tağa, Ebru Gümüş Karasu


Design Registration Application in Turkey: Things to Consider

The Industrial Property Law No. 6769 ("IPL") defines design as “the appearance of the whole or part of a product or the ornamentation thereon resulting from features such as line, shape, form, color, material, or surface texture”. In order for a design to be protected, it must firstly comply with the definitions of "design" and "product" and fulfil the criteria of "novelty" and "distinctive character".

The design right obtained by protection authorises the owner to prevent the use of the design for commercial purposes by others without consent. Pursuant to the IPL, a design may be protected as a registered design or as an unregistered design if it is presented to the public for the first time in Turkey. While the protection period of unregistered designs is 3 years, the protection period of registered designs is 5 years and can be extended up to 25 years with 5-year renewals.

In order to obtain protection by registration in Turkey, a design application must be made to the Turkish Patent and Trademark Office (“Office”) and must contain the following:

  • Application form containing information on the applicant’s identity,
  • Visual representation that reflects the design’s appearance and is suitable for reproduction by publication,
  • Description of the visual representation or sample of the design, optionally,
  • Name of the product in which the design is used or applied,
  • Name(s) of the designer(s), and request for anonymity of the designer, if any,
  • Information on how the right to apply for registration was obtained from the designer(s),
  • Request for deferment of publication, if any,
  • Pre-emptive rights, if any,
  • Details of the representative, if appointed.

The important factors to consider with regard to the application form are that (i) the request for deferment of publication cannot be made after the application stage, (ii) if there are multiple designs, this should be mentioned in the application, (iii) the name of the product must be indicated in Turkish and in accordance with the Locarno classification system, with the Locarno code, (iv) the visual representation, whether it is a painting, drawing, graphic, photograph or something else, must have a very good resolution, colour contrast, clarity and quality, and overall must be in accordance with the IPL and the guidelines of the Office, and (v) if the description of the visual representation is given,  the technical and functional features should not be mentioned or cannot only consist of the statement “as shown”.

Furthermore, there are also a number of critical points to be considered, where failure to do so may result in the design application to be incomplete or to fail the preliminary examination stage by the Office.

In this context, the design to be registered must:

  • Be compatible with the product definition.
  • Be new and distinctive.
  • Not be contrary to public policy or morality.
  • Not have to be manufactured in specific shapes and sizes for mechanical assembly or attachment to another product.
  • Not involve the inappropriate use of signs, emblems, insignia or designations of public interest, religious, historical, and cultural values for which registration has not been authorized by the competent authorities, without prejudice to the exceptions.
  • Not be made by natural or legal persons that are not specified in the IPL.
  • Not be made in bad faith.
  • Not involve an unauthorized use of an intellectual property right.
  • Not have an identical or similar design disclosed to the public priorly.

Lastly, each application is subject to an application fee depending on the number of photographs submitted in the application and other details of the application. This application fee must therefore be paid at the time of application.

In summary, although design applications have a simple filing mechanism, there are certain elements that the Office takes into account when examining a design application. If these elements are not included in the design application or are lacking, the Office may decide to reject the application. Therefore, the IPL, secondary legislation and the Office's established practice must be considered when filing for a design registration.

 

Authors: Hatice Ekici Tağa, Ebru Gümüş Karasu


İşveren Çalışanın Buluşları Üzerinde Hak Sahipliği İddiasında Bulunabilir mi?

Buluşların yasal olarak korunması, sağladığı haklar nedeniyle buluş sahipleri için her daim önemli olmuştur. İşverenin buluş yapılmasına imkan ve yatırım sağlayarak katkıda bulunmuş olmasını dikkate alan 6769 sayılı Sınai Mülkiyet Kanunu (“Kanun”), buluş sahibinin işverenine ise, belirli koşullar altında çeşitli haklar tanımaktadır.

Çalışan buluşlarından doğan hak, yükümlülük ve uyuşmazlıkları düzenleyen mevzuatı Kanun ve Çalışan Buluşlarına, Yükseköğretim Kurumlarında Gerçekleştirilen Buluşlara ve Kamu Destekli Projelerde Ortaya Çıkan Buluşlara Dair Yönetmelik oluşturmaktadır. Kanun’a göre çalışan (i) özel hukuk sözleşmesi veya benzeri bir hukuki ilişki gereğince, başkasının hizmetinde olan ve (ii) bu hizmet ilişkisini işverenin gösterdiği belli bir işle ilgili olarak kişisel bir bağımlılık içinde ona karşı yerine getirmekle yükümlü olan kişilerdir.

Çalışan buluşları Kanun’da “hizmet buluşu” ve “serbest buluş” olmak üzere iki temel kategoride düzenlemektedir. Kanun özel bir tanım sağlamadığı serbest buluşları “hizmet buluşu dışındaki buluşlar” olarak ifade ederken, hizmet buluşlarını “çalışanın, bir işletme veya kamu idaresinde yükümlü olduğu faaliyeti gereği gerçekleştirdiği ya da büyük ölçüde işletme veya kamu idaresinin deneyim ve çalışmalarına dayanarak, iş ilişkisi sırasında yaptığı buluş” olarak tanımlamaktadır.

Her iki çalışan buluşu türü için de ortaya çıkan buluşun haklarının kimde olduğunun belirlenmesi önem arz etmektedir.

Hizmet Buluşlarında Haklar

Kanun’a göre çalışan, bir hizmet buluşu yaptığında, bunu gecikmeden işverenine bildirmekle yükümlüdür ve işveren, buluş üzerinde tam veya kısmi hak talebinde bulunabilir. Ancak böyle bir hak talebi için bazı koşullar bulunmaktadır.

Çalışanın buluşu üzerinde hak talep edebilmesi için işverenin, çalışanın bildiriminin kendisine ulaştığı tarihten itibaren dört ay içinde yazılı olarak çalışanına bildirimde bulunması gerekmektedir. İşveren bu süre içinde çalışana bildirimde bulunmazsa veya işveren herhangi bir hak talebinde bulunmadığını çalışana bildirirse, hizmet buluşu serbest buluş niteliği kazanır.

İşveren çalışanın buluşu üzerinde tam hak iddia ediyorsa, bildirimin çalışana ulaşması ile buluş üzerindeki bütün haklar işverene geçmiş olur. Bu durumda çalışan, buluşun kullanımı için makul bir bedelin kendisine ödenmesini isteyebilir.

İşverenin çalışanın buluşu üzerinde kısmi hak talep etmesi halinde ise çalışan buluşu yine serbest buluş niteliği kazanır, ancak tam hak talep edilen duruma benzer şekilde, çalışanın kısmi haklar kapsamında buluşun kullanımı için işverenden makul bedel talep etme hakkı bulunmaktadır.

Serbest Buluşlarda Haklar

Kanun uyarınca iş ilişkisi içerisindeyken serbest bir buluş yapan çalışan, durumu işverene derhal bildirmekle yükümlüdür. Kanun işverene, bildirim tarihinden itibaren üç ay içinde yazılı bir bildirim yoluyla buluşun serbest bir buluş olmadığına ilişkin itiraz etme hakkı tanımaktadır. Çalışanın açıkça işverenin faaliyet alanı dışında kalan bir serbest buluş yapması halinde, çalışanın bildirim yükümlülüğü ortadan kalkmaktadır.

Bununla birlikte, eğer serbest buluş, işletmenin faaliyet alanına girmekteyse veya işletme söz konusu buluşun ilgili olduğu alanda faaliyette bulunmak için ciddi hazırlıklar içindeyse çalışan, iş ilişkisi devam ederken buluşu değerlendirmeye başlamadan önce işverene, tam hak tanımaksızın uygun şartlar altında buluştan yararlanma imkânı vermek için teklifte bulunmakla yükümlüdür. İşveren bu teklifi aldığı tarihten itibaren üç ay içinde cevap vermezse öncelik hakkını kaybeder. İşveren teklifi kabul eder fakat öne sürülen şartları kabul etmezse, bir başka ifadeyle, taraflar hak sahipliği konusunda anlaşamazlarsa, hak sahipliği mahkeme tarafından belirlenir.

Özetle, bir çalışan buluşunun niteliği, buluş üzerindeki hakların kime ait olduğunu belirlemek bakımından oldukça önemlidir. Niteliğin belirlenmesinin ardından çalışan ve işveren, Kanun’da düzenlenen yükümlülüklerini yerine getirmediği takdirde buluş üzerindeki haklarını kaybedebilirler.

 

Yazarlar: Hatice Ekici Tağa, Ebru Gümüş Karasu, Göksu Tuğrul


Can an Employer Claim Rights to an Employee's Invention In Turkey?

The legal protection of inventions has always been important to inventors because of the rights and exclusivity it confers. However, under certain circumstances, the Turkish Industrial Property Law No. 6769 ("Law") grants rights to the employer of an inventor, taking into account the fact that the employer has contributed to the creation of the invention by providing opportunities and making investments.

In Turkey, the main legislation that governs the rights, obligations and disputes arising from employee inventions are the Law and its secondary legislation, the Regulation on Employee Inventions, Inventions Created in Higher Education Institutions, and Inventions Created in Publicly Funded Projects.

According to the Law, an employee is an individual who (i) is in the service of another party by virtue of a private law contract or similar legal relationship and (ii) is under the personal obligation in relation to that legal relationship to perform a specific work assigned by their employer.

The Law classifies employee inventions in two main categories, namely “in-service inventions” and “independent inventions”. While the Law refrains from providing a specific definition for independent inventions and refers to them as “inventions other than in-service inventions”, it defines the in-service invention as "an invention that is based on an employee's work that is required to be performed in an institution or a public administration; or an invention that is substantially based on the experience and work in an institution or a public administration and is made in the context of labor relations".

For both types of employee invention, it is important to determine who holds the rights to the resulting invention.

Rights to In-service Inventions

According to the Law, if an employee makes an in-service invention, they are obliged to notify their employer in writing without delay, and the employer may claim full or partial rights to the invention. There are, however, a number of conditions for such a claim.

In order to claim rights to the employee invention, the employer must notify the employee in writing, within four months as of the date of receiving the employee's notification. If the employer does not notify the employee within this period, or if the employer notifies the employee that it does not claim any rights, the employee's invention acquires the status of an independent invention.

If the employer claims full rights to the employee's invention, all rights are transferred to the employer when the notice is delivered to the employee. In this case, the employee may claim compensation from the employer for the use of the invention.

On the other hand, if the employer claims partial rights to the employee's invention, the employee's invention still acquires the status of an independent invention; however, similarly to claiming full rights to the employee's invention, the employee has the right to claim compensation from the employer for the use of the invention within the scope of partial rights.

Rights to Independent Inventions

According to the Law, if an employee makes an independent invention in the course of employment, the employee is obliged to notify the employer immediately. It is important to note that the employee has no obligation to notify the employer, if the employee clearly invented something outside of the employer’s field of activity.

The Law also grants the employer the right to object to the independence of the invention by means of a written notification, within three months as of the date of the employee’s notification.

Before utilizing the invention during the employment relationship, the employee is obliged to make an offer to the employer to enable the employer to make use of the invention under favorable conditions without granting full rights, if the independent invention is within the business’ field of activity, or if the business is making serious preparations to operate in the field to which the invention relates.

By failing to respond within three months from the date of receiving such notification, the employer loses the priority right in the matter. If the employer accepts the offer, but does not agree with the prescribed conditions, in other words, if the parties cannot agree on the right ownership of the invention, the right ownership is determined by the court of law.

In summary, the nature of the invention is important in determining who owns the rights to an employee's invention. Once the nature of the invention has been determined, the obligations of the employee and the employer must be met. Failure to do so may result in loss of rights to the invention.

 

Authors: Hatice Ekici Tağa, Ebru Gümüş Karasu, Göksu Tuğrul


Tanınmış Türk Markalarının Avrupa’da Korunması: Kötü Niyet İncelemesi

21 Şubat 2024 tarihinde, Avrupa Birliği Adalet Divanı Genel Mahkemesi (“Genel Mahkeme”), yalnızca Türkiye'de tescilli olan tanınmış bir markaya benzerliği nedeniyle "hepsiburada" markasının Avrupa Birliği Fikri Mülkiyet Ofisi (“EUIPO”) nezdinde tescil edilmesini kötü niyetli bulmuştur (“Karar”).

Davanın Konusu

6 Kasım 2019 tarihinde, Türkiye'de faaliyet gösteren D-Market Elektronik Hizmetler ve Ticaret AŞ ("Müdahil"), Hollanda'da faaliyet gösteren Dendiki BV ("Başvuru Sahibi") tarafından 2017 yılında tescil edilen "hepsiburada" markasının hükümsüzlüğünün tespiti için EUIPO'ya başvuruda bulunmuştur.

Müdahil'in başvurusu, Başvuru Sahibi'nin (daha doğru bir ifadeyle, halefinin) marka başvurusunu kötü niyetli bir şekilde yaptığı ve bu nedenle "hepsiburada" markasının geçersiz ilan edilmesi gerektiği gerekçesine dayanmaktadır.

EUIPO İptal Dairesi ve Temyiz Kurulu'nun kararlarını takiben, dava Genel Mahkeme'ye taşınmış ve Genel Mahkeme, o tarihte yürürlükte olan 207/2009 sayılı Topluluk Markası Tüzüğü'nün ("207/2009 sayılı Tüzük") kötü niyetli başvuru sahibi tarafından yapılan tescil başvurularının hükümsüzlüğünü öngören 52/1-b maddesine dayanarak davaya ilişkin somut olayları değerlendirmiştir.

Kötü Niyetin Tespitine İlişkin Değerlendirmeler

Genel Mahkeme, değerlendirmesinde 12 Eylül 2019 tarihli Koton Mağazacılık Tekstil Sanayi ve Ticaret v EUIPO kararına atıfta bulunarak, kötü niyete dayalı mutlak hükümsüzlük gerekçesinin başvuru sahibinin tescili yapma amacına göre belirlendiğini ifade etmiştir. Buna göre, bir başvuru sahibinin "dürüstlüğe aykırı olacak şekilde üçüncü kişilerin çıkarlarını zedeleme niyeti" varsa ve bu durum yetkili bir makam tarafından davayla ilgili bütün olgular dikkate alınarak objektif olarak tespit edilirse, başvuru sahibinin kötü niyetle hareket ettiği değerlendirilecek ve marka tescili geçersiz kabul edilecektir.

Genel Mahkeme kararında, başvuru sahibinin gerçekten kötü niyetle hareket edip etmediğini analiz ederken dikkate alınması gereken faktörler aşağıdaki şekilde sıralanmıştır:

  • Başvuru sahibinin, üçüncü bir kişinin en az bir Üye Devlette, tescili istenen işaret ile karıştırılma ihtimali olan, aynı veya benzer bir mal veya hizmet için, aynı veya benzer bir markayı kullandığını bilip bilmediği veya bilmesi gerekip gerekmediği,
  • Başvuru sahibinin, üçüncü tarafın bu tür bir markayı kullanmaya devam etmesini veya pazarlamasını engelleme niyeti,
  • Söz konusu markanın yasal koruma derecesi,
  • Tartışmalı markanın kökeni ve oluşturulduğu tarihten bu yana kullanım şekli,
  • İşaretin Avrupa Birliği markası olarak tescili için başvuruda bulunmanın ticari mantığı
  • Başvuruya ilişkin olayların kronolojisi.

Her ne kadar aksi ispat edilinceye kadar marka başvurusu yapan kişinin iyi niyetli olduğu karinesi mevcutsa da Karar’da ayrıca, marka sahibinin, tescil başvurusunda bulunduğu sıradaki amacı ve ticari mantığı ile niyetine ilişkin makul açıklamalar sunması ve diğer objektif koşulların var olsa dahi bu niyetlerin meşru olduğuna ikna edebilecek kanıtlar sunması gerektiği belirtilmiştir.

Somut olayda, Genel Mahkeme başvurucu tarafından ileri sürülen aşağıdaki argümanları detaylıca incelemiştir:

Markanın Korunması

Başvuru Sahibi, Müdahil'in "hepsiburada" markasının Avrupa Birliği'nde tescil edilmemiş olması ve ayırt edici nitelikten yoksun olması nedeniyle düşük seviyede yasal korumaya sahip olduğunu iddia etmiştir.

Genel Mahkeme bu iddiaları değerlendirirken, Müdahil'in Türkiye’de tescilli olan önceki tarihli markalarının ve bu markaların Avrupa Birliği içerisinde kullanımının kötü niyet değerlendirmesi ile ilgili olduğunun altını çizmiştir. Ayrıca Genel Mahkeme, ilgili hükmün amacının kamu menfaatinin korunması olduğunu belirterek, mutlak kötü niyet iddiasına sadece önceki hak sahipleri tarafından değil, herhangi bir kişi tarafından dayanılabileceğinin üstünde durmuştur.

Sonuç olarak Genel Mahkeme, Müdahil'in markasının Türkiye'deki itibarının, kötü niyet değerlendirilirken dikkate alınması gereken kilit unsurlardan biri olduğunu tespit etmiş ve Avrupa Birliği'nde böyle bir itibarının bulunmamasının ve iddia edilen ayırt edicilik noksanlığının somut olay açısından önemli olmadığını belirtmiştir.

Mal ve Hizmetlerin Aynılığı/Benzerliği

Başvuru Sahibi, Müdahil'in markasının sadece 35, 38 ve 42. sınıflardaki hizmetler için tescilli olduğunu; oysa kendi ihtilaflı markasının 21. sınıftaki mallar için tescilli olduğunu ve bu nedenle markalar arasında mal ve hizmet aynılığı veya benzerliği bulunmadığını iddia etmiştir.

Genel Mahkeme, mal ve hizmetlerin aynılığının veya benzerliğinin kötü niyeti belirlemek için yeterli olmadığını ve başka faktörlerin de değerlendirilmesi gerektiğini vurgulayarak bu argümanı reddetmiştir.

Markanın Kullanımından Haberdar Olma

Başvuru Sahibi, Müdahil'in Avrupa Birliği'nde tescilli markası bulunmadığından ve Avrupa piyasasında aktif olmadığından, Müdahil'in Türkiye’de tescilli "hepsiburada" markasını bilmediğini veya bilmesi gerekmediğini iddia etmiştir. Başvuru Sahibi ayrıca, Müdahil ile hiçbir ticari ilişkisi veya bağlantısı olmadığının altını çizmiştir.

Temyiz Kurulu'nun, Başvuru Sahibi’nin Türkiye ile ve Türk e-ticaret sektörü ile doğrudan bir bağlantısının bulunduğu, Müdahil'in önceki tarihli markasının Türkiye'de tanınmış olduğu ve Müdahil’in platformunun Türkiye'deki ana e-ticaret tedarikçilerinden biri olduğuna dair bulgularını takiben Genel Mahkeme, Başvuru Sahibi’nin 2017'deki marka tescil başvurusu sırasında Türkiye'deki "hepsiburada" markasının kullanımından haberdar olduğu sonucuna varmıştır. Ayrıca Genel Mahkeme, Başvuru Sahibi’nin Müdahil ile bir bağlantısının veya ilişkinin bulunmamasının, Başvuru Sahibi’nin markanın kullanımından habersiz olduğu anlamına gelmeyeceğine hükmetmiştir.

Başvuru Sahibinin Niyeti

Başvuru Sahibi, tescil başvurusu yapıldığı sırada, hepsiburada ifadesine ilişkin yapılan kapsamlı araştırmada Avrupa Birliği'nde aynı veya benzer bir marka veya ticaret unvanına rastlanmadığını, ihtilaflı marka tescilinin ardındaki niyetin ticari amaç olduğunu ve meşru iş stratejilerine uygun olduğunu iddia etmiştir. Ayrıca, Başvuru Sahibi, Müdahil'in Türkiye’de tescilli olan markalarının itibarından ve tanınmışlığından faydalanma niyetine dair kanıt bulunmadığından iyi niyet karinesinin uygulanması gerektiğini ve Müdahil'in markalarını Avrupa Birliği'nde tescil ettirmemesinin sonuçlarına katlanması gerektiğini savunmuştur.

Öte yandan, Başvuru Sahibi’nin tescil başvurusuna ilişkin makul bir açıklama ve meşru niyete ilişkin bir bilgi ileri süremediğinin altını çizen Genel Mahkeme, aşağıdaki hususları göz önünde bulundurarak, Başvuru Sahibi’nin markayı ticaret sırasında dürüst bir şekilde kullanma niyetinde olmadığını belirtmiştir:

  • Başvuru Sahibi’nin markası, Müdahil'in Türkiye’de tescilli olan önceki tarihli markalarıyla aynı veya çok benzerdir,
  • Başvuru Sahibi’nin 'www.hepsiburada.life' alan adlı internet sitesi "Müdahil'in 'www.hepsiburada.com' internet sitesinin Avrupa şubesi" olarak sunulmuştur,
  • Başvuru Sahibi, ihtilaflı markanın, iş stratejilerinin ticari kökeninin bir göstergesi olarak kullanıldığını kanıtlayamamıştır,
  • Başvuru Sahibi, üçüncü kişilerin Türkçe web sitelerine karşılık gelen başka AB marka başvuruları da yapmıştır.

Sonuç olarak, Genel Mahkeme, Başvuru Sahibi’nin ihtilaflı markanın başvurusu sırasında kötü niyetle hareket ettiğine hükmetmiştir.

 

Yazarlar: Hatice Ekici Tağa, Sümeyye Uçar, Begüm Alara Şahinkaya


European Protection on Well-Known Turkish Trademarks: A Case on Bad Faith

 

On February 21, 2024, the General Court of the Court of Justice (“General Court”) rendered its decision (“Decision”) regarding the registration of a trademark under the European Union Intellectual Property Office (“EUIPO”) with bad faith, due to its identity to a well-known trademark registered only in Turkey.

Background of the Case

On November 6, 2019, D-Market Elektronik Hizmetler ve Ticaret AS (“Intervener”), an establishment in Turkey, filed an application with the EUIPO for a declaration of invalidity for the trademark hepsiburada, registered in 2017 by Dendiki BV (“Applicant”), an establishment in the Netherlands.

The Intervener’s application relied upon the ground that the Applicant (more precisely, its predecessor in title) had acted in bad faith in filing the trademark application and therefore, the trademark “hepsiburada” must be declared invalid.

Following the decisions of the Cancellation Division and the Board of Appeal, the case was brought to the General Court, which evaluated the facts of the case on the basis of Article 52/1-b of the then applicable Regulation No 207/2009 on the Community Trademark (“Regulation No 207/2009”) that stipulates the declaration of invalidity of trademarks filed in bad faith.

Evaluations on the Determination of Bad Faith

During its evaluations, the General Court referred to the judgment of Koton Mağazacılık Tekstil Sanayi ve Ticaret v EUIPO, dated September 12, 2019, by stating that the absolute ground for invalidity based on bad faith is determined on the basis of the applicant’s purpose for filing the registration. Accordingly, where an applicant has the “intention of undermining, in a manner inconsistent with honest practices, the interests of third parties”, which is objectively determined by a competent authority by considering all the factual circumstances relevant to the case, the applicant will be deemed to have acted in bad faith and its trademark will be declared invalid.

In its Decision, the General Court listed the following factors to be taken into account when analysing whether the applicant is in fact acting in bad faith:

  • Whether the applicant knows or must know that a third party is using, in at least one Member State, an identical or similar sign for an identical or similar product or service capable of being confused with the sign for which registration is sought,
  • The applicant’s intention to prevent that third party from continuing to use such a sign or from marketing a product,
  • The degree of legal protection of the signs in question,
  • The origin of the contested sign and the way it has been used since its creation,
  • The commercial logic of filing for registration of the sign as an EU trademark, and
  • The chronology of events relating to the filing.

Furthermore, the Decision stated that even though the good faith of a trade mark applicant is being presumed until proven otherwise, it is for the proprietor of that mark to provide plausible explanations regarding the objectives and commercial logic and their intentions at the time of the application for registration of that mark, with evidence capable of convincing that, in spite of the existence of objective circumstances, those intentions were legitimate.

In the concrete case, the General Court thoroughly examined the following arguments put forward by the Applicant:

Legal Protection of the Trademark

The Applicant claimed that the Intervener’s trademark “hepsiburada” has a low level of legal protection since it is not registered in the European Union and is devoid of any distinctive character.

While evaluating these claims, the General Court underlined that the Intervener’s earlier Turkish trademarks and their use within the European Union is relevant to the assessment of bad faith. Moreover, the General Court noted that the absolute ground of bad faith may be relied on by any person and not only by holders of prior rights, since the purpose of the related provision is to protect the public interest.

As a result, the General Court established that the reputation of the Intervener’s trademark in Turkey is one of the key elements that must be considered when assessing bad faith and that the absence of such reputation in the European Union and the alleged lack of distinctiveness are not significant for the concrete case.

Identity/Similarity of Goods and Services

The Applicant claimed that the Intervener’s trademark is only registered for services in Classes 35, 38 and 42; whereas the Applicant’s contested trademark is registered for goods in Class 21 and therefore, there is no identity or similarity of goods and services between the trademarks.

The General Court rejected this argument, emphasizing that the identity or similarity of goods and services is not sufficient to determine the bad faith and that further factors must be evaluated.

Awareness of the Use

The Applicant claimed that it did not know or should have known about the Intervener’s Turkish trademark “hepsiburada”, since the Intervener had no registered trademarks in the European Union and was not active on the European market. The Applicant further stated that it had no commercial relations or links with the Intervener.

After evaluating the Board of Appeal’s findings that the Applicant actually had a direct connection with Turkey and the Turkish e-commerce sector and the fact that the Intervener’s earlier Turkish trade mark was well-known in Turkey and its platform was one of the main Turkish e-commerce suppliers; the General Court concluded that the Applicant was aware of the use of the trademark “hepsiburada”, at least in Turkey, at the time of its trademark registration application in 2017. Furthermore, the General Court evaluated that the absence of a link or relationship does not mean that the Applicant was unaware of the use of the trademark.

The Intention

The Applicant claimed that at the time of the registration application, the extensive research into the sign hepsiburada did not reveal any identical or similar trademark or trade name in the European Union, and that the intention behind the registration of the contested trademark was for commercial purposes and in line with its legitimate business strategy. Further, the Applicant argued in the absence of evidence of its intention to take advance of the reputation and well-known character of the Intervener’s Turkish marks, there should be a presumption of good faith and that the Intervener must bear the consequences of not registering its marks in the European Union.

On the other hand, underlining that the Applicant had failed to provide plausible explanations and legitimate intentions regarding the application for registration, the General Court stated that it was unlikely that the Applicant intended to use the mark honestly in the course of trade, considering the following factors:

  • The Applicant’s mark is identical or very similar to the Intervener’s earlier Turkish marks,
  • the Applicant’s website ‘hepsiburada.life’ has been presented as “the European branch of the Intervener’s website ‘www.hepsiburada.com’”,
  • the Applicant did not demonstrate the use of contested mark as an indication of the commercial origin of their business strategy,
  • the Applicant filed other EU trademark applications corresponding to the Turkish websites of third parties.

As a result, the General Court held that the Applicant acted in bad faith at the time of filing the contested mark.

 

Authors: Hatice Ekici Tağa, Sümeyye Uçar, Begüm Alara Şahinkaya


USB-C for All: Introduction of Common Chargers in Turkey

Due to acceleration of our daily routines, the demand for portable and rechargeable devices has increased over time. The market has responded to this need by making most consumer electronics rechargeable and by including chargers with every purchase. However, this standard practice and the necessity of having different chargers for each device have led to redundant purchases of chargers when acquiring new devices and to the increase of electronic waste as surplus chargers are discarded.

In this regard, the European Union introduced a single charging solution for electronic devices by defining the requirements of common charging solution, with the Directive (EU) 2022/2380 amending Directive 2014/53/EU on the harmonization of the laws of the Member States relating to the making available on the market of radio equipment (“Directive 2022/2380”). In line with the Directive 2022/2380, the selected electronic devices within the scope of common charging solution must embody a USB-C port, which allows consumers to charge their devices with any USB-C charger. This common charging requirements introduced with the Directive 2022/2380 will be applicable as of April 28, 2024.

With the aim of harmonization with the European Union acquis, on February 5, 2024, the Information Technologies and Communications Authority (“ITCA”) has published the Draft Regulation Amending the Regulation on Radio Equipment (“Draft Regulation”), which introduces the USB-C as the new standard charger for portable devices and foresees similar requirements with the Directive 2022/2380.

Scope of the Draft Regulation

The Draft Regulation foresees that the following radio equipment; (i) mobile phones, (ii) tablets, (iii) digital cameras, (iv) headphones, (v) headsets with microphones, (vi)  portable video game consoles, (vii)  portable speakers, (viii)  e-book readers, (ix) keyboards, (x) mouses, (xi)  portable navigation systems, (xii) earbuds, (xiii) laptops (will be referred as “Devices” or “Device”), must be manufactured in accordance with the standards on charging capabilities.

Requirements under the Draft Regulation

If a Device can be charged via wired charging, it must (i) have a USB Type-C port that is always accessible and operational and (ii) must be able to be charged with cables compatible with the said standard, in line with the TS EN IEC 62680-1-3:2022 “Universal serial bus interfaces for data and power - Part 1-3: Common components - USB Type-C cable and connector specification” or an equivalent standard.

Moreover, if a Device can be charged via wired charging at voltages higher than 5 Volts or currents higher than 3 Amperes or powers higher than 15 Watts; it must operate in accordance with USB Power Delivery as specified in TS EN IEC 62680-1-2:2022 “Universal serial bus interfaces for data and power - Part 1-2: Common pieces - USB Power Delivery specification” or an equivalent standard.

The Draft Regulation also introduces additional obligations on economic operators, i.e. producers, authorized representatives, importers and distributors. Accordingly, if economic operators place any of the Devices on the market together with a charger, they must offer consumers the opportunity to purchase the same Device without any charger.

The economic operators are further obliged to inform the consumers whether a charger is offered together with the Device by means of placing a pictogram on the packaging in an easily visible manner. In cases where Devices are placed on the market through distant communication tools, the said pictogram must be displayed close to the price tag in a visible and legible manner.

The producers are further under the obligation to provide the following information with the Device in Turkish and in a clear, understandable, and legible manner; and additionally with a sign indicated in the Draft Regulation:

  • "The minimum power provided by the charger must be [x] Watts and the maximum power must be [x] Watts”, where power indicates the minimum power required by the Device and the maximum power to provide the highest rate of charging, and
  • At voltages greater than 5 volts or currents greater than 3 amperes or powers greater than 15 Watts, Devices that can be recharged via wired charging is accompanied by information on the charging capabilities of the radio equipment in text format, including "USB PD Fast Charging" indicating that it also supports the USB PD protocol.

With respect to the extended producer liability, the importers and distributors of the Devices are also under the obligation to provide the Devices with the aforementioned information in a visible and legible manner. In cases where Devices are placed on the market through distant communication tools, the information must be positioned close to the price information. In addition, if requested, this information must be indicated by an electronic solution such as a QR code or a similar method.

Sanctions Foreseen under the Draft Regulation

With the Draft Regulation, Devices are included in the scope of the ITCA’s authorization to carry out assessments for market surveillance and control purposes, where there is sufficient reason to believe that there is a breach of the requirements. In line with this purpose, the economic operators are obliged to cooperate with the ITCA.

In the event that the Device does not comply with the requirements set out in the Regulation on Radio Equipment, the ITCA may request from the economic operators to take all appropriate corrective actions without delay, including (i) bringing the Device into compliance with aforementioned requirements, (ii) withdrawing the Device from the market or (iii) recalling the Device within a reasonable period of time commensurate with the nature of the risk.

Moreover, the ITCA may request economic operators to eliminate the non-conformity of the Devices, in cases of any incompatibilities with labeling requirements mentioned above. The ITCA is authorized to take the necessary measures to prevent or restrict the placing of Devices on the market or to withdraw or recall Devices from the market if the non-conformity persists.

Transition Period

After the Draft Regulation enters into force, the provisions of the Draft Regulation will be applicable for the Devices as of December 28, 2024; except for laptops, for which the provisions will not be applicable until April 28, 2026.

 

Authors: Burak Özdağıstanli, Begüm Alara Şahinkaya


Markaları Değiştirerek Kullanmak Mümkün Mü?

6769 sayılı Sınai Mülkiyet Kanunu ("Kanun"), (i) tescilinden itibaren beş yıl içinde ciddi kullanımı olmayan veya (ii) kullanımına beş yıl kesintisiz ara verilen markanın iptaline karar verileceğini düzenlemektedir. Bu hükmün uygulanabilmesi için, markanın tescil edildiği mal veya hizmetlerle ilgili kullanımının olmaması ve marka sahibinin markayı kullanmamak için haklı bir nedeninin bulunmaması gerekmektedir.

Söz konusu beş yıllık sürenin ardından marka sahibinin, markasını ilgili mal ve hizmetler bakımından kullandığını somut ve objektif kanıtlar sunarak ispat etmesi gerekebilir.

Esas olarak bir marka tescil edildiği gibi kullanılmalıdır. Ancak Kanun'un 9(2) maddesi, markanın ayırt edici karakterini değiştirmeden farklı unsurlarla kullanılmasını da "kullanım" olarak kabul etmektedir.

Kanun koyucu, markanın farklı unsurlarla birlikte kullanılmasına izin vererek, markaların değişikliklere ayak uydurabilmelerini sağlamaktadır. Bu imkan, markaların dinamik ticaret ortamında büyürken marka bütünlüğünü koruyabilmelerini sağlamaları açısından marka hukukunun öneminin altını çizmektedir. Bununla birlikte, marka ile farklı bir unsurun kullanılmasının kapsamı, yaygın ticari uygulamalarla sınırlı olmalıdır.

Markanın ayırt edici karakterinin korunarak kullanılması kriterine de değinmek önemlidir. Bir markanın temel ve ayırt edici unsurunun korunması, tüketicilerin markayı ve ilişkili olduğu şirket veya kişiyi kolayca anlamasını sağlamaktadır. Burada, farklı markalar farklı tüketici gruplarına hitap ettiğinden, ayırt edicilik değerlendirmesinin her markaya özgü yapılmasının önemi ortaya çıkmaktadır.

Aşağıdaki örnekler, Kanun'da tanımlanan sınırlar dahilinde, farklı unsurlar içeren "marka kullanımını" göstermektedir:

 

  • Kelime markalarında:
    • Noktalama işaretleri ekleme/çıkarma
      • Alçıpan → Alçıpan!
    • Yazı tipini değiştirme
      • Ip-tech → Ip-tech
    • İki kelime olarak tescil edilen markalarda sadece esas unsuru kullanma
      • Super NaNa → NaNa
    • İki kelimenin birleşimi olarak tescil edilen markalarda kelimeleri ayırma
      • BabyCool→ Baby Cool
    • Bağlaç veya ön ek ekleme/çıkarma
      • Viventy by Bernd Berger → Viventy Bernd Berger
    • Mal veya hizmeti tanımlayıcı ifade ekleme
      • Four Seasons → Four Seasons Hotel
    • Marka sahibine ait birden fazla markayı eşzamanlı kullanma

(Çatı marka veya alt markanın birlikte kullanımı)

  • Galaxy E7 → Samsung Galaxy E7
  • Tescilli bir markanın serisi izlenimi yaratacak eklemelerle birlikte kullanma
    • AINHOA →  AINHOA SPA WORLD[1]
  • Baskın olmayan yardımcı kelime unsurlarını ekleyerek kullanma
    • COLORIS → COLORIS Global Coloring Concept[2]
  • Şekil markalarında:
    • Markayı farklı bir renk tonunda kullanma
      • Şekil markasına kelime unsuru ekleyerek kullanma

Ancak, bir markanın şekil unsurunu oluşturan kelimenin kullanılması, markanın ayırt edici karakterini değiştireceği için Kanun'un 9(2) maddesi kapsamında değerlendirilemez.

Bu bağlamda, bir markanın tescil edildiği şekliyle kullanılması esas olmakla birlikte, markanın kelime veya şekil unsurlarında küçük değişiklikler yapılarak kullanılması markanın kullanılmadığı anlamına gelmeyecektir. Bu küçük değişikliklerde dikkat edilmesi gereken önemli husus, markanın tüketiciler üzerindeki genel izleniminin korunmasıdır. Bu izlenimi etkileyecek ve tüketici tarafından marka ile kolayca ilişkilendirilemeyecek değişiklikler, markanın kullanımı olarak kabul edilmeyecek ve markanın risk altında olduğu durumlarda kullanım ispatına konu olmayacaktır.

[1] Avrupa Birliği Adalet Divanı Genel Mahkemesi’nin T-426/13 sayılı Kararı

[2] Avrupa Birliği Adalet Divanı Genel Mahkemesi’nin T-353/07 sayılı Kararı

 

Yazarlar: Hatice Ekici Tağa, Sümeyye Uçar, Ebru Gümüş Karasu, Göksu Tuğrul


The On-Site Inspection Authority: An Examination After the Constitutional Court Decision

The discretionary nature of on-site inspection authority wielded by Turkish governmental authorities has been facing criticism, which stems from concerns that inspections may lack clear guidelines or oversight, leading to inconsistent and arbitrary applications. The Turkish Constitutional Court’s decision with no. 2019/40991 (“Decision”), concerning the legality of the Turkish Competition Authority’s on-site inspection authority, has set a precedent in this regard by concluding that the on-site inspections are against the inviolability of the domicile, which is a fundamental right regulated under the Constitution of the Republic of Turkey (“Constitution”).

To provide a general background, Article 15 of the Law No. 4054 on the Protection of Competition (“Law No. 4054”) authorizes the Competition Board (“Board”) to perform inspections at undertakings and associations of undertakings in cases it deems necessary, including on-site inspections.

Based on an individual application made by an undertaking, claiming the violation of its rights due to the Board’s on-site inspection, the Constitutional Court examined the case with respect to the notion of domicile. Accordingly, the Constitutional Court evaluated whether workplaces are considered within the scope of domiciles and stated that places such as personal study rooms or offices are excluded from the publicity of the workplace and must be considered within the scope of domicile in terms of privacy and protection. Whereas public places in a workplace where everyone can enter freely, such as study halls or conference rooms must not.

Within this framework, the Constitutional Court emphasized that the Constitution underlines that no domicile may be entered or searched, or the property seized therein, without:

  • a decision duly given by a judge on the grounds of national security, public order, prevention of crime, protection of public health and public morals, or protection of the rights and freedoms of others, or
  • a written order of an agency authorized by law in cases where delay is prejudicial, again on the above-mentioned grounds.

In this regard, the Constitutional Court concluded that although the Law No. 4054 grants the authority to conduct on-site inspections to the Board, such provision is not in line with the restrictions of the inviolability of the domicile regulated under the Constitution.

It should be noted that the Constitutional Court’s Decision does not amend Article 15 of the Law No. 4054 and currently, it only concerns the parties of the case. However, the ruling also includes notifying the Grand National Assembly of Turkey (“Assembly”) for the solution of this structural problem. The Assembly has yet to make any amendments to the Law No. 4054.

In Turkey, the Board is not the sole authority which exercises its on-site inspections authority under the provisions of relevant laws. For instance, the Information Technologies and Communication Authority (“ITCA”) is also granted with a similar authority under the Article 59/1 of the Law No. 5809 on Electronic Communications, which states that the ITCA is authorized to carry out or have third parties carry out on-site examination and inspections, when it deems necessary. Moreover, the law enforcement is obliged to provide assistance to ITCA during on-site inspections.

Another authority that is granted with on-site inspection authority is the Personal Data Protection Authority. Subsequently, Article 15/3 of the Law No. 6698 on Personal Data Protection foresees that data controllers are obliged to enable on-site inspections of the Personal Data Protection Authority, when necessary.

Considering the Decision of the Constitutional Court and its notification to the Assembly, arbitrary operations of on-site inspections are expected to change in a legitimate and appropriate manner.

 

Authors: Hatice Ekici Tağa, Sümeyye Uçar, Begüm Alara Şahinkaya, Göksu Tuğrul


A New Era in Cross-Border Data Transfers in Turkey

The Law Proposal Amending the Code of Criminal Procedure and Certain Laws and Decree Law No. 659 (“Law Proposal”), which embodies significant changes to the Law No. 6698 on the Personal Data Protection (“DPL”) has been submitted to the Turkish Grand National Assembly (“Assembly”) on February 16, 2024. The Law Proposal mainly includes amendments under the DPL regarding (i) processing conditions for the special categories of personal data,(ii) rules governing cross-border data transfers and (iii) appeal process and venue related to decision of the Data Protection Authority (“Authority”).

The Law Proposal, specifically the provisions on cross-border data transfers, has been eagerly anticipated by the relevant stakeholders as they facilitate a smoother mechanism for the data transfers abroad, which are also aligned with the European Union’s General Data Protection Regulation (“GDPR”). By adopting similar rules and principles with the GDPR, the Law Proposal aims to foster international compatibility and to ensure consistency with established international norms. This alignment not only facilitates compliance for entities operating in multiple jurisdictions but also enhances the coherence and effectiveness of global data governance frameworks.

Once adopted by the Assembly, the Law Proposal is expected to enter into force in the upcoming weeks.

Amendments to the Conditions for Processing of Special Categories of Personal Data

Currently, the DPL regulates that special categories of personal data shall only be processed based on (i) the explicit consent of the data subjects and (ii) it is explicitly stipulated by law, except for data concerning health and sexual life. Moreover, data concerning health and sexual life shall only be processed, without the explicit consent of the data subject, when it is necessary for the purposes of protection of public health, preventive medicine, medical diagnosis, treatment and care services, and the planning, management and financing of health services by persons under the obligation of secrecy or authorized institutions and organizations.

As the practice in the past several years revealed the necessity to process health data in the fields of health insurance, employment and social services; and with the purpose of alignment with the GDPR, the Law Proposal abolishes the different processing conditions for different types of special categories of personal data and introduces additional conditions for all special categories of personal data.

Accordingly, the Law Proposal forbids processing special categories of personal data, unless:

  1. Explicit consent of the data subject is obtained,
  2. It is explicitly stipulated by law,
  3. Processing is necessary to protect the life or bodily integrity of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent,
  4. Processing relates to personal data made public by the data subject and is in accordance with the will of the data subject to make it public,
  5. Processing is necessary for the establishment, exercise or protection of a right,
  6. Processing is necessary for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, and the planning, management and financing of health services by persons under the obligation of secrecy or authorized institutions and organizations,
  7. Processing is necessary for carrying out legal obligations in the field of employment, occupational health and safety, social security, social services and social assistance,
  8. Processing is carried for current or former members of or for persons who are in regular contact with the foundations, associations and other non-profit organizations or formations established for political, philosophical, religious or trade union purposes, provided that it is in accordance with the legislation to which they are subject and their purposes, limited to their fields of activity and not disclosed to third parties.

While these amendments seem to be able to fill the necessity risen from the practical implementations, e.g. sharing blood type information in emergencies, or for people with disabilities to benefit from government policies, the processing condition related to employment stands out as one of the most significant changes under the Law Proposal. This amendment will result in correction of the wrong but mandatory practice developed in Turkey where various special categories of personal data (i.e. criminal records, health data, disability etc.) of employees had to be processed by the employers with explicit consent of employees, of which the free-will element was questionable.

Another important impact will also happen in the health insurance sector. Because of shortcomings of the current law, health insurance providers did not have the legal basis to process health data of their customers, which was required to pay the treatment costs. As a result, another absurd but mandatory practice had to be created where health insurance providers had to ask for explicit consent when an insured customer requested payment of their treatment costs. Of course, the free-will element of the consent was questionable in this practice, however this was the only workable method. With the changes, this practice will no longer apply.

Amendments to the Cross-Border Data Transfer Regimes

The existing cross-border data transfer mechanisms under the DPL have been subject to criticism due to their challenging and not business-friendly nature. Additionally, the current mechanisms prevent the use cloud-based software and applications, which are widely used by almost all companies and individuals doing business, whose servers are located abroad; and it is evaluated that these mechanisms also became an obstacle against the potential foreign investments.

Currently, the DPL regulates that cross-border data transfers shall only be initiated from Turkey to third countries based on the fulfillment of one of the following criteria:

  • Explicit consent of the data subject is obtained, provided that such consent is freely given, specific and informed,
  • The Personal Data Protection Authority (“Authority”) determines that the recipient country provides an adequate level of protection of personal data,
  • Both the data controller and the data processor, parties to the cross-border data transfer, sign an agreement (an undertaking or binding corporate rules) ensuring adequate protection of personal data and the Authority approves such transfer.

As a response to the criticisms, the Law Proposal introduces novel appropriate safeguards and derogations for specific cases, while introducing international organization or sectors as subjects of adequacy decisions, in addition to countries. Moreover, the explicit consent is no longer a criterion for cross-border data transfers, and may only be relied upon within the framework of derogations for specific cases, as explained below.

The Law Proposal further regulates that these novel mechanisms shall apply to the onward transfers of the personal data; and that where the interests of Turkey or the data subject would be seriously harmed, personal data shall only be transferred abroad with the permission of the Authority, along with the opinion of the relevant public institution or organization.

The Authority is expected to prepare secondary regulations for the procedures and principles regarding the implementation of the cross-border data transfer mechanisms.

Adequacy Decision for Third Countries, International Organizations and Sectors

Even though one of the existing conditions for cross border data transfers is set out for transfers to a recipient country determined by the Authority to have an adequate level of protection; the Authority has not determined any country safe since the effective date of the DPL.

The Law Proposal does not abolish the safe country condition for cross border data transfers; however, amends the adequacy decision to also cover (i) international organizations and (ii) sectors within a country.

Furthermore, the Law Proposal sets forth the following criteria to be taken into consideration while the Authority renders an adequacy decision:

  1. The reciprocity status regarding the transfer of personal data between Turkey and the recipient country, sectors within the country or international organizations.
  2. The relevant legislation and practice of the recipient country and the rules governing the recipient international organization.
  3. The existence of an independent and effective data protection authority in the recipient country or to which the recipient international organization is subject and the existence of administrative and judicial remedies.
  4. The status of the recipient country or international organization as a party to international conventions on the protection of personal data or as a member of international organizations.
  5. The membership status of the recipient country or international organization to global or regional organizations of which Turkey is a member.
  6. International conventions to which Turkey is a party.

With the amendment, the Authority’s adequacy decisions will be published in the Official Gazette; and will be evaluated by the Authority every four years at the latest. As a result of the evaluation or in other cases deemed necessary, the Authority may change, suspend or revoke the adequacy decision with future effect.

Appropriate Safeguards for Cross-Border Data Transfers

In the event that there is no adequacy decision, the Law Proposal also introduces appropriate safeguard mechanisms for cross border data transfers. With the condition that the data subject has the possibility to exercise their rights and to apply for effective legal remedies in the country where the transfer will be made, if any of the following safeguard is provided by the parties, the data controllers and data processors will be able to transfer personal data abroad;

1. Standard Contractual Clauses

The standard contractual clauses (“SCCs") will be finally introduced as a safeguard with the Law Proposal. The clauses that will enable the cross-border data transfers will be announced by the Authority, and will contain:

  • data categories,
  • purposes of data transfer,
  • recipients and recipient groups,
  • technical and administrative measures to be taken by the data recipient,
  • additional measures taken for special categories of personal data.

However, unlike GDPR, the standard contractual clauses under the DPL will be required to be notified to the Authority, by the data controller or data processor, within 5 business days following its signature.

2. Corporate Binding Rules

Although the corporate binding rules (“BCR”) are already utilized by data controllers in practice for cross-border data transfers, the Law Proposal sets forth BCR as an appropriate safeguard in a clear manner. Accordingly, in the presence of BCRs approved by the Authority, which contain provisions on the protection of personal data and which the companies in the same group of undertakings are obliged to comply with, personal data can be transferred between these companies without the need to obtain separate authorization from the Authority.

Thus, it is (and will continue to be) possible to transfer personal data from a company of an undertaking group in Turkey that has BCRs approved by the Authority to the company of the same group in a foreign country without obtaining a separate authorization from the Board.

On the other hand, the details of BCRs are not determined and it is expected that the secondary regulations of the Authority will establish the procedures and principles regarding the BCRs.

3. Signing of an Undertaking and Obtaining the Approval of the Authority

The existing condition for cross border data transfer, where parties sign an undertaking with provisions ensuring adequate protection and obtains the Authority’s authorization for the transfer, remains as a safeguard under the Law Proposal. Different from the current practice where the Authority published model clauses, it is possible that the parties to have more freedom as to the content of the undertaking. Having said that, considering that the Authority has authorized only a handful of applications so far and the existence of SCCs, this option may become obsolete in the near future.

4. Agreements of Public Institutions

Existence of an agreement, that is not in the nature of an international agreement, between public institutions and organizations or international organizations abroad and the public institutions and organizations or professional organizations in the nature of a public institution in Turkey, will enable cross border data transfer, provided that the Authority gives permission for such transfer.

Derogations for Specific Situations

The Law Proposal introduces several novel and exceptional conditions for cross-border data transfers that are incidental and not repetitive. These exceptional conditions correspond to the derogations for specific situations under the Article 49 of GDPR.

Accordingly, in the absence of an adequacy decision and appropriate safeguards, data controllers and data processors will be able to transfer personal data abroad, only in one of the following cases:

  • The data subject gives explicit consent to the transfer and is informed about the possible risks of the cross-border data transfer,
  • The transfer is necessary for:
    • the performance of a contract between the data subject and the data controller, or
    • the implementation of pre-contractual measures taken upon the request of the data subject;
    • the establishment or performance of a contract between the data controller and another party for the benefit of the data subject.
  • The transfer is necessary for an overriding public interest.
  • The transfer is necessary for the establishment, exercise or protection of a right.
  • The transfer is necessary to protect the life or bodily integrity of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent.
  • The transfer from a registry open to the public or persons with a legitimate interest, provided that the conditions required to access the registry in the relevant legislation are met and the person with a legitimate interest requests the transfer.

Another important point we must make here is, while these changes are positive, we evaluate that direct collection of personal data by a foreign controller remains questionable. This is not due to the legislation but due to the interpretation of the legislation by the Authority.

Contrary to EDPBs direct collection opinion in Guidelines 05/2021, the Authority’s decision on WhatsApp (numbered 2021/891 and dated September 3, 2021) underlines that, after the initial collection of personal data, all kinds of processing activities conducted in servers located outside Turkey constitutes a cross-border transfer. If the Authority does not align its interpretation with the EDPB, this will continue to be a problem for many foreign controllers that directly collect personal data from data subjects since there will be no data exporters in Turkey to run the mechanisms (SCCs, undertaking, BCR etc.) in the legislation.

Therefore, we hope that the Authority will reconsider the interpretation of what a transfer is and will clarify that direct collection scenarios where there is no exporter of personal data is not a data transfer.

Amendments to the Sanctions

The Law Proposal adds a sanction clause for the newly introduced notification obligation, where the data controller or data processor are required to notify the Authority the standard contractual clauses, within 5 business days following its signature, where failure to comply will result in administrative fine from 50.000 to 1.000.000 Turkish Liras (approx. EUR 1,500 to 30,000).

Unlike the other sanctions under the DPL, the implementation of this new sanction is regulated not only for data controllers, but also for the data processors.

Lastly, with the amendments, the Authority’s administrative fines will be able to be challenged before administrative courts instead of magistrate courts.

Transition Periods

By taking into account the disruptions that may occur after the amendments enter into force, the Law Proposal foresees that:

  • the cross-border data transfers with data subjects’ explicit consents shall remain applicable until September 1, 2024; and
  • the proceedings pending before the magistrate courts as of 1/6/2024 shall continue to be heard by these courts.

 

Authors: Burak Özdağıstanli, Sümeyye Uçar, Begüm Alara Şahinkaya, Ebru Gümüş Karasu, Göksu Tuğrul