Turkey’s Constitutional Court Annuls Digital Search Law, Sets 2027 Deadline for New Privacy Rules

Article 134 of Turkey’s Code of Criminal Procedure contained the annulled provision. It allowed prosecutors to obtain a judge’s order to copy or seize computers, phones and other digital records when strong suspicion existed and other evidence was unavailable. The Bursa 1st Criminal Court of First Instance raised the issue during a smuggling trial, prompting the Constitutional Court review. The court noted that digital devices can hold extensive personal data, including communications, photos, location history and professional records.

The decision, dated February 12 and published in the Official Gazette, becomes effective on February 25 2027. Parliament must draft a new law within nine months that defines how authorities may seize, store, review, delete and oversee digital evidence. Legal experts said the ruling warns that any regulation must cover the entire data lifecycle, from seizure to final deletion. The court did not ban digital searches; it found the existing rule disproportionate because it omitted retention, deletion and access limits.

Security teams in Turkey should review current evidence‑handling procedures to anticipate stricter retention and deletion requirements. Organizations that process personal data on behalf of law enforcement may need to implement clear data‑lifecycle policies, including automated deletion schedules and access logs. Defense lawyers now gain a stronger basis to challenge the admissibility of digital evidence in ongoing cases. Organizations should monitor parliamentary drafts for specific technical standards, such as encryption‑at‑rest requirements or audit‑trail mandates. Watch for the draft law’s release and any subsequent court rulings that could shape how digital evidence is collected and managed in Turkey.