Turkish Law Blog
Electronic Signature Application in Turkey
The Turkish Electronic Signatory Law No.5070 (“E-Signature Law”) has entered into force as of 14 October 2004 upon its publication in the Official Gazette numbered 253551.
E-Signature Law is drafted in line with the Europen Union (“EU”) Directive on electronic signatory No. 99/93 (“EU Directive”) which came into force in 1999. The EU Directive which set out a legal framework for EU member states was replaced on 1 July 2016 by The Regulation No.910/2014 on electronic identification and trust services for electronic transactions in the internal market (“eIDAS”).
With respect to the E-Signature Law, electronic signature is defined as a signature that (i) is exclusively connected to the owner of the signature, (ii) is exclusively formed by the electronic signature-forming device that is solely used by the signature owner, (iii) allows to identify the signature's owner via qualified electronic certificates and (iv) allows to determine whether the electronically signed data is later altered or not.
Electronic signature shall be rely on qualified certificate which can only be provided by an electronic certificate provider (“CSP”) certified by Turkish Information and Communication Technologies Authority. Qualified e-certificate shall bear (i) the identification of the CSP and the name of the country in which it is established, (ii) the name of the signatory and (iii) validity period of the certificate.
With respect to the Article 5 of E-Signature Law; electronic data duly created with secure electronic signature are considered as legally binding. The Civil Procedure Law in force also sets out a provision in line with this. Legal limitations regarding the application of the e-signature application also set forth under the same article. In this regard, using an electronic signature for documents and contracts subject to specific form or procedural requirements and for security agreements except bank guarantees is not possible.
In EU, three types of signature are defined under eIDAS as follows;
The first one is electronic signature which is also known as simple electronic signature. Simple electronic signature covers any data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.
An advanced electronic signature, as the second type, is a type of electronic signature that must meet specific requirements (stated under the Article 26 of eIDAS), providing a higher level of signer ID verification, security, and tamper-sealing.
Finally the third one, qualified electronic signature, is the only electronic signature type to have special legal status in EU member states, being the legal equivalent of a written signature. It is a specific type of electronic signature that must meet advanced electronic signature requirements and be backed by a qualified certificate. Such qualifies certificate should be issued by a trust service provider (“TSP”) certified by an EU member state and listed on the EU Trusted List. TSPs have to provide verification between signature and signer with authentication.
For the time being, E-Signature Law does not make a distinction between simple, qualified and advanced electronic signatures.