No, sharing passwords in Turkey violates the Law on the Protection of Personal Data (KVKK) and the Turkish Penal Code, risking fines up to ₺1.5 million or imprisonment under Article 136. The Information and Communication Technologies Authority (BTK) enforces strict cybersecurity standards, while the Personal Data Protection Board (KVKK) prohibits unauthorized access, even with consent.
Key Regulations for Sharing Passwords in Turkey
- KVKK (Law No. 6698): Prohibits sharing login credentials as it constitutes unauthorized processing of personal data, punishable under Article 17/3 with administrative fines up to 1.5% of global turnover.
- Turkish Penal Code (TCK) Article 136: Criminalizes unauthorized access to systems via shared passwords, with penalties ranging from 6 months to 2 years imprisonment.
- BTK’s 2026 Cybersecurity Guidelines: Mandate multi-factor authentication for corporate accounts, explicitly banning password-sharing practices to mitigate data breaches.
Corporate entities must enforce internal policies aligning with KVKK’s Veri Sorumluları Sicili (VERBIS) registration, while individuals face liability for negligent disclosures. Recent KVKK rulings (2024) confirm that even “temporary” sharing violates data minimization principles.