CoE 108+ and the GDPR: A Modernised Look and Nexus at Protecting Personal Data Worldwide

On the Conference

CoE 108+ and the GDPR: A Modernised Look and Nexus at Protecting Personal Data Worldwide Conference will take place on 6 March, 2020 in Istanbul.

The EU’s General Data Protection Regulation (“GDPR”), which came into force in 2018, provides the highest level of protection for the right to data protection, which is one of the fundamental rights and freedoms of an individual. In this respect, GDPR is also a reference standard for other states in the world in terms of data protection legislation. Another international text that had played a similar role to GDPR for a long time in terms of ensuring harmonization of different legal orders is the Council of Europe Convention No. 108 of 1981 on the Protection of Individuals with regard to Automatic Processing of Personal Data. Turkey has been party to both the Convention No. 108 and its Additional Protocol to the Convention No. 181 since 2016. The Convention, which has been modernized in line with GDPR, has been opened for signature by states since 2018 under the name 108+. As of today, 55 countries are party to Convention No. 108, while 38 countries have already signed 108+.

Conference, with the reflections of the global harmonized data protection system that is being created with GDPR and 108+ in relation to personal data, will focus on issues such as international data transfer and adequacy, within the legal framework that will support the data-based economy, not only within the EU, but on a global scale. The GDPR and CoE 108+, the two main legal instruments, which play an important role for all states in achieving the delicate balance between maintaining the respect for the right to data protection and the data-driven economy, will be discussed in the conference. In this way, while protecting the right of the individual on the data, the economic value to be generated from the data will be evaluated extensively.

Gathering together all stakeholders including regulators, the authorities, academia, tech people and private sector who possess the competency to resolve international data flow related issues in Turkey, this conference will pave the way towards introducing solutions and suggestions to issues around international data transfer, while accelerating the process of convergence to data privacy laws and standards, aiming conformity with GDPR.

This conference will trigger a discussion on significant issues that market players in Turkey have been struggling with since the very introduction of the Law on the Protection of Personal Data numbered 6698. During the conference, with the participation of respected and principal thought leaders from around the world, recent developments in the field of privacy, best practises and privacy tools and mechanisms will be discussed particularly focusing on the topics of accountability, adequacy and international data transfer.

Conference Schedule

Venue: Istanbul Bilgi University, Seyfi Arıkan Building, Moot Court Room

12:30 - 13:00


13:00- 13:10

Welcome Speech
Leyla Keser Berber, IT Law Institute, Istanbul Bilgi University
Murat İnceoğlu, Dean of Law Faculty, Istanbul Bilgi University
Kübra Doğan Yenisey, Rector, Istanbul Bilgi University

13:10 - 13:30

Opening Speech
Prof. Dr. Faruk Bilir, Chairman of the Turkish Data Protection Authority

13:30 - 15:00

Topic 1: Towards a globally harmonized legal system & International Data Flows and Adequacy CoE 108 - 108+
Moderator: Leyla Keser Berber & Yasin Beceni, IT Law Institute, Istanbul Bilgi University
Ralf Sauer, Deputy Head of Unit International Data Flows & Protection at European Commission
Prof. Dr. Jos Dumortier, Center for IT&IP Law, Leuven University
Sophie Kwasny, Head of the Data Protection Unit of the Council of Europe
Demet Arslaner Keklikkiran, Head of Legal Department, Turkish Data Protection Authority

Q&A (15 mins)

15:00 - 15:15

Coffee Break (15 min)

15:15 - 16:45

Topic 2: Voice of Private Sector Companies

Moderator: Ruth Boardman, Partner, Bird & Bird
Florian Thoma, Global Data Privacy, Senior Director, Accenture
Martin Pailhes, Head of Legal IT/IP Practice, BNP Paribas
Hakan Bekiroglu, Chief Legal Officer, Tofas
Efrain Castaneda, Senior Privacy Counsel, OneTrust

Q&A (15 mins)

16.45 – 17.00

Academic Report Presentation – Legal Grounds/Policy Recommendation for International Data Transfers in Turkey – Comparative Legal Study Between GDPR, EU Law, Turkish Data Protection Law, Convention 108 and 108

Leyla Keser Berber & Yasin Beceni, IT Law Institute, Istanbul Bilgi University

17:00 – 17:05