When is an Electronic Signature Legal and Compliant?

8/23/2022

All News
  • Home Page
  • |
  • News
  • |
  • When is an Electronic Signature Legal and Compliant?
By influencing our lives, today's technology has encouraged us to live faster and more Internet-oriented.
This is becoming an issue that everyone has to adapt to and especially in commercial life, it has an undeniable impact. In recent years, this concept has been refined even further and while new tools continue to be added to the services provided through the Internet, and Electronic Signature (“e-Signature”) applications have started to be preferred frequently by both public entities and private people/entities. However, do all e-Signature applications have the same legal effect as their handwritten equivalents? In this article, we will touch on the legal concept of e-Signature and that contrary to popular belief, not every application can be considered as an e-Signature.

What is Electronic Signature and Secure Electronic Signature?
To ensure the confidentiality and integrity of the information transmitted between the parties and verification of the identities of parties, the e-Signature system has been established under Electronic Signature Law No. 5070 (“Law”) by establishing a technical and legal infrastructure. The e-Signature system eliminates various identity verification problems in business and transactions through Internet, especially (i) the security of the transaction and (ii) whether the person to be addressed is the person who is a party to the transaction.

The e-Signature has the same legal consequences as wet signatures if it meets certain conditions. Within the scope of the legislation, e-Signatures must be created with a Secure Electronic Signature (“Secure e-Signature”). Secure e-Signature is defined under Law as follows: (i) It is created with a Secure e-Signature creation tool, which is only at the disposal of the signatory, (ii) It is exclusively dependent on the signatory and ensures the identification of the signatory based on a Qualified Electronic Certificate, and (iii) It enables determination of whether any changes have been made in the signed electronic data afterward.

Secure e-Signature has the same legal effect as a handwritten signature and it can replace the wet form. However, in exceptional cases stipulated by legislation, it is restricted to use Secure e-Signature for issuance, signature and endorsement of negotiable documents or legal transactions that are subject to an official form or a special ceremony by law, or guarantee agreements other than bank letters of guarantee and surety bonds issued by insurance companies residing in Turkey.

In addition, we would like to state that, although the rules governing digital signatures, biometric signatures, or derivatives are also fragmented under Turkish laws and regulations; digital signatures, biometric signatures, or their derivatives shall not be considered an e-Signature that possesses the trust, legal validity and protection provided by Secure e-Signature. In this regard, it would be useful to draw the boundary between Secure e-Signature and Digital signature applications under the Law.

What is a Digital Signature?
Under the law, trust services are limited to e-Signatures and Time Stamp, and Digital Signatures (“Digital Signature”) provided by private entities as additional services (DocuSign, Adobe Signature, etc.) are not included in the scope. In other words, although documents could be signed online by creating a wet signature copy through applications, Digital Signatures made in this way shall not have a legal basis and validity in Turkey. Because the declarations of the persons are taken as the basis for creating the Digital Signature and administrative control shall not be provided. Moreover; even if Digital Signatures, which are a digital signature tool by nature and do not have the "Secure e-Signature" qualification specified under the Law, provides services that have all the elements that a Secure e-Signature must have, it is not possible to consider them a Secure E-Signature without the following additional conditions:
  • A qualified electronic certificate must be obtained from a qualified Electronic Certificate Service Provider for the process of creating a Secure e-Signature.
  • Electronic certificates issued by an Electronic Certificate Service Provider established in a foreign country must be accepted by An Electronic Certificate Service Provider established in Turkey to be considered as qualified electronic certificates.
Therefore, Digital Signatures shall not issue a valid qualified electronic certificate without providing the aforementioned additional conditions.

In this case, would the documents signed with the Digital Signature be considered invalid? Answering yes directly to this question would be a legal challenge to process. However, under the legislation, it would be erroneous to suggest that digital signatures are valid and to directly conclude that they will have the same qualification as a handwritten signature.

In these circumstances, considering that the documents signed with Digital Signatures (missing the above additional conditions) shall not be signed with wet signatures, it would be prima facie evidence. In other words, although it is not sufficient to fully prove the legal transaction, it is possible to state that it will be in the nature of indicating the existence of the legal transaction and proves that it was given by the other party or its representative.

MORAL I KINIKOĞLU I PAMUKKALE I KÖKENEK
Duygu Bozkurt Kadirhan, Senior Associate
Irem Tanik, Associate

Other News
3/25/2026
Amendments to the Charging Service Regulation
With the Regulation Amending the Charging Service Regulation (“Regulation”), published in the Official Gazette dated 23 March 2026 and numbered 33202, the regulatory framework governing electric vehicle charging services has been significantly updated. The scope of the Regulation has been expanded, and the rules concerning technical infrastructure, pricing, and market operations have been revised, aiming to establish a more transparent and accessible system.
News| Legal Updates
3/24/2026
A Principle Decision Has Been Published on the Requirement for Data Controllers to Prepare Separate Explicit Consent and Privacy Notice Texts
With its principle decision dated 18 February 2026 and numbered 2026/347 (the “Principle Decision”), the Personal Data Protection Board (the “Board”) has set out the principles regarding the requirement for data controllers to prepare explicit consent texts and privacy notices separately. The relevant Principle Decision was published in the Official Gazette dated 24 March 2026 and numbered 33203, and on the website of the Personal Data Protection Authority.
News| Legal Updates
3/23/2026
Criteria for Determining Companies Subject to Independent Audit Have Been Updated
By the Amendment Decision on the Determination of Companies Subject to Independent Audit (the “Amendment Decision”), published in the Official Gazette dated March 17, 2026 and numbered 33199, certain amendments have been made to Decision No. 6434 on the Determination of Companies Subject to Independent Audit (the “Decision”), which was published in the Official Gazette dated November 30, 2022 and numbered 32029.
News| Legal Updates
3/9/2026
PDPB Principal Decision On Verification Mechanisms ın Loyalty Card Programs Has Been Published
The Personal Data Protection Board's ("Board") Principal Decision dated 11 February 2026 and numbered 2026/266, titled "Principal Decision on the Use of the Mobile Phone Number or Loyalty Card Number of a Loyalty Card Member by a Third-Party During Shopping" ("Principal Decision"), has been published in the Official Gazette dated 28 February 2026 and numbered 33182.
News| Legal Updates
2/12/2026
Turnover Thresholds Required For Competition Authority Approval In Merger And Acquisition Transactions Updated
The Communiqué Amending the Communiqué Concerning the Mergers and Acquisitions Calling for the Authorization of the Competition Board (“Merger and Acquisition Communiqué”) (Communiqué No: 2026/2) (“Amending Communiqué”) was published in the Official Gazette dated 11 February 2026 and entered into force on the date of publication.
News| Legal Updates
1/19/2026
Proposal on the Amendment of the Personal Data Protection Law
News| Legal Updates
12/11/2025
The Personal Data Protection Board Published a Principal Decision on the Recording of Photocopies of Turkish Identity Cards of Individuals Receiving Accommodation Services in the Tourism and Hospitality Sector
The Personal Data Protection Board (“Board”) published its Principal Decision dated 6 November 2025 and numbered 2025/2120 on the Recording of Photocopies of Turkish Identity Cards of Individuals Receiving Accommodation Services in the Tourism and Hospitality Sector (“Principal Decision”) in the Official Gazette dated 9 December 2025 and numbered 33102, as well as on the website of the Personal Data Protection Authority (“Authority”)
News| Legal Updates
10/21/2025
Obligations of Companies under the Cybersecurity Law
Türkiye’s first binding regulation on cybersecurity — Law No. 7545 on Cybersecurity — came into effect on March 19, 2025. The law introduces both technical and administrative obligations for companies operating in the private sector.
News| Legal Updates
10/1/2025
An Exemption Criterion Has Been Published by the Personal Data Protection Board for Data Controllers Whose Main Activity Is the Processing of Special Categories of Personal Data Regarding the Obligation to VERBİS Registration
The Personal Data Protection Board (“Board”) has updated the exemption criterion specified in its decision dated 06.07.2023 and numbered 2023/1154, which regulates exemptions from the obligation of data controllers to register with the Data Controllers’ Registry Information System (VERBİS), through its decision dated 04.09.2025 and numbered 2025/1572, published today in the Official Gazette (“Update Decision”).
News| Legal Updates
8/1/2025
How Will the Transition to the Electronic Commercial Ledger System (“ETDS”) Take Place?
With the “Communiqué on the Keeping of Commercial Ledgers Not Related to the Accounting of the Enterprise in Electronic Format” (“Communiqué”), published in the Official Gazette dated 14 February 2025 and numbered 32813, the obligation to keep certain commercial ledgers in electronic format has been introduced for specific companies. The aim is to ensure the secure storage of ledgers in a digital environment, facilitate access and auditing, and reduce the need for notary procedures.
News| Legal Updates
6/30/2025
Principle decision on sending verification code via sms has been published by Personal Data Protection Board
In its principle decision dated 10 June 2025 and numbered 2025/1072 (“Principle Decision”), the Personal Data Protection Board (“Board”) set out the principles regarding the processing of personal data in the context of sending verification codes via SMS to data subjects during the provision of products and services. The Principle Decision is published in the Official Gazette dated 26 June 2025 and numbered 32938 and on the official website of the Personal Data Protection Authority.
News| Legal Updates
5/29/2025
Regulation Amending the Regulation on Distance Contracts Published
The “Regulation Amending the Regulation on Distance Contracts” (“Amendment Regulation”), issued by the Ministry of Trade and published in the Official Gazette dated May 24, 2025, and numbered 32909, introduces new provisions regarding consumers’ right of withdrawal in distance sales contracts. These amendments to the Regulation on Distance Contracts (“”), which was originally enacted based on Articles 48 and 84 of the Law No. 6502 on the Protection of Consumers (“Law”), will come into effect on January 1, 2026.
News| Legal Updates
Expertise
Sectors
Insights & News
Insights
Covid-19 Legal Guide
Corporate
Contact Us
Subscribe to our Newsletters
All Rights Reserved. © 2020