Information and Communication Technologies Authority in Turkey: BTK, Ministry Affiliations and Internet Regulation (2026)

Anyone observing Turkey's internet, telecommunications and electronic communications landscape from the outside eventually asks the same question: what exactly is the Information and Communication Technologies Authority (ICT Authority), which institution does it refer to, who reports to whom, and which ministry oversees the internet? Depending on context, the term can point to three different structures: the independent regulator BTK (Information and Communication Technologies Authority), the information processing / IT general directorates within ministries, and the ICT chairmanships inside political party organisations. This guide clarifies all three layers.

Throughout the article we will look at the foundational legislation — Law No. 5809 on Electronic Communications, Law No. 5651 on the Internet, Law No. 6493 on Payment and Securities Settlement Systems, and Law No. 6698 (KVKK / Turkish GDPR) — alongside BTK's everyday operational tools (site lookup, MCKS-IMEI, e-Government integrations), subscriber rights and the practical consequences of internet regulation. The goal is to produce a reference that both technical teams and end users can put to work in real life.

Related guides: BTK lookup guide · WHOIS lookup · What is DNS and how to change it · Domain names and WHOIS lookup · Internet server guide

Positioning the Concept Correctly: Three Different 'Chairmanships'

In Turkish, the phrase "bilgi ve iletişim teknolojileri başkanlığı" (ICT chairmanship) points to very different structures depending on the context. The first sense refers to the ICT policy units inside political party organisations; the AK Party's "Information and Communication Technologies Chairmanship", reporting directly to the party's General Headquarters Chairmanships, produces digital transformation and technology policy. The second sense refers to the internal IT departments of public institutions: ministries house these as "General Directorate of Information Technologies" or "Department of Information Processing". The third sense relates to the regulatory authority; in Turkey this role belongs exclusively to BTK.

To avoid confusion, we will clearly state which structure we mean every time the term appears. Since most queries actually target BTK, the bulk of the article focuses on the BTK ecosystem.

Which Ministry Oversees the Internet? The Clear Answer

In Turkey, the regulator for internet and electronic communications is the Information and Communication Technologies Authority (BTK), associated with the Ministry of Transport and Infrastructure. BTK is an administratively and financially autonomous upper board; it received its current name and remit on 5 November 2008 with Law No. 5809 on Electronic Communications. The institution itself was originally founded in 2000 as the "Telecommunications Authority".

So the short answer to "which ministry oversees the internet" is: it does not report directly to a ministry; the regulatory function sits with the independent BTK, while policy coordination and overall national strategy run through the Ministry of Transport and Infrastructure. The Digital Transformation Office under the Presidency is a horizontal coordination and digital strategy body, not an operational regulator.

• Regulatory authority: Information and Communication Technologies Authority (BTK)
• Policy and strategy: Ministry of Transport and Infrastructure (UAB)
• Digital strategy coordination: Presidential Digital Transformation Office
• Cybersecurity crisis coordination: USOM/TR-CERT (within BTK)
• Personal data: KVKK — Personal Data Protection Authority (associated with the Ministry of Justice; a separate board)

What Is BTK? Its Mission and Powers

BTK is an independent upper board that regulates and supervises the telecommunications sector, issues licences, allocates frequencies, sets pricing and service quality standards, and handles consumer and subscriber complaints. It is headquartered in Ankara, with nationwide jurisdiction. Its decision-making body is the seven-member Information and Communication Technologies Board; the chair and deputy chair are elected from within. For official information see btk.gov.tr.

• Licensing and authorisation: Mobile operators, fixed-line operators, internet service providers (ISPs), satellite operators, cable broadcasters.
• Frequency management: 5G auctions, base station licences, amateur radio licences, GMRS/PMR broadcast rights.
• Numbering plan: Management of Turkey's telephone number pool (5xx GSM, 0850 virtual, 4xx service numbers).
• Tariff and pricing oversight: Ensuring subscriber tariffs are reasonable and preventing hidden fees.
• Service quality (KPI): Coverage maps, dropped call rate, mobile data speed audits.
• Consumer rights: Withdrawal, number portability (MNP), line suspension, refund complaints.
• Content regulation: Access blocking requests and content takedown procedures under Law No. 5651.
• Device registration (MCKS): IMEI-based mobile phone registration system, detection of unregistered/cloned devices.
• Spectrum security: Detection of unauthorised broadcasters, jammer/scrambler enforcement.
• Cybersecurity: Coordination of USOM (National Cyber Incident Response Centre) and sectoral SOMEs.

Legal Framework: What Each Law Actually Says

To understand BTK's room for manoeuvre, you need to know the foundational legislation. The laws and regulations below are the legal basis behind every operational practice in the sector.

• Law No. 5809 on Electronic Communications (2008): BTK's foundational establishment, mission and powers. Licensing, authorisation, location-data rules, tariffs.
• Law No. 5651 on Publications Made on the Internet (2007): Content takedown, access blocking, URL-based blocking, definitions of hosting and content providers.
• Law No. 6698 (KVKK, 2016): Processing of personal data, explicit consent, data controllers' registry (VERBIS), cross-border transfer.
• Law No. 5070 on Electronic Signatures (2004): Qualified electronic certificates, ESCSP authorisation (under BTK supervision).
• Consumer Law No. 6502: BTK Consumer Arbitration Committee referrals, distance contracts.
• Industrial Property Codes Nos. 556 and 6769: Trademarks, designs and patents — indirectly relevant for telecom (domain disputes).

For tracking legislation, the Official Gazette archive (resmigazete.gov.tr) and mevzuat.gov.tr are the primary sources. BTK publishes its own regulations and board decisions openly at btk.gov.tr/mevzuat.

BTK Site Lookup: What It Is and How to Use It

The BTK Site Lookup tool at internet.btk.gov.tr/sitesorgu gathers WHOIS, DNS, IP geolocation and ownership information for a domain or IP from publicly available sources into a single interface. Using BTK's central interface rather than going directly to WHOIS servers is convenient for individual users and official institutions. For deeper usage, see our internal guide: BTK lookup guide.

BTK Site Lookup does not store the data it queries; it acts as an intermediary to public sources such as whois.com, viewdns.info and whois protocol servers. As a result, if registration privacy (privacy proxy) is enabled, the displayed information will appear masked.

# Equivalent WHOIS / DNS queries from the command line
whois ornek.com.tr # domain registration info
dig +short ornek.com.tr A # IPv4 address
dig +short ornek.com.tr AAAA # IPv6 address
dig +short ornek.com.tr NS # name server records
dig +short ornek.com.tr MX # mail server records
dig TXT ornek.com.tr +short # SPF, DMARC, verification records

# IP owner and country information
whois 185.93.224.40
curl -s https://ipinfo.io/185.93.224.40

# RDAP (modern WHOIS) query
curl -s https://rdap.org/domain/ornek.com | jq.

One practical use for BTK Site Lookup results is verifying a target site's technical fingerprint inside fake-content reporting forms (e.g. ihbarweb.org.tr and Ihbar Web). For more in-depth domain analytics, see our Domain Lookup Tools and WHOIS Lookup guides.

MCKS-IMEI Registration: The Mobile Phone Registration Process

BTK's best-known end-user service is the Mobile Device Registration System (MCKS). Devices brought from abroad or authorised to passport-holding subscribers will have their network access cut off in roughly 120 days unless their IMEI numbers are registered with BTK. The legal basis is Article 50 of Law 5809 and the related Regulation on the Registration of Electronic Communications Devices.

• IMEI lookup: Dial *#06# on the device; the 15-digit IMEI appears on screen.
• Registration status check via e-Government: the "BTK IMEI Registration Lookup" service.
• Foreign device registration: One-time registration through customs using passport details (one device per three years).
• Fees: An annually updated registration fee (estimated 2026 range: roughly ₺31,000 — varies by provider/year, 2026 figure).
• Electronic identity declaration: After paying at the tax office, subscribers apply through the operator to be added to the network.

Devices whose IMEIs are not on the whitelist (often the result of "IMEI cloning") get blacklisted by MCKS and blocked at the operator level. That is why an IMEI check is essential when buying a second-hand phone; the same due-diligence logic from our second-hand domain guide applies to device purchases too.

Law 5651 and Internet Regulation: The Access Blocking Process

Law No. 5651 is the backbone of content-based internet regulation. It provides three core instruments: content takedown, URL-based blocking and full site blocking. The decision authority is usually the Magistrates' Court for Criminal Matters; in urgent cases the BTK Chair can issue a blocking order directly and have it ratified by the courts within 24 hours.

• 5651/8 — Catalogue offences (child sexual abuse, obscenity, prostitution, gambling, incitement to suicide, terror affiliation): automatic or fast-tracked blocking.
• 5651/9 — Violations of personal rights: URL-based blocking on individual application.
• 5651/9-A — Privacy of private life: an emergency blocking procedure carried out within 24 hours.
• 5651/Annex-4 — Hosting/social network provider obligations: representative appointment, annual report, content response timelines.

Decisions are conveyed to operators via BTK, and operators implement them at the DNS, IP or BGP level. SNI Filtering (Server Name Indication) has become a widespread blocking technique in recent years; it works by capturing the domain name during the TLS handshake. As ECH (Encrypted Client Hello) becomes more common, this method will weaken. We cover the technical side of blocking in greater depth in our DNS guide, and the privacy/encryption layer in our TLS 1.3 article.

# Test whether a domain has been blocked by a BTK order
# 1) Resolution via the operator's DNS
nslookup blocked-site.com 8.8.8.8
nslookup blocked-site.com 195.175.39.49 # TTNet DNS

# 2) Compare against DNS-over-HTTPS
curl -s 'https://cloudflare-dns.com/dns-query?name=blocked-site.com&type=A' \
 -H 'accept: application/dns-json' | jq.

# 3) HTTP/HTTPS access test
curl -I --resolve blocked-site.com:443:1.2.3.4 \
 https://blocked-site.com

# 4) Find the cut-off point with traceroute
mtr -rwc 30 blocked-site.com

Subscriber Rights and Consumer Complaints

BTK provides a complaints channel at tuketici.btk.gov.tr for resolving disputes between subscribers and operators. A subscriber whose initial application to the operator does not yield results can escalate to BTK; BTK then requests a response from the operator and reports back to the subscriber. If the matter cannot be resolved, the path through the Consumer Arbitration Committee or consumer court remains open.

• Number portability (MNP): Completed within 1 business day; reversal in case of unjust cancellation takes 7 business days.
• Right of withdrawal: 14 days for distance contracts; the subscription offer document also specifies the withdrawal period.
• Line suspension: Military service, health, study abroad — the line can be suspended free or at reduced cost.
• Refunds: Incorrectly billed amounts can be reclaimed for up to 5 years retroactively.
• Device campaigns: 24-36 month commitments; early termination penalty cannot exceed the total of remaining bills.
• Roaming limits: Mandatory notifications similar to the EU model that prevent "foreign tariff shock" (SMS warnings when thresholds are exceeded).

For all these rights processes, subscribers should follow the order: operator's customer service first, then the BTK Consumer Complaints System, and if necessary the Consumer Arbitration Committee. Service quality complaints (coverage, speed, drops) are tracked via BTK's annual Mobile Communications Service Quality measurement reports.

BTK Services via e-Government

Through the e-Government integration (turkiye.gov.tr), end users can carry out many BTK-related transactions from a single point. The most commonly used services are listed below.

• BTK IMEI Registration Lookup
• Lines Registered to Me Lookup (mobile + fixed)
• Mobile Operator Number Portability Information
• BTK Customer Complaint Filing and Tracking
• Line Traffic Information (CDR summary, limited)
• Line Transfer / Transfer Approval
• Registration Notification (devices brought from abroad)
• Number Verification by QR Code (KEP integration)

Logging into e-Government requires only your Turkish ID number and e-Government password; for sensitive transactions, e-signature, mobile signature or internet banking verification serves as an additional layer. Registered Electronic Mail (KEP) service providers are also licensed under BTK supervision.

Spectrum, 5G and Frequency Allocation

Perhaps BTK's most strategic mission is the allocation of the country's radio spectrum resources. The 4.5G auction took place in 2015, allocating the 800/900/1800/2100/2600 MHz bands. The 5G auction is planned for 2026 across the 700 MHz, 3.5 GHz and 26 GHz bands; opening these bands directly drives fibre investment and base-station density.

• 700 MHz — Wide coverage, ideal for rural / indoor, lower throughput.
• 3.5 GHz (C-band) — "5G core" band, balancing coverage and capacity.
• 26 GHz (mmWave) — High capacity, short range; stadiums, expos, hubs.
• 2x2 / 4x4 / massive MIMO — Parallel data on the same band via antenna arrays.
• Network slicing — Virtual network slices for IoT, public sector, critical infrastructure.

The principles of frequency allocation come from Article 47 of Law 5809. The decisive factors include impact analysis, usage density, military/civilian coordination and international ITU filings.

Device, Radio and Amateur Licensing

A BTK responsibility many people are unaware of is personal radio licensing. Amateur Radio (HAM) Class A/B/C examinations, usage rules for 446 MHz PMR and 27 MHz CB, and import approvals for GMRS-like products all sit under BTK. Drone certification (UAV-0/UAV-1) is handled by the SHGM (General Directorate of Civil Aviation), but the radio/transmission component still falls under BTK supervision.

• HAM Radio Class A: All bands and modes.
• HAM Radio Class B: Specific HF bands, limited power.
• HAM Radio Class C: VHF/UHF, entry level.
• PMR-446: Licence-free, 0.5 W, home/office use.
• CB-27 MHz: Registration required, trucker/driver band.
• Walkie-talkie imports: BTK conformity assessment (TR-conformity mark, similar to CE).

USOM and TR-CERT: The Cybersecurity Side

The National Cyber Incident Response Centre (USOM) within BTK is Turkey's national CERT. It evaluates cyber-incident notifications from critical infrastructure operators, coordinates with sectoral SOMEs (E-SOME, Finance-SOME, Energy-SOME, etc.), shares IOCs (indicators of compromise), and publishes a national blacklist for botnet tracking. The incident reporting email is iletisim[at]usom.gov.tr.

This structure should be considered alongside OWASP, ENISA and NIST CSF; bulletins published by BTK/USOM at usom.gov.tr belong on enterprise security teams' checklists. For web application security see OWASP Top 10 2026, on the network side our DDoS protection guide, and for server hardening VPS security hardening serves as a strong reference.

# Simple IP/Domain check using the USOM blacklist
# (If sourced from the official USOM feed, refresh periodically)
curl -sL https://www.usom.gov.tr/url-list.txt -o /tmp/usom.txt
wc -l /tmp/usom.txt

# Search for a domain in the list
grep -F 'bad-example.com' /tmp/usom.txt && \
 echo 'BLACKLISTED' || echo 'clean'

# Cross-check against records in your logs
awk '{print $1}' /var/log/nginx/access.log | sort -u > /tmp/visitor_ips.txt
comm -12 <(sort /tmp/usom.txt) <(sort /tmp/visitor_ips.txt) | tee /tmp/match.txt

BTK Akademi: A Free Education Platform

Through btkakademi.gov.tr, BTK offers free online courses to citizens. Major categories include databases, cybersecurity, programming (Python, C#, Java, JavaScript), web development, mobile applications, AI, game development and digital literacy. Certificates can be verified through e-Government and are CV-ready.

• Average course length: 8-30 hours of video
• Certificate fee: ₺0 (free)
• Target audience: citizens aged 16+
• Tags: basic computing, coding, cybersecurity, office
• Bonus: KamuNet integration (counts as public-sector employee training)

For people starting a software career, BTK Akademi is a solid starting point; for advanced topics, pair it with our software development processes guide.

Operator Types and ISP Licensing

BTK's main authorised players are: mobile GSM operators, fixed-line operators, internet service providers (ISPs), virtual mobile operators (MVNOs), cable/satellite broadcasters, and the social network and VOD platforms that fall under OTT/hosting provider status (within the scope of 5651 Annex-4).

• Mobile GSM: Turkcell, Vodafone TR, Türk Telekom Mobile — roughly 88 million active subscribers (2025 figures).
• Fixed line: Türk Telekom (formerly Telekom AŞ), cable TV operators.
• Independent ISPs: About 60+ authorised ISPs — from Türksat down to small regional providers.
• MVNO: Pttcell (on Türk Telekom's infrastructure), some enterprise MVNOs.
• Hosting providers: Cloud providers (CDN, hosting), with representative appointment obligations under 5651 Annex-4.
• Content providers: The site owner — primarily responsible for the content they publish on their own site.

The distinction between hosting providers and content providers is critical knowledge for anyone using a hosting service. For details, see what is hosting, the internet server guide and VPS guide.

Domains and TR-DNS: Domain Registration Authorities

In Turkey, .tr domain names are now managed under BTK through TRABİS (TR Domain Names Management System). Before 2022 the registry operator was METU's Nic.tr; today TRABIS sits directly under BTK's Telecommunications Department. Commercial sales happen through authorised registrars.

• .tr — General country extension (now available without legal-entity requirement).
• .com.tr — Requires documentation as a commercial entity.
• .org.tr — Civil society organisations.
• .net.tr — ISPs / telecom.
• .edu.tr — YÖK-approved higher education.
• .gov.tr — Official public institutions.
• .tsk.tr — Turkish Armed Forces.
• .bbs.tr /.gen.tr /.name.tr /.biz.tr /.web.tr /.info.tr /.tv.tr — sub-purpose extensions.

For a detailed walkthrough of .tr domain registration and trade, see getting a.com.tr extension, getting an av.tr domain and how to register a domain name.

#.tr domain WHOIS query (TRABIS)
whois -h whois.nic.tr ornek.com.tr

# Alternative: which registrar within the BTK structure?
dig +short ornek.com.tr SOA

# Bulk batch lookup (CSV input)
while IFS=, read -r domain; do
 reg=$(whois -h whois.nic.tr "$domain" | awk -F: '/^Sponsoring/{print $2}')
 printf '%-30s %s\n' "$domain" "${reg:-unknown}"
done < domains.csv

Information Technology General Directorates Inside Ministries

A search for "ICT chairmanship" sometimes refers to the IT units inside public ministries. A notable example is the General Directorate of Information Technologies of the Ministry of Interior: it operates critical infrastructure such as the e-Içişleri document management system, the e-Belediye platform (covering roughly 1,000+ municipalities), the New Generation 112 emergency response integration, and the BVS (Biometric Data System).

• e-Içişleri: Internal document and workflow management.
• e-Belediye: Subscriber, accrual and tax collection systems for municipalities.
• BVS: Fingerprint-based identity verification infrastructure.
• Next-Gen 112: 24/7 emergency calls, location-based routing.
• Administrative network: Around 92,000 e-Government users, 923+ municipal websites under management.

Similarly, large vertical IT structures — Ministry of Justice's UYAP, Ministry of Health's USS / e-Nabız, Ministry of Finance's GİB, and Ministry of National Education's EBA — operate under their own chairmanships/general directorates. Unlike BTK's regulatory role, these are operational IT units.

Political Party ICT Chairmanships

Within the AK Party's General Headquarters structure, the Information and Communication Technologies Chairmanship reports directly to the party leadership and produces digital strategy and communications policy. This body is not a regulator; it handles policy proposals, intra-party digital infrastructure, citizen engagement platforms, mobile applications and social media management — internal IT operations. Other parties have similar bodies under different names like "digital coordination" or "IT chairmanship".

Because in this article "ICT chairmanship" is just one of the names encountered on the policy and regulation side, most users' search intent leads to BTK. Intent disambiguation is critical for SEO; for detailed intent analysis, see our articles on how search engines work and SEO and technical SEO 2026.

BTK and Data Localisation Requirements

Under 5651 Annex-4 and the social network provider obligations, platforms with more than 1 million daily accesses in Turkey are required to appoint a local representative, respond to content requests within 48 hours, and produce an annual transparency report. Although data-localisation debates surface periodically, the legislation does not directly require all data to be stored within the country; however, the finance and health sectors do impose local data storage requirements through their own regulators (BDDK, SGK).

• BDDK: Banks must keep core systems in Turkey.
• EPDK: Energy sector critical infrastructure data.
• SPK: Stock exchange records.
• Ministry of Health: e-Nabız, MEDULA data.
• KVKK: Adequate-country decisions or BCR/SCC mechanisms for cross-border transfer.

Technical Architecture: BTK's Blocking and Monitoring Infrastructure

Blocking orders relayed to operators are enforced at different layers. The simplest, lowest-cost but highest-false-positive method is DNS hijacking: the operator returns the IP of a "blocked" landing page instead of the real IP for the queried domain. A more precise method is BGP null routing: the target IP is routed to null0 with /32, but if shared hosting sits on the same IP, collateral damage follows.

• DNS hijacking — Easiest; can be bypassed via DoH/DoT/1.1.1.1.
• BGP null route — Blocks the entire IP; collateral damage on CDNs.
• SNI filtering — Reads the TLS handshake; weakens with ECH.
• HTTP host filtering — Only for HTTP (most sites are now HTTPS).
• Deep Packet Inspection (DPI) — High cost, not deployed at country scale.
• BGP route manipulation — Used for outbound access targeting Turkish IP blocks.

On the operator side, most enforcement happens via ACLs on Cisco/Juniper ASR/MX-series routers, application-aware rules on FortiGate/PAN devices, or open-source iptables/nftables-based Linux routers. For stateful applications, per-subscriber filters can run at the BNG (Broadband Network Gateway) level.

# 5651-compliant access blocking example for hosting providers
# /etc/nginx/conf.d/blocked.conf

map $remote_addr $is_blocked_ip {
 default 0;
 include /etc/nginx/blocklist.conf; # IP list
}

map $http_host $is_blocked_host {
 default 0;
 'blocked-content.example' 1;
}

server {
 listen 443 ssl http2;
 server_name _;

 # Refusal under a 5651 order
 if ($is_blocked_ip = 1) { return 403; }
 if ($is_blocked_host = 1) {
 return 451 'Access blocked under Law No. 5651';
 }

 # Rate limit + log (for audit)
 limit_req zone=audit burst=200 nodelay;
 access_log /var/log/nginx/audit.log combined buffer=64k flush=2s;
}

Logging Obligations: 5651 and Hash Values

The most concrete technical implication of Law No. 5651 is that hosting and access providers must retain traffic logs and content logs for a defined period (typically 1-2 years). Log integrity must be ensured with timestamps and hash values; logs should be stored with e-signatures applied. Otherwise their evidentiary value is undermined.

# 5651-compliant log packaging example
# 1) Compress yesterday's log files
cd /var/log/nginx
DATE=$(date -d 'yesterday' +%F)
gzip -k -9 access.log.$DATE

# 2) Compute hash (SHA-256)
sha256sum access.log.$DATE.gz > access.log.$DATE.gz.sha256

# 3) Get a timestamp (TÜBİTAK Kamu SM TSA example)
openssl ts -query -data access.log.$DATE.gz.sha256 \
 -no_nonce -sha256 -cert -out tsq.req
curl -s -H 'Content-Type: application/timestamp-query' \
 --data-binary @tsq.req \
 https://zd.kamusm.gov.tr/TSS/HttpTspServer \
 -o tsr.resp

# 4) Verify
openssl ts -reply -in tsr.resp -text

# 5) Upload to the records archive
rsync -av --remove-source-files \
 access.log.$DATE.gz* tsr.resp \
 log-archive@archive.local:/srv/5651/$(date -d 'yesterday' +%Y/%m)/

To automate these processes, our ELK stack guide and Prometheus + Grafana articles let you build a unified log + metrics infrastructure.

Relationship with KVKK: How Does It Differ from BTK?

BTK and the Personal Data Protection Authority (KVKK) are often confused, yet their remits are different. BTK regulates the telecommunications infrastructure and electronic communications; KVKK supervises the processing of personal data across every sector. If an operator unlawfully shares a subscriber's traffic data: the operator-level sanction goes through BTK, while the data controller sanction runs through KVKK — two parallel processes.

• BTK's remit: service quality, licensing, subscriber rights, content regulation.
• KVKK's remit: personal data inventory, explicit consent, VERBIS registry, data breach notification (72 hours).
• Common ground: Telecom data (CDR, location, content) can fall within the interest of both authorities.
• Practical recommendation: An information security management system (ISO/IEC 27001) is the umbrella that addresses both authorities' expectations.

A Brief History of Internet Governance in Turkey

Turkey's internet governance has evolved in waves. The first international link in 1993 via METU, TR-NET in 1995, the establishment of the "Telecommunications Authority" in 2000, the renaming under Law 5809 (BTK) in 2008, Law 5651 in 2007, the SPK and KVKK reforms in 2014, the social network provider regulation in 2020 (5651 Annex-4), the TRABIS-NIC.tr handover in 2022, and the 5G band opening in 2026 — the structure has steadily expanded.

• 1993 — First international link via METU (64 kbps).
• 1995 — TR-NET national backbone, Türk Telekom dial-up.
• 2000 — Establishment of the Telecommunications Authority (Law No. 4502).
• 2007 — Law No. 5651 on the Internet enters into force.
• 2008 — Law No. 5809; the institution is renamed BTK.
• 2015 — 4.5G auction, mobile data explosion.
• 2020 — Social network provider obligations (Annex-4).
• 2022 — Transition to TRABIS.
• 2026 — 5G auction and band allocation.

Practical Citizen Scenarios

Scenario 1: I brought a phone from abroad and lost connectivity

If your phone's IMEI is not registered with MCKS, network access is cut off after roughly 120 days. The fix: if you entered with a passport, pay the foreign-device registration fee at the tax office, then apply through your operator for registration. Check status via the "BTK IMEI Registration Lookup" service on e-Government.

Scenario 2: An unknown line is registered to me

The "Lines Registered to Me Lookup" service on e-Government displays all active lines. If you see a line you don't recognise, file a complaint via the BTK Consumer Complaints System; if the fraudulent subscription is proven, the line is cancelled and billing responsibility removed. Typical processing time: 15-30 days.

Scenario 3: My operator unjustly extended my contract

Send a written cancellation/withdrawal request to the operator (KEP, email, fax). If you don't get a response within 7 business days, file with the BTK Consumer Complaints System. BTK gives the operator 15 days to respond; if the issue cannot be resolved, the path through the Consumer Arbitration Committee / Consumer Court remains open.

Scenario 4: My internet speed is far below what was promised

Use the BTK Service Quality Measurement Tool (hizolcer.btk.gov.tr) for an official measurement; results count as evidence. With 10+ measurements taken regularly at different times, if your average speed is more than 20% below the commitment, you are entitled to discounts/refunds.

For Developers: Points of Interaction with BTK

For software developers and hosting providers, the BTK ecosystem isn't structured like a typical API/SDK; most interactions happen through manual application, e-signed file submission or ministerial portals. Still, the developer ecosystem should be aware of a few important points.

• 5651 hosting provider declaration: If you offer hosting services, you must file a hosting provider notification with BTK.
• BTK Ihbar Web (ihbarweb.org.tr): Site owners should monitor this system for complaints filed against them.
• USOM malicious software list: Can be pulled periodically via automation and loaded into the application firewall.
• Spam SMS / call notifications (Law 5809 Art. 50/A): İYS (Message Management System) integration is mandatory (for all systems sending B2C SMS).
• e-Government gateway integration: Public-sector projects can integrate with TURKİYE.gov.tr via SAML 2.0 and OIDC-based services.

For deeper OAuth/OIDC flows, see our OAuth 2.0 and OIDC guide; for REST API security, our REST API security article; and for JWT architecture, our JWT security piece.

BTK Administrative Sanctions and the Enforcement Process

BTK's enforcement spectrum is broad and effective: warning, administrative fine, licence suspension, licence revocation, suspension of operations. Administrative fines are calculated as a percentage of the operator's prior-year revenue (typical ceiling: 3%); this can range from millions to billions of liras. Operators can challenge such decisions in administrative court within 60 days.

• Warning: First offence, minor fault.
• Administrative fine: Proportional to revenue.
• Service restriction: Specific subscription types are halted.
• Licence suspension: New subscriber acquisition is paused.
• Licence revocation: Authorisation is withdrawn entirely.
• Criminal complaint: Notification to the Chief Public Prosecutor's Office (e.g. for 5651/8 catalogue offences).

Comparison: BTK vs Other Countries' Regulators

It helps to position BTK in international context. The FCC (Federal Communications Commission) in the US, Ofcom in the UK, BNetzA in Germany, ARCEP in France, and BEREC and ENISA at the EU level all serve similar functions. Europe's Digital Services Act (DSA) and Digital Markets Act (DMA) partially parallel Turkey's 5651 Annex-4 and social network provider legislation.

• FCC (US): Spectrum, with First Amendment sensitivity in the censorship balance.
• Ofcom (UK): Content authority increased significantly with the 2023 Online Safety Act.
• BNetzA (DE): Network Enforcement Act (NetzDG) — social network content takedown.
• ARCEP (FR): Net neutrality and digital market oversight.
• BEREC (EU): Coordination among member-state regulators.
• ENISA (EU): Cybersecurity reference and certification (NIS2 integration).

5G, IoT and BTK's Future

Topics likely to dominate BTK's agenda over the next 3-5 years: post-5G-auction field deployment, the licensing model for IoT devices (licence-free LPWAN, LoRaWAN, Sigfox, NB-IoT), satellite internet providers (bringing LEO networks like Starlink and OneWeb under national regulation), the transition to quantum-safe encryption, and the legal framework for AI-driven content moderation.

• 5G field deployment: 2026-2028 dense rollout window.
• NB-IoT/LTE-M: Metering, logistics, smart-city scenarios.
• LoRaWAN/Sigfox: Licence-free band (868 MHz in Europe; varies by country).
• LEO satellite: Starlink Turkey licensing process, the coverage-equity debate.
• Quantum-safe TLS: Migration to NIST PQC algorithms.
• AI content moderation: Synthetic media detection and labelling.

Frequently Asked Questions

Are the ICT Chairmanship and BTK the same institution?

No. "ICT Chairmanship" most commonly refers to a policy unit inside a political party or an internal IT department within a ministry. The regulator BTK, on the other hand, is an independent upper board officially named the Information and Communication Technologies Authority.

Which ministry oversees the internet in Turkey?

The regulatory function sits with BTK; policy coordination runs through the Ministry of Transport and Infrastructure. The Presidential Digital Transformation Office plays a horizontal strategy role. So a "single ministry" answer would be misleading; regulation rests with the independent board.

Who appoints BTK's chair?

The BTK Board has seven members appointed by the President; the chair and deputy chair are elected from within. Members serve six-year terms.

How can a BTK decision be appealed?

Since BTK decisions are administrative acts, they can be challenged in the Ankara Administrative Court within 60 days. For content-based 5651 decisions, there is a right to appeal before the Magistrates' Court for Criminal Matters.

Is the BTK Akademi certificate genuinely valid?

Yes. It can be verified through e-Government and includes a verification code. It can be added to a CV; in private-sector hiring, it serves as a supporting credential alongside international certifications (Cisco, Microsoft, AWS, Google).

End-to-End Checklist

A minimum BTK-compliance checklist for a corporate site or operator in 2026:

• 1. Has hosting provider notification been filed?
• 2. Is 5651 log retention (1-2 years, hash + timestamp) functioning?
• 3. Is the KVKK VERBIS registration up to date?
• 4. Has a KEP address been assigned?
• 5. Is the SSL certificate valid and TLS 1.2+ enforced? (Let's Encrypt guide)
• 6. Is the e-Tebligat (electronic notification) address active?
• 7. Are cookie disclosure and KVKK disclosure texts published on the site?
• 8. Is marketing being run on a consent basis through İYS (Message Management System)?
• 9. Is the data breach / cyber-incident notification flow defined (USOM + KVKK 72-hour rule)?
• 10. If the social network provider threshold has been reached, has a representative been appointed?
• 11. Is content takedown / 5651 appeal procedure documentation ready?
• 12. Has an SLA for responding to BTK Consumer Complaint System cases been defined?

Useful Links

• btk.gov.tr — Official institutional page
• BTK Site Lookup
• BTK Consumer Complaints
• BTK Akademi
• USOM / TR-CERT
• Ministry of Transport and Infrastructure
• Digital Transformation Office
• KVKK
• e-Government
• mevzuat.gov.tr

Related Internal Articles

• BTK Lookup Guide — site lookup, line lookup, IMEI lookup
• WHOIS Lookup — finding the domain owner
• What Is DNS, How to Change It
• Domains and Domain Registration
• Getting a.com.tr Extension
• Internet Server Guide
• What Is Hosting
• VPS Security Hardening
• OWASP Top 10 2026
• DDoS Protection Guide
• OAuth 2.0 and OIDC
• Software Development Processes