One of the most important elements Turkey’s deal regarding the Syrian refugees with the EU in November was a conditional commitment to the removal of the Schengen visa to Turkish citizens. There is also a technical aspect to fulfill in order to achieve this target in October 2016. Perhaps the most important of these was the enactment of legislation in line with EU norms on the Protection of Personal Data. This regulation was prepared by the Ministry of Justice and is currently being discussed in the TBMM. EDAM has published a discussion paper on Turkey’s legislative background and on this legislation, which is expected to complete a major deficit on the way to becoming a more modern economy. This study, prepared by Akın Ünver, Kadir Has University lecturer and Grace Kim, EDAM specialist, points out some problems in the design of the law. It is assessed that the anticipated Data Protection Board’s doubts about independence from the executive branch and the exceptions granted to public and public institutions in the name of access to personal data may constitute a problem for EU compliance. If the scheme is adopted in this way, the main risk is that Turkey can not earn the title of a safe country to which personal data can be transferred, even though the legislation of Turkey may have resulted in an assessment by the EU. Moreover, with the legislation on the Protection of Personal Data, national and international companies that can transfer data to abroad will be obliged to comply with this regulation. However, the fact that the EU does not put Turkey in the definition of a safe country in terms of data protection will also make it uncertain that Turkey will approve the transfer of data to the EU countries.