Recent Decision of Turkish Telecommunications Authority on Remote Programmable SIM Technologies

Embedded SIM (often referred as "eSIM") is expected to be the next step for the technology in telecommunications sector. Adoption of eSIM technology eliminates the need for the physical plastic sim cards thus allowing phones and other devices supporting such technology to have cellular connection out of the box. This brings significant benefits for the users such as increasing the competition among the operators in the market (because customers may switch from one operator to another without needing to physically going to a branch), increased cybersecurity and enhanced protection of consumer right and personal data.

Acknowledging these positive aspects of eSIM technology and the need for a regulatory framework, Turkish telecommunications authority recently published a decision1 regarding the regulation of this technology in the Turkish market. Recently published decision of Information Technologies and Communication Authority ("ICTA" or "Authority") on the remote programmable SIM technologies2 ("Decision"), sets out the legal framework under which the operators, device manufacturers and consumers will offer or benefit from the eSIM technologies.

According to the Decision:

  1. The eSIM modules of devices (including wearables, cellphones, cars etc.) embedded with remote programmable SIMs technology which will be used in Turkey (either manufactured here or imported) are expected to be only be programmable by local operators and only the local operator profiles may be installed on such modules. (Otherwise, the devices will lose their connectivity within 120 days, please see below)
  2. All structures, systems and storage units, including other equipment and software foreseen for the eSIM platform in GSMA standards3 related to the remote programmable SIM technology infrastructure shall be established by a licensed local operator (or by a third party on behalf of the local operators) and within the Turkish territory. The decision also requires all related data to be kept within Turkish borders. 29 February 2020 have been set as the deadline for local operators to establish such systems.
  3. All system components stated in the previous paragraph, that will be established or used by the operators, must be certified with a 'domestic product' certificate by 29 February 2020.
  4. Unless stated otherwise by the Authority, applicable legislation for services provided through physical SIMs also applies to services offered through remote programmable SIM technologies,
  5. International data use via roaming shall be limited with 120 days (restriction of the IMEI registration period for imported devices) for the devices which are manufactured for use in Turkey or brought along by the passengers or imported to country.

Implications of the Decision

The time limitation on the roaming means permanent data roaming is prohibited for imported eSIM devices being used in Turkey. Hence imported devices relying on cellular connectivity with embedded SIMs such as automobiles, home appliances, wearable devices, tablets, readers or smartphones are expected to use local operators' SIM profiles. In order to prevent such equipment to be able to fully function after the first 120 days after its entrance into Turkey, manufacturers and/or reseller of such equipment will need to install local SIM profiles of one of the local operators.

The Decision does not include any effective implementation date for the rules stated therein. However, as the operators have approximately one year (until 29 February 2020) to establish the necessary systems for their own eSIM services to be fully operational, it may be assumed the rules will become effectively enforceable follsowing that date.

Footnotes

1. The Decision is dated 12.02.2019 and numbered 2019/DK-TED/053

2. eUICC, eSIM/embedded SIM etc. for further details: https://www.gsma.com/iot/embedded-sim/

3. Systems including but not limited to profile data preparation and secure routing servers (SM-DP (Subscription Manager Data Preparation), SM-SR (Subscription Manager Secure Routing), SM-DP +, SM- DS (Subscription Manager Discovery Server), Data Center and system components with similar functions that can be determined by GSMA in the process) and software operating on system components with similar functions, platforms, mobile application for subscription profile management including LPA (Local Profile Assistant)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.