Introduction
Artificial intelligence is rapidly changing the telecommunications sector in Turkey. Telecom operators now use AI-based systems for network optimization, traffic prediction, fault detection, capacity planning, fraud prevention, customer service automation, call center analytics, cybersecurity monitoring, predictive maintenance, energy efficiency, 5G network slicing, subscriber churn prediction and service quality management.
This development creates major opportunities. AI can help operators reduce outages, allocate spectrum more efficiently, detect cyberattacks earlier, improve customer experience, manage large IoT networks and support the transition to 5G and future-generation networks. However, AI also creates legal risks. An automated system may make discriminatory customer decisions, process personal data unlawfully, misclassify network incidents, produce opaque security alerts, block legitimate traffic, cause service interruption, expose confidential network data or create liability disputes between operators and vendors.
Turkey does not yet have a fully enacted standalone artificial intelligence statute comparable to the EU AI Act. However, AI use in telecom is already regulated indirectly through electronic communications law, BTK authorization and supervision, network and information security obligations, KVKK, consumer protection rules, cybersecurity requirements, contract law, product safety rules and sector-specific operator obligations. In addition, AI-related legislative proposals are before the Turkish Parliament. One TBMM proposal concerning AI systems is shown as being at the commission stage, which means companies should monitor future legislative change carefully.
The main telecom regulator is the Information and Communication Technologies Authority, known as BTK. BTK states that applications for initial authorization, additional authorization, renewal, authorization adequacy control and operator information updates are handled through the CEVHER system. BTK also states that Law No. 5809, authorization regulations and operator agreements include obligations on network and information security. Therefore, when a telecom operator deploys AI in network management, it should not treat the system as a mere internal software tool. AI may affect regulated telecom services, network security, personal data, service quality, customer rights and regulatory accountability.
What Is AI-Based Network Management?
AI-based network management refers to the use of machine learning, predictive analytics, automation, optimization algorithms and advanced data processing to operate, monitor or improve telecom networks. Instead of relying only on manual engineering decisions, operators use AI systems to analyze large volumes of network data and recommend or execute operational actions.
AI-based network management may include:
Traffic prediction.
Dynamic capacity allocation.
Fault detection.
Root cause analysis.
Predictive maintenance.
Radio access network optimization.
Energy saving in base stations.
DDoS detection.
Fraud detection.
SIM swap anomaly detection.
Customer experience analytics.
Automated ticket prioritization.
Network slicing management.
IoT device behavior monitoring.
Quality of service prediction.
Call center routing.
Automated customer support.
In more advanced models, AI may not only detect problems but also take action. For example, the system may reroute traffic, adjust radio parameters, allocate bandwidth, suspend suspicious activity, trigger alarms, open trouble tickets or recommend customer notifications. The more autonomous the AI system becomes, the greater the legal need for auditability, human oversight, documentation and risk management.
Why Telecom AI Is Legally Sensitive
Telecom AI is legally sensitive because telecom networks are essential infrastructure. They support emergency communication, banking, public services, business continuity, hospitals, transportation, education, government systems, data centers, cloud services, mobile communications and daily life. A mistake in network management can affect thousands or millions of users.
AI in telecom is also sensitive because it processes large datasets. Network management systems may use traffic data, IP addresses, device identifiers, location-related data, call detail records, customer complaint records, billing data, signal strength, usage patterns, fault reports and cybersecurity logs. Some of these data categories may qualify as personal data under KVKK.
Telecom AI also affects fairness and transparency. An algorithm may decide which network incident receives priority, which customer is offered a retention package, which connection is throttled, which account is flagged as fraud, which user is blocked from a service or which region receives capacity upgrades first. If these decisions are not governed properly, they may create discrimination, consumer disputes or regulatory scrutiny.
Main Legal Framework in Turkey
The legal framework for AI-based telecom network management in Turkey consists of several layers.
First, Law No. 5809 on Electronic Communications and BTK regulations govern electronic communications services, network operation, authorization, technical standards, tariffs, consumer protection, numbering, spectrum, infrastructure and operator supervision. BTK’s technical regulation materials state that Turkey’s relations with international telecommunications standards organizations are conducted through BTK, and that BTK coordinates national positions and implements decisions taken in these organizations.
Second, network and information security rules apply. BTK states that the Constitution, Law No. 5809, operator privilege agreements and authorization regulations include obligations related to network and information security. AI systems used to monitor, protect or operate telecom networks therefore need to comply with these security expectations.
Third, KVKK applies where personal data is processed. The Turkish Personal Data Protection Authority has published recommendations on personal data protection in artificial intelligence, stating that where high risk is foreseen in AI work based on personal data processing, a privacy impact assessment should be conducted.
Fourth, Turkey’s National Artificial Intelligence Strategy 2021–2025 provides policy context. The strategy identifies a national vision of creating value on a global scale with an agile and sustainable AI ecosystem for a prosperous Turkey.
Fifth, international developments matter. The EU AI Act entered into force on 1 August 2024 and follows a phased application timeline. Turkish telecom operators and technology vendors working with EU customers, EU group companies or EU-facing AI systems may need to consider EU AI governance expectations in addition to Turkish law.
BTK Authorization and AI Deployment
A telecom operator’s ability to use AI depends first on its authorized service scope. AI does not replace authorization. If a company provides electronic communications services, operates electronic communications infrastructure or manages networks, it must remain within its BTK authorization framework.
AI vendors should also be careful. A software company providing AI network optimization tools to an authorized operator may not itself become an operator merely by selling software. However, if the vendor operates network functions, controls traffic management, provides managed connectivity, hosts core network components or directly provides electronic communications services, BTK authorization analysis may become necessary.
The contract should clearly define whether the AI vendor is:
A software supplier.
A managed service provider.
A data processor.
A network operations contractor.
A telecom infrastructure operator.
A cloud provider.
A cybersecurity service provider.
An electronic communications service provider.
This classification affects BTK compliance, liability, data protection, cybersecurity, audit rights and regulatory reporting.
AI and Network Security
AI can improve telecom cybersecurity. It can detect unusual traffic, identify DDoS attacks, flag compromised IoT devices, detect SIM swap patterns, monitor abnormal routing, recognize malware command-and-control behavior and prioritize incident response. However, AI can also create new attack surfaces.
An attacker may poison training data, evade detection models, manipulate logs, exploit automated response systems, trigger false alarms, overload monitoring tools or compromise the AI model itself. If a telecom operator relies too heavily on AI without human oversight, it may fail to detect novel attacks or may block legitimate traffic.
BTK’s network and information security framework makes security governance central to telecom operations. Since BTK identifies Law No. 5809 and authorization instruments as sources of network and information security obligations, operators using AI for network security should document how the system supports these obligations.
A legally defensible AI security program should include:
Model risk assessment.
Security testing.
Human review for critical alerts.
Incident escalation rules.
Audit logs.
Model update records.
False positive and false negative monitoring.
Access controls.
Vendor security assessment.
Data integrity controls.
Business continuity procedures.
Rollback mechanisms.
AI should support security governance, not replace it.
AI and Personal Data under KVKK
AI-based network management often involves personal data. Even where the operator does not directly analyze names or identity numbers, network data may still identify or relate to individuals. IP addresses, device identifiers, location patterns, call records, customer complaints, billing behavior and usage profiles can all be personal data depending on the context.
KVKK requires lawful, fair, accurate, purpose-limited, proportionate and time-limited processing. AI projects can easily violate these principles if operators collect excessive data, combine datasets for new purposes, retain logs indefinitely or use customer data for unrelated analytics.
The Personal Data Protection Authority’s AI recommendations emphasize privacy impact assessment where high risk is foreseen in AI work based on personal data processing. For telecom operators, many AI projects may be high-risk because they involve large-scale data, communication metadata, location-related information or automated decisions affecting users.
Before deploying AI, telecom operators should ask:
What data is used?
Is the data personal data?
Is special category data involved?
What is the legal basis?
Is the purpose clear?
Is the data minimized?
Is anonymization or pseudonymization possible?
Are customers informed?
Is data used for a new purpose?
Is profiling involved?
Is cross-border transfer involved?
Who has access to model outputs?
How long are data and outputs retained?
Can the operator explain the decision?
A telecom AI system without data governance may create KVKK exposure even if it improves network performance.
AI, Traffic Data and Communication Confidentiality
Telecom networks generate traffic data and communication-related metadata. AI systems may analyze this data to detect congestion, fraud, cyberattacks or quality problems. However, communication confidentiality is a core legal value in telecom regulation.
The content of communications and communication metadata should not be accessed or analyzed beyond lawful purposes. AI systems should be designed to avoid unnecessary inspection of communication content. Where metadata analysis is sufficient, content analysis should not be used. Where aggregated network statistics are sufficient, individual-level profiling should be avoided.
Operators should separate:
Network performance analytics.
Security analytics.
Customer profiling.
Marketing analytics.
Lawful interception obligations.
Fraud detection.
Billing verification.
Each purpose has a different legal basis and risk level. A dataset collected for network security should not automatically be reused for marketing or customer scoring.
AI and Service Quality
AI can improve service quality by predicting outages, optimizing network resources and identifying weak coverage areas. BTK regulates and supervises end-user tariffs and operator conduct within the electronic communications framework. BTK explains that tariffs applied to end users are regulated, monitored and supervised by the Authority within the relevant legislation, primarily Law No. 5809. Although tariffs and service quality are not the same issue, both are part of the broader regulated relationship between operator and user.
If AI affects service quality, operators should be able to explain how the system works and how it prevents harm. For example, if AI throttles certain traffic, deprioritizes certain users or reallocates capacity away from a region, the operator must consider whether this is consistent with contracts, tariff disclosures, service quality obligations and consumer rights.
Service quality AI should be monitored for:
Regional discrimination.
Repeated under-service in certain areas.
Incorrect congestion predictions.
Unfair enterprise customer prioritization.
Failure to honor SLA commitments.
Impact on emergency communications.
Impact on vulnerable users.
Transparency of traffic management policies.
Corporate customers may also request contractual disclosure of AI-based network management if it affects SLA performance.
AI and 5G Network Management
5G increases the importance of AI in telecom networks. 5G networks are more complex than previous generations because they involve dense infrastructure, software-defined networks, network slicing, edge computing, massive IoT and low-latency services. AI can help manage these complexities.
In Turkey, 5G has become a major regulatory and investment topic. AI-based optimization may support 5G radio planning, dynamic resource allocation, interference management, predictive maintenance and energy efficiency. However, where AI manages network slicing or mission-critical services, the legal stakes increase.
A 5G network slice for a hospital, factory, port, emergency service or autonomous vehicle system may require stronger reliability and cybersecurity than ordinary consumer mobile internet. If AI misallocates resources, the harm may be operationally significant.
5G AI contracts should address:
Network slice performance.
Latency commitments.
Human override.
Incident response.
Cybersecurity monitoring.
Data location.
Model update procedures.
Regulatory cooperation.
SLA measurement.
Liability for automated decisions.
AI should be embedded into 5G governance, not deployed as an opaque optimization layer.
AI and IoT Network Management
IoT networks create large-scale AI opportunities. Telecom operators may use AI to detect abnormal IoT behavior, identify compromised devices, manage data traffic, optimize battery life, monitor smart city devices, support logistics fleets and prevent network overload.
However, IoT AI also creates legal risks. A smart meter, vehicle tracker, healthcare device, industrial sensor or public safety device may produce sensitive operational or personal data. AI-based decisions may affect public infrastructure, energy usage, transport or industrial safety.
If an AI system disconnects IoT devices because it wrongly classifies them as compromised, the operator or customer may suffer operational damage. If the system fails to detect a botnet of compromised IoT devices, network security may be harmed.
IoT telecom contracts should define:
Who controls AI monitoring.
Which data is analyzed.
Whether device-level profiling occurs.
How false positives are handled.
Who approves device suspension.
Whether alerts are sent to the customer.
How emergency devices are protected.
What audit records are kept.
Who is liable for automated disconnection.
AI and Fraud Prevention
Telecom fraud is a major use case for AI. Operators may use AI to detect SIM swap patterns, unusual call routing, international revenue share fraud, subscription fraud, identity misuse, SMS fraud, phishing infrastructure, suspicious dealer activity and account takeover attempts.
Fraud prevention is a legitimate and important aim, but it still requires legal safeguards. If a customer is wrongly flagged as fraudulent, their line may be suspended, their transaction may be blocked or their personal reputation may be affected. If a dealer is wrongly flagged, commercial relations may be damaged.
Fraud AI systems should include:
Clear fraud indicators.
Human review for serious actions.
Appeal or complaint procedure.
Audit trails.
Bias testing.
Dealer notification process where appropriate.
Data minimization.
False positive monitoring.
Regular model evaluation.
Fraud prevention should be effective but not arbitrary.
AI-Based Customer Service and Call Centers
Telecom operators increasingly use AI in call centers. AI may route calls, evaluate customer emotions, summarize conversations, recommend responses, detect complaints, measure agent performance, automate chatbots or predict churn.
This creates several legal risks. Call recordings are personal data. Voice analysis may become sensitive if it involves biometric identification or emotion analysis. Automated recommendations may influence contract offers, cancellation handling or complaint outcomes.
If AI is used in customer service, customers should be informed where legally necessary. Operators should avoid misleading customers into thinking they are speaking to a human when the interaction is automated, especially where the conversation involves contract approval, complaint handling or personal data requests.
AI call center governance should include:
Call recording notice.
Privacy notice.
Purpose limitation.
Agent oversight.
Review of AI-generated summaries.
Protection against hallucinated summaries.
Complaint escalation.
Data retention rules.
Training data controls.
Vendor access restrictions.
Human review for legal requests.
A chatbot that gives wrong cancellation information may create legal liability.
Algorithmic Transparency and Explainability
Telecom AI does not always need to disclose source code to users. However, operators should be able to explain AI-driven decisions internally, to regulators, to courts and sometimes to customers. Explainability is especially important where AI affects service suspension, fraud flags, tariff eligibility, SLA performance, network prioritization or complaint outcomes.
An operator should be able to answer:
Why did the system take this action?
Which data was used?
Was the model operating correctly?
Was there human review?
Was the decision consistent with policy?
Was the customer informed?
Can the decision be reversed?
Was there discrimination?
Was the model updated recently?
Without explainability, the operator may struggle to defend itself in BTK investigations, KVKK complaints, consumer disputes, corporate SLA claims or litigation.
Vendor Contracts for Telecom AI
Telecom operators often purchase AI tools from vendors. These may include network equipment suppliers, cloud AI providers, cybersecurity companies, analytics vendors, call center software providers, managed service providers and global technology companies.
Vendor contracts should be drafted carefully because AI-related disputes are different from ordinary software disputes. The operator should not accept a black-box system without rights to audit, test, monitor, suspend, update or exit.
Key clauses include:
AI system description.
Intended use.
Performance metrics.
Training data responsibility.
Data protection roles.
Cybersecurity obligations.
Model update procedure.
Explainability commitments.
Audit rights.
Regulatory cooperation.
Incident notification.
Bias and error monitoring.
Service continuity.
Human override.
Data localization.
Cross-border transfer restrictions.
Intellectual property.
Liability and indemnity.
Termination assistance.
Model portability.
If the vendor’s AI causes network failure, data breach or regulatory non-compliance, the contract should allocate liability clearly.
Data Localization and Cross-Border AI Processing
Telecom AI systems may rely on foreign cloud infrastructure, global analytics teams or international model providers. This creates cross-border transfer and localization issues. KVKK cross-border transfer rules must be assessed where personal data is transferred abroad or accessed from abroad.
Telecom-specific requirements may also apply depending on the data type, service and infrastructure. Operators should avoid sending sensitive network data, subscriber data or traffic-related data to foreign AI platforms without legal analysis.
A safe approach is to conduct a data flow map:
Which data enters the AI system?
Where is it stored?
Where is the model hosted?
Who can access it?
Are logs transferred abroad?
Are outputs transferred abroad?
Is training performed abroad?
Are vendors using the data to improve their own models?
Can data be deleted?
Can data be returned?
Cross-border AI processing should not be hidden in technical architecture.
AI Governance Program for Telecom Operators
A telecom operator using AI should establish a formal AI governance program. This program should not be limited to IT. It should include legal, compliance, network engineering, cybersecurity, data protection, customer experience, procurement and internal audit teams.
An AI governance program should include:
AI inventory.
Risk classification.
Data protection assessment.
Cybersecurity assessment.
Regulatory impact review.
Vendor review.
Human oversight rules.
Model documentation.
Testing and validation.
Incident response.
Customer complaint process.
Audit trails.
Periodic review.
Board-level reporting for high-risk systems.
The operator should know where AI is used. Many companies discover that AI is embedded in vendor tools, network equipment, call center software, analytics platforms and security systems without a central inventory. This creates hidden risk.
AI and Corporate Telecom Contracts
Corporate customers may ask whether AI is used to manage their services. This is especially important for banks, hospitals, data centers, factories, logistics companies and public institutions. If AI affects network routing, cybersecurity, service prioritization or SLA reporting, corporate customers may request contractual protections.
Corporate telecom contracts may include:
Disclosure of AI use for critical functions.
Human escalation for outages.
AI-generated report verification.
SLA measurement independence.
No automated suspension without notice.
Cybersecurity incident cooperation.
Data processing limits.
Audit rights.
Explanation of major automated decisions.
Liability for AI-caused outages.
For mission-critical services, customers may require that AI recommendations be reviewed by engineers before changes affecting the customer’s network are implemented.
AI and Regulatory Supervision
BTK may request information and documents from operators and may supervise them financially, technically, legally and administratively. If an AI system affects regulated services, an operator should be prepared to explain it during regulatory review.
AI documentation should therefore be regulator-ready. Operators should maintain records of system purpose, risk assessment, data sources, vendor details, security controls, test results, incident records, customer impact, human oversight and corrective actions.
If an outage occurs and AI played a role, the operator should be able to reconstruct the event. Which model made the recommendation? Was it automated? Was there human approval? Was the model recently updated? Were alerts ignored? Was the incident reported?
Without logs, the operator may face difficulty proving compliance.
Turkish AI Policy and Future Regulation
Turkey’s National Artificial Intelligence Strategy 2021–2025 shows that AI is a national policy priority. The strategy’s vision is to create value globally with an agile and sustainable AI ecosystem for a prosperous Turkey.
At the legislative level, TBMM records show AI-related bills at the commission stage. One proposal states that it aims to introduce regulations concerning AI systems and remains in commission. Another TBMM proposal summary states that it aims to ensure safe, ethical and fair use of AI technologies, protect personal data, prevent privacy violations and establish a regulatory framework for AI development and use.
For telecom operators, this means that AI governance should be built now. Waiting for a final AI law may create compliance debt. Future regulation may require documentation, risk assessment, transparency, human oversight, safety controls, data governance and accountability. Operators that already maintain AI inventories and risk controls will adapt more easily.
EU AI Act and Turkish Telecom Companies
The EU AI Act is not Turkish law. However, it may affect Turkish telecom companies and vendors in several ways. The Act entered into force on 1 August 2024 and will become fully applicable according to a phased timeline, with exceptions. It aims to foster responsible AI development and deployment in the EU.
A Turkish telecom vendor may be affected if it provides AI systems into the EU market. A Turkish operator may be affected if it is part of an EU group, provides services to EU customers, uses EU-based AI systems or processes data in a way connected with EU operations. EU-based customers may also contractually require AI Act-style compliance, even where Turkish law does not yet impose the same framework.
Therefore, Turkish telecom companies should monitor EU AI Act concepts such as risk classification, transparency, technical documentation, human oversight, data governance and post-market monitoring.
Liability for AI-Caused Telecom Failures
If AI causes a network failure, liability may be disputed among the operator, vendor, subcontractor, equipment supplier, cloud provider and customer. For example, an AI system may incorrectly reroute traffic, misconfigure network parameters, suspend legitimate users, fail to detect a cyberattack or produce inaccurate SLA reports.
The operator may remain responsible to its customers and regulator even if the AI tool was supplied by a vendor. The vendor may be liable to the operator under the software or managed service contract. The final allocation depends on contract terms, fault, causation, warranties, limitations of liability and regulatory obligations.
Telecom AI contracts should not treat AI errors as ordinary software bugs. They should address:
Model performance warranties.
Testing obligations.
Change control.
Rollback.
Human override.
Critical incident support.
Regulatory cooperation.
Liability caps.
Exceptions for data breach or gross fault.
Indemnity for non-compliance.
Evidence preservation.
AI-caused failure can become a legal dispute if the contract is silent.
Practical Compliance Checklist for Telecom Operators
Telecom operators should follow this checklist:
Create an AI inventory.
Classify AI systems by risk.
Identify systems affecting network operations.
Map personal data processing.
Conduct privacy impact assessments for high-risk AI.
Review BTK authorization implications.
Review network security obligations.
Define human oversight rules.
Document model logic and limitations.
Test AI before deployment.
Monitor false positives and false negatives.
Prepare rollback procedures.
Review vendor contracts.
Control cross-border data transfers.
Maintain audit logs.
Train network and compliance teams.
Prepare customer complaint processes.
Review corporate SLA impact.
Monitor Turkish AI legislation.
Monitor EU AI Act exposure.
Practical Compliance Checklist for AI Vendors
AI vendors serving telecom operators should:
Define the system’s intended use.
Avoid overstating autonomous capabilities.
Provide technical documentation.
Explain data requirements.
Clarify training data sources.
Offer security documentation.
Support KVKK compliance.
Support regulatory audits.
Provide model update notices.
Maintain incident response procedures.
Allow human override.
Define liability clearly.
Avoid using operator data for unrelated model training without lawful basis.
Support data deletion and portability.
Comply with Turkish telecom sector requirements where applicable.
Practical Compliance Checklist for Corporate Customers
Corporate customers purchasing AI-supported telecom services should:
Ask whether AI affects service delivery.
Review SLA measurement methods.
Require human escalation for critical incidents.
Request transparency for automated suspension.
Define data processing roles.
Review cybersecurity obligations.
Require incident notification.
Ensure audit rights for critical services.
Negotiate liability for AI-caused outages.
Request explanation rights for major automated decisions.
Avoid relying solely on operator-generated AI reports.
Plan backup connectivity.
Conclusion
Artificial intelligence is becoming a central part of telecom network management in Turkey. It can improve service quality, reduce outages, strengthen cybersecurity, optimize 5G networks, support IoT connectivity, detect fraud and improve customer service. However, AI also creates legal risks involving BTK regulation, network security, personal data, communication confidentiality, service quality, consumer protection, contractual liability and regulatory supervision.
Turkey does not yet have a fully enacted standalone AI statute comparable to the EU AI Act, but AI is already regulated indirectly through existing legal frameworks. BTK authorization and network security rules remain central for telecom operators. KVKK applies whenever personal data is processed. The Personal Data Protection Authority’s AI recommendations emphasize privacy impact assessment for high-risk AI processing. AI-related bills currently at the commission stage also show that the legal framework may become more specific in the near future.
The key compliance principle is accountability. A telecom operator should be able to identify where AI is used, what data it processes, how it affects network operations, what risks it creates, how it is monitored, who can override it and how its decisions can be explained. AI systems that affect critical network functions should not be opaque, undocumented or fully uncontrolled.
A legally sound AI strategy for telecom in Turkey should combine BTK compliance, KVKK governance, cybersecurity, vendor contract controls, human oversight, audit logs, risk assessment, customer transparency and incident response. Operators that build these safeguards now will be better prepared for future Turkish AI legislation, EU AI Act-related market expectations and the technical complexity of 5G and next-generation networks.
Frequently Asked Questions
Is artificial intelligence specifically regulated in Turkey?
Turkey does not yet have a fully enacted standalone AI law comparable to the EU AI Act. However, AI is regulated indirectly through existing laws such as KVKK, electronic communications law, cybersecurity rules, consumer protection, contract law and sector-specific regulations. AI-related bills are also before TBMM commissions.
Can telecom operators use AI for network management in Turkey?
Yes, but AI use must comply with BTK authorization, network security, service quality, personal data protection, contractual and cybersecurity obligations. AI should not be used in a way that violates Law No. 5809, BTK rules or KVKK.
Does BTK regulate AI directly in telecom networks?
BTK does not currently have a standalone AI-in-telecom regulation. However, BTK regulates and supervises electronic communications operators, network security, technical standards, authorization and operator compliance. AI systems affecting regulated services may therefore fall within BTK supervision indirectly.
Does KVKK apply to AI-based network management?
Yes. If AI systems process personal data such as IP addresses, device identifiers, traffic-related data, customer records, location-related data or usage patterns, KVKK applies. The Personal Data Protection Authority recommends privacy impact assessment for high-risk AI processing based on personal data.
Can AI be used for telecom fraud prevention?
Yes. AI may be used to detect SIM swap, subscription fraud, suspicious dealer activity, phishing patterns and abnormal network behavior. However, serious actions such as line suspension should include human review and audit records.
What is the biggest legal risk of AI in telecom?
The biggest risk is deploying opaque AI systems that affect network operations, customers or personal data without documentation, human oversight, data governance or auditability.
Should telecom operators create an AI inventory?
Yes. Operators should know where AI is used in network management, cybersecurity, customer service, fraud detection, billing, service quality, call centers and analytics. Without an AI inventory, hidden compliance risks may remain unmanaged.
Does the EU AI Act matter for Turkish telecom companies?
It may matter if a Turkish telecom company or AI vendor provides AI systems to the EU, serves EU customers, belongs to an EU group or faces contractual EU AI Act-style compliance requirements. The EU AI Act entered into force on 1 August 2024.
Who is liable if AI causes a telecom outage?
Liability depends on the contract, fault, causation, regulatory duties and technical facts. The operator may remain responsible to customers and regulators, while the AI vendor may be liable to the operator under vendor contracts.
What should be included in telecom AI contracts?
Telecom AI contracts should include intended use, data processing roles, cybersecurity, technical documentation, model updates, audit rights, human override, incident notification, regulatory cooperation, liability, indemnity, data localization and termination assistance.
Yanıt yok