Turkey's parliament passed sweeping amendments to its internet law on April 23, 2026, banning children under 15 from social media and requiring platforms to deploy age verification and parental controls. The package was published in the Official Gazette on May 1, 2026 and takes effect six months later, around November 1. The political trigger was raw: a 14-year-old killed nine students and a teacher in a school shooting in Kahramanmaraş on April 14, after which police arrested 162 people for sharing footage and President Erdoğan called social platforms "cesspools."
The case for acting is real
It would be a mistake to dismiss the impulse behind this law. Parents across democracies are genuinely alarmed about what algorithmic feeds do to children, and governments from Australia to several U.S. states are converging on the same instinct. A grieving country reaching for parental controls and age gates after a massacre is not acting in bad faith. If the law did only what its title advertises — give parents tools to manage account settings, approve purchases, and limit screen time for their kids — it would be a defensible, even unremarkable, piece of child-protection policy.
The problem is that child safety here is the wrapper, not the substance. And the substance is a marked expansion of state control over what every adult Turk can say and read online.
The evidence the ban rests on is thinner than claimed
The ban's premise — that keeping under-15s off social media will make them safer — is asserted far more confidently than the science supports. The most authoritative review available, the National Academies of Sciences consensus report on social media and adolescent mental health, explicitly declined to find a causal link. Its committee concluded "there is no easy answer to whether increasing social media use is associated with growing mental distress for adolescents," and that the literature "is quite far from being able to provide confidence that particular behaviors" cause harm. The peer-reviewed version archived at the NIH reaches the same measured verdict.
That matters, because blanket age bans are a blunt instrument justified by a sharp claim. As the Electronic Frontier Foundation argued in May 2026, much of the legislative wave rests on "correlation being sold as causation" — and the empirical case for cutting an entire age cohort off from connection, community, and information is weaker than the certainty of the laws built on it.
The enforcement architecture is the real story
Where the law turns from questionable to alarming is its enforcement machinery, handed to the BTK communications regulator. Penalties escalate from administrative fines to a ban on new advertising if a platform stays non-compliant past 30 days, then to court-approved bandwidth throttling of 50 percent rising to 90 percent, and finally to outright access bans. Large platforms must execute urgent removal orders "within one hour." The window for providers to comply with regulator demands was cut from three months to fifteen days.
This is not child-safety infrastructure. It is generalized leverage over speech. A regulator that can throttle a platform to 10 percent of its speed, or block it entirely, does not need to censor any specific post — it can make hosting Turkish users so degraded that platforms self-censor to stay reachable. Turkey has form here: it throttled and blocked Instagram and Roblox during political flashpoints, and the opposition CHP warned that children should be protected "not with bans but with rights-based policies."
The identity mandate removes the mask
The clearest tell is the parallel push, advanced alongside the child-safety law, to require every Turkish citizen — not just minors — to verify identity to use social media. As Biometric Update reported, Justice Minister Akın Gürlek framed the goal as ensuring "people do not operate anonymously" on platforms with more than one million daily users, with verification routed through the state e-Devlet portal and the resulting identity data held by the BTK itself.
Strip away the framing and the design is coherent: link every account to a government ID, hold that linkage in the regulator's hands, and back it with the power to throttle or block any platform that resists. Age verification for children is the on-ramp to identity verification for everyone. Once a platform builds the plumbing to confirm a user is over 15 via e-Devlet, the same plumbing confirms exactly who that user is — and a regulator holding both the identity map and the throttle switch has assembled, piece by piece, the most powerful speech-control toolkit Turkey has ever had.
Proportionate alternatives exist
None of this is the price of protecting children. Device-level and operating-system parental controls, default privacy settings for minors, and transparency mandates on recommender systems address the same harms without conscripting the entire adult population into a state identity database. The proportionate path treats children's safety as a discrete problem with targeted, less-rights-intrusive tools — not as a justification for infrastructure whose obvious second use is surveillance and censorship.
Whether Turkey's law functions as child protection or as a control layer over digital speech will turn entirely on how the BTK wields its new powers. The architecture it has been handed points in one direction. The world should watch closely, because the template — wrap identity verification and throttling authority inside a child-safety bill — travels easily, and Turkey is exporting a model, not just regulating its own kids.