Xawery Konarski, Attorney-at-law and Senior Partner at Traple Konarski Podrecki & Partners
Work is currently underway in Poland and the EU on more than fifty legislative acts that constitute the sources of new technologies law. A list of the most important of these acts is given below, divided into particular subject areas within new technologies (cybersecurity, e-privacy, e-commerce, innovation, Internet, telecommunications, intellectual property, and data management). Mark Twain once said “nobody is safe of his life, property, and health when the parliament deliberates”.
Cybersecurity
Legislative proposal to amend the Polish National Security System (NSS) Act.
Status: The current proposal to amend the National Cybersecurity System Act is dated 3 October 2023, and the bill amending the NSS is expected to be passed in Q I/II 2023.
Who is affected: the obligations apply equally to public and private entities that hold operator of essential services and/or digital service provider status in the meaning of the NSS. Digital service providers include for instance cloud computing service, online shopping site, and online search site providers.
The main provisions in the amendment to the NSS:
- Incorporation of electronic communications operators into the national cybersecurity system,
- Incorporation of information sharing and analysis centers (isac) into the national cybersecurity system. Isacs are tasked with collecting, analyzing, and sharing information about vulnerabilities, cyberthreats, and cybersecurity incidents,
- Unifying cybersecurity incident reporting procedures,
- Introducing an option whereby external socs (security operations center – specializing in this field) perform cybersecurity tasks,
- Creating a national cybersecurity certification scheme, in which cybersecurity certificates will be issued,
- Hardware and software suppliers will be subject to a procedure to verify the kind of threats that could arise if particular hardware or software they offer was used in crucial entities in the polish economy,
- Granting of further powers to the government plenipotentiary for cybersecurity.
Read more HERE