Agnieszka Wachowska

Changes in prices of materials and raw materials on international markets have a major effect on the Polish public procurement market. The May 2022 consumer price indices published by the Central Statistical Office show an increase in prices of goods and services in May 2022 of 13.9% (prices of goods by 14.9% and services by 10.8%) compared to the same month in the previous year.

On 20 June 2022, the Polish Ministry of Culture and National Heritage commenced public consultations on a proposal to amend the Copyright Law of 4 February 1994. The provisions being discussed are intended primarily to transpose Directive (EU) 2019/790 of the European Parliament and of the Council of 17 April 2019 on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC. Meanwhile, the proposed amendment also includes provisions that may change computer program licensing terms, and this could have significant implications for the Polish IT sector.

On 15 June 2022, a proposal for a bill on combating abuses in electronic communication was published on the Government Legislation Centre website. The proposal is intended mainly to combat and counteract cyberthreats such as generation of artificial traffic, smishing, and CLI spoofing. To this end, specific obligations are envisaged under the legislation for telecommunications operators and e-mail providers. Public consultations have been completed and the document is currently undergoing an interdepartmental consultation process.

On 25 March 2022, the Government Legislation Centre published what is now the seventh version of a bill amending the National Cybersecurity System Act. The previous version of the bill, of 12 October 2021, caused much controversy among the public – especially proposals regarding the procedure for classifying a hardware or software supplier as a high-risk supplier, and the possibility of instructions being issued as security measures requiring the entities that form the national cybersecurity system to take certain kinds of action.

While blockchain is mainly perceived as technology that is the foundation for known cryptocurrency, the increasing number of uses in various sectors of the economy in Poland, such as use to comply with the legal obligation to provide information on a durable medium, show that it has much greater potential. The President of the Office of Competition and Consumer Protection (UOKiK) has now expressed approval for this practice, opening the way for providers of this technology to devise solutions of this kind and supply them to a broad range of organizations.

Low-code/no-code platform solutions are currently one of the most rapidly growing IT market segments. As use of this model becomes more widespread, it is the cause of a range of challenges when drafting agreements for implementation or maintenance of systems, and this is due to the specific nature of this approach to constructing software.

In December 2021, the Council of the European Union, of which the presidency was held by Slovenia, reached a consensus on the wording of the NIS2 Directive, due to replace the current NIS Directive (2016/1148) in force since 2016, and the Critical Entity Resilience Directive (CER), due to replace Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European Critical Infrastructures.

As January came to an end, a parliamentary process began in the EU concerning the first regulatory framework proposal in history on artificial intelligence. The work gained momentum when further amendments were proposed, among other things to ease a range of provisions relating to high-risk AI system providers. Under the new regulations, the EU is to be the world leader in artificial intelligence.

A government proposal to amend the National Cybersecurity System Act (CSA) has been published after many weeks of public statements. The proposal is somewhat similar to the proposal for an amendment to the act of last year, which was discussed in our previous international newsletter. However, it contains a range of new solutions not announced to the public before.  Although a very short timeframe has been set, many comments have been submitted regarding the proposed bill, from business organizations and elsewhere. Government officials have said that the proposal has been submitted to the Government National Security and Defence Committee (KRMBNSO).

Even last year, plans were announced to amend the Act of 5 July 2018 on the National Cybersecurity System (CSA), and the first draft of the bill was submitted for public consultations on 7 September 2020. Since then, the envisaged amendment has been revised repeatedly in the course of legislative work, and the final version of the bill – of 4 March 2021 – is now being reviewed by the Council of Ministers. Although it does not affect the crucial issues regulated in the act, there is a lot of interest in the amendment to the CSA on the part of business, and not only firms on the IT market. The proposed changes are briefly summarized below, while it is still not certain that the proposed changes will be enacted due to the lengthy period of work on the bill.

As it is difficult to find the right specialists on the market, body leasing is an increasingly popular means of finding qualified specialists for specific tasks. This is particularly true of the Polish IT sector. Meanwhile, due to this type of business relationship not being regulated specifically in Polish law, special care is required to protect the parties’ interests when drafting an agreement.

A hub of the European cloud computing technology development project Gaia-X was launched in Poland on 2 September on the second day of the CYBERSEC 2021 conference held in Krynica Zdrój. The Polish arm is to work on developing efficient, competitive and secure data infrastructure in hybrid cloud computing. In Poland, the project is overseen by the Polish Chamber of Information Technology and Telecommunications and the Digital Poland Association.

Withholding tax is tax levied at a fixed rate on certain types of revenue generated in Poland by foreign firms, i.e. firms that do not have their registered seat or management board in Poland. This tax is paid by the Polish firms when they pay the fee. The question is whether the fee paid by Polish firms that use cloud computing services of foreign providers is subject to withholding tax.

While public tenders for IT systems are a major part of the public tender market in Poland, the drafting of the relevant tender documentation for conducting procedures of this kind continues to be a source of many problems for contracting authorities.

The implementation of the NIS Directive in the Member States led to additional obligations for certain digital service providers, including in areas such as ensuring cybersecurity or incident reporting. After four years, the existing regulations were found to be insufficient, and a proposal for NIS Directive 2 was published, expanding the group of entities concerned and placing new obligations upon them.