• Login
    • Advanced search
    • Title
    • Channel
    • Module
  • Home
  • Industry
    •  

      • Aerospace, Defense, and Government Services
      • Automotive
      • Consumer
      • Manufacturing and Industrials
      • Education
      • Energy and Natural Resources
      • Financial Institutions
    •  

      • Insurance
      • Life Sciences and Health Care
      • Private Capital
      • Real Estate
      • Sports, Media and Entertainment
      • Technology and Telecoms
      • Transport and Logistics
  • Practice
    • Corporate & Finance

      • Banking and Loan Finance
      • Business Restructuring and Insolvency
      • Capital Markets
      • Corporate Governance and Public Company Representation
      • Digital Assets and Blockchain
      • Infrastructure, Energy, Resources, and Projects
      • Leveraged and Acquisition Finance
      • Mergers and Acquisitions
      • Pensions
      • Private Equity, Venture Capital and Investment Funds
      • Real Estate
      • Real Estate Investment Trusts (REITs)
      • Tax
      • Transfer Pricing
    • Global Regulatory

      • Administrative and Public Law
      • Antitrust and Competition
      • Communications, Internet, and Media
      • Education
      • Energy Regulatory
      • Environment and Natural Resources
      • Financial Services
      • Food Law
      • Gaming Law
      • Government Contracts and Public Procurement
      • Government Relations and Public Affairs
      • Health
      • Immigration
      • International Trade and Investment
      • Medical Device and Technology Regulatory
      • New Nuclear
      • Pharmaceuticals and Biotechnology Regulatory
      • Privacy and Cybersecurity
      • Space and Satellite
      • Strategic Operations, Agreements and Regulation
      • Transportation Regulatory
    • Intellectual Property

      • Copyright
      • Designs
      • Domain Names
      • IP and Technology Transactions
      • IP Enforcement
      • Patents
      • Trade Secrets and Confidential Know-how
      • Trademarks and Brands
      • Unfair Competition
    • Litigation, Arbitration, and Employment

      • Business and Human Rights
      • Construction and Engineering
      • Corporate and Securities Litigation
      • Employment
      • International Arbitration
      • Investigations, White Collar, and Fraud
      • Products Law
      • Risks, Disputes, and Litigation
  • Comparative guides
  • Engage Premium
  • Login
  • Register
Hogan Lovells Engage 5.7.7
      • Title
      • Channel
      • Module
    • Hit ENTER to search in content
    • Advanced search
    • Login
  • Home
  • Industry
    •  

      • Aerospace, Defense, and Government Services
      • Automotive
      • Consumer
      • Manufacturing and Industrials
      • Education
      • Energy and Natural Resources
      • Financial Institutions
    •  

      • Insurance
      • Life Sciences and Health Care
      • Private Capital
      • Real Estate
      • Sports, Media and Entertainment
      • Technology and Telecoms
      • Transport and Logistics
  • Practice
    • Corporate & Finance

      • Banking and Loan Finance
      • Business Restructuring and Insolvency
      • Capital Markets
      • Corporate Governance and Public Company Representation
      • Digital Assets and Blockchain
      • Infrastructure, Energy, Resources, and Projects
      • Leveraged and Acquisition Finance
      • Mergers and Acquisitions
      • Pensions
      • Private Equity, Venture Capital and Investment Funds
      • Real Estate
      • Real Estate Investment Trusts (REITs)
      • Tax
      • Transfer Pricing
    • Global Regulatory

      • Administrative and Public Law
      • Antitrust and Competition
      • Communications, Internet, and Media
      • Education
      • Energy Regulatory
      • Environment and Natural Resources
      • Financial Services
      • Food Law
      • Gaming Law
      • Government Contracts and Public Procurement
      • Government Relations and Public Affairs
      • Health
      • Immigration
      • International Trade and Investment
      • Medical Device and Technology Regulatory
      • New Nuclear
      • Pharmaceuticals and Biotechnology Regulatory
      • Privacy and Cybersecurity
      • Space and Satellite
      • Strategic Operations, Agreements and Regulation
      • Transportation Regulatory
    • Intellectual Property

      • Copyright
      • Designs
      • Domain Names
      • IP and Technology Transactions
      • IP Enforcement
      • Patents
      • Trade Secrets and Confidential Know-how
      • Trademarks and Brands
      • Unfair Competition
    • Litigation, Arbitration, and Employment

      • Business and Human Rights
      • Construction and Engineering
      • Corporate and Securities Litigation
      • Employment
      • International Arbitration
      • Investigations, White Collar, and Fraud
      • Products Law
      • Risks, Disputes, and Litigation
  • Comparative guides
  • Engage Premium
  • Login
  • Register
  1. News
  2. Controversial obligation to store user data to be imposed on electronic communications undertakings

Controversial obligation to store user data to be imposed on electronic communications undertakings

17 January 2023
    • Share by email
    • Share on
    • Twitter
    • LinkedIn
    • Get link
    • Get QR Code
    • Download
    • Print

In accordance to the current version of the proposed draft Electronic Communications Act (the "ECA") which replaces the existing Telecommunications Law and implements EU regulations with respect to Directive 2018/1972 of 11 December, 2018, establishing the “European Electronic Communications Code” (the "Directive"), an obligation will be imposed on electronic communications undertakings to store the data of users  who use their services, and to provide this data to the relevant authorities to the extent specified in the ECA and the regulation issued thereunder. 

Index
  1. Which entities will be subject to this data storage obligation?
    1. The scope and period of the data storage
    2. Incompatibility with EU regulations? 

Which entities will be subject to this data storage obligation?

The data storage obligation (Article 47 of the ECA) will apply to all electronic communications undertakings and to all types of electronic communications services. Therefore, it will cover not only telecommunications undertakings, but also undertakings that provide publicly available interpersonal communication services not using numbers. In this respect, the draft law defines interpersonal communication services as services that allow for the direct interpersonal and interactive exchange of information over a telecommunications network, or between a certain (finite) number of people. Therefore, all entities that offer services such as the use of e-mail (platforms such as Onet.pl, Gmail.com, or Wp.pl), messaging (e.g., Snapchat, Instagram, or LinkedIn), voice calls (e.g., FaceTime, or Telegram), instant messaging (e.g., WhatsApp, or Messenger), among others, will be subject to this obligation. 

The scope and period of the data storage

The data storage obligation covers user data generated by, or processed through, the telecommunications network such as: data identifying the user initiating the communication and the user to whom the communication has been directed (i.e. the name, surname, and IP number), the date and time of the communication, its type, duration, and even, depending on the service provided by the electronic communications undertakings, information concerning the location address of the device from which the communication was initiated, and to which location address it was directed.

The aforementioned data will be required to be stored by the electronic communications undertakings for a period of 12 months and is to be made available to courts, prosecutors, and other authorised entities, according to the rules and in the manner specified in greater detail in the implementing regulations issued on the basis of the ECA.

Incompatibility with EU regulations? 

The draft law, although, by design, aims to implement the solutions to electronic communications which have been specified in the Directive into the Polish system, nevertheless includes a broad catalogue of those undertakings which have been obliged to store data which, by no means, have been specified under the EU regulations. Therefore, the provision of Article 47 of the ECA, in its current wording, has been accused of being incompatible with EU regulations by the Charter of Fundamental Rights of the EU, among others, and with the existing case law of the Court of Justice of the European Union (e.g., CJEU judgment C-511/18 in the case of La Quadrature du Net and Others). In this respect, current jurisprudence allows for the possibility of imposing an obligation on providers of electronic communications services to store specific personal data only in exceptional situations, when:

  • there is a serious threat to national security, such as a terrorist threat;
  • the data storage is strictly necessary, limited in time, and the person whose data has been stored has been provided with adequate safeguards for the protection of his or her personal data; or,
  • the data storage is not systemic, and is subject to effective supervision by a court or independent administrative authority.

The draft Act, however, foresees neither court supervision nor any supervision by an administrative body concerning the storage of data or its transfer, nor does it limit the scope of the individuals whose data is to be stored and transferred to the relevant authorities.  

Given the above, while it seems possible that the draft law will be adopted in its current form, its compliance with EU regulations may be challenged in the future, either in the form of a preliminary question or upon the initiation of proceedings by the European Commission.

 

 

Authored by Ewa Kacperek and Martyna Sieczka.

Contacts
Andrzej Debiec
Head of Tax
Warsaw
Ewa Kacperek
Counsel
Warsaw
Martyna Sieczka
Intern
Warsaw
Index
  1. Which entities will be subject to this data storage obligation?
    1. The scope and period of the data storage
    2. Incompatibility with EU regulations? 
Related Materials
Sanctions Navigator

Sanctions Navigator: Russia Sanctions

Keywords Store, user data, electronic communications data storage, telecommunications, regulations
Languages English
Topics Broadband and Internet, Communications Privacy, Wireless / Mobile, Spectrum and 5G, Telecommunications Carriers
Countries Poland
Delete Comment ?

Are you sure want to delete comment ?

Get link
Embed
Share by email
Get QR Code

Scan this QR Code to share this content

  • Contact us
  • Disclaimer
  • Privacy
  • Cookies
  • Legal Notices
  • Terms of Use

 

This website is operated by Hogan Lovells International LLP, whose registered office is at Atlantic House, Holborn Viaduct, London, EC1A 2FG. For further details of Hogan Lovells International LLP and the international legal practice that comprises Hogan Lovells International LLP, Hogan Lovells US LLP and their affiliated businesses ("Hogan Lovells"), please see our Legal Notices page. © 2022 Hogan Lovells.

Attorney advertising. Prior results do not guarantee a similar outcome.

Thomson Reuters HighQ Logo
© 2023 Hogan Lovells | Privacy Policy | Terms of Service