Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Chapter: 

II. Surveillance policies

National security, government surveillance and law enforcement

Wiretapping, access to, and interception of communications

A search may generally only be ordered in Poland by a court or by a public prosecutor. All searches require a reasonable suspicion that items which may be used as evidence or seized for another purpose are on the premises. Nevertheless in urgent cases (i.e., when there is a risk that the evidence may be lost or hidden in case of delay) it may be carried out with an order from a chief of a police unit or by showing of a police ID. In these situations, the police ask the court or the public prosecutor for authorisation afterwards. Unfortunately, evidence shows that most searches in Poland are carried out without any earlier application for the order.1

There are two methods of interception of communications in Poland: procedural (ordered in the framework of criminal proceedings) and non-procedural (ordered out of criminal proceedings). The first is regulated in the Code of Criminal Procedure 1997.2 The second is regulated in various acts, such as the Police Act 1990,3 the Central Anticorruption Bureau Act 2006,4 etc. Each act contains a list of crimes in relation to which interception is authorised. Under the Code of Criminal Procedure, there are no precise requirements as to the basis of authorisation. The Police Act allows for interception only if the evidence cannot be gathered by other methods.

The Government of Poland carries out a large number of wiretaps with limited oversight. Under the Code of Criminal Procedure, the use of wiretaps shall be authorised by the court after an appropriate motion by a public prosecutor. The Minister of Justice, in consultation with the Minister appropriate for the communication issues, the Minister of Defence and the Minister appropriate for the internal affairs, shall specify the technical requirements of wiretaps, how it shall be controlled, and how to carry out the wiretap.5 The law specifies for which cases the interception of communications may be authorised. In exceptional cases, a public prosecutor may initiate a wiretap and then apply for authorisation to a court. The Police Act also permits the use of electronic surveillance for the prevention of crime as well as for investigative purposes. Non-procedural wiretapping is authorised by a court on a motion from a relevant agency and consent of the public prosecution service. In urgent cases the agencies may initiate wiretapping without authorisation and then apply to the court.

The government does not usually release statistics on the number of wiretaps applied for and authorised, tending to view this as a state secret. In 1997, reports on the number of wiretaps varied from 2,000 to 4,000.6 The exact number of interceptions is not known, as this information is also deemed secret but it has been claimed recently that the number of interceptions could be as high as 20,000 per year.7

A proposal for amendment of the Code of Criminal Procedure has been introduced to Parliament that ensures more control over information gathered in the course of wiretapping.8 The proposal aims to increase the control of the court and public prosecutor over interception of communications, to oblige the General Prosecutor to keep them informed about the number of interceptions and to strengthen the control of the court over materials obtained by interceptions.

Various proposals have been put forward to expand law enforcement surveillance capabilities over the last few years. In July 2001, amendments to the Police Act gave police increased powers to monitor individuals in public places including through the use of video surveillance. The International Helsinki Committee noted in its 2002 report that these amendments "were dubious in terms of the right to privacy."9 Creation of new agencies for combating crime and vesting in them the power to carry out interception remains an issue. One of the most controversial is Central Anticorruption Bureau (Centralne Biuro Antykorupcyjne or CBA) which was created in 200610 to fight corruption in both public and private sectors. It is argued that the Bureau obtained authorisations for some interceptions illegally and was used for a "political fight".11

Poland has given priority to the fight against organised crime. The Police Act was amended in August 2001 to give the police more operational powers (authorisation to check bank and insurance accounts of suspects). Considerable efforts have been made to equip police with the latest technological tools (a central automated system for identifying fingerprints has been extended to regional and local levels).12

The Police Act13 has been amended by the Telecommunications Act. The amendments focus on disclosing and processing of caller ID by the Police, and also concern network terminals and/or telecom devices used in the connection, data generated during the connection or attempts to connect to particular telecom devices or network terminals, and circumstances and type of connection. Currently they may be disclosed to and processed by the Police only in order to prevent or detect a crime. This data may be disclosed at a written request by the Police Commander in Chief and/or a Regional Commander, or at an oral request of a policeman having a written authorisation of the above-mentioned authorities. Telecom operators shall disclose to the policemen the data mentioned in the request of an appropriate Police unit. Materials obtained by the Police which contain information relevant to the criminal proceedings are transferred to the office of the prosecutor. Materials obtained by the Police which do not contain information significant to criminal proceedings shall be immediately destroyed by a specially formed committee, which shall also provide officially recorded evidence of the destruction. Data shall be disclosed to the Police at the cost of the telecommunications operator. Despite the opinions of the Police and state security services, operators are not obliged to register (identify) pre-paid users.

In April 2004 the Constitutional Tribunal (Trybunal Konstytucyjny - TK) found an act unconstitutional regarding the Internal Security and Intelligence Agencies which allowed officers to observe and record events in public places. Public groups had opposed the act on numerous grounds, including that it violated the right to privacy.14

Of equal importance is a judgment of the Constitutional Tribunal from December 200515 where some of the provisions of the Police Act concerning interception of communications were found unconstitutional. One such provision was the possibility of interception without a court order when one of the parties to the communication consented. The Tribunal ruled that consent of one party did not justify interference with the privacy of the other party, and therefore in such situations a court authorisation was still required.

National security legislation

No specific information has been provided under this section.

Data retention

Mandatory retention of telecommunication traffic and location data specifically for the purposes of the law enforcement and national security agencies has been required in Poland since 2003. Both the regulation of the Ministry of Infrastructure of 200316 and the Law on Telecommunication of 200417 provided for a 12-month retention period for  "transmission and location data".

In December 2005 an amendment to the Law on Telecommunication introduced mandatory telephony data retention for two years, after which time the service provider has the choice of either destroying or anonymising the data. The original draft called for a 15-year retention period, and local investigators stated that they were unable to effectively prosecute corruption without telephony billing data from the last four years. This prompted criticism from NGO ISOC Poland as well as the Inspector General for the Protection of Personal Data. A retention period of 15 years is clearly out of step with the EU Data Protection Directive adopted in 2006, which calls for retention periods of between six months and two years.18

The Government's legislative proposals to extend the retention period over two years in order to increase efficiency in combating crime and terrorism were rejected by the parliamentary commission as not compatible with the Directive 2006/24/EC.19

The Directive has been transposed into the Polish legal system in 2009 in two steps. In April 2009 the obligation of telephone data retention was imposed on telecommunication operators and service providers pursuant to the amended Law on Telecommunication of 2004.20 Requirements for the retention of "communications data relating to Internet access, Internet telephony and Internet email" were postponed until 15 March 2009.21 Even so, respective regulations of the Minister of Infrastructure covering, inter alia, retention of Internet data were enacted on 28 December 2009.22

The retention period is equal for both telephone and Internet traffic data and amounts to 24 months from the date of the communication. After this time, a telecom operator or provider is required to destroy transmission data unless otherwise provided by the law. Clauses included in Article 180(a) of the Telecommunications Act imply an undetermined period of storage of traffic data.

Access to retained data is restricted to the Police, national security agencies, and judicial authorities.23 All authorities have the right to access traffic, subscriber and localisation data in the case of any crime, however trivial. There is no legal threshold for seriousness of a crime or independent oversight of the disclosure of data by telecom providers to the applicants. These flaws of the legal data retention program may account for a recently disclosed scandal in Poland concerning surveillance of ten journalists by the secret services, who allegedly used traffic and location data from the journalist's mobile phones starting in 2005 and continuing through 2007 in order to reveal their informants in politically motivated investigations.24 Costs for the retention, storage, retrieval and security of this data are borne by telecom operators and providers.

National databases for law enforcement and security purposes

An exact number and profile of the databases storing personal information set up and run by the law enforcement and public security agencies is not known. Legal restraints stemming from official secrecy regulations make it difficult to find comprehensive and up to date information on the subject. For the same reason, exercise of the right of inspection the data is subject to serious restrictions which apply both to the Inspector General and the data subjects.

As a rule, criminal intelligence data shall be kept confidential, so its controllers are exempt from the obligation to register data filing systems that it contains (Article 43.1.1a of the LPPD). The Inspector General is entitled neither to have access nor to inspect the data filing systems held by the Internal Security Agency, Foreign Intelligence Agency, Central Anticorruption Bureau and Military Information Services (Article 43 section 2). Data subject’s right of access is denied in this case as well.

Police databases are more open for inspection, however not to the extent proposed by the Council of Europe (CoE) recommendation.25 The Law of`6 July 2001 on gathering, processing, and transfer of criminal information26 (LCI) specifies in detail what is criminal information, who is empowered to process it and by what means. This legislation does not provide a balance between the law enforcement and the data subject's interests, and it contains a number of exceptions to data protection regulations in the interests of law enforcement authorities (Article 18(2) of the LCI). The data subject is entitled to obtain "extensive information" about the data filing system (e.g., its purpose, scope, and controller) used by the Police, but not about his or her own data that is processed by the Police. The mere fact that such processing takes place shall remain secret for the individual concerned. As Article 2 of the LCI states, "collection, processing and transfer of criminal information according to the rules specified in the present law shall take place without the knowledge of the data subjects". Nevertheless, the right to rectification of data is recognised under the LCI, so one may speculate as how to exercise this right in such circumstances. A role of the Inspector General is very limited in this context. According to Article 18(1) of the LCI the Inspector is empowered to exercise control over the gathering and processing of criminal information. As a supervisory authority, he/she is, however, unable to act as an appeal instance and control whether a refusal of the data controller to disclose one's own records is legitimate or not.

The Law of 9 June 2006 on the Central Anticorruption Bureau (CBA) restricted the powers of the Inspector General. Simultaneously it also granted the CBA officers almost unlimited access to the citizens' personal data held in public sector databases. Article 22 of the CBA law, which inter alia allows for collection and processing of sensitive data (Article 27 of the LPPD), requires a written authorisation from the head of the Bureau to access a database in another state agency. The administrator of the database is obliged to provide CBA agents access to data which falls within the scope of the authorisation. On 24 September 2006 Prime Minister Jaroslaw Kaczynski issued a decree allowing the CBA to access the public sector databases online.27 This regulation provided direct access to data  through the database administrator, making individual requests for disclosure of specific data unnecessary. On 3 October 2007 the daily Gazeta Wyborcza wrote on its front page about an agreement made as a result of this decree granting the CBA direct access to data on 25 million citizens gathered by the public Social Insurance Company (ZakÅ‚ad UbezpieczeÅ„ SpoÅ‚ecznych)[]).28 On 9 November 2007 a group of deputies representing the Democratic Left Alliance party (Sojusz Lewicy Demokratycznej) applied to the Constitutional Tribunal with a motion to consider non-conformity to the Constitution of both the Law of 9 June 2006 on the Central Anticorruption Bureau and the  regulations enacted by the Decree of 27 September 2006.

In a judgment dated 23 June 2009 the Constitutional Tribunal found several provisions of the CBA law unconstitutional. Article 22 was found unconstitutional insofar as it allows the CBA to collect and process sensitive data and use this information, acquired without the knowledge and consent of persons concerned, in conditions precluding any control over processing of such data. A reference was made in this context to an infringement of the right to privacy as stipulated by the Polish Constitution (Articles 47 and 51) the European Convention on Human Rights (Article 8) and the CoE Convention No. 108 (Articles 5-7). Additionally, the Prime Minister's Decree of 27 September 2006 was found unconstitutional as an infringement of Article 51(5) of the Constitution which provides for exclusively statutory regulation of procedural issues in data protection.29

National and international data disclosure agreements

No specific information has been provided under this section.

Cybercrime

Cybercrime legislation is developing quickly in Poland. It originated with the Penal Code of 1997 which criminalised most computer-related infringements, composing “a minimum list” of the 1989 Council of Europe recommendation.30 The list of computer offences has expanded in size subsequent to  the 2004 amendment of the Penal Code.31 This legal change was related to Poland’s entrance into the European Union and was aimed at harmonisation of Polish criminal legislation with the Council of Europe Convention on Cybercrime (CoC). Three new offences against confidentiality, integrity, and availability of computer data and systems were introduced to Chapter 33 of the Penal Code ("Offences against the Protection of Information").32 Additionally, the possession of child pornography was prohibited (Article 202).

The change to criminal law concerning cybercrime of 2008 was aimed at implementation of regulations contained in two EU Framework Decisions.3334 This goal was accomplished in the case of criminalisation of "hacking"(Article 267(2)) and so-called "virtual child pornography" (Article 202(5)) in the Penal Code. A newly established provision of “hacking” (Article 267(2)) implements literally Article 2 of the 2005 Framework Decision and penalises anyone who obtains access to the whole or any part of an information system without authorisation. An official explanation for this legislative change stressed the usefulness of being able to punish "pure access" as a legal weapon against distributors of spyware and other malicious software used for taking control of infected computers.35

The most recent contribution to cybercrime regulations comes from 2009 and consists of the so-called grooming offence (Article 200(a)), recommended by the CoE Convention of Lanzarote,36 and two penal provisions introduced to the Penal Code in response to high profile Internet-related incidents. In Article 191(a) the wilful "dissemination of pictures of a naked person or person in a course of sexual activity, without consent of the person concerned" has been criminalised. In Article 200(b) a controversial prohibition of "public promotion or approval of paedophile's behaviours" was placed.

The Council of Europe Convention on Cybercrime has not yet been ratified by Poland despite the many steps taken to implement its provisions. The ratification procedure commenced by the Ministry of Justice in May 2008 but is still pending due to implementation problems. According to a memorandum obtained from the Department of International Cooperation and European Law of the Ministry of Justice, the only inconsistency concerns regulations regarding child pornography.37 Article 202 (4a) of the Penal Code sets a lower age limit for protection against pornographic exploitation than is required (as a minimum) under Article 9(3) of the Convention. There are however other, more significant gaps in the domestic law of Poland vis-Ã -vis the CoC.38

Critical infrastructure

The concept of "critical infrastructure" emerged in Poland in the aftermath of 11 September 2001. A legal definition of this notion is included in Article 3 of the Law of Crisis Management of 2007.39 This law also provides delegation for the establishment of the Government Centre for Security, the main government entity responsible for planning protection of national security against terrorism and other threats. The Government Centre for Security was established in 2008 pursuant to regulation enacted by the Prime Minister.40 More information on the Centre's activity is available at its web page.41

Territorial privacy

Video surveillance

Under the Police Act, the Police may use video surveillance and audio recording in public places, when performing secret investigations, and in the course of protection of public order. Police may also use video surveillance during covert operations. Video surveillance is also used by municipalities and private persons, however there is no regulation concerning this kind of surveillance. There is debate over the use of CCTV by private persons and entities, especially in supermarkets, as some owners placed cameras in locations which enabled them to monitor persons in changing rooms.

Location privacy (GPS, mobile phones, location based services, etc.)

Location data is protected by Article 159 of the Telecommunications Act 2004. It may be revealed only in situations listed in the Law. Data processing is allowed under the condition that consent is obtained from the subject or the data is anonymised. Consent may be withdrawn. Location data must be presented to relevant authorities upon request.42

Travel privacy (travel identification documents, biometrics, etc.) and border surveillance

Travel privacy is protected by the LPPD. The use of biometrics in travel documents was regulated by the Passport Documents Act 2006.43 According to the Act, documents may contain biometrics data related to the face and fingerprints. Far reaching regulations on transborder exchange of biometrics data are contained in the Prüm Treaty 2005 and related EU documents which have yet to be implemented in Poland.

National ID and smart cards

Controversy still surrounds the expanded national identification (ID) system. The Electronic Census System (Powszechny Elektroniczny System Ewidencji Ludności or PESEL), which has been in operation since the mid-1970s, is the biggest collection of personal data in Poland. Every identity card contains a PESEL number, which is a confirmation of the owner's date of birth and sex. The system is fully computerised. The Government began issuing new ID cards in January 2001. In August 2006, the PESEL II Steering Committee was formed to develop a two-stage identification card which includes biometric data storage. At the end of 2009, Prime Minister Tusk announced that biometric ID will be included as of 2011.44

Physicians in Poland have protested against the latest use of the PESEL number in a new law requiring that all prescriptions must include the PESEL number of the patient in order to qualify for reimbursement. A new prescription will not be honoured by pharmacies unless the physician physically writes a PESEL number on it.45

RFID tags

There are no specific regulations for RFID tags. The individual is protected by general data protection and privacy regulations.

Bodily privacy

The Constitution protects bodily privacy from the perspective of protection of private life (Article 47) and inviolability of the person (Article 41(1)). Situations in which the government may interfere with bodily privacy are listed inter alia in the Code of Criminal Procedure. It allows for taking of blood, swabs, hair, etc. for investigative purposes (Article 74). These regulations are generally fragmentary and do not fully comply with the requirements of the Constitution and the European Convention on Human Rights. Many authors argue there is no express legal basis for compulsory examinations.46

Interference with bodily privacy may also take place with regards to prisoners and47 persons suspected of having infectious diseases.48

Footnotes

  • 1. SeeZ. Uniszewski, Przeszukanie. Problematyka kryminalistyczna (Search. Forensic problems) 407 (Warszawa 2000).
  • 2. Journal of Laws No. 89 item 555.
  • 3. Journal of Laws No. 30 item 179.
  • 4. Journal of Laws No. 104 item 708.
  • 5. The Regulation of 24 June 2003 by the Ministry of Justice.
  • 6. Some Remarks on Human Rights Protection in Poland (in connection with the fourth periodic report of Republic of Poland on implementation of the International Covenant on Civil and Political Rights), Helsinki Foundation for Human Rights,
  • 7. W. Czuchnowski, "Rosnie liczba podsÅ‚uchów w Polsce" ("The Number of Interceptions in Poland is Rising"), Gazeta.pl, at http://wiadomosci.gazeta.pl/Wiadomosci/1,80273,3216546.html.
  • 8. RzÄ…dowy projekt ustawy o zmianie ustawy – Kodeks postÄ™powania karnego oraz niektórych innych ustaw (The Government Proposal for Amendment of the Code of Criminal Procedure and some other Acts of Parliament), at http://orka.sejm.gov.pl/proc6.nsf/opisy/2915.htm..
  • 9. International Helsinki Federation for Human Rights, "Human Rights in the OSCE Region: The Balkans, the Caucasus, Europe, Central Asia and North America," Report 2002 (events 2001), available at http://web.archive.org/web/20030210183203/http://www.ihf-hr.org/reports/....
  • 10. Central Anticorruption Bureau Act of 9 June 2006, Journal of Laws No. 104 item 708.
  • 11. See B. Wróblewski, "Sztuczki podsÅ‚uchowe CBA"("CBA Interception Tricks"), Gazeta.pl, at http://wyborcza.pl/1,75478,7657168,Sztuczki_podsluchowe_CBA.html.
  • 12. "Poland Adoption of the Community Acquis," Summary of the Legislation available at http://web.archive.org/web/20100908131827/http://europa.eu/legislation_s... (last updated 10 August 2005).
  • 13. The Police Act of 6 April 1990, Journal of Laws of 2007 No. 43 item 277 (consolidated text).
  • 14. "Court Says Parts of Secret Services Law Unconstitutional," BBC Worldwide Monitoring, 20 April 2004 (source Polish Radio 1, Warsaw, 20 April 2004).
  • 15. Judgment of 12 December 2005, K 32/04, OTK ZU nr 11/A/2005.
  • 16. RozporzÄ…dzenie Ministra Infrastruktury z dnia 28 stycznia 2003 r. w sprawie wykonywania przez operatorów zadaÅ„ na rzecz obronnoÅ›ci, bezpieczeÅ„stwa paÅ„stwa oraz bezpieczeÅ„stwa i porzÄ…dku publicznego, Dz. U. Nr 19, poz. 166, zob. (Regulation of the Ministry of Infrastructure of 28 January 2003 on the Performance by Telecommunication Operators Tasks Related to National Defence, State Security, Safety and Public Order, Journal of Laws No. 19, item 166), available in Polish at http://www.abc.com.pl/serwis/du/2003/0166.htm.
  • 17. The Law of 16 July 2004 on Telecommunication, Journal of Laws of 2004 No. 171 item 1800.
  • 18. Ninth Annual Report of the Article 29 Working Party on Data Protection, June 2006, available at http://ec.europa.eu/justice/policies/privacy/workinggroup/annual_reports....
  • 19. Commission minutes of 19 July 2006, in Polish at http://orka.sejm.gov.pl/Biuletyn.nsf/wgskrnr5/INF-63.
  • 20. Ustawa z dnia 24 kwietnia 2009 r. o zmianie ustawy – Prawo telekomunikacyjne oraz niektórych innych ustaw, Dz. U. 2009.85.716.
  • 21. Poland, like most of the EU member states, chose to take advantage of Article 15 (3) of the Directive in this respect.
  • 22. RozporzÄ…dzenie Ministra Infrastruktury z dnia 28 grudnia 2009 r. w sprawie szczegółowego wykazu danych oraz rodzajów operatorów publicznej sieci telekomunikacyjnej lub dostawców publicznie dostÄ™pnych usÅ‚ug telekomunikacyjnych obowiÄ…zanych do ich zatrzymywania i przechowywania, Dz. U. Nr 226. poz.1828. (Regulation of the Minister of Infrastructure of 28 December 2009 on a Detailed Specification of Data and Types of Operators of Public Telecommunications Networks or Providers of Publicly Available Telecommunications Services Obliged for Its Retention and Storage, Journal of Laws of 2009 No. 226 item 1828).The Regulation went into force on 1 January 2010.
  • 23. A list of competent authorities includes: the Police, Military Police, Military Counter-Intelligence Service, Fiscal Intelligence, Border Guard, Internal Security Agency, and Central Anticorruption Bureau. Courts and prosecutors are also authorised to get access to traffic, location and subscriber data.
  • 24. "Journalists' Phones Monitored in Politically Inspired investigation?," Thenews.pl, 8 October 2010, athttp://www.thenews.pl/national/artykul141157_journalists-phones-monitore... .
  • 25. Recommendation No. R (87) 15 of the Committee of Ministers to member states of the Council of Europe regulating the use of personal data in the police sector.
  • 26. Law of 6 July 2001on gathering, processing, and transfer of criminal information. Unified text available in the Journal of Laws of 2010 No. 29 item 153.
  • 27. RozporzÄ…dzenie Prezesa Rady Ministrów z dnia 27 wrzeÅ›nia 2006 r. w sprawie zakresu, warunków i trybu przekazywania Centralnemu Biuru Antykorupcyjnemu informacji przez organy, sÅ‚użby i instytucje paÅ„stwowe, Dz. U. Nr 177, poz. 1310 (Decree of the Prime Minister of 27 September 2006 on the Scope, Requirements and Procedure of Transfer of Information to the Central Anticorruption Bureau by the State Agencies, Services and Institutions, Journal of Laws 2006 No. 177 item 1310).
  • 28. Konrad Niklewicz, Ewa Siedlecka, "CBA wchodzi do bazy ZUS," Gazeta Wyborcza, 03 October 2007, at http://wyborcza.pl/1,76842,4545758.html ;"CBA to Be Given Access to Detailed Information on 25 mln Poles," The Warsaw Voice, 6 October 2007, at http://www.warsawvoice.pl/WVpage/pages/article.php/4957/news.
  • 29. Number of the judgment: sygn K 54/07, available in Polish at http://www.trybunal.gov.pl/OTK/otk.htm.
  • 30. Computer-Related Crime. Recommendation No.R (89) on computer-related crime and final report of the European Committee, Strasbourg 1990.
  • 31. The Penal Code Amendment of 18 March 2004, Journal of Laws 2004 No. 69 item 626.
  • 32. These were: "system interference" (Article 269(a)), "misuse of devices" (Article 269(b)), and "data interference" (Article 268(a)).
  • 33. Council Framework Decision 2004/68/JHA on combating the sexual exploitation of children and child pornography, OJ L 13/44, 2004;

    Council Framework Decision 2005/222/JHA on attacks against information systems, OJ L 69/67, 2005.

  • 34. The Penal Code Amendment of 24 October 2008, Journal of Laws 2008 No. 214 item 1344.
  • 35. Reasoning of the draft amendment of the Penal Code of 28 October 2008.
  • 36. Council of Europe Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse. Lanzarote, 25 October 2007, available at http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=201&CM=8&D....
  • 37. Ministerstwo SprawiedliwoÅ›ci, Departament Współpracy MiÄ™dzynarodowej i Prawa Europejskiego, Notatka w sprawie zgodnoÅ›ci prawa polskiego z KonwencjÄ… Rady Europy o CyberprzestÄ™pczoÅ›ci z dnia 12 sierpnia 2009 r., DWM V 025-5/08 (Memorandum of the Department of International Cooperation and European Law of the Ministry of Justice on the Consistency of Polish Law with the Council of Europe Convention on Cybercrime).
  • 38. Andrzej Adamski, Cybercrime Legislation in Poland, in Biruta Lewaszkiewicz-Petrykowska (ed.), Polish Reports on the XVIIIth International Congress of Comparative Law, Washington D.C., 25 July-1 August, 2010, (Łódź University Publisher 2010).
  • 39. Ustawa z dnia 26 kwietnia 2007 r. o zarzÄ…dzaniu kryzysowym, Dz.U.2007, Nr 89, poz. 590 ze zm. (Law on Crisis Management, Journal of Laws No. 89 item 590, with amendments).
  • 40. RozporzÄ…dzenie Prezesa Rady Ministrów z dnia 10 lipca 2008 r. w sprawie organizacji i trybu dziaÅ‚ania RzÄ…dowego Centrum BezpieczeÅ„stwa, Dz.U. 2008, Nr 128, poz. 821 (Regulation of the Prime Minister of 10 July 2008 on the Organisation of and Operating Mode of the Government Centre for Security, Journal of Laws 2008 No. 128 item 821).
  • 41. RzÄ…dowe Centrum BezpieczeÅ„stwa (the Government Centre for Security), at http://rcb.gov.pl/.
  • 42. Article 166 of Telecommunications Act 2004, supra.
  • 43. Journal of Laws No. 143 item 1027.
  • 44. "Tusk: nowe dowody biometryczne za rok" ("Tusk: New Biometric ID in One Year), RMF 24, 30 December 2009, available at http://www.rmf24.pl/fakty/polska/news-tusk-nowe-dowody-biometryczne-za-r....
  • 45. Centrum Medyczne, Current Issues, 20 June 2007, available at http://www.enel.pl/en/onas/aktualnosc.asp?id=65.
  • 46. See Arkadiusz Lach, Granice badaÅ„ oskarżonego w celach dowodowych (The Limits of the Investigative Tests of the Accused for Evidential Purposes) 170 and authors quoted (Torun 2010).
  • 47. Article 118 of the Criminal Executive Code 1997.
  • 48. Article 27 of the Infectious Diseas and Infections Act 2001.