Poland: New act on combating abuse in electronic communication

Hogan Lovells

Hogan Lovells[co-author: Wiktoria Kossakowska-Wojdaszka]

The Polish parliament has recently adopted an act prohibiting smishing and CLI spoofing among other forms of abuse of electronic communication. New regulation came into force on 25 September 2023.

The adoption of the Act on Combating Abuse in Electronic Communication (ustawa o zwalczaniu nadużyć w komunikacji elektronicznej) is a response to an increasing number of scammers employing telecommunication services to attack individuals.

Forms of abuse

The act identifies four forms of abuse: smishing, CLI spoofing, generating artificial traffic and making unauthorized changes of address information. Smishing is a fraudulent practice of sending misleading text messages in order to induce individuals to reveal personal information. CLI spoofing is employed for the same purpose. It occurs when a caller deliberately disguises their identity by transmitting incorrect number to the caller’s ID display. Moreover, the act prohibits generating artificial traffic and making unauthorized changes of address information to, for example, hinder call billing.

Obligations under the act

All entities, whose business activities involve the provision of telecommunication networks or telecommunication services (telecommunication entities) are covered by the new regulations. They are required to counteract telecommunication abuses by blocking text and voice messages that show signs of smishing or CLI spoofing.

Moreover, the act imposes new responsibilities on large e-mail providers, whose services are used by at least 500,000 users. They are obliged to implement specific authentication mechanisms (SPF, DKIM and DMARC authentication mechanisms) in order to limit fraudulent activity.

If the aforementioned requirements are not met, the President of the Office of Electronic Communications (UKE) may impose a fine of up to 3% of company’s revenue generated in the previous calendar year.

Important deadline

The Act came into effect on 25 September 2023. Companies must pay attention to implementation deadlines. The first important deadline lapses on 25 December 2023, until then

mobile operators are required to enroll into the UKE’s list of integrators (providers of publicly available SMS services).

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Hogan Lovells | Attorney Advertising

Written by:

Hogan Lovells

Hogan Lovells on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide