Poland has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Poland has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Poland has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In Poland, the EU Directive was transposed into domestic law through the amendment of the Broadcasting Act of August 2021 (Act of 11 August 2021 amending the Broadcasting Act and the Cinematography Act). According to Art. 47f of the Act, on-demand audiovisual media service providers must reserve at least 30% of their catalogue for European programmes, including those originally produced in Polish, and ensure they are appropriately visible in their catalogues. This percentage is calculated based on the total number of programmes available in the catalogue for each quarter, with a single season of a series counted as one programme.
Additionally, under Art. 19.6 of the Act of 30 June 2005 on Cinematography (as amended by Act of 11 August 2021 amending the Broadcasting Act and the Cinematography Act), on-demand audiovisual media service providers must pay the Polish Film Institute 1.5% of their revenue from either access fees or income from commercial communications, whichever is higher. For providers based in other EU Member States, the payment is based on revenue earned in Poland. This obligation excludes micro-entrepreneurs and providers with a user base below 1% of broadband subscribers in the previous year. Digital platform operators are also subject to a 1.5% levy on fees for access to broadcasted or rebroadcasted television channels.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. Poland implemented the GDPR in 2018 through the Act of 10 May 2018 on the Protection of Personal Data.

Under the EU Directive on Data Retention, operators were required to retain certain categories of traffic and location data (excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid. However, not all national laws that implemented the Directive have been overturned.
Under Art. 47 of the Electronic Communications Law, telecommunications providers are obliged to store certain types of user data for 12 months, including user identity, date and time and the type of connection.

Under Art. 43 of the Electronic Communications Law, telecommunications providers must grant access to stored data to "authorised entities" including police and secret services without a court order.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The Civil Code and the Act on Providing Services by Electronic Means transpose Directive 2000/31/EC. Chapter 3 of the Act, as amended in November 2024, sets out liability exemptions for intermediary service providers. Under Arts. 12–14, providers acting as “mere conduits” for data transmission are not liable for the content they carry if they do not initiate the transmission, choose the recipient, or alter the information. Similar exemptions apply to those performing temporary caching to improve efficiency, as long as they do not modify the data and remove or block access once they become aware of its removal by the source or receive an official order. Hosting providers are also exempt from liability when unaware of unlawful content and must act swiftly to remove it once notified, while informing the user if removal is based on “reliable knowledge.”
In addition, Art. 422 of the Civil Code, are interpreted in a way that shields service providers from liability for user content and behaviour.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The Civil Code and the Act on Providing Services by Electronic Means transpose Directive 2000/31/EC. Chapter 3 of the Act, as amended in November 2024, sets out liability exemptions for intermediary service providers. Under Arts. 12–14, providers acting as “mere conduits” for data transmission are not liable for the content they carry if they do not initiate the transmission, choose the recipient, or alter the information. Similar exemptions apply to those performing temporary caching to improve efficiency, as long as they do not modify the data and remove or block access once they become aware of its removal by the source or receive an official order. Hosting providers are also exempt from liability when unaware of unlawful content and must act swiftly to remove it once notified, while informing the user if removal is based on “reliable knowledge.”
In addition, Art. 422 of the Civil Code, are interpreted in a way that shields service providers from liability for user content and behaviour.

Poland maintains an identity verification requirement for SIM card registration, first introduced by the Act of 10 June 2016 on Anti-terrorism Measures (Dz.U. 2016 poz. 904). Under Art. 43 of that Act, which amended the Act of 16 July 2004 on Telecommunications Law, a new Art. 60b was inserted, requiring individuals purchasing prepaid SIM cards to provide identifying information to the telecommunications provider, typically a national identity card for Polish citizens or a passport for foreign nationals, in order to activate the service. Although the Telecommunications Law has since been repealed and replaced by the Electronic Communications Law (Prawo komunikacji elektronicznej, Dz.U. 2024 poz. 1221), the identity requirement remains in force under Art. 296 of the new law.

Art. 17 of Directive 2019/790 on Copyright in the Digital Single Market (DSM Directive) mandates that providers of content-sharing services seek authorisation from rights holders and implement technical solutions to remove and prevent unauthorised uploads by their users (so-called upload filters), under penalty of losing their liability safe harbour. Further arrangements are envisaged for complaints and dispute resolution mechanisms. Such upload filters are reported to be a significant cost for online platforms. Graduated exemptions are expected to be put in place for new providers active in the EU for less than three years with a turnover under EUR 10 million, and with fewer than five million users. The provision is subject to a challenge in the Court of Justice by Poland (C-401/19).
To implement Directive 2019/790 on Copyright in the Digital Single Market, the government adopted the Act of 26 July 2024 Amending the Act on Copyright and Related Rights, the Act on the Protection of Databases and the Act on Collective Management of Copyright and Related Rights, therefore making online content-sharing service providers partially liable for copyright violations on their platforms.

Poland and the European Union have adopted the World Intellectual Property Organization (WIPO) Copyright Treaty. Poland acceded to the Treaty on 23 December 2003, with its provisions coming into force on 23 March 2004. Subsequently, the European Union ratified the Treaty on 14 December 2009, and it entered into effect on 14 March 2010.

Poland and the European Union have adopted the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty. Poland acceded to the Treaty on 21 July 2003, with its provisions coming into force on 21 October 2003. Subsequently, the European Union ratified the Treaty on 14 December 2009, and it entered into effect on 14 March 2010.

The Directive 2016/943 on the protection of undisclosed know-how and business information (trade secrets) is key in harmonising national laws concerning trade secrets. Poland transposed the Directive with the Act of 5 July 2018, amending the Unfair Competition Act and certain other acts in 2018.

It is reported that passive sharing is mandated in Poland, and it is practised in the mobile and fixed sectors based on commercial agreements. In addition, Directive 2014/61/EU (Art. 3.2) establishes that Member States shall ensure that, upon written request of an undertaking providing or authorised to provide public communications networks, any network operator must meet all reasonable requests for access to its physical infrastructure under fair and reasonable terms and conditions, including price, with a view to deploying elements of high-speed electronic communications networks. Such written request shall specify the elements of the project for which the access is requested, including a specific time frame.