Access to data of users who violate copyright should be restricted
The provisions of the Telecommunications Law need to be amended so that, when prosecuting breaches of copyright law, information on other aspects of a person's life is not collected in terms of law enforcement access to data covered by telecommunications secrecy. These are the consequences of the CJEU judgment in case C-470/21 - the President of the Polish SA responds to a question from the Minister for the European Union in the Prime Minister's Office, Adam Szłapka.
The CJEU judgment of 30 April 2024 in Case C-470/21 La Quadrature du Net concerns the issue of how copyright protection authorities can access the identification data of online copyright infringers.
The CJEU has indicated that access to such data is possible. However, this data must be stored in such a way that it is not possible to draw precise conclusions about the private life of specific individuals. The point is that it should not be possible to link an identifier such as an IP address with other information (e.g. credit card payments). Because this would already allow the creation of a user profile.
In the opinion of the President of the Polish SA, such a clarification should be introduced into Polish law by amending the Telecommunications Law. Today, there is no guarantee that the stored data will serve only to identify the person suspected of committing a criminal act, and it will be impossible ‘that, except in unusual situations, such access could allow precise conclusions to be drawn about the private life of the holders of IP addresses’.
In the context of judicial review, the President of the Polish SA also recalls the recent judgment of the European Court of Human Rights of 28 May 2024 in the case Pietrzak, Bychawska-Siniarska and Others v. Poland (application nos. 72038/17 and 25237/18).
The case concerned Polish legislation allowing the services to collect information on citizens under the pretext of combating crime and threats to public security. The ECHR found three breaches of Article 8 of the European Convention on Human Rights - the right to respect for private life, family life and correspondence - as a result of the lack of real control over the conduct of operational surveillance as part of operational and exploratory activities and the overly broadly worded conditions allowing such surveillance to take place, with regard to complaints concerning, inter alia, the retention of communication data for potential use by the competent authorities or national authorities.
