The Polish parliament has appointed the country's Ministry of Digital Affairs as the sole entity responsible for overseeing Poland's key personal data registers. The law is part of broader efforts by the government to bolster the country's cyber-security policies and allocate its management to the Digitisation Ministry.
“This is due to the increased threats for national IT systems… and the lack of an entity which would coordinate personal data protection at government levels,” states the law which was sponsored by MPs from Poland's ruling Law and Justice (PiS) party.
The MPs also said that further automatisation of the national personal data registers services requires coordination by a single entity, the Digitisation Ministry.
Mirosław Maj, president of the Warsaw-based Cybersecurity Foundation, told SCMagazineUK.com that the latest move is expected to contribute to enhancing Poland's cyber-security. “I can say that personally, I consider the plans related to the taking over of supervision over these systems by the Digitisation Ministry as a positive development. Digitisation minister Anna Streżyńska says that this modification will not only improve the functioning of these systems, but also optimise their financing,” Maj said. “This move is also a positive step from the point of view of cyber-security.”
However, Maj also cautions that centralising such supervision has its own risks. “Minister Streżyńska is perfectly aware of this, but she has also mentioned certain staff and budgetary constraints related to cyber-security. In my opinion, it would be worthwhile to develop precise fields of competences for all stakeholders in Poland. These include the Ministry of Defence and the Digitisation Ministry. Other stakeholders include relevant institutions responsible for prosecuting cyber-crimes, the Ministry of the Interior and Administration and the Government Centre for Security.”
According to Maj, it “would be beneficial if two strong institutions were created to handle civilian and military affairs in this field, such as a National Cyber-security Centre and a new military body.”
Meanwhile, Poland's Digitisation Minister said that the government is aiming to bolster the country's cyber-security policy amid fears of Russian meddling.
"We recently had incidents, and even serious cyber-security threats [in Ukraine] which were probably inspired by Moscow. We don't know whether our networks were infiltrated. And if they were, then how and by whom," Strezynska told local news weekly Wprost in an interview on 14 February.
Local observers confirm that the Polish government is highly concerned that it must ensure that state-run institutions are enabled with enhanced cyber-security capabilities, and note that Russia's intervention in neighbouring Ukraine is a driving force behind these efforts.
“Many Polish decision-makers fear that hybrid warfare could be used against Poland, including a potential cyber-attack,” professor Marek Jablonowski, a political scientist from the University of Warsaw, told SC. “The conflict [in Ukraine] has significantly moved this issue up the political agenda in Poland.”