changes in law - legal aspects of new technologies

The Data Act became applicable on 12 September 2025. What do businesses need to pay attention to under this new EU-wide regulation?

Nature and purpose of the Data Act

The Data Act—Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonised rules on fair access to and use of data and amending Regulation (EU) 2017/2394 and Directive (EU) 2020/1828 (Data Act)—is an EU regulation, and as such applies directly in Poland and all other EU member states. At the national level the Data Act will be supplemented by local regulations, but these will essentially govern only procedural issues (e.g. infringement proceedings), not substantive issues. In other words, substantively the Data Act will govern across the entire EU.

The world pins high hopes on the development of artificial intelligence systems. AI is expected to generate huge economic and social benefits across various aspects of life and sectors of the economy, including the environment, agriculture, healthcare, finances, taxes, mobility, and public administration.

The progressing development of AI systems is forcing the creation of appropriate legal frameworks, which on one hand should facilitate further growth of AI technologies but on the other hand should ensure adequate protection of persons using such systems and raise societal confidence in the operation of AI systems.

On 30 November 2021, the Council of the European Union and the European Parliament reached a provisional agreement on the final wording of a draft Data Governance Act (DGA) (COM/2020/767 final).

The aim of the proposal is to promote the availability of data and to build a trustworthy environment facilitating the use of data (both person and non-personal) for research and creation of innovative new products and services. It is also intended to create a legal framework for easier sharing of data and mechanisms facilitating re-use of certain data held by the public sector, including data involving health, agriculture and the environment.

The Polish regulations directly
referring to blockchain will be joined on 19 September 2020 by the Regulation of the Council of Ministers of
9 March 2020 on Documents Connected with Banking Activities on IT Data
Carriers. It expressly permits banks to store documents connected with
banking activities on blockchain.

Under §5(2) of the new regulation, “A document may be stored in the form of a distributed and decentralised database. The bank shall operate the database in a manner ensuring the security and integrity of the documents contained in the database.” The phrase “distributed and decentralised database” used in this provision refers to blockchain, as is expressly stated in the justification to the draft of the regulation. Moreover, the identical phrase is used in other legal acts to refer to blockchain technology (e.g. in the provisions of the Commercial Companies Code devoted to the ledger of stockholders).

The Regulation of the Council of Ministers of
9 March 2020 on Documents Connected with Banking Activities on IT Data
Carriers enters into force on 19 September 2020. This is a good occasion
to discuss the expanded legal significance of the electronic seal.

The new regulation supersedes the prior executive
regulation under Art. 7 of the Polish Banking Law. The noteworthy features
of the new regulation include the systemic consolidation of the terminology
through introduction of concepts consistent with the EU’s eIDAS Regulation (910/2014)
and a direct reference to distributed ledger technology. (I will address the
treatment of this technology in a separate article.)

It appears that inclusion in the new Polish regulation of terminology consistent with the eIDAS Regulation is more than a mere technicality. A closer analysis of the provisions raises the question of whether the regulation in fact expands the legal significance of the electronic seal.

Does a company or limited partnership have to
have its own website? Does it have to operate the site itself? What information
must be posted there? Practical pointers under the amended Commercial Companies
Code

An amendment to the Commercial Companies Code entered into force at the start of 2020, imposing on joint-stock companies and joint-stock limited partnerships an obligation to operate a website and to post certain information there for stockholders (as we previously reported here).

Although
the new regulation applies to all joint-stock companies, in practice it changes
little for public companies, which were already subject to much more extensive
requirements, and thus we do not discuss public companies further in this
article.

The new regulation should be examined more closely, as it has generated (probably unintentionally) certain doubts as to what the new obligation entails.