Jan Nowak, previously a general manager at the DPA’s office and a long-term member of PiS, the ruling party, will become the new chair of the Polish Data Protection Authority. The nomination raised controversy as to whether Jan Nowak meets the legal requirements for this position.

The report looks at what happens at the interface of Internet service providers and public authorities in Poland. Who sends requests for users data, how many and for what purpose, what legal procedures are followed and what safeguards apply. During our research we analysed legal provisions and collected data from both major Internet service providers and public authorities. On that basis we were able to identify several systemic problems that should be solved in order to ensure adequate standard of protection for individuals.

Access of the law enforcement agencies and secret services upon more or less formal warrants and request do not cover the whole problem of the online surveillance. More and more date is available out there without any warrants – just to read, take and process. It is the situation, when the data that we all publish online, with more or less awareness of the consequences, is used by authorities mention above for whatever purposes. How purpose limitation could possibly be used to limit open source surveillance? To what extent privacy settings that by default enable or enhance making data public help in conducting this type of surveillance? How open source surveillance might influence individual?