Digital content and IP issues

Required notices

Are websites and any other digital content required to display certain legal notices or other information in your jurisdiction?

The scope of information that must be displayed to users of digital content is governed by:

  • the Act on Providing Electronic Services;
  • the EU General Data Protection Regulation (GDPR); and
  • the Telecommunications Law.

In practice, websites use terms and conditions and a privacy policy to comply with these requirements. 

Terms and conditions should describe the types and scope of services provided, technical conditions, a prohibition on posting illegal content, conditions for concluding and terminating contracts and claims handling terms. Usually choice of law and choice of court clauses are included. Information that must be provided in a privacy policy revolves around the identity of the ‘service provider’, use of data provided by the website user and information regarding cookies. The scope of the required information may change soon due to the forthcoming EU e-Privacy Regulation.

Based on the Telecommunications Law, as of July 2018 Polish websites should display cookie use notices and gather consent for use of cookies. Moreover, depending on the way a website uses cookies, a further personal data protection notice may be required based on GDPR and use of cookies may be dependent on separate data protection consent or the legitimate interest of the owner of the site and its partners, depending on interpretation.

Liability for content

What rules govern liability for online or other digital content that is defamatory or infringes another party’s IP rights?

The author of the content is liable for infringements caused by it. The Act on Providing Electronic Services excludes internet providers from liability under mere conduit and caching exceptions. A data hosting provider is by default free from liability until it obtains a credible notice of the unlawful character of particular content. On notification the hosting service provider must block the allegedly infringing content in order to remain free from liability (so-called ‘notice and takedown’). According to a Polish Supreme Court ruling of 30 September 2016 (I CSK 598/15), proactive monitoring of the website content prevents the website owner from relying on the hosting exception, as doing so would potentially make it aware of the infringing content.

The Act on Providing Electronic Services implements the EU E-Commerce Directive (corresponding to the US Digital Millennium Copyright Act).

How can liability be excluded or limited?

The Act on Providing Electronic Services limits the liability of telecommunications service providers, cache service providers and hosting services providers.

Telecommunications service providers

Telecommunications service providers are not liable for the content where they do not:

  • initiate the transmission;
  • choose the recipient of the transmission; or
  • choose or modify information subject to the transmission.

This exclusion also applies to automatic and short-term intermediate storage of transmitted data, if the storage is intended solely for the purpose of carrying out the transmission and the data is not stored for longer than is normally necessary for carrying out the transmission.

Cache service providers

Cache service providers are not liable for the content where they:

  • do not modify the data;
  • use recognised and common IT techniques defining technical parameters of access to the data and its actualisation; and
  • do not interfere with using such IT techniques in the scope of collecting information about the usage of the collected data, provided that the cache service provider immediately deletes or takes down the data after receiving information that the data was deleted from the original source of transmission or was taken down, or that a court or another competent office had ordered the deletion or takedown of the data. 

Hosting services providers

Hosting services providers are not liable for the content where they are not aware of the unlawful character of the content and, after receiving an official or credible notice of such unlawful content or related activities, take the content down immediately.

Which parties can be held liable for defamatory or infringing content? Can contingent liability be extended to internet service providers (ISPs)?

Apart from the parties that originally put the illegal content on the Internet, hosting services providers may be held liable if they should have been aware of the illegal nature of the content and have not taken appropriate action, as they may be considered as intentionally redistributing the infringing content (Krakow Appellate Court judgment of 18 September 2017, I ACa 1494/15; the judgement relates to, a web service known for allowing the exchange of illegal content).

In Poland liability for illegal content cannot be extended to an internet service provider.

Content takedowns

What rules and procedures govern content takedowns? Can ISPs remove defamatory or infringing content without permission?

Content takedowns are regulated by the Act on Providing Electronic Services. An ISP does not need to take any action (there is no three-strikes rule in Poland), while a hosting service provider may decide to take down questionable content to avoid liability. According to the act, the hosting provider should take down the defamatory or infringing content upon receiving an official or credible notice of the unlawful character of the content or related activities in order to avoid liability for the content.

No permission is needed for a takedown based on credible information. However, the hosting provider should give the author of the content prior notice of the forthcoming takedown in order to avoid liability for damages incurred by the author as a result of the takedown.

There are no detailed rules regarding the notice-and-takedown mechanism. Legislative work on developing a detailed procedure has been underway for six years, with little results.

Domain names

What rules, restrictions and procedures govern the licensing of domain names?

The licensing of domain names is based on a civil law agreement between the registrant and NASK, the registrar for top-level ‘.pl’ domains.

The usual rules governing trademarks apply, limiting room for cybersquatting.

How are domain name disputes resolved in your jurisdiction?

Domain name disputes are resolved by arbitration courts if a registrant is a business or by civil courts if a domain is not related to a business activity.

Business domain disputes are usually decided by the Arbitration Court at the Polish Information and Telecommunications Chamber or by the Arbitration Court at the Polish Chamber of Commerce. Disputes in which one of the parties is a consumer are usually decided by a civil court.

Decisions of arbitration courts and civil courts should rely on general rules of intellectual property, including unfair competition and trademarks. The listed arbitrators are lawyers specialising in IP and IT law in Poland.

What special measures and safeguards should rights holders consider in protecting their online/digital content?

A rights holder publishing its digital content should state applicable conditions of use and redistribution (eg, a licence). However, digital rights management is not widespread. Electronic copies may be watermarked or otherwise marked with a purchaser’s name. Where infringing content is identified, a cease and desist letter may be addressed to the infringer. A rights holder may also apply to a court for an interim measure (eg, a prohibitory injunction) prior to filing a statement of claim. Such interim measure proceedings are usually held ex parte (ie, without the knowledge and participation of the alleged infringer). A rights holder may also seek help from the police or prosecutors, as IP rights violations usually constitute a crime.

Where infringement has been discovered, it is sensible to visit a notary public to obtain a notarial protocol confirming the existence and details of the infringement at that specific time (based on print-outs or screenshots from infringing websites). The courts in Poland may not accept private screenshots as valid evidence (as they tend to be formalistic).

Tax issues

Online sales

How are online sales taxed?

The main taxes are as follows:

  • tax on goods and services (value added tax) under the Tax on Goods and Services Act of 11 March 2004;
  • corporate income tax under the Corporate Income Tax Act of 15 February 1992 (if the digital business is conducted by a corporation);
  • personal income tax under the Personal Income Tax Act of 26 July 1991 (if the digital business is conducted by individuals or a partnership of individuals); and
  • civil law transactions tax under the Act of 9 September 2000 on civil law transactions tax for occasional non-business sales.

Other taxes

What other tax liabilities arise in respect of the conduct of digital business in your jurisdiction?

No other taxes are specific to online sales. Business-to-consumer operations must have a cash register (for registering and calculating transactions). Social security obligations apply, but depend on the number of employees and the nature of the relationship (eg, employment, civil law contract, business-to-business or sole proprietorship), rather than the nature of the activity.

Click here to view the full article.