• GL
Choose your location?
  • Global Global
  • Australian flag Australia
  • French flag France
  • German flag Germany
  • Irish flag Ireland
  • Italian flag Italy
  • Polish flag Poland
  • Qatar flag Qatar
  • Spanish flag Spain
  • UAE flag UAE
  • UK flag UK

Poland: New potential obligations regarding the protection of minors from harmful online content

13 March 2025

The Polish government plans to implement new regulations to protect minors from harmful online content. These rules require providers of electronically supplied services to meet certain obligations, with significant penalties for non-compliance.

1. General comments

The proposed legislation concerning the protection of minors from access to harmful content on the Internet, dated 20 February 2025 (“Proposed Act”) has recently been released for public review and consultation which ends on 26 March 2025. The Proposed Act regulates the liability of service providers offering their services electronically such as online platforms, online video-sharing platforms, etc. (“Service Providers”), for permitting a minor to access harmful content, including pornographic content, in connection with the provision of their services. 

To enhance the effectiveness of the Proposed Act, it has been explicitly stated that the law applies to Service Providers who provide services electronically in Poland, regardless of the location of the Service Provider's commercial or professional activity. Consequently, it will also apply to Service Providers from European Union member states, as well as third countries.

Importantly, the Proposed Act does not define the terms “harmful content” or “pornography.” The absence of these definitions may result in uncertainty for Service Providers regarding their obligations under the Proposed Act and the scope of possible inspections by the relevant authorities.

2. Obligations

Performing and recording a risk analysis. Those Service Providers who do not offer access to pornographic content will be obliged to perform and record a risk analysis regarding minors' potential exposure to harmful content through their services. This analysis should consider: 1) the likelihood of harmful content appearing in the service; 2) the user base, including the probability of minors being among them; 3) the chances of minors encountering harmful content within the service.

The first risk analysis should be conducted within 6 months from the date of promulgation of the Proposed Act. This obligation must be fulfilled every 24 months from the date of the initial risk analysis and whenever significant changes are made to the service that could expose minors to harmful content.

Implementing age verification mechanisms. Those Service Providers who offer access to pornographic content will be obliged to implement age verification mechanisms to prevent minors from accessing such content. These mechanisms must determine the age of users, with the exclusion of methods based on self-declaration of  age, age estimation and biometric methods, and should comply with the guidelines published by the Ministry of Digitalization, in consultation with the President of the Office of Electronic Communication (Polish: Prezes Urzędu Komunikacji Elektronicznej, “President of UKE”), to protect minors effectively while simultaneously maintaining data privacy. Such guidelines have not been published to date.

3. Inspections

The President of UKE is authorized to conduct inspections and post-inspection proceedings to verify that the Service Providers comply with their obligations.

4. Sanctions

The Proposed Act provides for the following sanctions for non-compliance with obligations:

  • Registry of domain names. If age verification mechanisms are not implemented, the domain name allowing access to pornographic content will be placed in a restricted registry managed by the Research and Academic Computer Network (Polish: Naukowa i Akademicka Sieć Komputerowa, “NASK”). In consequence, Internet service providers will be obliged to block access to the domain names placed in a registry by removing them from the telecommunication systems used to convert domain names into IP addresses and must redirect to a page managed by the President of UKE, which will inform users that the domain name has been listed in the NASK registry. Domain name owners can object to being listed in the registry.
  • Financial penalties up to PLN 1,000,000 [USD 258,800]. The penalties would be imposed by the President of UKE, when Service Providers fail to conduct a risk analysis or do so inadequately, or fail to apply age verification mechanisms – if harmful content is available on their websites.

We will monitor the status of the work on the Proposed Act and inform you of important updates.

Contact us for more information.

Further Reading