<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>corporate law - KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</title>
	<atom:link href="https://www.kg-legal.eu/info/tag/corporate-law/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.kg-legal.eu/info/tag/corporate-law/</link>
	<description>KIELTYKA GLADKOWSKI LEGAL &#124; CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</description>
	<lastBuildDate>Wed, 08 Jul 2026 11:04:25 +0000</lastBuildDate>
	<language>en-GB</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	
	<item>
		<title>CLIENT ALERT Dietary supplements market in PolandAmendments to food safety regulations &#124; May 2026</title>
		<link>https://www.kg-legal.eu/info/pharmaceutical-healthcare-life-sciences-law/client-alert-dietary-supplements-market-in-polandamendments-to-food-safety-regulations-may-2026/</link>
					<comments>https://www.kg-legal.eu/info/pharmaceutical-healthcare-life-sciences-law/client-alert-dietary-supplements-market-in-polandamendments-to-food-safety-regulations-may-2026/#respond</comments>
		
		<dc:creator><![CDATA[jakub]]></dc:creator>
		<pubDate>Wed, 08 Jul 2026 11:04:24 +0000</pubDate>
				<category><![CDATA[PHARMACEUTICAL, HEALTHCARE & LIFE SCIENCES LAW]]></category>
		<category><![CDATA[Advertising Law]]></category>
		<category><![CDATA[Business Law]]></category>
		<category><![CDATA[CEE]]></category>
		<category><![CDATA[Central and Eastern Europe]]></category>
		<category><![CDATA[Client Alert]]></category>
		<category><![CDATA[Commercial Law]]></category>
		<category><![CDATA[Compliance Management]]></category>
		<category><![CDATA[Consumer Health]]></category>
		<category><![CDATA[CONSUMER PROTECTION]]></category>
		<category><![CDATA[Corporate Compliance]]></category>
		<category><![CDATA[corporate law]]></category>
		<category><![CDATA[Cross-Border Business]]></category>
		<category><![CDATA[Dietary Supplements]]></category>
		<category><![CDATA[Distributors]]></category>
		<category><![CDATA[Doing business in Poland]]></category>
		<category><![CDATA[e-commerce]]></category>
		<category><![CDATA[e-Sanepid]]></category>
		<category><![CDATA[EU Law]]></category>
		<category><![CDATA[European Regulatory Law]]></category>
		<category><![CDATA[European Union Law]]></category>
		<category><![CDATA[Food and Nutrition Safety Act]]></category>
		<category><![CDATA[Food Business]]></category>
		<category><![CDATA[food industry]]></category>
		<category><![CDATA[Food Law]]></category>
		<category><![CDATA[Food Regulation]]></category>
		<category><![CDATA[Food Safety]]></category>
		<category><![CDATA[Food Supplements]]></category>
		<category><![CDATA[General Counsel]]></category>
		<category><![CDATA[GIS]]></category>
		<category><![CDATA[Healthcare Law]]></category>
		<category><![CDATA[Importers]]></category>
		<category><![CDATA[In-House Counsel]]></category>
		<category><![CDATA[International Business]]></category>
		<category><![CDATA[International Lawyers]]></category>
		<category><![CDATA[international trade]]></category>
		<category><![CDATA[KG Legal]]></category>
		<category><![CDATA[kiełtyka gładkowski]]></category>
		<category><![CDATA[Law Firm]]></category>
		<category><![CDATA[Legal Compliance]]></category>
		<category><![CDATA[Legal Insights]]></category>
		<category><![CDATA[Legal Risk]]></category>
		<category><![CDATA[Legal Update]]></category>
		<category><![CDATA[Life Sciences]]></category>
		<category><![CDATA[Manufacturers]]></category>
		<category><![CDATA[Market Entry]]></category>
		<category><![CDATA[Nutraceuticals]]></category>
		<category><![CDATA[Online Retail]]></category>
		<category><![CDATA[Poland]]></category>
		<category><![CDATA[Poland Food Law]]></category>
		<category><![CDATA[Polish Food Law]]></category>
		<category><![CDATA[Product Compliance]]></category>
		<category><![CDATA[Product Safety]]></category>
		<category><![CDATA[Regulatory Affairs]]></category>
		<category><![CDATA[Regulatory Compliance]]></category>
		<category><![CDATA[Regulatory Law]]></category>
		<category><![CDATA[Risk Management]]></category>
		<guid isPermaLink="false">https://www.kg-legal.eu/?p=8825</guid>

					<description><![CDATA[<p>Publication date: July 07, 2026 The draft Act of April 13, 2026, amending the Act on Food and Nutrition Safety will enter into force six months after its publication. The new regulations primarily impact producers, importers, distributors, and sellers of dietary supplements &#8211; both in traditional and online channels. Below, we present the real changes [&#8230;]</p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/pharmaceutical-healthcare-life-sciences-law/client-alert-dietary-supplements-market-in-polandamendments-to-food-safety-regulations-may-2026/">CLIENT ALERT Dietary supplements market in PolandAmendments to food safety regulations | May 2026</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p><strong><mark style="background-color:rgba(0, 0, 0, 0)" class="has-inline-color has-vivid-cyan-blue-color">Publication date: July 07, 2026</mark></strong></p>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><em>The draft Act of April 13, 2026, amending the Act on Food and Nutrition Safety will enter into force six months after its publication. The new regulations primarily impact producers, importers, distributors, and sellers of dietary supplements &#8211; both in traditional and online channels. Below, we present the real changes to your business.</em></td></tr></tbody></table></figure>



<span id="more-8825"></span>



<h1 class="wp-block-heading">1. Reports only via e-Sanepid</h1>



<p>Every dietary supplement introduced to the market for the first time must be reported to the Chief Sanitary Inspector (GIS). Until now, various forms were acceptable &#8211; paper or electronic, with a handwritten or electronic signature. After the amendment comes into effect, the only acceptable method will be the e-Sanepid platform.</p>



<p>What does this mean in practice?</p>



<ul class="wp-block-list">
<li>It is necessary for each person submitting notifications to have a qualified electronic signature or a trusted profile.</li>



<li>All communication with sanitary inspection bodies &#8211; letters, decisions, and confirmations &#8211; will be handled through the platform account. The moment of notification submission will be clearly confirmed with an official receipt, eliminating disputes over the deadline.</li>



<li>Companies that have previously used paper forms or traditional correspondence must immediately switch to the new channel and ensure appropriate employee training.</li>
</ul>



<p>The change also concerns the timing of the notification obligation: the previous option to notify the Chief Sanitary Inspectorate (GIS) at the stage of intended product introduction is no longer available. The obligation now arises at the time of actual introduction to the market.</p>



<h1 class="wp-block-heading">2. Strict deadlines and automatic presumption of irregularities</h1>



<p>The amendment introduces a completely new mechanism for conducting investigations. This change has the greatest potential to surprise companies without effective internal compliance procedures.</p>



<h2 class="wp-block-heading">How does the new mechanism work?</h2>



<p>If the Chief Sanitary Inspectorate initiates an investigation and requests the entity to submit a scientific opinion, the company has exactly 14 days to submit an application to an accredited scientific unit – at the same time forwarding a copy of it to the Chief Sanitary Inspectorate.</p>



<figure class="wp-block-table"><table class="has-vivid-cyan-blue-color has-luminous-vivid-amber-background-color has-text-color has-background has-link-color has-fixed-layout"><tbody><tr><td><strong>Step</strong></td><td><strong>What&#8217;s going on</strong></td></tr><tr><td><strong>14 days</strong></td><td>Deadline for submitting an application for a scientific opinion to a scientific unit (from the date of delivery of the request by GIS)</td></tr><tr><td><strong>6 months</strong></td><td>Maximum time for a scientific unit to issue an opinion</td></tr><tr><td><strong>Up to 12 months</strong></td><td>Possible extension of the deadline by the entity if the case is complex</td></tr><tr><td><strong>Failure to meet 14 days</strong></td><td>Automatic presumption that the product is incorrectly classified and does not meet the requirements &#8211; GIS ends the proceedings to the detriment of the entity</td></tr></tbody></table></figure>



<p>The mechanism for presuming irregularities is a significant innovation. Previously, a company&#8217;s inaction during the proceedings did not automatically result in any legal consequences &#8211; the proceedings could drag on for years. Following the amendment, any failure to meet the 14-day deadline will lead to direct negative consequences, regardless of whether the product is safe.</p>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>The ban on re-registration – an important trap</strong></td></tr><tr><td>Once the investigation is complete, the entity cannot submit a new notification for a product with the same qualitative and quantitative composition. If the company withdraws its notification during the investigation, this prohibition is indefinite. In such cases, changing the composition may be the only way to return to the market.</td></tr></tbody></table></figure>



<h1 class="wp-block-heading">3. Advertising without reporting? A fine of nearly one million zlotys</h1>



<p>This change directly impacts brands engaging in active digital marketing. Previously, advertising or presenting a dietary supplement without prior notification to the Chief Sanitary Inspectorate (GIS) was punishable by a fine (a misdemeanor). Following the amendment, this becomes grounds for imposing an administrative fine &#8211; with new, significantly higher penalties.</p>



<h2 class="wp-block-heading">What exactly is prohibited?</h2>



<p>The amendment penalizes not only the sale of a supplement without reporting it to the Chief Sanitary Inspectorate (GIS), but also the mere advertising or presentation of it if the notification has not been effectively submitted. In other words:</p>



<ul class="wp-block-list">
<li>Sponsored post on Instagram or Facebook promoting a new supplement before notification = grounds for an administrative penalty.</li>



<li>Product page in the online store visible to the public before successful reporting to GIS = risk of infringement.</li>



<li>Promotional materials sent to wholesalers or distributors before GIS is notified = potential infringement.</li>



<li>Influencer marketing initiated before the date of effective notification = liability on the part of the entity commissioning the campaign.</li>
</ul>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>Key: What is a &#8220;successful report&#8221;?</strong></td></tr><tr><td>The notification is effectively submitted when the company receives official confirmation of receipt from the e-Sanepid platform. Simply submitting the form isn&#8217;t enough &#8211; confirmation is what counts. These dates can differ by several days or more. Every marketing campaign should be planned with this time buffer in mind.</td></tr></tbody></table></figure>



<h2 class="wp-block-heading">Prohibition on suggesting medicinal properties &#8211; wider scope</h2>



<p>The amendment expands liability for violations of advertising requirements from labeling to the entire marketing message. Previously, sanctions primarily covered incorrect packaging labeling. Following the amendment, a company is responsible for every communication channel &#8211; online advertising, point-of-sale materials, newsletters, or YouTube videos &#8211; if the message suggests that a varied diet does not provide sufficient nutrients, or if a supplement is presented as a medicinal product.</p>



<h1 class="wp-block-heading">4. Public register &#8211; the company&#8217;s reputation under public scrutiny</h1>



<p>The Chief Sanitary Inspectorate (GIS) has maintained a register of dietary supplements before, but the amendment will significantly expand its scope and availability. The data will be published on the e-Sanepid platform and will include:</p>



<ul class="wp-block-list">
<li>the name of the product and its qualitative composition (without quantitative data &#8211; the recipe remains protected),</li>



<li>product qualification proposed by the entity,</li>



<li>information about the initiation or ongoing investigation,</li>



<li>data on the detection of a prohibited ingredient.</li>
</ul>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>Reputational risk before final decision</strong></td></tr><tr><td>Information about the initiation of an investigation will appear in the public register immediately &#8211; not after the proceedings have concluded. Consumers and competitors will have access to this information before the Chief Sanitary Inspectorate issues any ruling. Even if the proceedings end favorably for the company, the registry record could impact brand perception.</td></tr></tbody></table></figure>



<h1 class="wp-block-heading">5. Fines &#8211; increase by over 330%</h1>



<p>The maximum administrative fine for violating food safety regulations is increasing from 30 to 100 times the average monthly salary. At the current salary level, this means:</p>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td>&nbsp;</td><td><strong>Before the amendment</strong></td><td><strong>After the amendment</strong></td></tr><tr><td><strong>Multiplier</strong></td><td>30×</td><td><strong>100×</strong></td></tr><tr><td><strong>Maximum penalty</strong></td><td>approx. PLN 245,000</td><td><strong>approx. PLN 818,000</strong></td></tr></tbody></table></figure>



<p>The new penalties are imposed administratively (not as fiscal or misdemeanor offenses), which means faster proceedings and no need to prove intentional guilt. A mere finding of a violation is sufficient. The increased level of sanctions has a real deterrent effect, especially for companies with turnover in the tens of millions of zlotys.</p>



<h1 class="wp-block-heading">The biggest risks &#8211; a practical overview</h1>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>Risk area</strong></td><td><strong>Triggering situation</strong></td><td><strong>Consequence</strong></td></tr><tr><td><strong>Advertising before submission</strong></td><td>Launch of the campaign on social media before the official confirmation of receipt of the notification by the Chief Sanitary Inspectorate</td><td>Fine up to approximately PLN 818,000</td></tr><tr><td><strong>Exceeding the 14-day deadline</strong></td><td>No application submitted to the scientific unit within 14 days of the request by the Chief Sanitary Inspectorate</td><td>Automatic presumption of product irregularity; termination of proceedings to the detriment of the entity</td></tr><tr><td><strong>Errors in the product description on the website</strong></td><td>Content suggesting medicinal properties or claiming that a diet without a supplement is insufficient</td><td>Fine of up to approximately PLN 818,000; risk of product recall</td></tr><tr><td><strong>Publicity of the proceedings</strong></td><td>Initiation of explanatory proceedings by GIS</td><td>Immediate publication of information in the public register &#8211; reputational damage before resolution</td></tr><tr><td><strong>Sale without notification</strong></td><td>Distribution to wholesalers or stores before effective notification of the Chief Sanitary Inspectorate</td><td>A fine of up to approximately PLN 818,000; possible ban on further trading</td></tr><tr><td><strong>No trusted profile/signature</strong></td><td>The employees responsible for reporting do not have the required qualifications</td><td>Notification submitted ineffectively &#8211; risk of sanctions as for failure to notify</td></tr></tbody></table></figure>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>What is worth doing before the regulations come into force?</strong></td></tr></tbody></table></figure>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>1. Register on the e-Sanepid platform</strong></td></tr><tr><td>Ensure that at least two people in your company have a qualified electronic signature or an active trusted profile. Register a company account on e-Sanepid before the law comes into effect and complete a test application. A lack of technical readiness on the date the regulations come into effect could prevent you from legally introducing new products to the market.</td></tr></tbody></table></figure>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>2. Audit current submissions and the new product calendar</strong></td></tr><tr><td>Check that all products in your offer have successfully submitted notifications to the Chief Sanitary Inspectorate. For products planned for launch in the coming months, submit notifications well in advance of the planned sale date or marketing campaign. Take into account the waiting time for official confirmation of receipt.</td></tr></tbody></table></figure>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>3. Implement a procedure for monitoring deadlines in explanatory proceedings</strong></td></tr><tr><td>Designate a person responsible for receiving correspondence from the e-Sanepid platform and immediately forwarding documents to legal or compliance services. The 14-day deadline for submitting a request for a scientific opinion is short—missing it automatically creates a presumption of irregularities. It&#8217;s worth identifying accredited scientific institutions now with which the company could quickly establish cooperation if proceedings are initiated.</td></tr></tbody></table></figure>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><td><strong>4. Verify all marketing materials – websites, social media, product descriptions</strong></td></tr><tr><td>Analyze the content on your website, online store, social media profiles and sales materials for:</td></tr><tr><td>suggestions for medicinal or therapeutic properties of supplements,</td></tr><tr><td>information suggesting that a normal diet does not provide adequate nutrients,</td></tr><tr><td>promoting products for which the GIS notification has not yet been successfully submitted.</td></tr><tr><td>Influencer marketing campaigns deserve special attention – messages created by third parties still place the responsibility on the company commissioning the campaign.</td></tr></tbody></table></figure>



<figure class="wp-block-table">
<table class="has-fixed-layout">
<tbody>
<tr>
<td><strong>5. Monitor the GIS register and respond to information about proceedings</strong></td>
</tr>
<tr>
<td>Once the expanded SEPIS register is launched, regularly check the status of your products. If you receive information about the initiation of an investigation, act immediately. Inaction at this stage can lead to automatic assumptions of irregularities and reputational damage that will be publicly visible throughout the proceedings.</td>
</tr>
</tbody>
</table>
</figure>
<p> </p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/pharmaceutical-healthcare-life-sciences-law/client-alert-dietary-supplements-market-in-polandamendments-to-food-safety-regulations-may-2026/">CLIENT ALERT Dietary supplements market in PolandAmendments to food safety regulations | May 2026</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.kg-legal.eu/info/pharmaceutical-healthcare-life-sciences-law/client-alert-dietary-supplements-market-in-polandamendments-to-food-safety-regulations-may-2026/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>NIS2 in Poland: Practical Implications of the New Cybersecurity Framework for Businesses</title>
		<link>https://www.kg-legal.eu/info/investment-law-and-processes-in-poland/nis2-in-poland-practical-implications-of-the-new-cybersecurity-framework-for-businesses/</link>
					<comments>https://www.kg-legal.eu/info/investment-law-and-processes-in-poland/nis2-in-poland-practical-implications-of-the-new-cybersecurity-framework-for-businesses/#respond</comments>
		
		<dc:creator><![CDATA[jakub]]></dc:creator>
		<pubDate>Tue, 07 Jul 2026 18:40:05 +0000</pubDate>
				<category><![CDATA[INVESTMENT LAW AND PROCESSES IN POLAND]]></category>
		<category><![CDATA[Business Law]]></category>
		<category><![CDATA[CEE]]></category>
		<category><![CDATA[Corporate Governance]]></category>
		<category><![CDATA[corporate law]]></category>
		<category><![CDATA[Critical Infrastructure]]></category>
		<category><![CDATA[Cross Border Business]]></category>
		<category><![CDATA[Cyber Compliance]]></category>
		<category><![CDATA[Cyber Law]]></category>
		<category><![CDATA[Cyber Resilience]]></category>
		<category><![CDATA[Cyber Risk;]]></category>
		<category><![CDATA[data protection]]></category>
		<category><![CDATA[Digital Infrastructure]]></category>
		<category><![CDATA[Digital Regulation]]></category>
		<category><![CDATA[EU Law]]></category>
		<category><![CDATA[In House Counsel]]></category>
		<category><![CDATA[Incident Response]]></category>
		<category><![CDATA[Information Security]]></category>
		<category><![CDATA[International Law]]></category>
		<category><![CDATA[Law Firm]]></category>
		<category><![CDATA[Legal Tech]]></category>
		<category><![CDATA[NIS2]]></category>
		<category><![CDATA[Poland]]></category>
		<category><![CDATA[Regulatory Compliance]]></category>
		<category><![CDATA[Risk Management]]></category>
		<category><![CDATA[Technology Law]]></category>
		<guid isPermaLink="false">https://www.kg-legal.eu/?p=8816</guid>

					<description><![CDATA[<p>Publication date: July 07, 2026 The Act amending the Act on the National Cybersecurity System aims to implement Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 (NIS Directive 2) and the partial application of Commission Delegated Regulation (EU) 2024/1366 of 11 March 2024 supplementing Regulation (EU) 2019/943 of [&#8230;]</p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/investment-law-and-processes-in-poland/nis2-in-poland-practical-implications-of-the-new-cybersecurity-framework-for-businesses/">NIS2 in Poland: Practical Implications of the New Cybersecurity Framework for Businesses</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p><mark style="background-color:rgba(0, 0, 0, 0)" class="has-inline-color has-vivid-cyan-blue-color"><strong>Publication date: July 07, 2026</strong></mark></p>



<p>The Act amending the Act on the National Cybersecurity System aims to implement Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 (NIS Directive 2) and the partial application of Commission Delegated Regulation (EU) 2024/1366 of 11 March 2024 supplementing Regulation (EU) 2019/943 of the European Parliament and of the Council.</p>



<p id="ember4587">The amendment to the KSC Act significantly expands the scope of the regulations and introduces new obligations in the field of cybersecurity management. The changes include, among other things, the implementation of risk management systems and expanded incident reporting requirements. The new regulations also strengthen the powers of supervisory authorities and significantly increase the maximum amount of financial penalties. It also introduces liability for the management staff (manager) of an entity. In practice, this requires certain entities to take steps to comply with the new regulations.</p>



<span id="more-8816"></span>



<p id="ember4588"><strong>The first experiences of entrepreneurs after the amendment came into force – practical conclusions</strong></p>



<p id="ember4589">The few months that the amended Act on the National Cybersecurity System has been in effect demonstrate that the biggest challenge for businesses is no longer the analysis of the new regulations, but their practical implementation. For many organizations, the adaptation process began with a seemingly simple task: determining whether a given entity is even subject to the new regulations. In practice, this step proves to be one of the most problematic.</p>



<p id="ember4590">Under the previous legal framework, many businesses awaited a formal administrative decision confirming their status as an essential service operator. This approach is no longer appropriate. The status of a key or important entity stems directly from the Act, and obligations arise regardless of whether the business has already been entered on the register. This means that the responsibility for properly assessing their own situation rests primarily with the business itself.</p>



<p id="ember4591">Practice also shows that many companies focus solely on the issue of being entered into the register of key and important entities. However, entry itself is not the purpose of the regulation. The greatest challenges remain the actual implementation of an information security management system, conducting a risk analysis, developing incident response procedures, and adequately documenting the actions taken. In the future, supervisory authorities will primarily assess an organization&#8217;s actual level of compliance with the Act, not merely the formal fulfillment of registration obligations.</p>



<p id="ember4592">Another significant change is the significant increase in management responsibility. Management can no longer treat cybersecurity as a matter solely within the purview of IT departments. The Act requires active management involvement in the organization of the cybersecurity management system, oversight of its operation, and provision of adequate organizational and financial resources. In practice, this requires regular reporting on cybersecurity issues at the management level and documentation of decisions made.</p>



<p id="ember4593">Supply chain security is also becoming increasingly important. Businesses are required not only to secure their own IT systems but also to consider the risks arising from collaboration with IT service providers, cloud computing operators, software vendors, and outsourcing providers. In practice, this means reviewing supplier contracts, verifying the security measures in place, and implementing appropriate provisions for incident management and crisis cooperation.</p>



<p id="ember4594">It&#8217;s also noticeable that a growing number of businesses are choosing to conduct internal compliance audits before the statutory deadlines expire. This approach allows for early identification of organizational and technical gaps, reducing the risk of subsequent violations and costly remedial actions.</p>



<p id="ember4595">In practice, the best solution is to treat the implementation of the Act&#8217;s requirements not as a one-time project, but rather as a process encompassing regular risk analysis, procedure updates, employee training, and ongoing oversight of the organization&#8217;s security. This approach not only increases compliance but also significantly reduces the risk of cybersecurity incidents.</p>



<p id="ember4596">It&#8217;s worth emphasizing that the current transition period should be used to calmly prepare organizations for the full application of the new regulations. Postponing implementation until the final months before the statutory deadlines expire can be risky, especially for large organizations where implementing information security management systems requires the involvement of multiple departments and adequate time to prepare procedures and documentation.</p>



<h2 class="wp-block-heading" id="ember4597">Change in the circle of entities to which the Act applies.</h2>



<p id="ember4598">Under the previous wording of the Act, an administrative decision was required to recognize an entity as an essential service operator (Article 5 of the Act before the amendment). Currently, the group of key and important entities is determined automatically (ex lege). The criteria for qualifying an entity as essential are found in Article 5, Section 1, and as an important entity in Article 5, Section 2 of the Act. It is possible that an entity meets the criteria for both key and important entities; such an entity is considered a key entity under Article 5, Section 4. When attempting to qualify entities, the Act also refers to EU regulations, particularly Regulation 651/2014/EU, which defines SMEs. Therefore, the primary criteria taken into account will be the number of employees and annual turnover. It is also necessary to refer to Annexes 1 and 2 of the Act, which precisely define the categories of entrepreneurs in specific sectors and subsectors.</p>



<p id="ember4599">The added Article 5a in paragraph 1 provides that key and important entities are subject to the obligations arising from the Act if they reside in the territory of the Republic of Poland or conduct their business in the territory of the Republic of Poland.</p>



<p id="ember4600">Articles 7 et seq. regulate matters related to the list of key and important entities. Before the amendment, the list contained only operators of essential services; now it includes key and important entities. Unlike the previous legal status, in which entry was made at the request of the authority responsible for cybersecurity (former wording of Article 7, paragraph 3 of the Act), entry is now made at the request of a key or important entity within six months of the occurrence of the conditions (Article 7c, paragraph 1 of the Act). Ex officio entry will generally only apply to existing operators of essential services, trust service providers, telecommunications companies, and public entities. This means that for entities meeting the conditions on the date the amendment comes into force, the deadline for submitting an application is October 3, 2026. Pursuant to the Announcement of the Minister of Digitization of April 8, 2026, regarding the schedule for submitting applications for entry in the register of key and important entities and for key or important entities to commence using the ICT system , self-registration on the list is possible from May 7, 2026, to October 3, 2026. The platform operating in the S46 system is available at <a href="https://wykaz-ksc.gov.pl/">https://wykaz-ksc.gov.pl/</a> . By April 3, 2027, key and important entities are required to commence using the ICT system specified in Art. 46 sec. 1 of the Act. This deadline begins depending on whether the entities were parties to agreements regarding the use of the ICT system referred to in Art. 46 sec. 1 of the Act concluded before April 3, 2026. For the former, the possibility of using the system was opened on April 8, 2026, and for the latter, this possibility will be available from June 12, 2026 (point 2 of the Communication of the Minister of Digital Affairs).</p>



<p id="ember4601">If an entity that meets the criteria for being considered a key or important entity fails to submit an application for entry, the authority responsible for cybersecurity may enter the entity on the list ex officio (Article 7j, paragraph 1 of the Act). Failure to comply with certain obligations related to the list (failure to timely complete missing data on the list or failure to correct data despite a request or failure to submit an application for entry) may result in the imposition of a substantial fine (Article 73, paragraph 1, point 1 and Article 73, paragraph 1a, point 1 of the Act). The catalogue of data to be included on the list has also been changed (expanded) (Article 7, paragraph 2).</p>



<p id="ember4602"><strong>In practice: </strong>The expansion of the scope of entities and the shift from administrative decision-making to automatic regulation mean that many entities may be subject to the Act without formal confirmation of this status. In practice, independent qualification analysis and continuous monitoring of compliance with statutory criteria become crucial. An incorrect assessment (or failure to comply) may result in exposure to sanctions (severe fines).</p>



<h2 class="wp-block-heading" id="ember4603">New responsibilities for cybersecurity management.</h2>



<h3 class="wp-block-heading" id="ember4604">Duties</h3>



<p id="ember4605">Chapter 3, which governs the obligations of key and important entities, has been expanded, and Chapters 3a and 3b have been added, addressing domain name registration service providers and public entities. Article 8 of the Act governs obligations related to the implementation of an information security management system. Compared to the previous legal framework, numerous obligations have been added. The responsibility of the manager of a key or important entity for the performance of its cybersecurity obligations has been introduced (Article 8c of the Act), and the manager&#8217;s responsibilities have also been defined (Articles 8d–8f of the Act).</p>



<p id="ember4606">The regulations regarding incident reporting have also changed. A key or important entity classifies a given incident as serious (after meeting the requirements of Article 2, Section 7 of the Act), then issues an early warning, reports the incident, and finally submits a final report on the handling of the serious incident to the CSIRT (a three-step reporting model instead of the previous one-step model – Article 11 of the Act).</p>



<h2 class="wp-block-heading" id="ember4607">Deadlines</h2>



<p id="ember4608">Pursuant to Article 15 of the Act, key entities must conduct a security audit of the information system used in the service provision process at least once every three years. For key entities that were not previously classified as key service operators, the first audit should be conducted within 24 months of the date the conditions are met (Article 16, point 2, therefore, for these entities, the deadline for conducting the audit is April 3, 2028).</p>



<p id="ember4609">The Act amending the KSC Act establishes a 12-month transition period during which key and important entities have time to fulfill the obligations specified in Chapter 3 of the Act (except for the obligation to conduct the first audit, which entities have 24 months to conduct). Therefore, with respect to obligations such as implementing an information security management system, risk assessment, implementing technical and organizational measures, reporting and managing incidents, and verifying personnel&#8217;s criminal records, the deadline for compliance with these regulations expires on April 3, 2027.</p>



<p id="ember4610"><strong>In practice: </strong>The imposed obligations require the implementation of an information security management system. Furthermore, the single-tier incident reporting system has been changed, replaced by a more complex three-tier system. Essential entities will be required to conduct audits. Importantly, entities that were not previously considered essential service operators will be required to conduct an audit within two years of the amendment&#8217;s entry into force. However, most of the new obligations will have to be implemented by April 3, 2027. Failure to comply with these obligations will result in the manager of the relevant entity being held liable.</p>



<h2 class="wp-block-heading" id="ember4611">Change in the amount and grounds for imposing fines.</h2>



<p id="ember4612">Until April 2, 2026, the maximum amount of the fine imposed on entities (only for the most serious violations) was PLN 1 million (former wording of Article 73, paragraph 5 in fine). Currently, the maximum amount of the fine is, as a rule, EUR 10 million (Article 73, paragraph 3 of the Act), and for the most serious violations, up to PLN 100 million (Article 73, paragraph 5 in fine of the Act).</p>



<p id="ember4613">With the imposition of a large number of obligations on key and important entities, the list of violations for which a fine may be imposed has also been expanded (Article 73 of the Act).</p>



<p id="ember4614">The new provisions on fines come into force only two years after the entry into force of the Act (i.e. from April 3, 2028).</p>



<p id="ember4615"><strong>In practice: </strong>Increasing the amount of fines disciplines key entities and important entities to take their cybersecurity obligations very seriously. It is worth emphasizing, however, that the amended regulations on fines will not enter into force until April 3, 2028.</p>



<h2 class="wp-block-heading" id="ember4616">Changes in the supervision and control of key and important entities.</h2>



<p id="ember4617">Chapter 11 of the Act, which deals with the supervision and control of key and important entities, has been significantly expanded. Some provisions remain unchanged (the requirement to apply the provisions of the Entrepreneurs&#8217; Law or the Act on Audit in Government Administration, the powers of the person conducting the audit, most of the obligations of audited entities, and provisions regarding audit protocols and post-audit recommendations).</p>



<h2 class="wp-block-heading" id="ember4618">Important changes</h2>



<p id="ember4619">The most important changes in the scope of supervision include a significant expansion of Article 53, which describes the powers of the authority responsible for cybersecurity regarding supervision and oversight of key entities. It empowers the competent authority to issue various types of administrative decisions aimed at enforcing the provisions of the Act. This article also contains a number of procedural provisions defining the nature of the proceedings. Generally, the regulations contained in this article apply only to key entities, but as stated in Article 53, paragraph 17, certain provisions also apply to inspections of important entities. Article 53, paragraph 3 states that supervision of key entities is both post-empty and preventive, while for important entities, supervision is only post-empty.</p>



<p id="ember4620">A new obligation for both key and important entities is the information obligation specified in Article 53c, which requires a key or important entity to provide certain data at the request of the authority responsible for cybersecurity.</p>



<p id="ember4621">A new institution is the ad hoc review added in Article 59c, which may be carried out only if the conditions specified in the cited Article are met.</p>



<p id="ember4622"><strong>In practice: </strong>Strengthening the powers of supervisory authorities and introducing ad hoc inspections means increased risk of inspections and the need to maintain constant readiness to demonstrate compliance with regulations. Entities should also prepare for more frequent requests for information from authorized bodies.</p>



<h2 class="wp-block-heading" id="ember4623">Minor changes</h2>



<p id="ember4624">Chapter 10 has been amended and Chapters 10a – 10c have been added, but they do not contain any standards addressed to entities and are therefore not relevant from a practical point of view.</p>



<p id="ember4625">Several changes concern Chapter 12 concerning the Government Plenipotentiary for Cybersecurity and the Cybersecurity Board, but these changes do not have any significant impact on the entities.</p>



<p id="ember4626">Article 12a has been added, addressing specific measures to ensure cybersecurity at the national level. It primarily contains provisions on recommendations from the Government Plenipotentiary for Cybersecurity (Article 67a), the procedure for designating a supplier as a high-risk supplier (Articles 67b–67f), and a safeguarding order in the event of a critical incident (Articles 67g–67i).</p>



<p id="ember4627">Minor changes also apply to the Cybersecurity Strategy of the Republic of Poland (Articles 68–72). The changes primarily concern the content and method of developing the strategy, as well as the frequency of strategy reviews (2.5 years instead of the previous 2 years).</p>



<p id="ember4628">The amendment to the Act on the National Emergency Response Plan creates the basis for the adoption of the National Emergency Response Plan (Articles 72a – 72f of the Act).</p>



<h2 class="wp-block-heading" id="ember4629">Recommended actions.</h2>



<p id="ember4630">In light of the amendments to the Commercial Companies Code, entities subject to the new regulations should take steps to ensure their operations are in compliance with the law. It is recommended that:</p>



<p id="ember4631">1)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Self-identification in order to determine whether a given entity qualifies as a key or important entity within the meaning of the Act.</p>



<p id="ember4632">2)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Implementation or update of an information security management system.</p>



<p id="ember4633">3)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Development of procedures for identifying and reporting incidents, taking into account the new procedure.</p>



<p id="ember4634">4)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Ensuring the involvement of management staff, e.g. the manager&#8217;s implementation of the obligations under Article 8d or 8e.</p>



<p id="ember4635">5)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Preparing the organization for potential supervisory activities, e.g. inspections.</p>



<ul class="wp-block-list">
<li><em>Action:</em></li>
</ul>



<p id="ember4637">ex officio entries carried out by the Minister of Digital Affairs (current key service operators, trust service providers, telecommunications companies and public entities)</p>



<ul class="wp-block-list">
<li><em>Deadline:</em></li>
</ul>



<p id="ember4639">April 13 – May 6, 2026</p>



<ul class="wp-block-list">
<li><em>Action:</em></li>
</ul>



<p id="ember4641">self-registration in the list of key and important entities</p>



<ul class="wp-block-list">
<li><em>Deadline:</em></li>
</ul>



<p id="ember4643">May 7 – October 3, 2026</p>



<ul class="wp-block-list">
<li><em>Action:</em></li>
</ul>



<p id="ember4645">launching the possibility of using the S46 system for new entities</p>



<ul class="wp-block-list">
<li><em>Deadline:</em></li>
</ul>



<p id="ember4647">June 12, 2026</p>



<ul class="wp-block-list">
<li><em>Action:</em></li>
</ul>



<p id="ember4649">end of the deadline for starting to use the S46 system and implementing obligations (end of the adjustment period)</p>



<ul class="wp-block-list">
<li><em>Deadline:</em></li>
</ul>



<p id="ember4651">April 3, 2027</p>



<ul class="wp-block-list">
<li><em>Action:</em></li>
</ul>



<p id="ember4653">the first ISMS audit (for key entities that were not key service operators) and the beginning of the application of the provisions on penalties</p>



<ul class="wp-block-list">
<li><em>Deadline:</em></li>
</ul>



<p id="ember4655">April 3, 2028</p>
<p> </p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/investment-law-and-processes-in-poland/nis2-in-poland-practical-implications-of-the-new-cybersecurity-framework-for-businesses/">NIS2 in Poland: Practical Implications of the New Cybersecurity Framework for Businesses</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.kg-legal.eu/info/investment-law-and-processes-in-poland/nis2-in-poland-practical-implications-of-the-new-cybersecurity-framework-for-businesses/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Is Your Online Store Ready for the New Era of Control? A Practical Guide to E-Commerce Responsibilities in 2026</title>
		<link>https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/is-your-online-store-ready-for-the-new-era-of-control-a-practical-guide-to-e-commerce-responsibilities-in-2026/</link>
					<comments>https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/is-your-online-store-ready-for-the-new-era-of-control-a-practical-guide-to-e-commerce-responsibilities-in-2026/#respond</comments>
		
		<dc:creator><![CDATA[jakub]]></dc:creator>
		<pubDate>Tue, 07 Jul 2026 18:33:36 +0000</pubDate>
				<category><![CDATA[IT, NEW TECHNOLOGIES, MEDIA AND COMMUNICATION TECHNOLOGY LAW]]></category>
		<category><![CDATA[AI Compliance]]></category>
		<category><![CDATA[Artificial intelligence]]></category>
		<category><![CDATA[Business Law]]></category>
		<category><![CDATA[CEE]]></category>
		<category><![CDATA[Competition Law]]></category>
		<category><![CDATA[CONSUMER PROTECTION]]></category>
		<category><![CDATA[corporate law]]></category>
		<category><![CDATA[Cross Border Business]]></category>
		<category><![CDATA[Digital Compliance]]></category>
		<category><![CDATA[Digital Economy;]]></category>
		<category><![CDATA[Digital Services Act]]></category>
		<category><![CDATA[DSA]]></category>
		<category><![CDATA[Ecommerce]]></category>
		<category><![CDATA[EU Law]]></category>
		<category><![CDATA[Foreign Investment]]></category>
		<category><![CDATA[In House Counsel]]></category>
		<category><![CDATA[International Law]]></category>
		<category><![CDATA[Law Firm]]></category>
		<category><![CDATA[Legal Tech]]></category>
		<category><![CDATA[Marketplace]]></category>
		<category><![CDATA[Omnibus Directive]]></category>
		<category><![CDATA[Online Retail]]></category>
		<category><![CDATA[Platform Regulation]]></category>
		<category><![CDATA[Poland]]></category>
		<category><![CDATA[Regulatory Compliance]]></category>
		<category><![CDATA[Technology Law]]></category>
		<guid isPermaLink="false">https://www.kg-legal.eu/?p=8813</guid>

					<description><![CDATA[<p>Publication date: July 07, 2026 Just a few years ago, online store owners primarily had to ensure terms and conditions, privacy policies, and efficient order processing. Today, this is clearly not enough. EU regulations such as the Omnibus Directive and the Digital Services Act (DSA), as well as the increasing role of artificial intelligence in [&#8230;]</p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/is-your-online-store-ready-for-the-new-era-of-control-a-practical-guide-to-e-commerce-responsibilities-in-2026/">Is Your Online Store Ready for the New Era of Control? A Practical Guide to E-Commerce Responsibilities in 2026</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p><strong><mark style="background-color:rgba(0, 0, 0, 0)" class="has-inline-color has-vivid-cyan-blue-color">Publication date: July 07, 2026</mark></strong></p>



<p>Just a few years ago, online store owners primarily had to ensure terms and conditions, privacy policies, and efficient order processing. Today, this is clearly not enough. EU regulations such as the Omnibus Directive and the Digital Services Act (DSA), as well as the increasing role of artificial intelligence in assessing store credibility, force businesses to consider their platforms much more broadly. It is no longer just about regulatory compliance, but also about building digital trust, which influences a store&#8217;s visibility, legal security, and customer purchasing decisions. Below, we present a practical checklist of the most important actions to implement to reduce the risk of sanctions and increase the credibility of an online store.</p>



<span id="more-8813"></span>



<h2 class="wp-block-heading" id="ember4228">Practical guidelines for online store owners</h2>



<h2 class="wp-block-heading" id="ember4229">I.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Avoiding UOKiK fines and compliance with the Omnibus Directive</h2>



<p id="ember4230">a. <strong>Implement transactional verification</strong>: You should configure your feedback system so that each review you post is technically linked to the unique order number and email address of the customer who actually completed the purchase.</p>



<p id="ember4231">b. <strong>Updating the content of the regulations</strong>: In the &#8220;Rules for publishing opinions&#8221; section, the verification procedure should be described in detail, whether all opinions (including critical ones) are published and how the average product rating is calculated.</p>



<p id="ember4232">c. <strong>Transparent labeling</strong>: Each review should have a clear status indication (e.g., &#8220;Purchase confirmed&#8221;). If a benefit is provided in exchange for reviews (e.g., a discount code), this information must be clearly and prominently displayed within the review text.</p>



<p id="ember4233">d. <strong>Lowest price mechanism</strong>: In accordance with the requirements of price transparency, each discount must display the lowest price of the product that was valid in the 30 days prior to the introduction of the discount.</p>



<p id="ember4234"><strong>Legal basis</strong>: Act of 30 May 2014 on consumer rights ( Journal of Laws of 2024, item 1796, as amended); Directive (EU) 2019/2161 of the European Parliament and of the Council of 27 November 2019 amending Council Directive 93/13/EEC and Directives 98/6/EC, 2005/29/EC and 2011/83/EU of the European Parliament and of the Council as regards the better enforcement and modernisation of Union consumer protection rules (OJ EU L 328 of 2019, No. 328, p. 7, as amended); Act of 23 August 2007 on counteracting unfair market practices ( i.e. Journal of Laws of 2023, item 845).</p>



<h2 class="wp-block-heading" id="ember4235">II.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Ensuring compliance with the Digital Services Act (DSA)</h2>



<p id="ember4236">a. <strong>Implementing a &#8220;report content&#8221; mechanism</strong>: Every review or user-generated content must have an easily accessible button to report suspected illegality or manipulation of the content.</p>



<p id="ember4237">b. <strong>Procedure for justifying decisions</strong>: In the event of deletion of an opinion or blocking of a user account, the platform is obliged to send the author a detailed justification indicating a specific violation of the regulations or legal provisions.</p>



<p id="ember4238">c. <strong>Internal Complaints Process</strong>: Users must be able to appeal moderation decisions for a period of at least 6 months from the date the platform takes action.</p>



<p id="ember4239">d. <strong>Designation of a contact point</strong>: The entrepreneur must designate an electronic contact point for supervisory authorities and users, enabling efficient communication on matters relating to digital security.</p>



<p id="ember4240"><strong>Legal basis:</strong> Regulation<strong> </strong>(EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L 277, 2022, No. 277, p. 1, as amended), in particular Articles 16, 17 and 20.</p>



<h2 class="wp-block-heading" id="ember4241">III.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Reducing the risk of “algorithmic exclusion”</h2>



<p id="ember4242">a. <strong>Design Patterns (UX) Audit</strong>: Eliminate so-called dark patterns, such as asymmetric selector buttons, hard-to-close pop-ups, or mechanisms that make it difficult to unsubscribe. Supervisory algorithms treat such practices as signals of poor interface quality.</p>



<p id="ember4243">b. <strong>Data Certification for AI</strong>: Ensure structured review data is provided, allowing shopping assistants and crawlers to properly verify the “digital provenance” of the data.</p>



<p id="ember4244">c. <strong>Filtering synthetically generated content</strong>: It is worth implementing tools that monitor review language for bot-like patterns (unnatural correctness, lack of detail) to avoid indexing false enthusiasm that results in lower trust rankings.</p>



<p id="ember4245"><strong>Legal basis</strong>: REGULATION (EU) 2022/2065 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L 277, 2022, p. 1, as amended) – Article 25 (prohibition of deceptive interfaces)</p>



<h2 class="wp-block-heading" id="ember4246">IV.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Proper management of data and opinions (CaaS model)</h2>



<p id="ember4247">a. <strong>Digital</strong> <strong>Audit</strong> <strong>Trail</strong>: It is recommended to store logs containing transaction metadata related to opinions for a period enabling verification of data reliability (e.g. 12-24 months).</p>



<p id="ember4248">b. <strong>Active mediation systems</strong>: Instead of deleting negative feedback, use complaint management systems that document the process of resolving customer disputes. Resolving a problem is treated by ranking systems as evidence of high-quality service.</p>



<p id="ember4249"><strong>c.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; “Know Your Business Customer” principle</strong>: When running a marketplace model, it is essential to verify the identity of sellers before allowing them to offer goods, collecting registration numbers and contact details.</p>



<p id="ember4250"><strong>Legal basis</strong>: REGULATION (EU) 2022/2065 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L of 2022, No. 277, p. 1, as amended) – Article 30; Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L of 2016, No. 119, p. 1, as amended).</p>
<p> </p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/is-your-online-store-ready-for-the-new-era-of-control-a-practical-guide-to-e-commerce-responsibilities-in-2026/">Is Your Online Store Ready for the New Era of Control? A Practical Guide to E-Commerce Responsibilities in 2026</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/is-your-online-store-ready-for-the-new-era-of-control-a-practical-guide-to-e-commerce-responsibilities-in-2026/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Digital evidence bundle as a modern means of organizing evidence</title>
		<link>https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/digital-evidence-bundle-as-a-modern-means-of-organizing-evidence/</link>
					<comments>https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/digital-evidence-bundle-as-a-modern-means-of-organizing-evidence/#respond</comments>
		
		<dc:creator><![CDATA[jakub]]></dc:creator>
		<pubDate>Tue, 07 Jul 2026 18:15:36 +0000</pubDate>
				<category><![CDATA[IT, NEW TECHNOLOGIES, MEDIA AND COMMUNICATION TECHNOLOGY LAW]]></category>
		<category><![CDATA[Artificial intelligence]]></category>
		<category><![CDATA[Business Law]]></category>
		<category><![CDATA[Civil Litigation]]></category>
		<category><![CDATA[Civil Procedure]]></category>
		<category><![CDATA[Commercial Law]]></category>
		<category><![CDATA[Commercial Litigation]]></category>
		<category><![CDATA[corporate law]]></category>
		<category><![CDATA[Cross Border Litigation]]></category>
		<category><![CDATA[Cyber Law]]></category>
		<category><![CDATA[Data Governance]]></category>
		<category><![CDATA[Digital Evidence]]></category>
		<category><![CDATA[Digital Forensics]]></category>
		<category><![CDATA[Dispute Resolution]]></category>
		<category><![CDATA[E Discovery]]></category>
		<category><![CDATA[Electronic Evidence]]></category>
		<category><![CDATA[ESI]]></category>
		<category><![CDATA[Evidence Law]]></category>
		<category><![CDATA[In House Counsel]]></category>
		<category><![CDATA[International Law]]></category>
		<category><![CDATA[International Litigation]]></category>
		<category><![CDATA[Law Tech]]></category>
		<category><![CDATA[Lawyers Of LinkedIn]]></category>
		<category><![CDATA[Legal Innovation]]></category>
		<category><![CDATA[Legal Tech]]></category>
		<category><![CDATA[Litigation]]></category>
		<category><![CDATA[Metadata]]></category>
		<category><![CDATA[Online Disputes]]></category>
		<category><![CDATA[Technology Law]]></category>
		<category><![CDATA[Unfair Competition]]></category>
		<guid isPermaLink="false">https://www.kg-legal.eu/?p=8809</guid>

					<description><![CDATA[<p>Publication date: July 07, 2026 The contemporary economic and social reality is undergoing an irreversible process of digitalization. Business activity, commercial communication, and marketing have largely shifted to the internet, e-commerce platforms, and social media. As a consequence, key legal events, infringements of entrepreneurs&#8217; personal rights, acts of unfair competition, and unlawful actions affecting the [&#8230;]</p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/digital-evidence-bundle-as-a-modern-means-of-organizing-evidence/">Digital evidence bundle as a modern means of organizing evidence</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p><mark style="background-color:rgba(0, 0, 0, 0)" class="has-inline-color has-vivid-cyan-blue-color"><strong>Publication date: July 07, 2026</strong></mark></p>



<p>The contemporary economic and social reality is undergoing an irreversible process of digitalization. Business activity, commercial communication, and marketing have largely shifted to the internet, e-commerce platforms, and social media. As a consequence, key legal events, infringements of entrepreneurs&#8217; personal rights, acts of unfair competition, and unlawful actions affecting the goodwill and reputation of companies now leave traces almost exclusively in the digital sphere. Consequently, the traditional perception of evidence through the prism of paper documents bearing handwritten signatures has become insufficient in the realities of business transactions. Polish civil procedure meets these needs through the fundamental assumption of an open catalog of evidence. However, the dynamic development of technology forces the constant evolution of judicial practice and a full openness to next-generation evidence. In addition to traditional text files, today&#8217;s multifaceted economic processes require the management of complex data structures, such as metadata, advanced web analytics, system logs, and screenshots from social media platforms.</p>



<span id="more-8809"></span>



<p id="ember3370">Presenting such complex, non-linear evidence, which often encompasses many gigabytes of data, requires the implementation of modern procedural information management tools. The concept of a &#8220;digital evidence folder&#8221; emerges as a key tool for structuring, selecting, and correlating digital data directly with precisely formulated evidentiary theses.</p>



<h2 class="wp-block-heading" id="ember3371">The concept of electronic evidence</h2>



<h3 class="wp-block-heading" id="ember3372">Legal status before the 2016 amendment to the Code of Civil Procedure.</h3>



<p id="ember3373">To fully understand the revolution that has taken place in the Polish legal system regarding electronic evidence, it is necessary to refer to the legal status prior to the entry into force of the Act of 10 July 2015. The civil law system at that time lacked a legal definition of a document. Consequently, doctrine and case law equated this term exclusively with the written form of legal acts within the meaning of Article 78 of the Civil Code. The constitutive elements of a document were considered to be its written form and the handwritten signature of the issuer. A document was defined as human thoughts conveyed through graphic symbols arranged in a logical sequence of concepts on a material basis. This legal structure resulted in procedural limitations regarding electronic evidence. Any information transmitted electronically, e.g., in emails or text messages, that bore only a simple electronic signature, could not be accepted as documentary evidence (see, among others, Supreme Court judgments I CK 32/04, I CKN 1280/00). Photocopies, scans, blueprints, and computer printouts were treated as so-called secondary documents. According to the then-established Supreme Court case law, such reproductions did not constitute a document within the meaning of the Code of Civil Procedure. Although the Code of Civil Procedure did not contain a closed catalog of evidence, allowing computer printouts to be considered &#8220;other evidence&#8221; under Articles 308 and 309 of the Code of Civil Procedure, errors occurred in court practice. Some courts took the erroneous position that since a printout or photocopy was not a document, it did not constitute evidence at all and was beyond the court&#8217;s jurisdiction.</p>



<h2 class="wp-block-heading" id="ember3374">Legal definition of a document and its form</h2>



<p id="ember3375">A breakthrough in the approach to electronic evidence occurred on September 8, 2016, when a legal definition of a document was introduced, along with a new form of legal act: the documentary form (Article 77 § 2, Article 73 § 1, Article 74 of the Civil Code). These changes were complemented by a broad amendment to the Code of Civil Procedure of November 7, 2019, which reformulated the rules of evidence (including Article 243 § 2 of the Code of Civil Procedure). Under the current wording of Article 77 § 3 of the Civil Code, a document is content (information constituting a human thought) contained on a medium enabling its review. A key element of this definition is the complete separation of the concept of a document from its physical, paper medium. Nowadays, a medium can be traditional or electronic. All devices and technical spaces used for collective data storage and reading, such as a flash drive, computer disk, server, or cloud computing, are permissible. The introduced amendment to the Code of Civil Procedure explicitly requires that the provisions on documentary evidence apply to all documents containing text that allow for the identification of their issuers. This change removed obstacles to treating digital data as full-fledged documents. However, the mere existence of a medium and the text recorded on it does not automatically allow for the recognition that the documentary form requirements have been met. A necessary premise and minimum condition for granting such evidence material validity is the ability to establish the identity of the person (issuer) from whom the declaration of will or knowledge originated. The act does not impose a rigid catalog of identification methods, meaning that the issuer&#8217;s identity can be proven in any objective manner, adapted to the technical realities of the given tool. Identification may result directly from the document&#8217;s content or from the circumstances surrounding its creation, for example, based on the mobile number from which the text message was sent or the email address from which the email was sent. As a consequence of the changes introduced by the amendment, the distinction between document evidence containing text and documentary evidence in other forms (e.g., audio recording, image recording, or image and sound recording) has become more important. Depending on the form in which the document&#8217;s content is expressed, the procedural system provides for completely different procedures. Article 2341 of the Code of Civil Procedure applies to documents containing text if they meet the conditions (they contain text and their issuers can be identified). If these conditions are met, the provisions on documentary evidence apply to documents in written, electronic, and documentary form. Differences in application include, for example, the appropriate application of Article 244 of the Code of Civil Procedure to documents containing text. Article 308 of the Code of Civil Procedure applies to documents in other forms (consisting of image, sound, or image and sound recordings). When examining them, the court will apply the provisions on visual inspection and documentary evidence, as appropriate.</p>



<p id="ember3376">Although the amended provisions of Polish civil procedure, through a technologically neutral definition of a document, have paved the way for the widespread use of electronic data in proceedings, generally applicable legal provisions still do not provide a legal definition of &#8220;digital evidence&#8221; itself. Such a concept is hard to find not only in the Civil Procedure Code, but also in criminal or administrative procedures. Consequently, the burden of developing a conceptual framework has fallen on legal doctrine and case law. Among the existing definitions used in international trade, the one adopted by the US Department of Justice is worth citing as the most clear and precise. It states that &#8220;digital evidence should be treated as information or data recorded in the form of digital data, of value to ongoing proceedings, and stored, downloaded, or sent using an electronic device. Analyzing the subject matter of digital evidence, it should be noted that this phenomenon can only be discussed when the information useful for evidentiary proceedings is in the form of digital data. From a technical perspective, &#8220;digital data&#8221; constitutes an ordered logical sequence of characters recorded on appropriate media, which, after decoding by an IT system, can take the form of human-readable content. Consequently, the evidence itself (understood as specific information) is highly immaterial, even abstract. This characteristic occurs even when the data is stored using the most tangible objects, such as hard drives or CDs. Therefore, the evidence in a case is solely the content of the digital recording, while the digital evidence carrier itself becomes, in essence, merely a &#8220;piece of plastic&#8221; and a physical medium. From the perspective of evidence theory, data recorded on a computer medium is not a thing. The essence of this distinction is best captured by a forensic analogy: evidence in a case is the information contained on the disk, not the disk itself – just as evidence is a secured fingerprint, not the entire door along with the doorknob on which the fingerprint was left. This information, hidden in a digital structure, can take two forms. On the one hand, these are forms visible to the naked eye to the average system user, such as photos, text files, or programs on a computer. On the other hand, full-fledged digital evidence requires specialized knowledge, as it is found, for example, in system logs, command history, print traces, or metadata. The lack of a legal definition does not constitute any obstacle to the jurisdictional admissibility of digital evidence in the Polish legal system. This fact is confirmed in all key court proceedings. In civil proceedings, the implementation of Article 77 § 3 of the Civil Code neutralizes the technological barrier.</p>



<h2 class="wp-block-heading" id="ember3377">Digital evidence bundle</h2>



<p id="ember3378">A digital evidence bundle is a structured collection of evidence stored on an electronic medium. It is organized according to a predetermined evidentiary logic (evidence theses). It differs from a standard set of electronic files in that each file is marked to enable its identification during the hearing, and there is a documented link between the theses and specific files. A digital evidence bundle is not a separate legal institution in the Polish legal system. The situation is different in the British legal system. In that system, the bundle (e- bundle) is regulated by general court guidelines for e- bundles, designed to ensure a uniform standard of preparation. In the UK, the bundle must be submitted in PDF format, all pages must be numbered, and the file name must include the case reference number. Furthermore, the UK Supreme Court requires that the bundle index be hyperlinked to the pages or documents to which it refers, and attorneys should refer to the bundle numbering rather than the original page numbers during the hearing. In the Polish digital process, a digital file is not a new, separate means of evidence, but a structured collection of many text and non-text documents, logically and technically linked into one coherent information system, subject to the provisions on documentary evidence (and evidence from other documents.</p>



<h2 class="wp-block-heading" id="ember3379">Creating a digital evidence bundle</h2>



<h3 class="wp-block-heading" id="ember3380">1. The method of presenting the file to the court</h3>



<p id="ember3381">In the practice of Polish civil courts, the digital file can be presented in two ways</p>



<p id="ember3382">Transfer on a physical data carrier – in light of the analyzed technological neutrality of the document definition, the evidence file may (and, if larger, must) be transferred on a physical carrier such as a flash drive, portable external drive, or DVD. This carrier will be attached to the procedural document (e.g., an evidentiary motion).</p>



<p id="ember3383">Transmission via teleinformatics – e.g. via an information portal (smaller size)</p>



<p id="ember3384">A necessary condition is to maintain the integrity and durability of the data and to provide the opposing party with full access to the same version of the file.</p>



<h3 class="wp-block-heading" id="ember3385">2. Construction of the Digital Evidence Bundle</h3>



<p id="ember3386">To ensure clarity, the portfolio should have a rigorous and transparent structure. A key element will be an interactive table of contents, modeled after the British e-bundle. This should be a PDF file located in the root directory of the medium. Each item in the table of contents must be a hyperlink, which, when clicked, takes the user to the appropriate source file stored on the medium. The table of contents must also include metadata to facilitate orientation, such as a unique serial number, file name, date of creation, and description.</p>



<p id="ember3387">Effective implementation of a digital evidence folder requires assigning each digital trace to a predefined directory subgroup:</p>



<h3 class="wp-block-heading" id="ember3388">text documents (group code: TXT)</h3>



<p id="ember3389">&#8211; Includes, among others, digital contracts, general terms and conditions, regulations and other documents in electronic form</p>



<p id="ember3390">&#8211; Files in .pdf/ .docx /.txt formats</p>



<p id="ember3391">&#8211; Basis: Evidence from a document containing text</p>



<h3 class="wp-block-heading" id="ember3392">email messages (EML)</h3>



<p id="ember3393">&#8211; Business correspondence between the parties, commercial threats, offer arrangements, order confirmations</p>



<p id="ember3394">&#8211; eml / .msg format (source files) and export of the thread to a searchable .pdf file</p>



<p id="ember3395">&#8211; Evidence from a document containing text</p>



<h3 class="wp-block-heading" id="ember3396">instant messaging (MSG) correspondence</h3>



<p id="ember3397">&#8211; Conversations from applications such as WhatsApp, Messenger, Telegram, Signal, Teams documenting operational arrangements, attempts to induce unfair competition</p>



<p id="ember3398">&#8211; Full, non-editable export of chat history to PDF with timestamps, and raw .csv or .json files for IT backup</p>



<p id="ember3399">&#8211; Evidence from a document containing text</p>



<h3 class="wp-block-heading" id="ember3400">Screenshots (SCR)</h3>



<p id="ember3401">&#8211; Screenshots showing, for example, defamatory social media posts, unlawful use of trademarks</p>



<p id="ember3402">&#8211; Format . png /.jpg/. tiff . The screenshot should be made with the URL, system date and time visible.</p>



<p id="ember3403">&#8211; Requires metadata enhancement and metadata verification (as to date)</p>



<p id="ember3404">&#8211; Depending on what the evidence shows, either from a document containing text or from another document containing an image</p>



<h3 class="wp-block-heading" id="ember3405">Graphic materials (IMG)</h3>



<p id="ember3406">&#8211; E.g. packaging designs, logos, advertising graphics</p>



<p id="ember3407">&#8211; Format: .jpg/ .png / .tiff</p>



<p id="ember3408">&#8211; Evidence from other documents (Article 308 of the Code of Civil Procedure)</p>



<h3 class="wp-block-heading" id="ember3409">Audio Recordings (AUD)</h3>



<p id="ember3410">&#8211; Telephone conversation records, dictaphone recordings of negotiations</p>



<p id="ember3411">&#8211; Format: .mp3/.wav and text transcription in PDF format</p>



<p id="ember3412">&#8211; Evidence from other documents</p>



<h3 class="wp-block-heading" id="ember3413">Video Recordings (VID)</h3>



<p id="ember3414">&#8211; E.g. Materials from YouTube and TikTok platforms</p>



<p id="ember3415">&#8211; Format: .mp4/ .mkv / .avi</p>



<p id="ember3416">&#8211; Evidence from other documents</p>



<h3 class="wp-block-heading" id="ember3417">Analytical Reports (ANL)</h3>



<p id="ember3418">E.g. Official reports from CRM and SAP systems</p>



<p id="ember3419">Format: PDF with a qualified electronic signature of the issuer</p>



<h3 class="wp-block-heading" id="ember3420">Documentary evidence</h3>



<p id="ember3421">Statistical data (DAT)</p>



<p id="ember3422">For example, raw data from analytical tools</p>



<p id="ember3423">Formats: .xlsx / .csv</p>



<p id="ember3424">If they contain only numbers and tables, they are evidence from other documents</p>



<p id="ember3425">Internet Archives (ARC)</p>



<h2 class="wp-block-heading" id="ember3426">Complete copies of the defendant&#8217;s websites, the status of websites secured through tools</h2>



<p id="ember3427">Format: .html / .warc</p>



<p id="ember3428">Evidence from other documents</p>



<p id="ember3429">Metadata (MET)</p>



<p id="ember3430">&#8220;Data about data&#8221; is crucial for authenticity: technical email headers (establishing the true sending server IP), EXIF photo data (indicating the exact camera model, GPS coordinates, and time the photo was taken), and PDF file properties (revealing the author and the legality of the software).</p>



<p id="ember3431">Formats: .txt/.xml / .json or extracts generated by programs</p>



<p id="ember3432">Metadata is an integral part of the digital document from which it originates.</p>



<p id="ember3433">Evidence theses should be linked by headings in the table of contents (PDF):</p>



<p id="ember3434">E.g. TD-1 (Evidence Thesis No. 1) as a result of the defendant&#8217;s breach of contract, the plaintiff suffered damage (LINK) &#8212;&#8212;&gt; subfolder [TXT] &#8212;-&gt; agreement.docx</p>



<h2 class="wp-block-heading" id="ember3435">Examples of formulated evidentiary theses:</h2>



<h3 class="wp-block-heading" id="ember3436">Sample Thesis on the Dissemination of Information on the Internet</h3>



<p id="ember3437">Pursuant to Article 235 § 1 of the Code of Civil Procedure, I request the admission and taking of evidence from materials collected in section TD-1 of the Digital Evidence Folder filed on a data carrier constituting Annex No. [no.] to this letter, including, according to the table of contents of the folder, the following categories of evidence: analytical documents (TD-1/ANL), screenshots (TD-1/SCR), internet archives (TD-1/ARC) and a metadata and checksum report (TD-1/MET) regarding the scope of dissemination of the information contained in the publication [exact designation: title, URL, date], posted by the defendant via the [name] platform, including: the total number of views of this publication in the period from [date] to [date]; the number of websites that reprinted, quoted or linked to this publication; the secondary reach resulting from sharing by users within and outside the same platform; as well as the persistence of accessibility of the challenged content, as measured by its presence in the search engine index after [number] months from its initial publication. A detailed list of the files comprising section TD-1, along with a description of each, SHA-256 checksums, and hyperlinks to individual documents, is included in the table of contents of the Digital Evidence Folder.</p>



<h2 class="wp-block-heading" id="ember3438">Regarding the number of interactions</h2>



<p id="ember3439">Pursuant to Article 235¹ of the Code of Civil Procedure, I request the admission and taking of evidence from materials collected in section TD-2 of the Digital Evidence Folder filed on a data carrier constituting Annex No. [no.] to this letter, which includes, in accordance with the table of contents of the folder, video files from screen recordings (TD-2/VID), screenshots of interaction sections (TD-2/SCR) and exported comment databases in text/JSON format (TD-2/DAT), regarding the scale and nature of internet users’ interaction with the disputed video material/post [exact designation, URL], posted by the defendant on the [name] platform, including: the total number and dynamics of growth of public reactions (likes, shares, retweets); the number, content and tone of comments posted under the material, in particular those repeating the defendant’s narrative; the degree of audience engagement measured by ER (Engagement Rate) indicators; and the fact and date of the defendant&#8217;s modification or deletion of selected comments in order to manipulate public perception, as evidenced by discrepancies in the checksums and metadata of files secured at intervals.</p>



<h3 class="wp-block-heading" id="ember3440">For the purpose of conducting paid promotional campaigns</h3>



<p id="ember3441">Pursuant to Article 235¹ of the Code of Civil Procedure, I request the admission and taking of evidence from materials collected in section TD-3 of the Digital Evidence Folder submitted on a data carrier constituting Annex No. [No.] to this letter, including extracts from the public Meta Advertising Library (TD- 3/ANL), raw analytical reports in CSV/XLSX format generated from the Meta Ads Manager panel and related settlement invoices (TD-3/TXT), in the event of deliberate, organized and paid increase in the market reach of the defendant&#8217;s message, including: the precise period of broadcasting of paid advertising campaigns, the amount of the budget involved and the profit generated; the artificial multiplication of the number of views and unique recipients obtained in this way); geotargeting criteria and demographic targeting aimed at the plaintiff&#8217;s market; and, above all, the circumstance of intentional selection of behavioral targeting criteria and interests based on the plaintiff&#8217;s brand and customers, which, in the light of Article 3 et seq. UZNK constitutes an action contrary to good practice aimed at unfairly taking over customers.</p>



<h3 class="wp-block-heading" id="ember3442">Documenting the extent of interaction</h3>



<p id="ember3443">Internet reach (Reach) is the total number of unique users who have viewed a given piece of content at least once. It is measured using advanced telemetry systems, tracking scripts, and server logs that record unique queries sent by user browsers and applications to the servers storing the content. Reach should be distinguished from Impressions, which define the total number of times content is played or appears on device screens, regardless of whether it was generated by the same person. In summary, the main difference between reach and impressions comes down to the group of people – reach counts unique users (meaning the same person is not counted twice), while impressions count the total number of impressions (which includes impressions generated multiple times by the same person). Engagement is a separate category, requiring active action on the part of the user, such as clicking, liking, or commenting.</p>



<p id="ember3444">With regard to market practice, it should be noted that for the marketing industry, the above-mentioned indicators are among the basic instruments of ongoing analytics, used to evaluate the effectiveness of campaigns and optimize advertising budgets. Passive indicators, such as reach and impressions, allow marketing agencies to determine the upper limits of the sales funnel and estimate brand awareness among the selected target group (audience active metrics, in turn, range from raw engagement, through click -through rates, to advanced metrics such as virality (the ability of information to rapidly spread online through reciprocal shares) and amplification (an indicator measuring how widely content is shared beyond the author&#8217;s original audience). They are interpreted as a direct measure of the quality and appeal of the advertising creative. High levels of these parameters mean that the message effectively resonates with audience needs, prompting them to interact and organically distribute the content further. Importantly, in business realities, the marketing industry treats this data as a currency of account, as it is based on them, for example, the market value of influencers. The widespread use and high methodological sophistication of these measurements in marketing give the reports generated by advertising systems a strong mandate of objectivity.</p>



<p id="ember3445">In court practice, these indicators can serve as evidence. The reach indicated by the number of unique users can determine the scale and prevalence of infringements of personal rights. In the context of infringement of personal rights, indicators such as virality can be useful to demonstrate the irreversibility of the effects of the infringement.</p>



<h3 class="wp-block-heading" id="ember3446">Proving your social media activity</h3>



<p id="ember3447">When assessing the scale of a tort and estimating the amount of damages or compensation (Article 233 § 1 of the Code of Civil Procedure), a court cannot rely on general statements. It requires hard metrics that illustrate the strength, reach, and dynamics of the unlawful communication. Each leading internet platform operates its own unique data architecture. For digital evidence to be fully understandable and legible to the adjudicating panel, it is necessary to precisely identify and name indicators native to a given online environment. Each of the most popular social media platforms differs in which indicators are most relevant.</p>



<h3 class="wp-block-heading" id="ember3448">Measurable metrics for each platform</h3>



<p id="ember3449">X (formerly Twitter) – a text and information platform.</p>



<p id="ember3450">Number of publications – the number of posts (tweets) posted by a given person</p>



<p id="ember3451">Number of mentions – the number of posts that quote a given person&#8217;s post</p>



<p id="ember3452">Number of views – an indicator visible under each post, used to show how many times the information appeared on users&#8217; screens</p>



<p id="ember3453">Number of interactions – number of likes, retweets, and bookmarks of the tweet</p>



<p id="ember3454">Number of comments – number of replies to a tweet</p>



<p id="ember3455">Number of followers – determines the size of a person&#8217;s profile and may determine the basic reach of the entry</p>



<p id="ember3456">Facebook</p>



<p id="ember3457">Number of views, audiences and unique users</p>



<p id="ember3458">Number of reactions (like, great, haha, etc.) – important for demonstrating the engagement rate and social reception of a given post</p>



<p id="ember3459">Number of comments and shares</p>



<p id="ember3460">Instagram – a visual and audiovisual platform – is crucial in cases of unfair competition committed by influencers (e.g., failure to indicate collaboration).</p>



<p id="ember3461">Number of views, audience, reach – for stories measured within 24 hours of publication (before it is automatically archived)</p>



<p id="ember3462">Number of interactions, reactions</p>



<p id="ember3463">Number of followers</p>



<p id="ember3464">YouTube is a video platform. As a result, disputes mainly concern defamatory videos or unlawful product placement.</p>



<p id="ember3465">Number of views and total watch time (watch time) is crucial for showing whether the audience watched the entire video or turned it off after a few seconds</p>



<p id="ember3466">Number of interactions or comments (thumbs up and down)</p>



<p id="ember3467">Number of channel subscribers</p>



<p id="ember3468">Tik Tok – short video content based on a recommendation algorithm. Currently, this is crucial when it comes to the virality of a given video or topic.</p>



<p id="ember3469">Number of views</p>



<p id="ember3470">Number of interactions – likes, favorites, shares</p>



<p id="ember3471">Video completion rate – how many users watched the video to the end</p>



<p id="ember3472">LinkedIn – a business platform. Any posts that violate the personal rights of entrepreneurs are of a serious nature due to the greater potential for reaching business partners.</p>



<p id="ember3473">Number of publications, mentions, views</p>



<p id="ember3474">Number of interactions and reactions</p>



<p id="ember3475">Recipient structure – identification of positions, industries, and company sizes</p>



<p id="ember3476">Reddit and other forums of this type, e.g. Wykop – platforms based on threaded structure and user anonymity</p>



<p id="ember3477">The number of interactions and reactions – up or down votes (Upvotes or Downvotes) – determine the position of the thread on the main page of the website and the time of its visibility</p>



<p id="ember3478">Number of comments &#8211; entries in the thread</p>



<p id="ember3479">Number of unique users</p>



<p id="ember3480">Blogs and news portals, e.g. Onet, WP, Interia – violations concern in particular press articles or unlawful use of graphics.</p>



<p id="ember3481">Number of publications</p>



<p id="ember3482">Number of unique users and number of views</p>



<p id="ember3483">Time spent on the site</p>



<p id="ember3484">Number of comments under articles</p>



<p id="ember3485">With respect to analytical tools for measuring and verifying metrics in the virtual space, three categories of tools are used in litigation, providing objective evidence with a high level of credibility. The first are native social media platform panels, such as Meta Business Suite, YouTube Studio, X Analytics, and LinkedIn Page Analytics. These, as internal statistical systems of service providers, provide direct insight into relational databases and enable the generation of official analytical reports (filed in the ANL subfolder of the digital file) containing precise structure of views, reach, and audience demographics. In situations where the infringement occurred on third-party profiles or external portals to which the plaintiff does not have administrative access, professional media and internet monitoring systems, such as Brand24, SentiOne, the Institute of Media Monitoring (IMM), and Press-Service, are used. These systems aggregate public mentions in real time, measure the total algorithmic reach, and automatically qualify the sentiment of statements, creating reports that resemble private documents. This set of instruments is complemented by specialized web analytics and market intelligence tools (SEO Tools), including Google Analytics 4, Similarweb, Semrush, Ahrefs and Senuto; they allow for the examination of the number of unique users and page views on the defendant&#8217;s external blogs or news portals, proving the intensity of unfair advertising campaigns by a competitor, and demonstrating the dynamics of traffic decline on the plaintiff&#8217;s website.</p>



<h2 class="wp-block-heading" id="ember3486">MetaAds advertising campaigns</h2>



<p id="ember3487">Within the Meta Ads Manager advertising system, system reports and the public Meta Ad Library (powered by extended data under the EU Digital Services Act DSA), you can prove key campaign parameters, such as the exact broadcast period and creative activity status, campaign budget supported by invoices from Meta Platforms , total number of impressions, unique audience (reach), click statistics (including CTR and CPC), as well as precise geotargeting criteria (countries, cities or radii around specific points) and advanced parameters of demographic (age, gender) and behavioral targeting, including interests, Lookalike lists and Custom groups. Audiences are created based on, among other things, email databases and Pixel Meta code. To effectively present this data to a Polish court as digital evidence (e.g., under Article 308 of the Code of Civil Procedure), you must export raw, certified reports from the ad manager panel in .xlsx or .csv formats containing unique Campaign IDs or Ad IDs, create a secure screencast of the login and statistics generation process with a visible URL, SSL certificate, and system time, submit official financial documentation corresponding to the ad account ID, and notarize a public extract from the Ad Library.</p>



<p id="ember3488">Ads data is crucial evidence in unfair competition cases, as it helps demonstrate the scale, intent, content, and target audience of unlawful market activities. In the context of misleading designations of companies, goods, or imitations of products listed in Articles 5, 10, and 13 of the Act on Combating Unfair Competition (UZNK), and unfair advertising under Article 16 of the UZNK, statistics on the number of views and audiences demonstrate the mass nature of the infringement and the degree to which it has caused confusion in the market. Secured graphic and video materials illustrate the very fact of unlawfully copying a product&#8217;s external appearance or using a competitor&#8217;s trademarks. In turn, precisely demonstrating behavioral targeting based on a competitor&#8217;s company or brand name exposes intentional bad faith, involving parasitizing another&#8217;s reputation and aggressively acquiring customers, which directly violates good practices and the interests of another entrepreneur, pursuant to the general clause of Article 3 of the UZNK. Moreover, detailed emission parameters, prices, campaign budgets and click statistics constitute a solid basis for demonstrating the dissemination of false information about prices or the legal situation (Article 14 of the Advertising Law), and also allow for a precise estimation of the amount of damage suffered, lost profits or the degree of unjust enrichment of the perpetrator.</p>



<h2 class="wp-block-heading" id="ember3489">Video materials</h2>



<p id="ember3490">Video materials constitute an independent piece of evidence in contemporary civil and commercial proceedings, classified under the Code of Civil Procedure as evidence from devices recording or transmitting images and sounds, to which the provisions on evidence from visual inspection apply accordingly. As with screenshots, raw video recordings are subject to the principle of limited trust due to the risk of manipulation. Therefore, to maintain full procedural immunity and rebuttal, they must be properly recorded along with their network environment. This, in the event of technological disputes, paves the way for specialized verification of their metadata by a computer forensics expert.</p>



<p id="ember3491">Securing and verifying YouTube recordings for legal purposes requires immediate capture of the material in its entirety and without any editing, which is best achieved through screen recording (including audio and visible page context) or using external download tools. For evidence to be credible in court, the circumstances of its recording (who recorded it, when, and on what device) must be precisely described in an evidence log, and the number of file transfers must be minimized, protecting the original metadata. The author&#8217;s identity and the authenticity of the video itself are confirmed through content analysis, witness testimony, and, in cases of risk of disinformation and manipulation, using tools such as DataViewer for reverse image search of video thumbnails (which allows for detection of old videos) and geolocation. Because view, reaction, and comment statistics can be deleted or modified by the author at any time, it is crucial to capture them by smoothly scrolling through the interaction section during the screen recording. They can also be demonstrated using external tools such as SocialBlade (if they haven&#8217;t been deleted by then). You should also prepare a written transcript of the dialogue in case of technical problems in the courtroom.</p>



<p id="ember3492">Securing and verifying evidence from live streams and disappearing content (such as Instagram Stories, TikTok Live, or streams on Twitch and Kick) requires instant, real-time data capture. For live streams, it&#8217;s crucial to simultaneously record the raw stream using command-line tools (e.g., yt-dlp, which will automatically save the recording to disk in real time) and full screen recording (e.g., in OBS Studio) along with dynamic chat. If broadcasts on Twitch and Kick haven&#8217;t been deleted, the platforms provide tools for creating clips during the broadcast or from the live stream recording. For time-sensitive content, immediate screen recording with system audio or using mobile certification apps (e.g., TrueScreen ) is the priority, which generate evidence with a qualified timestamp that prevents editing. To ensure the integrity of the chain of custody, secured files must be immediately provided with a SHA-256 checksum (a sequence of numbers and letters that serves as a &#8220;<strong>cryptographic fingerprint</strong>&#8221; of a file or document) and the technical parameters of the recording must be precisely described in the protocol, including full URLs and UTC time zones. <strong>Due to frequent changes in usernames and pseudonyms, the author&#8217;s identity is determined by extracting persistent, unique network identifiers from the source code</strong> (such as TikTok &#8216;s authorId), as well as by analyzing voice, facial, and background characteristics. Identifying the exact publication time of disappearing materials requires finding UNIX timestamps in the browser cache or mathematically reconstructing the time by comparing the relative application time (e.g., &#8220;3 hours ago&#8221;) with the certified atomic time (e.g., from the <a href="http://time.is/">time.is</a> website) visible in the recording. Finally, because reach statistics and interaction sections can be deleted at any time, and the publicly invisible view counts of the story prevent direct measurement, it is crucial to capture peak moments of viewership, public reactions and shares by smoothly scrolling the screen or exporting the chat database to structured text files with precise timestamps for each comment.</p>



<h2 class="wp-block-heading" id="ember3493">Metadata and computer forensics</h2>



<p id="ember3494">Metadata, or &#8220;data about data,&#8221; is structured, precisely defined, and uniformly named information used to describe, identify, organize, and access a specific object, digital resource, or research dataset. It operates based on sets of information units arranged in a structure with definitions and usage rules. Institutions can create these themselves or adopt ready-made standards developed by internationally recognized organizations such as ISO, ANSI, RDA, OpenAire, or Metadata 2020. Within this framework, three main types of metadata are distinguished: descriptive metadata, which provides information necessary to identify or locate a resource (e.g., title, author, keywords, production technique, or history of the object). Structural metadata, which describes relationships and dependencies between collection elements to facilitate navigation. Administrative metadata, on the other hand, assists in resource management (e.g., storage location or insurance premium). Administrative metadata also includes technical metadata, typically created automatically in files such as EXIF (containing, for example, creation date, file type, and resolution), intellectual property rights management metadata, and preservation metadata necessary for archiving and maintaining the resource. From the user&#8217;s perspective, consistent application of the schema according to the instructions is crucial, as complete metadata provides information about the structure and limitations of the data, explains its meaning, indicates how to cite it, and is a necessary condition for its understanding and reuse. Digital forensics plays a significant role in analyzing metadata and using it as evidence in proceedings. The process of data analysis in computer forensics is based on methodologies focused on identifying, securing, examining, and presenting digital traces in a manner acceptable to law enforcement. In the context of digital forensics, raw content (e.g., document text, an image in a screenshot) constitutes only the surface layer of evidence. Its full value is achieved only by combining this layer with deep analysis, encompassing metadata, system logs, file change history, user identifiers, as well as location, server, and analytical data. Defining the individual components of the data layer is crucial; in practice, they constitute the essence of computer forensics. The first and most common group are timestamps, precisely defined chronological reference points automatically generated by operating systems or applications, recording the date and time of a specific event. This most often occurs in the form of so-called MAC attributes, documenting the moment of creation, content modification, and last file opening (Access). Their direct extension are system logs, called event logs. They take the form of automatically created, chronological text files or databases. They contain all critical activities, process errors, and correct or incorrect user login attempts recorded by the operating system and running programs. These logs are inextricably linked to the file change history, a sequence of digital traces illustrating the entire evolution and modifications to which a given resource has been subjected throughout its lifecycle. This history reveals sequences of overwriting, deletion, or addition of data sections, allowing for the reconstruction of the original file content before editing. To assign these operations to a specific entity, digital experts forensics examine user identifiers, which are unique alphanumeric, numeric, or address strings permanently assigned to a specific account in a system, corporate network, or online platform. These identifiers are used for authorization and are automatically associated with every action performed by a given profile. Location data (geolocation) provides additional physical and geographical context. This information identifies the physical geographic location of a device based on raw GPS coordinates, cellular base station (BTS) identifiers, or Wi-Fi MAC addresses. These data are often automatically embedded in the structure of multimedia files. All these operations are embedded in the network architecture, recorded by server data, including HTTP server Access Logs and DNS records, which record the client&#8217;s IP address, the exact date of the request, the HTTP method, the URL, and the User-Agent string identifying the user&#8217;s browser type and operating system. The final link in this structure is analytical data generated by external tracking systems and scripts (e.g., Google Analytics, Meta Pixel), which aggregate the behavior of thousands of unique users online, measuring parameters such as the number of unique users, page views, click-through rates, etc. Only such a comprehensive approach to these seven technical components allows computer forensics to go beyond the layer of raw, visual description of data and reach its digital foundation.</p>



<p id="ember3495">In civil and commercial cases, where key evidence consists of digital traces, statistical reports, or screenshots, expert witness testimony becomes a key instrument for fact-checking. The main advantage of engaging an expert witness is that it gives the collected network traces substantive, indisputable probative value. Pursuant to Article 278 § 1 of the Code of Civil Procedure, expert witness testimony is conducted when the assessment of a specific issue requires specialized knowledge, beyond the knowledge of an average person. This procedure is formally initiated by filing an application meeting the requirements of a procedural document (Article 126 of the Code of Civil Procedure), in which the party identifies the facts to be ascertained and specifies the expert&#8217;s desired specialization. After hearing the parties&#8217; submissions, the court issues a decision on the admission of evidence, appointing an expert from the list of the president of the district court or appointing an ad hoc expert, formulating an evidentiary thesis, and setting a deadline for preparing the expert&#8217;s opinion. After receiving the decision and possibly reviewing the case files or the subject of the inspection, the expert, acting under penalty of perjury and pursuant to an oath, begins research activities, culminating in the preparation of a reasoned opinion in writing or its oral presentation in the transcript. In civil and commercial proceedings, expert opinions in this field are most often used in cases involving the verification of digital evidence provided by the parties – its authenticity and the content thereof.</p>



<p id="ember3496">Screenshots are defined as a specific recording of the current image displayed on a computer monitor, tablet, smartphone, or other device equipped with a display. In essence, they constitute a type of digital &#8220;photograph&#8221; or &#8220;still&#8221; that permanently captures and depicts the content currently being generated on the screen. Under Polish civil procedure and the case law of common courts and the Supreme Court, printouts and files containing screenshots have the status of evidence in the case. In court practice, a screenshot is most often classified as private document evidence (constituting an information carrier enabling review of its content and confirming the submitter&#8217;s assertion of specific circumstances) or as other evidence within the meaning of Article 309 of the Code of Civil Procedure. Screenshots are widely used, among others, in family matters (documenting parents&#8217; conversations), consumer matters (shop offers, prohibited clauses in regulations), copyright infringements (use of a protected photo) or disputes over the infringement of reputation and personal rights on social networking sites, forums and blogs.</p>



<p id="ember3497">The main limitation of this evidence is that it is subject to the principle of limited confidence due to its susceptibility to simple and arbitrary interference. Parties to the proceedings frequently challenge the authenticity of screenshots, alleging that they can be easily modified, are incomplete, taken out of context, or have partially removed content. The mere submission of a single screenshot does not determine the veracity of the facts, and this evidence only demonstrates that a computer recording of specific content existed at the time the recording or printout was made. The Court of Appeal in Warsaw (ref. no. I ACa 2111/15) explicitly stated that the potential ease of modification does not deprive a screenshot of its evidentiary value; however, it requires the court to conduct a thorough analysis. The Court of Appeal in Kraków adopted a similar approach in judgment I ACa 315/16. An additional limitation is the legality of the source of their acquisition, as malicious actions or hacking into the application in order to perform a dump may result in criminal liability for violating the secrecy of correspondence and result in the rejection of evidence by the court.</p>



<p id="ember3498">To increase the credibility of screenshots and protect against allegations of manipulation, additional archiving or procedural measures are necessary. The evidentiary value of a screenshot can be enhanced by securing the page in digital form (saving it on a hard drive or in the cloud) or by preparing a proper protocol by a notary, who will personally confirm the credibility and existence of the content. Furthermore, it is crucial that the screenshot is accompanied by other electronic documents and objective verification data. From a procedural perspective, the evidentiary value of screenshots varies progressively depending on their degree of IT integration, with the screenshot itself, devoid of additional elements, having the lowest probative value. In such cases, it merely constitutes a private document demonstrating that a computer recording of specific content existed at a given moment. However, due to the widespread and easy possibility of graphic modification, it is most susceptible to challenge by the opposing party. A screenshot presented with an analytical report has slightly higher and more objective value. It constitutes enhanced evidence, in which the raw image is supplemented with external system data, allowing for a precise demonstration in court of the scale, dynamics, and situational context of the digital tort being analyzed. The probative value of the screenshot with metadata option is low to medium, as submitting the original, source image file only allows for the identification of the device and recording time. The raw metadata of the image file only documents the moment the image itself was created. The highest probative value, fully accepted and sanctioned by, among others, the case law of the Court of Justice of the European Union, is characterized by a screenshot combined with a parallel website archive. Combining screenshots with information from independent internet archives, which store copies of the historical code of websites and record any changes made to it, undoubtedly confirms that specific content, statements or graphic materials were actually published on a specific date, while the potential technical possibility of subsequent modification of the website by its author does not invalidate the probative value of such a package, as external data from digital archives effectively verifies and confirms the full authenticity of the submitted screenshot.</p>



<h2 class="wp-block-heading" id="ember3499">Documenting the course of events on the internet – a timeline as reconstructive evidence</h2>



<p id="ember3500">Digital events that are procedurally significant, such as the publication of a defamatory post, the launch of an advertising campaign that violates personal rights or the principles of fair competition, are rarely one-off and momentary phenomena. In fact, they constitute processes spread over time, composed of successive stages, each of which leaves a separate, identifiable digital trace. A complete reconstruction of these stages in the form of a chronological timeline evidence) performs a function similar to that of a protocol recording the course of events in real time, the integration of which requires specialist knowledge and methodology.</p>



<h2 class="wp-block-heading" id="ember3501">Time reconstruction model</h2>



<h3 class="wp-block-heading" id="ember3502">1. Content publishing – moment zero</h3>



<p id="ember3503">This is the starting point of the entire timeline. Reconstructing moment zero requires determining the exact date and time of the first publication, with at least minute accuracy (via a timestamp in the platform&#8217;s metadata, HTTP headers of the server response, or the WARC archive from the first dump); the URL at which the content was available, including the permalink or canonical URL, which identifies the content regardless of subsequent address changes; the identity of the author or account from which the publication was made (e.g., through the user ID in the page&#8217;s source code, domain WHOIS data, email headers notifying about a new entry); and the original content in its entirety, before any subsequent edits (the source could be the first WARC or MHTML archive, a copy from the Google Cache, or a record in the Wayback Machine).</p>



<p id="ember3504">The start of an advertising campaign – equivalent to the moment the content is published. It has particular evidentiary significance in cases involving acts of unfair competition. The reconstruction of this layer is based, among other things, on data from the Meta Ad Library.</p>



<h3 class="wp-block-heading" id="ember3505">2. First shares and initial reach</h3>



<p id="ember3506">This layer reconstructs the mechanism by which content first spread beyond the original publication. This is key evidence for demonstrating that the violation has spread beyond the author&#8217;s immediate followers and has become public. Data for this layer&#8217;s reconstruction comes from publicly available sharing data (e.g., retweets on X) or through media monitoring tools. The reconstruction report should present this layer as a map of the initial distribution nodes, using a graph or table indicating which platforms and when the content reached within the first 24-48 hours of publication.</p>



<h3 class="wp-block-heading" id="ember3507">3. Increase in the number of interactions</h3>



<p id="ember3508">This layer documents the acceleration of the phenomenon, meaning the moment the content ceased to be a niche post and began to generate significant user engagement. Its reconstruction is crucial for demonstrating that the violation was not a marginal event. Data needed to establish this includes a daily or hourly chart of the increase in the number of likes, comments, shares, and views obtained by exporting data from the platform&#8217;s dashboard or analytical tools; identification of the moment the content exceeded virality thresholds ; and data on the engagement of high-reach accounts that shared the content, which provides evidence that the plaintiff&#8217;s damaged reputation reached influential circles.</p>



<h3 class="wp-block-heading" id="ember3509">4. Increased geographic and demographic reach</h3>



<p id="ember3510">This layer documents the territorial and demographic extension of the publication&#8217;s impact, which may be important both for assessing the scale of damage and for establishing jurisdiction in cross-border cases, e.g., <strong>by determining the place where the damage was caused under the Brussels Ia Regulation</strong>. This data is obtained from geolocation reports of some platforms, showing the countries and regions from which users came, as well as the demographic data of the recipients (gender and age indicated when creating an account).</p>



<h3 class="wp-block-heading" id="ember3511">5. User reactions and sentiment</h3>



<p id="ember3512">This layer documents the qualitative dimension of the publication, i.e., how recipients reacted to the published content, which can, for example, be the basis for demonstrating that the infringement actually harmed the plaintiff&#8217;s reputation and did not go unnoticed. Reconstruction of this layer includes, among other things, a sentiment analysis of comments and mentions from social media monitoring tools, indicating the percentage distribution of positive, neutral, and negative reactions towards the plaintiff or company during the period under review; and the provision of representative quotes from the comments, e.g., in the form of screenshots. In the reconstruction report, this layer should be presented with methodological caution, as sentiment analysis generated automatically by monitoring tools is not always fully reliable and should be verified by an expert or accompanied by information about the algorithm&#8217;s margin of error.</p>



<h3 class="wp-block-heading" id="ember3513">6. Business implications</h3>



<p id="ember3514">This is the final layer of the timeline and is the most important for demonstrating pecuniary or non-pecuniary damage within the meaning of Article 361 of the Civil Code. It documents the measurable consequences of the infringement on the plaintiff&#8217;s business. Evidence in this layer may include data showing a decline in organic traffic on the plaintiff&#8217;s website in correlation with the escalation of the infringement (daily session chart, bounce rate, average session time before and after the infringement); data from the plaintiff&#8217;s CRM or ERP system documenting a decline in the number of quotations; data from e-commerce platforms, e.g., Allegro, Amazon, showing changes in sales volume or the number of views of the plaintiff&#8217;s offers; documentation of costs incurred in managing the reputational crisis, e.g., invoices from PR agencies, costs of remedial advertising campaigns, legal costs in the pre-litigation phase; and reports from industry media or specialized market monitoring services that noted the infringement and its effects.</p>



<h2 class="wp-block-heading" id="ember3515">Reconstruction report form</h2>



<p id="ember3516">The reconstruction report should be a PDF document with a qualified electronic signature and a certified time stamp. Its structure should include a title page with the file reference number, date of preparation, and author information; a chronological timeline in graphical form with key points for each layer; an event and evidence correlation table linking each event on the timeline to the source file reference number in the digital evidence folder; and a narrative description of each layer with references to specific file reference numbers and folder page numbers.</p>



<p id="ember3517">Such a report, incorporated into a digital file, becomes a key orientation document for the court and allows for understanding the entire evidence without having to independently review hundreds of source files, constituting the procedural equivalent of the dispute plan used in English and American proceedings.</p>



<h2 class="wp-block-heading" id="ember3518">Description of evidence</h2>



<p id="ember3519">The description of digital evidence in a lawsuit or a procedural document containing an evidentiary motion serves a much broader purpose than traditional evidence labeling. Digital evidence, when included in a multi-gigabyte digital evidence file, requires a description that allows the court to understand its technical nature, origin, method of acquisition, and relationship to the evidentiary thesis. This description therefore fulfills four distinct procedural functions. The first is the identification function, as it precisely identifies the evidence with a signature, file name, and location within the file, making it uniquely identifiable at every stage of the proceedings, during the hearing, and in the transcript. The second is the verification function, fulfilled by providing the SHA-256 checksum and the date of acquisition, allowing the opposing party and the court to verify whether the submitted file is identical to the one that formed the basis of the claims in the lawsuit. The third is the contextualizing function, a substantive description and an indication of the connection with the factual situation allows the court to understand, already at the stage of reading the claim, what specific fact a given file is used to prove.</p>



<p id="ember3520">The digital evidence description template should be used consistently for each item in the digital evidence index. Below is an example of a professional description template for a text document.</p>



<h2 class="wp-block-heading" id="ember3521">Pattern &#8211; Text Document</h2>



<p id="ember3522">The evidence ID is TD-1/TXT/0001. The file name in the folder is distribution_agreement_2026-01-16.pdf, and the original source file name is Sales Agreement No. 12/2026.pdf. The date the evidence was obtained is June 16, 2026, which is the date the file was included in the digital evidence folder and the checksum was calculated. The source of the evidence is the plaintiff&#8217;s electronic mailbox: a file attached to an email dated January 16, 2026, sent by the defendant from j.kowalski@pozwani.p. The file&#8217;s SHA-256 checksum is a3f1d8&#8230;9b2c (the full string in file TD-1/MET/0001 of the digital folder).</p>



<p id="ember3523">The technical description indicates that the evidence is an 842 KB PDF/A-1b file with a searchable text layer. The file does not contain active scripting or embedded multimedia. The document&#8217;s metadata identifies the author as Jan Kowalski, the creation date as January 14, 2026, 10:47:22 UTC, and the file was generated using Microsoft Word 2019. The metadata was extracted using exiftool version 12.60 and archived in file TD-1/MET/0001.</p>



<p id="ember3524">The substantive description indicates that the file contains an agreement signed by both parties for the exclusive distribution of the plaintiff&#8217;s products in the Masovian Voivodeship, concluded for a period of three years from March 15, 2022. Paragraph 7 of the agreement prohibits the defendant from conducting parallel distribution of products competing with the plaintiff&#8217;s product range. Paragraph 12 specifies contractual penalties for violating this prohibition at PLN 50,000 for each identified violation.</p>



<p id="ember3525">The evidentiary thesis for this evidence is: the fact that the parties concluded distribution agreement No. 12/2026 on 16 January 2026, the content of the defendant’s obligation to provide exclusive distribution and prohibit the distribution of competitive products, the amount of the stipulated contractual penalties, as well as the fact that the defendant submitted a declaration of intent with the content corresponding to paragraph 7 of this agreement, which demonstrates his full awareness of the limitations imposed on him.</p>



<p id="ember3526">The connection with the factual circumstances lies in the fact that this evidence constitutes the primary source of the legal relationship between the parties. A finding of violation of the prohibition by the defendant, documented by further evidence from section TD-2 of the file, is possible only by reference to the content of the contractual obligation arising from this document.</p>



<figure class="wp-block-image"><img decoding="async" src="https://media.licdn.com/dms/image/v2/D4D12AQGe014loHWlLg/article-inline_image-shrink_1500_2232/B4DZ8ibmXzK8AU-/0/1782989088478?e=1784764800&amp;v=beta&amp;t=CSsXExMl-dgbgKxqP7ZECjbwVGI7kWVhMEpTtrJGnMY" alt="Article content"/><figcaption class="wp-element-caption">summary table</figcaption></figure>



<p id="ember3528">A sample summary table for cases involving multiple files, which replaces the separate listing of each piece of evidence in the procedural document. A separate table should be created for the most important pieces of evidence.</p>



<h2 class="wp-block-heading" id="ember3529">Final conclusions</h2>



<p id="ember3530">Contemporary commercial disputes unfold in two parallel realities. The first is the traditional, paper-based reality, well-known to civil litigation theory and practice, which is gradually losing its significance. The second is the digital, networked reality, generating billions of electronic traces daily and becoming the dominant environment in which contracts are concluded, negotiations are conducted, marketing campaigns are launched, infringements are committed, and damages are inflicted. The paradox is that procedural law, which is formally prepared for this change, for example, thanks to an open catalog of evidence and the technologically neutral definition of a document in Article 77³ of the Civil Code. However, in court practice, it is still often applied through the prism of categories developed for the paper-based reality. The main thesis of this article is simple and yet practically significant: evidence in 21st-century commercial cases cannot be limited solely to traditional paper documents, because the facts crucial to resolving a dispute increasingly do not exist in paper form at all. A contract concluded through an exchange of messages on corporate messaging, a violation of a non-compete clause documented in system logs – none of these events leave a paper trail. They exist solely as digital data, and their occurrence, content, and effects must be proven using appropriate methods and tools.</p>



<p id="ember3531">The online activity of businesses, as well as their contractors, competitors, and customers, leaves a vast amount of digital traces that are susceptible to analysis. As demonstrated in the individual chapters of this article, these traces include not only obvious electronic documents such as text files and emails, but also metadata and analytical data from social media platforms. The key to the effectiveness of this evidence, however, is its proper preparation, security, and presentation. A raw screenshot devoid of metadata and an online archive has minimal evidentiary value and is easily challenged. The same screenshot, provided with a qualified timestamp, supported by a parallel archive, supplemented by an analytical report documenting reach and sentiment, and integrated with a timeline reconstructing the course of events, becomes highly persuasive evidence, difficult to refute even with an active defense by the opposing party.</p>



<h2 class="wp-block-heading" id="ember3532">Digital evidence folder as a system tool</h2>



<p id="ember3533">The concept of a digital evidence folder, proposed in this article as an adaptation of the Anglo-Saxon electronic institution trial Bundle, a Polish civil procedure tool, addresses a fundamental procedural challenge: how to present tens or hundreds of gigabytes of electronic data to the court in a way that is understandable, verifiable, and procedurally efficient. A bundle is not a new piece of evidence, but an organizational tool that organizes existing evidence according to the logic of evidentiary thesis, assigns each file a unique reference number, links evidence to facts, ensures the integrity of the file, and enables immediate retrieval of each piece of evidence during the hearing via an interactive table of contents with hyperlinks. A properly prepared digital evidence bundle is one of the most effective tools for presenting evidence in court. First, it forces the attorney to select and prioritize the material before filing a procedural document, eliminating chaotic and overwhelming collections of unselected files. Secondly, it makes the evidence transparent for the opposing party and the court, because each piece of evidence is described, classified and linked to a specific thesis, which eliminates the objection of ambiguity and facilitates an effective defense or procedural attack.</p>



<h2 class="wp-block-heading" id="ember3534">Postulates de lege ferenda</h2>



<p id="ember3535">The analysis conducted in this article reveals significant regulatory gaps, the filling of which would significantly improve the effectiveness of evidence in cases involving digital materials. These proposals are both legislative and quasi-legislative in nature, involving standardization through case law and court rules.</p>



<p id="ember3536">The first and most important proposal is to introduce a legal definition of digital evidence into the Code of Civil Procedure. While the lack of such a definition does not prevent the taking of electronic evidence, it generates terminological uncertainty in case law and doctrine, leading to inconsistent assessment of the evidentiary value of the same categories of materials by different adjudicating panels. The definition should encompass all information recorded in the form of digital data, of value to ongoing proceedings, stored, downloaded, or transmitted via an electronic device.</p>



<p id="ember3537">The second postulate is the introduction of the English Practice Rules into the court regulations. The e- bundle guidelines should standardize the presentation of electronic evidence in cases where it exceeds a certain volume or number of files. Such regulations should mandatorily require: a uniform file identification system, a table of contents in PDF format with hyperlinks, and the provision of identical copies of the medium to the court and the opposing party no later than a specified number of days before the hearing. This solution, implemented without amending the law through orders of court presidents or guidelines from the Minister of Justice, would immediately improve the evidentiary culture in proceedings involving mass digital evidence.</p>



<h2 class="wp-block-heading" id="ember3538">Sources:</h2>



<p id="ember3539">Tacij Przemysław, Digital content and uncertified copies as evidence in civil proceedings</p>



<p id="ember3540">Lewulis Piotr, Social Media as a Source of Evidence in Civil Cases: Results of a Preliminary Survey Among Attorneys and Legal Counselors</p>



<p id="ember3541">Rafał Prabucki, Metadata related to a document and evidentiary proceedings in a civil trial</p>



<p id="ember3542">Wręczycka Katarzyna, Electronic evidence in civil proceedings</p>



<p id="ember3543">Nowak Mariusz, Types of electronic evidence in civil proceedings</p>
<p> </p>


<p>Artykuł <a href="https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/digital-evidence-bundle-as-a-modern-means-of-organizing-evidence/">Digital evidence bundle as a modern means of organizing evidence</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.kg-legal.eu/info/it-new-technologies-media-and-communication-technology-law/digital-evidence-bundle-as-a-modern-means-of-organizing-evidence/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>KG Legal participated in the workshop on &#8220;Corporations and start-ups &#8211; how to cooperate?&#8221; during the Polish Patent Office&#8217;s Symposium</title>
		<link>https://www.kg-legal.eu/info/kg-legal-news/kg-legal-participates-in-the-workshop-corporations-and-start-ups-how-cooperate-during-the-polish-patent-offices-symposium/</link>
					<comments>https://www.kg-legal.eu/info/kg-legal-news/kg-legal-participates-in-the-workshop-corporations-and-start-ups-how-cooperate-during-the-polish-patent-offices-symposium/#respond</comments>
		
		<dc:creator><![CDATA[jakub]]></dc:creator>
		<pubDate>Mon, 11 Sep 2017 09:15:05 +0000</pubDate>
				<category><![CDATA[KG LEGAL NEWS]]></category>
		<category><![CDATA[corporate law]]></category>
		<category><![CDATA[corporation]]></category>
		<category><![CDATA[Polish Patent Office]]></category>
		<category><![CDATA[start-up]]></category>
		<category><![CDATA[symposium]]></category>
		<guid isPermaLink="false">https://www.kg-legal.eu/?p=1458</guid>

					<description><![CDATA[<p>Workshop on &#8220;Corporations and start-ups &#8211; how to cooperate?&#8221; was conducted by Mrs. Monika Różalska from Creators Ideation Lab and by Mrs. Beata Cichocka-Tylman from PWC Sp. z.o.o. The subject of the workshops was identical with topic, so it was about cooperation between corporations. The participants were mainly entrepreneurs, people working in Treasury companies, start-up [&#8230;]</p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/kg-legal-news/kg-legal-participates-in-the-workshop-corporations-and-start-ups-how-cooperate-during-the-polish-patent-offices-symposium/">KG Legal participated in the workshop on &#8220;Corporations and start-ups &#8211; how to cooperate?&#8221; during the Polish Patent Office&#8217;s Symposium</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Workshop on &#8220;Corporations and start-ups &#8211; how to cooperate?&#8221; was conducted by Mrs. Monika Różalska from Creators Ideation Lab and by Mrs. Beata Cichocka-Tylman from PWC Sp. z.o.o.</p>
<p>The subject of the workshops was identical with topic, so it was about cooperation between corporations. The participants were mainly entrepreneurs, people working in Treasury companies, start-up and other participants.<span id="more-1458"></span></p>
<p>Workshop were divided into two parts. The first part was run by Mrs. Beata from PWC. The participants were divided into four groups. Two groups took on the role of corporations, and two took the role of start-ups. The group&#8217;s task was to mention the most common stereotypes of the other side: start-ups listed stereotypes about corporations, and corporations talked about stereotypes about start-ups.</p>
<p>The most popular stereotypes mentioned by participants are:</p>
<table>
<tbody>
<tr>
<td width="302">
<p>Corporates</p>
</td>
<td width="302">
<p>Start-ups</p>
</td>
</tr>
<tr>
<td width="302">
<p>1. They can takeover the start-up</p>
<p>2. They can steal an idea</p>
<p>3. Prolonged decision-making processes</p>
<p>4. They can use their position, specialists, lawyers to fool the start-up</p>
<p>5. Bureaucracy, formalism</p>
</td>
<td width="302">
<p>1. They do not know the market they want to do business with</p>
<p>2. Their ideas are often impossible to implement</p>
<p>3. They expect that the corporation will do everything for them</p>
<p>4. Expect too much in too short a time</p>
<p>5. Their ideas are born and die quickly</p>
</td>
</tr>
</tbody>
</table>
<p>&nbsp;</p>
<p>Then, Mrs. Beata told the participants about cooperation between start-ups with corporations. She highlighted the important aspect of dialogue between the parties and sin cerity in building cooperation. In addition, she stressed that start-ups often have to, before they go to corporations asking for cooperation, &#8220;do their homework.&#8221; This means that they must have prepared their expectations, requirements, and also have a preliminary idea about their cooperation with the corporation.</p>
<p>The second part of the workshop was conducted by Mrs. Monika from Creators Ideation Lab. The lecturer focused on her presentation on the characteristics of Israel &#8211; because she works and lives there &#8211; as a country that is the one of the world leader in terms of innovation. In her presentation, she emphasized that Israel is an innovative country, especially in three areas: militaria, health care, agriculture. Her thesis was motivated by presenting figures, which was e.g.: % of GDP transferred to the development of private enterprises. By the end of her speech, the lecturer drew attention to the upbringing of Israeli citizens who, from an early age, were taught to take risks and not to be discouraged by failures.</p>
<p>During the workshop participants were free to express themselves and conducting interesting discussions were held between them and between them and the leaders.</p>
<p>Artykuł <a href="https://www.kg-legal.eu/info/kg-legal-news/kg-legal-participates-in-the-workshop-corporations-and-start-ups-how-cooperate-during-the-polish-patent-offices-symposium/">KG Legal participated in the workshop on &#8220;Corporations and start-ups &#8211; how to cooperate?&#8221; during the Polish Patent Office&#8217;s Symposium</a> pochodzi z serwisu <a href="https://www.kg-legal.eu">KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.kg-legal.eu/info/kg-legal-news/kg-legal-participates-in-the-workshop-corporations-and-start-ups-how-cooperate-during-the-polish-patent-offices-symposium/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
