This paper is aims to give a brief overview of the following issues: (i) Polish data retention regime and its drawbacks; (ii) the use of data retention in practice and available
data on the subject; (iii) campaign run by the Panoptykon Foundation over last two years; and (iv) political shifts that occurred in Poland.

Videos from the Computers, Privacy & Data Protection 2017: The Age of the Intelligent Machines are already available (featuring Katarzyna Szymielewicz, the Panoptykon Foundation president).

On 22 June, Polish president signed a new anti-terrorism law. The law contains measures that are inconsistent with the Polish Constitution and with the European Convention on Human Rights. The list of controversies is long: foreigners’ phone calls might be wire-tapped without a court order, and police might collect their fingerprints, biometric photos and DNA if their identity is “doubtful”. Online content might be blocked, citizens' freedom of assembly limited, and secret services are given free access to all public databases.

Jan Nowak, previously a general manager at the DPA’s office and a long-term member of PiS, the ruling party, will become the new chair of the Polish Data Protection Authority. The nomination raised controversy as to whether Jan Nowak meets the legal requirements for this position.

Polish government’s proposal for a new law on “protecting free speech of social media users” introduces data retention, a new, questionable definition of “unlawful content”, and an oversight body (Free Speech Council) that is likely to be politically compromised. In this context, “Surveillance and Censorship Act” would be a more accurate name.