The proposed bill on the national cybersecurity system is a breeding ground for corruption, according to experts from the Adam Smith Center.
“Why is the government proposing to limit the development of the Polish digital economy?” ask the authors of the report, which was directed by Tomasz Kulisiewicz and Andrzej Sadowski from the Adam Smith Center.
The report evaluates the draft bill on the national cybersecurity system prepared by the Ministry of Digitisation. Authors warn about the consequences of planned restrictions on the choice of technologies used in Poland.
“Qualifying technology suppliers for security on the basis of arbitrary administrative decisions can deprive Poland of access to the most competitive technologies. This could result in chaos in many areas, not only economic, but also in health care, since we use equipment from Asian countries, which is often much cheaper than that originating from the European Union. Moreover, the introduction of arbitrary solutions and discretionary assessments of technology suppliers is inherently corruption-breeding and poses a threat to national security, which could lead to strong corruption when open competition for technological solutions is not possible,” says Andrzej Sadowski, president of the Adam Smith Center.
If the government intends to participate in the digital race and not be left in digital backwardness, it should approach the NIS2 directive in the same way as the governments of other leading innovators in the EU. A thorough impact assessment of the project should be carried out. Many factors indicate that the draft, in its proposed form, should never see the light of day unless its actual purpose is to limit the development of the digital economy and reduce Poland’s competitiveness. The Digital Economy and Society Index (DESI), prepared by the European Commission, ranks Poland 24th out of 27 EU countries.
Painful, costly, and illegal
Under the guise of “cybersecurity,” the Minister of Digitisation introduces the category of high-risk suppliers, which essentially poses a high corruption risk. The discriminatory procedure to classify a provider as high-risk is based on political criteria, not technological ones, focusing on the country of origin of suppliers. Those from countries outside the EU and NATO can find themselves under immediate pressure to suspend or limit their operations. This can lead to significant business disruptions, serious financial difficulties, and even bankruptcies. The bill also extends the list of so-called key entities, meaning that companies from 18 sectors, including the medical and food industries, will have to comply with cybersecurity requirements.
Why should a Polish entrepreneur comply with requirements that are not applicable in any EU country?
The government has been working on amendments to the bill on the national cybersecurity system for several years. Over 750 comments were submitted to its first version, published in 2020, from telecommunications market enterprises, experts, and industry organizations. The latest version of the project, from October 2024, barely takes these comments into account and proposes over-regulation compared to the NIS2 directive, raising many doubts. They are overly restrictive, contrary to the principle of proportionality, conflict with the Constitution of Business, and are arbitrary, granting unchecked power to administration. This is dangerous for the country and counterproductive to the declared goal of raising the level of cybersecurity in Poland.
Over 1,500 comments from entrepreneurs and government agencies were sent to the Ministry of Digitisation. Can those initiating the amendment present its impact on the employment in the digital economy, company formation, budget revenue, and its effect on Poland’s digital backwardness? – ask the authors of the report.
“If the government persists with the proposed amendment project and pushes it through, despite exposed corruption risks threatening national security, which will become apparent after its implementation, this will worsen competitiveness, increase the cost of living, and therefore lower the standard of living,” warns Andrzej Sadowski, co-author of the report with the Adam Smith Center.
Source: https://managerplus.pl/cyberbezpieczenstwo-czy-korupcja-nowy-projekt-ustawy-pod-ostrzalem-ekspertow-43588