Evolving Threats, Emerging Laws: Poland's 2023 Answer to the Smishing Challenge

Abstract

In the face of rising cybersecurity threats like 'smishing'—SMS-based phishing attacks—this article examines how legislative efforts can effectively address these challenges. This article provides a comprehensive analysis of cybersecurity challenges, focusing on the still growing phenomenon of 'smishing', within the legislative context. In particular, it explores the legal landscape of cybercrime through the lens of Poland's recently enacted Act on Combating Abuses in Electronic Communication, as well as the European Union's Cybersecurity Strategy for the Digital Decade. The first one serves as a significant case study for examining legislative efforts aimed at mitigating cybersecurity risks in the field of electronic communications. The article describes the multi-layered, collaborative business-state approach of the Polish law, which can provide a solid framework for addressing current and future cyber security threats. The act stands as a promising tool for fortifying national cybersecurity infrastructure and could serve as a useful example for other jurisdictions grappling with similar issues. The law also engages citizens actively in its cybersecurity initiatives, promoting collective responsibility. In the broader European Union context, while the Polish Act undergoes scrutiny, this analysis also seeks to explore its alignment with the objectives outlined in the 2020′s European Union's Cybersecurity Strategy for the Digital Decade. This examination aims to evaluate the extent to which the Polish legislative framework resonates with the overarching goals set forth by the European Union, thereby contributing to a deeper understanding of the synergy between national initiatives and the broader European cybersecurity strategy context.