Dane Osobowe

WARSAW — Poland’s data protection watchdog raised alarms on April 22 about widespread mishandling of personal records across both public agencies and private firms. Inspectors found that thousands of files containing names, addresses and identification numbers had been left accessible through poorly secured online portals. The lapses came to light after routine checks turned up several government databases that anyone with basic web skills could reach.

The findings drew quick criticism from privacy advocates who said the problems were hardly new. One inspector noted that similar holes had been flagged in previous years yet little changed in practice. Companies involved ranged from small marketing outfits to larger service providers that collect customer details for routine transactions. Many appeared unaware that storing such information without basic encryption already broke existing rules.

Officials stopped short of naming every offender but warned that fines would follow if fixes were not made promptly. They also urged ordinary citizens to check what information they had shared online and to demand deletions where possible. The announcement landed amid growing public unease over how much personal detail ends up in commercial hands without clear consent.

Reaction from the tech sector was mixed. Some firms pointed to the cost of upgrading older systems, while others said clearer government guidance would help them stay compliant. Lawmakers in Warsaw signaled they might revisit the current data protection statute later in the year if violations kept surfacing at the same rate.