Hacking Under Article 267 § 1 of the Polish Penal Code
What is hacking?
Hacking is commonly associated with individuals who, without authorization, bypass security measures to gain access to systems or information. Hackers may have various motivations, though financial gain is often not their primary goal.
How does the law protect against hacking?
Polish criminal law does not provide a single, unified legal classification for hacking. However, hacker activities most commonly fall under Article 267 § 1 of the Penal Code, which criminalizes unauthorized access to information intended for someone else by breaking or bypassing security measures.
Under this provision, hacking can be considered a modern form of violating the confidentiality of correspondence. However, the true scale of this crime may be significantly greater than official statistics suggest.
Elements of the crime of hacking
To constitute hacking under Article 267 § 1 of the Penal Code, the following conditions must be met:
- Lack of authorization to access the information,
- Unauthorized access to protected information,
- The information was not intended for the perpetrator,
- Security measures were in place,
- The act involved breaking or bypassing security measures.
How does a hacker operate?
Article 267 § 1 protects the confidentiality of correspondence and applies even if the perpetrator does not read or understand the information—merely gaining access is enough to constitute a crime.
A hacker may act by:
- Breaking security measures,
- Bypassing security measures.
Security measures include any method of restricting access, such as data encryption, firewalls, antivirus programs, passwords, or authentication keys.
What are the penalties for hacking?
Hacking is a crime prosecuted upon the victim’s request. The penalties include a fine, restriction of liberty, or imprisonment for up to 2 years. In some cases, other provisions of the Penal Code may also apply.
If access was gained accidentally or automatically, the perpetrator is not criminally liable. However, Article 267 § 3 penalizes the use of wiretapping devices, visual surveillance tools, or specialized software to obtain information.
Legal hacking
Some forms of hacking, such as penetration testing (pentesting), may be legal. Article 269b of the Penal Code allows security testers to be exempt from liability if they do not harm public or private interests and do not cause damage.
Case law examples
- Court of Appeal in Szczecin, October 14, 2008 (II AKa 120/08) – A person who gains unauthorized access to information without breaking security measures does not commit a crime, even if they do so through deception.
- District Court in Świdnica, April 10, 2019 (IV Ka 112/19) – Using someone else’s password was considered a breach of security.
- Supreme Court, March 5, 2019 (II KK 208/18) – Extracting a „pairing key” is not equivalent to obtaining access to information.
Do you need legal assistance?
If you have been accused of hacking or want to protect your data from cybercriminals, contact an expert for professional legal support.
This is just the beginning!
In upcoming posts, we will cover other cybercrimes, including sniffing, computer fraud, and cyberstalking. Follow the series to stay informed about key aspects of Polish criminal law.
Legal status as of October 14, 2020.
Cyberlaw by Judyta 