The article analyses the role of attorney at law in ensuring compliance of personal data processing with EU and national data protection law. The author points out the growing complexity of data protection regulations, particularly arising from the new legal acts, and highlights the challenges faced by attorneys at law in practice. The analysis emphasises that effective legal assistance provided by attorney at law remains crucial for many controllers and processors to be able to comply with their legal obligations. The study identifies typical areas related to the requirements set out in the GDPR where an attorney at law can provide support to controllers and processors. The analysis also covers the question of whether an attorney at law can perform the function of a data protection officer. The author underscores the importance of legislative developments and the need to engage and improve the qualifications of legal professionals to effectively meet new legal requirements in the data protection.

LITERATURE

Bielak-Jomaa E., Lubasz D. (eds.), RODO. Ogólne rozporządzenie o ochronie danych. Komentarz, Warszawa 2018.

Ehmann E., Selmayr M. (eds.), Datenschutz-Grundverordnung, München 2018.

Fajgielski P., Ogólne rozporządzenie o ochronie danych. Ustawa o ochronie danych osobowych. Komentarz, Warszawa 2022.

Kuner C., The Role of Private Lawyers in the Data Protection World, [in:] Data Protection in a Profiled World, eds. S. Gutwirth, Y. Poullet, P. de Hert, Dordrecht 2010.

Kuner C., Bygrave L.A., Docksey C. (eds.), The EU General Data Protection Regulation (GDPR): A Commentary, Oxford 2020.

Litwiński P. (ed.), Ogólne rozporządzenie o ochronie danych osobowych. Ustawa o ochronie danych osobowych. Wybrane przepisy sektorowe. Komentarz, Warszawa 2021.

Sakowska-Baryła M. (ed.), Ogólne rozporządzenie o ochronie danych osobowych. Komentarz, Warszawa 2018.

Sibiga G., Żeromski B., Konsekwencje warunku unikania konfliktu interesów inspektora ochrony danych dla dopuszczalnego zakresu jego zadań w ochronie danych osobowych, [in:] Pakiet cyfrowy i inne wyzwania ochrony danych. Aktualne problemy prawnej ochrony danych osobowych 2024, ed. G. Sibiga, “Monitor Prawniczy” 2024, no. 11.

ONLINE SOURCES

Konarski X., Sibiga G., Nowak D., Syska K., Małobęcka-Szwast I., Barszczewska-Mazur K., Ogólne rozporządzenie o ochronie danych (RODO). Poradnik dla radców prawnych i adwokatów. Wersja zaktualizowana, 2019, https://www.adwokatura.pl/admin/wgrane_pliki/file-2019-07-01-poradnikkrrpnraaktualizacja-kbm-28006.pdf (access: 12.10.2025).

Ośrodek Badań, Studiów i Legislacji, Opinia Ośrodka Badań, Studiów i Legislacji Krajowej Rady Radców Prawnych w przedmiocie łączenia wykonywania zawodu radcy prawnego oraz funkcji Inspektora Ochrony Danych (IOD) lub Administratora Bezpieczeństwa Informacji (ABI), 28.3.1918, https://obsil.kirp.pl/wp-content/uploads/2018/05/Opinia-z-28.03.2018-r.-IOD.pdf (access: 12.10.2025).

LEGAL ACTS

Act of 6 July 1982 on attorneys at law (Journal of Laws 1982, no. 19, item 145, as amended).

Act of 10 May 2018 on the protection of personal data (consolidated text, Journal of Laws 2019, item 1781, as amended).

Act of 14 June 2024 on the protection of whistleblowers (Journal of Laws 2024, item 928).

Act of 12 July 2024 on electronic communications law (Journal of Laws 2024, item 1221).

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119/1, 4.5.2016).

Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) (OJ L 26/15, 3.6.2022).

Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on the Single Market for Digital Services and amending Directive 2000/31/EC (Digital Services Act) (OJ L 277/1, 27.10.2022).

Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonised rules on fair access to and use of data and amending Regulation (EU) 2017/2394 and Directive (EU) 2020/1828 (Data Act) (OJ L 2023/2854, 22.12.2023).

Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) No. 300/2008, (EU) No. 167/2013, (EU) No. 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act) (OJ L 2024/1689, 12.7.2024).