Jarosław Straś
Areas of law and specializations
- New technologies (IT/TMT)
- Cybersecurity
- IT contracts
- GDPR compliance audit
- Personal data
- Proceedings related to security incidents
- International trade agreements
Bio
Specializations
Specialises in commercial law, telecommunications law, data protection and cyber security.
Experience
He has experience in providing corporate services to companies, negotiating investment agreements, conducting due diligence processes and consolidation of business entities, including in the telecommunications and IT sectors.
In his previous practice, he has drafted and negotiated contracts in commercial transactions in the IT sector, as well as advised on the implementation of solutions to the obligations of telecommunications entrepreneurs carried out for defence, state security and public safety and order. He has advised during control proceedings conducted by the President of the Office of Electronic Communications. He has experience in the implementation of EU-funded projects concerning the construction of telecommunications infrastructure, including ongoing legal proceedings.
He has experience in conducting personal data protection audits, implementing personal data protection in the telecommunications sector, investigating potential incidents and violations of data subjects’ rights. He has also advised in the area of negotiation of personal data processing entrustment agreements.
In the area of information security and cyber-security issues, he has implemented solutions comprising information security management systems under the ISO 27001 standard, advised entities designated as key service operators, and participated in activities of conducting security audits of information systems (IT security), including in regulated sectors (banking, insurance). Drafts and negotiates contracts for security audits and penetration tests.
Author of publications on IT and telecommunications law. Speaker at conferences and trainer in the field of telecommunications secrecy protection, telecommunications data retention, and cyber security (national cyber security system, NIS and NIS2 Directives).
Education
An attorney-at-law registered with the Katowice Bar Association since 2019. A graduate of the Faculty of Law and Administration at the University of Silesia in Katowice. A graduate of the following postgraduate programmes:
- Personal Data Protection in Administration and Business at the WSB University in Dąbrowa Górnicza;
- in Compliance at the Warsaw School of Economics.
Publications
“Telecommunications in a new light”, Jarosław Straś, Mikołaj Prochownik, Rzeczpospolita, 22 October 2024
“UODO President critical of authorities’ access to telecommunications data”, Jarosław Straś, Rzeczpospolita, 4 November 2025
Certifications
In recent years, Jarosław has obtained the following certifications, which highlight his experience and skills:
Certificate of Internal Auditor of the Information Security Management System according to PN-EN ISO 27001:2023 – confirms competence in planning, conducting and documenting internal audits within the Information Security Management System (ISMS), including for the purposes of information protection, cybersecurity and risk management.