This paper examines the current state of criminal legislation and operations of the criminal justice system in Poland in the area of information and communications technology (ICT) crime. It is indicated, that already in the late nineties all the computer-related infringements that compose 'the minimum list' of the 1989 Council of Europe recommendation were criminalised under the 1997 Penal Code (unauthorised access to the computer system, computer eavesdropping, data interference, and computer sabotage). At the same time, specific provisions on computer fraud, unauthorised reproduction of a protected computer program and handling of illegally copied software, were included into the category of offences against property. A legal definition of document has also been extended by the 1997 Penal Code as well as such specific ICT-related offences like telecommunications fraud, computer espionage and causing a general hazard as a result of interference with automatic data processing. Subsequent changes in ICT criminal legislation in Poland have resulted from the implementation of the European Community law (1st and 3rd pillar) and the Council of Europe Convention on Cybercrime. Before Poland's accession to the EU a number of EC directives concerning e-commerce, intellectual property, conditional access to information services, digital signature, protection of personal data and privacy in electronic communications were transposed to the national legal system and protected by the legislator with criminal sanctions. In the course of implementing the Cyber-Crime-Convention an amendment to the Polish Penal Code (May 2004) introduced new specific cyber crimes (e.g. regarding hacker's tools, system interference, and possession of child pornography), and amended some of the already existing legal provisions. However, novelty of cyber crime and enormous rush with the legislation passing have negatively affected its quality and some new provisions are deficient and do not fully conform the normative standards. Polish criminal cyber legislation is also somewhat incompatible with the third pillar instruments (e.g. the Council Framework Decision 2004/68/JHA of 22 December 2003 on combating the sexual exploitation of children and child pornography). Despite recently made (July 2005) amendment to the Penal Code it does not provide for criminalisation of production and possession of the so-called virtual child pornography, even in relation to dissemination of such materials.