The Parliament of Romania adopts the present law.
CHAPTER I: General provisions
For the purpose of this law, the following terms are defined as follows:
1. information society service – any activity of providing services or that involve the creation, modification, transfer or termination of a real right on a fixed or non-fixed asset, activity carried out by electronic means, that shows the following characteristics:
a) it is performed considering a patrimony interest provided to the supplier usually by the recipient;
b) the supplier and the recipient do not have to be physically present simultaneously at the same place;
c) it is carried out by transmitting the information at the individual request of the recipient;
2. electronic means – electronic equipment and cable networks, optic fibre, radio, satellite and others, used to process, store or retransmit information;
3. service provider – any natural or legal person providing to a determined or undetermined number of people, an information society service;
4. service provider established in a state – a service provider with stable headquarters on the territory of a state, for an undetermined period of time; the settling of a service provider in a state is not necessarily determined by the location where the technical and technological means necessary to provide the service are placed;
5. domain – an area of an information system owned as such by a natural or legal person or by a group of natural or legal persons in view of data processing, storing or transfer;
6. recipient of the service or recipient – any natural or legal person using, for commercial, professional or any other purposes, an information society service, primarily in order to find information or providing access to it;
7. consumer – any natural person acting for purposes outside his or her commercial or professional activity;
8. commercial communication – any form of communication meant to promote, directly or indirectly, the goods, services, image, name or denomination, company ort logo of a trader or a member of a liberal profession. The following do not themselves constitute commercial communications: information allowing direct access to the activity of a natural or legal person, especially a domain name or an electronic mail address, communications related to the products, services, image, name or brand of a natural or legal person made by a third party, independent of the respective person, especially when they are made free of charge;
9. coordinated legislation – provisions in force of the national laws applicable to the activities making the object of the information society or service providers, regarding:
a) the requirements the service providers have to meet in order to take up these activities, as those concerning necessary qualifications, authorizations or notifications;
b) the requirements the service providers have to meet to carry out these activities, as regarding their conduct, the quality and content of their services, including those applicable to advertising and contacts or those regarding the liability of the service providers;
10. electronic payment instrument – an instrument allowing the owner to carry out the following types of operations:
a) fund transfers others than the ones ordered and performed by financial institutions;
b) cash withdrawal as well as charging and discharging of an electronic money instrument;
11. remote access payment instrument – electronic payment instrument by means of which its owner can access the funds from an account within a financial institution and to authorise payments by using his (her) personal identification code or similar identification means;
12. electronic payment instrument – rechargeable electronic payment instrument other than the remote access payment instrument on which the value units are stored electronically and allow the owner to carry out the types of operations mentioned at item 10;
13. owner – person owning an electronic payment instrument on the basis of a contract signed with an issuer, under the conditions of the law;
14. identification data – any information allowing or facilitating the types of operations mentioned at item 10, as well as an identification code, name and denomination, residence or headquarters, telephone, fax numbers, electronic mail address, registration number or similar identification means, fiscal code, personal numerical code and other similar.
Art.2: Scope and application field
(1) The present law has as purpose to establish the conditions of supplying information society services as well as to establish as infringements certain deeds regarding the safety of the domains used for electronic commerce, the issuing and use of electronic payment instruments as well as the use of identification data to carry out financial operations, in order to provide a favourable framework for the free movement of these services and the development of safety conditions for them.
(2) For the purpose of this law, the activities that do not meet the elements of definition provided for at art.1, item 1 are not considered information society services, especially the following:
a) the service offer requiring the physical presence of the provider and of the recipient, even if the respective services involve the use of electronic equipment;
b) the service offer implying handling of fixed assets by the recipient even if the respective services imply the use of electronic equipment;
c) goods or services offer that is presented to the recipient by sending the information at individual request and is not meant for simultaneous reception by an unlimited number of people (point-multipoint);
d) activities performed by means of vocal telephonic services, tele-fax, telex, radio and television services, including tele-text services;
e) vocal telephony, tele-fax or telex services;
f) information exchange by means of electronic mail or other equivalent individual means between people acting in other purposes than their commercial or professional activities;
g) contractual relationship between an employee and his (her) employer.
(3) The present law does not apply to the following activities:
a) the activities of public notaries as much as this implies a direct and specific participation in exercising the prerogatives of the public authority;
b) legal representing activities before criminal courts and bodies;
c) games of chance with money winnings, lotteries and betting transactions.
(4) The provisions of this law are completed by:
a) fiscal legal provisions;
b) legal provisions regulating the protection of people regarding personal data protection and free movement of these data as well as those regulating personal data processing and protection of private life in the telecommunication field;
c) legal provisions regarding competition.
(5) In case it does not include derogatory provisions, the present law is completed with the legal provisions regarding the conclusion, validity and effects of legal acts, with the other legal provisions meant to protect consumers and public health, as well as legal provisions regarding the regulation of the private international right relations.
Art.3: Application of the Romanian law in case of information society services
(1) The present law is applied to the service providers established in Romania and to the services offered by them.
(2) From the date this law enters into force, the information society services are subject:
a) exclusively to the provisions in force of the Romanian laws belonging to the coordinated legislation, in case they are offered by service providers established in Romania;
b) exclusively to the provisions in force of the laws of the respective state belonging to the coordinated legislation, in case they are offered by service providers established in member state of EU.
(3) The free movement of the information society services offered by a provider established in a member state of EU cannot be restricted in Romania by the application of certain legal provisions belonging to the coordinated legislation.
(4) Paragraphs (2) and (3) do not apply to the following domains:
a) right to intellectual property and right to industrial property;
b) electronic money issuing under the conditions provided by the methodological norms for the application of the present law;
c) advertising for collective investment bodies in mobile assets;
d) insurance activities under the conditions provided by the methodological norms for the application of the present law;
e) the freedom of parties to choose the law applicable to the contract, when the parties have this right;
f) obligations resulting from the contracts concluded with the consumers;
g) the formal requirements provided for the validation of the legal acts by means of which real rights on real estates located in Romania’s territory are created, modified, terminated or transmitted;
h) requirements applicable to goods as such and their supply;
i) requirements applicable to services that are not performed by electronic means.
(5) The public authorities can take derogatory measures from the provisions or paragraph (3) only under the following conditions:
(a) the measure is necessary for public order reasons, legal instruction, minors’ protection, fight against any for of stirring to hatred out of race, religion or nationality, prejudices to human dignity, public health protection, national protection and safety, consumers’ protection, including investors;
(b) the measure has in view a service of the information society that brings any prejudices to one of the values mentioned at item a) or shows a serious risk to these values;
(c) the measure is proportional with the purpose;
(d) the collaboration, consulting or informing procedures provided by the methodological norms for the application of the present law are observed.
CHAPTER II: Providing information society services
Art 4: Principles of providing information society services
(1) The providing of information society services by natural or legal persons is not subject to any previous authorisation and is performed under the conditions of free and loyal competition, by observing the legal provisions in force.
(2) The provisions of paragraph (1) do not affect the legal provisions imposing the previous authorisation for the development of activities by natural or legal persons, if the respective provisions are specifically and exclusively targeted to the information society services or the service providers, under the understanding of the present law.
(3) Information society services are provided by service providers established in member states of UE under the conditions of the European Agreement creating an association between Romania, on the one side and the European Communities and their member states on the other.
(4) Information society services are provided by service providers established in other states under the conditions of bilateral agreements between the respective states and Romania.
Art.5: General information
(1) The service provider is bound to put at the recipients’ and public authorities’ disposal the means to allow easy, direct and permanent access to at least the following information:
a) the name and denomination of the service provider;
b) the residence and headquarters of the service provider;
c) the telephone, fax number, electronic mail address or any data necessary to contact the service provider directly and effectively;
d) the registration number or any other identification means in case the service supplier is registered at the Register of Commerce or any other similar public register;
e) the fiscal code;
f) the identification data of the competent authority in case the service provider’s activity is subject to authorisation;
g) the professional title and the state where it has been granted, the professional body or any similar body to which the service provider belongs, the indication of the regulations applicable to the respective profession in the state where the service provider is established as well as the means to access to them in case the service provider is member of a liberal profession;
h) the tariffs for the services provided which must be indicated by observing the standards regarding trading of goods and market services, indicating the exception, inclusion or non-inclusion of VAT, as well as its value;
i) the inclusion or non-inclusion in the price of the supply expenses as well as their value, if applicable;
j) any other information the service provider is bound to put at the recipients’ disposal in agreement with the legal provisions in force.
(2) The obligation provided by paragraph (1) is considered fulfilled in case the provider of a service displays this information clearly, visibly and permanently on the web-site by means of which the respective service is offered, under the conditions mentioned at paragraph (1).
Art.6: Commercial communications
(1) Commercial communications through the electronic mail are forbidden, except for the case when the recipient expressed his (her) agreement to receive such communications.
(2) The commercial communications which constitute or are part of an information society service, as much as they are allowed, have to comply with at least the following conditions:
a) to be clearly identifiable as such;
b) The natural or legal person on whose behalf they are made shall be clearly identified;
c) promotional offers, such as discounts, premiums or gifts, shall be clearly identifiable, and the conditions to be fulfilled to obtain them shall be easily and clearly presented;
d) promotional competitions or games shall be clearly identifiable as such, and the participation conditions shall be accessibly and clearly presented;
e) any other conditions imposed by the legal provisions in force.
(3) Commercial communications that constitute or are part of a information society service, when this service is provided by a member of a regulated profession, is permitted subject to compliance with the legal provisions and the regulations applicable to the respective profession especially regarding the independence, dignity and honour of the profession, professional secrecy and fairness towards the clients and the other members of the profession.
(4) The providers of the information society services carrying out commercial communications are bound to comply with the provisions of paragraphs (1) to (3).
CHAPTER III: Contracts concluded by electronic means
Art.7: The validity, legal effects and evidence of contracts concluded by electronic means
(1) The contracts concluded by electronic means cause all the effects the law recognises for contracts when the conditions required by the law for their validity are met.
(2) For the validity of the contracts concluded by electronic means the previous consent to use of the parties electronic means is not necessary.
(3) The evidence of contract conclusion by electronic means and of the incumbent obligations is subject to common law provisions regarding evidence and to the provisions of Law no.455/2001 on electronic signature.
Art. 8: Informing the recipients
(1) The service provider is bound to put to the recipient’s disposal, before the recipients sends the offer to contract or acceptance of the firm offer made by the service provider, as least the following information that has to clearly, unambiguously and accessibly expressed:
b) the technical steps to be followed in order to conclude the contract;
c) whether the contract, once signed, is stored or not by the service provider and whether it is accessible or not;
d) the technical means that the service provider puts at the recipient’s disposal to identify and correct the errors occurred on the occasion of data input;
e) the language of the contract;
f) the relevant conduit codes to which the service provider subscribes as well as information on the way in which these codes can be consulted by electronic means;
g) any other conditions imposed by the legal provisions in force.
(2) The service provider has the obligation to offer the recipient the possibility to use a proper, efficient and accessible technical procedure to allow for the identification and correction of errors occurred during inputting data, previously to sending the offer or accepting it.
(3) The service provider can derogate from the provisions of paragraph (1) and (2) only when it was thus agreed with the recipient, on condition that none of the parts has the consumer quality.
(4) The general terms and conditions of the proposed contract must be made available to the recipient so that it may allow this one to store and reproduce them.
(5) The provisions of paragraphs (1) to (3) do not apply for the contracts concluded exclusively by electronic mail or other equivalent individual communication means.
Art.9: Contract conclusion by electronic means
(1) Unless agreed otherwise by the parties, the contract is considered concluded the moment the acceptance of the offer has reached the offering party.
(2) The contract which, by its nature or at the beneficiary’s request, imposes an immediate execution of the characteristic service, is considered as concluded the moment when debitor ?? started the execution, unless the offering party has asked that the acceptance is communicated to him (her) beforehand. In this case the provisions of paragraph (1) are applied.
(3) In case the recipient sends by electronic means the offer to contract or accept the firm offer or, according the case, its acceptance of the firm offer to contract made by the service provider, the service provider has the obligation to confirm having received the offer, or, as appropriate, its acceptance, in one of the following ways:
a) Sending a receipt proof by electronic mail or any equivalent individual means at the address indicated by the recipient, within 24 hours from having received or accepted the offer;
b) Confirming the receipt of the offer or the acceptance of the offer by an equivalent means of communication as the one used to send the offer or accept the offer, as soon as the offer or acceptance was received by the service supplier, on condition this confirmation may be stored and reproduced by the recipient.
(4) The offer or acceptance of the offer as well as the confirmation of the offer receipt or acceptance, made as mentioned at paragraph (3) are considered as received when the parties to which they addresses can access them.
(5) The provisions of paragraph (3) do not apply to the contracts concluded exclusively by electronic mail or other equivalent individual communication means.
Art.10: Conditions regarding information storage and presentation
(1) When the law imposes the information to be presented and stored in its genuine form, this requirement will be met if the following conditions are fulfilled cumulatively:
a) the information integrity is guaranteed by complying with the national standards in the domain, from the moment it was generated;
b) the message was signed by using the extensive electronic signature of the issuer;
c) the information can be supplied immediately and presented at request.
(2) The commercial recipient acts at his (her) own risk if he (she) knew or should have known, in agreement with the current international practices or as a result of using the procedures agreed upon specifically with the issuer, that the information of an electronic message has been altered during transmission or processing.
CHAPTER IV: Service provide liability
Art. 11: General principles
(1) The service providers are subject to the legal provisions regarding the civil, criminal or contraventional liability as long as the law does not provide otherwise.
(2) The service providers are responsible for the information they provide or about them
(3) The service providers are not liable for the information that is sent, stored or to which they facilitate the access under the conditions provided by arts. 12-15.
Art.12: Intermediary by simple transmission
(1) If an information society service is that o transmitting through a communication network, information provided by a recipient of the respective service or of providing access to a communication network, the provider of that service is not liable for the information sent if the following conditions are met:
a) the transmission was not initiated by the service provider;
b) the choice of the person receiving the information did not belong to the service provider;
c) the content of the information sent was in no way influenced by the service provider in the sense that neither the selection nor an eventual modification of the information can be attributed to him (her).
(2) The acts of transmission and provision of access, mentioned at paragraph (1) include the automatic, intermediate and transient storage of the information transmitted as long as the operation takes place for the sole purpose of carrying out the transmission in the communication network and provided that the information is not stored for a period that unjustifiably exceeds the duration necessary for its transmission.
Art.13: Transient storage of information, caching
When an information society service consists of transmitting within a communication network information provided by a recipient of the respective service, the provider of that service is not liable for the automatic, intermediate and transient storage of the information transmitted as long as this operation takes place to the sole purpose of making the information transmission more efficient to other recipients, at their request, on condition that:
a) the service provider does not modify the information;
b) the service provider complies with the legal conditions regarding the access to the respective information;
c) the service provider complies with the rules and practices regarding the up-dating of information, as they are widely recognised and applied in the industry;
d) the service provider does not interfere with the lawful use by any person of technology, widely recognised and applied by the industry to obtain data on the nature or use of the information;
e) the service provider acts rapidly to remove the information it has stored or to disable access to it upon knowing that the initial information sent was removed from the communication network or the access to is was disabled or the fact that a public authority has ordered such a removal or access disablement.
Art.14: Permanent storage of information, hosting
(1) If an information society service consists of storing the information provided by a recipient of the respective service, the provider of that service is not liable for the information stored at the request of the recipient, if the following conditions are met:
(a) the service provider does not have actual knowledge of the fact that the activity or the stored information is illegal and, as regards claims for damages, is not aware of facts or circumstances from which there appears that the respective activity or information could damage the rights of a third party;
(b) obtaining such knowledge about the fact that the respective activity or information is illegal or about facts or circumstances from which it appears that the respective activity or information might damage the rights of a third party, the service provider acts rapidly to cancel it or disable the access to it.
(2) The service provider comes to the knowledge of the fact that the activity or information is illegal when its illegal character was witnessed by a decision of a public authority.
(3) The provisions of paragraph (1) do not apply when the recipient acts under the authority or control of the service provider.
Art.15: Information searching tools and other links with other web sites
(1) The information society service provider facilitating the access to the information supplied by other service providers or by the recipients of the services offered by other suppliers, by making available for the recipients of his service some information searching tools or links to other web sites, is not liable for the respective information, in any of the following conditions is fulfilled:
a) the provider is not aware of the fact that the activity or information to which is grants access is illegal and, as concerning the torts, he is not aware of any facts or circumstances showing that the respective activity or information could prejudice the rights of a third party;
b) being aware of the fact that the respective activity or information is illegal or of facts showing that the respective activity or information might prejudice the rights of a third party, the provider acts rapidly to eliminate the access possibilities offered or to block its use.
(2) The service provider is responsible for the respective information when the illegal character of it has been found by a decision of a public authority.
(3) The provisions of item (1) do not apply in the situation when the recipient acts under the order or command of the service provider.
CHAPTER V: Monitoring and Control
Art.16: The service provider obligations
(1) The service providers are bound to notify the competent public authorities right away, about activities that seem illegal carried out by the recipients of their services or about information supplied by these ones that seem illegal.
(2) The service providers are bound to communicate the authorities mentioned at paragraph (1) right away, at their request, information that may allow the identification of the recipients of their services with whom these providers have concluded contracts regarding the permanent information storage.
(3) The service providers are bound to interrupt, temporarily or permanently, the transmission into a communication network or the storage information supplied by a recipient of the respective service, especially by eliminating the information or by blocking the access to it, the access to a communication network or the supply of any other information society service, if these measures were required by a public authority, ex-officio or at the receipt of a claim or complaint from any person.
(4) The claim mentioned at paragraph (3) can be made by any person who considers himself (herself) prejudiced by the contents of the respective information. The claim or complaint is made in writing, showing the reasons that substantiate it and will compulsorily be dated and signed. The claim cannot be forwarded if a trial has already been initiated with the same subject and with the same parties.
(5) The decision of the authority must be motivated and is notified to the involved parties within 30 days from the date the claim or complaint has been received or, if the authority acted ex-officio, within 15 days from the date it has been issued.
(6) The interested person can appeal against a decision made according to the provisions of paragraph (3), within 15 days from the notification, to the competent court. The claim is judged in emergency procedure by citing the parties. The sentence id final.
Art.17: Competent authorities
(1) The regulating authority for communications and information technology, called further on the Authority is competent to monitor and control the compliance of the service providers to the provisions of the present law and of its methodological norms, to ascertain the contraventions and to apply the sanctions provided for at art.22.
(2) Without overriding the provisions of paragraph (1), public authorities, in the sense of art.3 paragraph (5), art.5, 13, 14 paragraph (2), 15 paragraph (2), 16 (paragraphs (1) and (3), 23 paragraph (2) and art.30 paragraph (1), means those authorities of the public administration or, where applicable, a court, the competence of which in the matter is established by the legal provisions in force, applicable in each case.
(3) The Authority can require from the service providers any information necessary to perform its attributions, by mentioning the legal basis and the purpose of the request and can establish terms until when this information must be supplied, under the sanction provided by the present law.
(4) In view of discovering and investigating the infringements of the provisions of the present law and its norms, the Authority acts through its control personnel empowered for this.
(5) In exercising the investigation attributions, the control personnel empowered for this purpose by the Authority or a legal person as according to paragraph (12) can require from the service providers the necessary information, with mentioning the legal basis and the purpose of the request and can establish terms until when this information has to be supplied or the sanction provided by the present law.
(6) The Authority disposes the investigation to be performed, under the conditions of the present law, ex-officio or at the receipt of a claim or complaint from any person.
(7) The control personnel empowered for this purpose by the Authority or a legal person as according to paragraph 12) can require declarations or any documents necessary to fulfil the mission, seal, take any registers, financial-accounting and commercial acts or any other documents, issuing copies from the originals to the investigated person or getting copies of them leaving the originals to this one; they are also authorised to carry out sudden inspections the results of which being recorded into finding minutes and to receive information and justification, at summoning or on the spot.
(8) The central and local public administration bodies, as well as any institutions and public authorities are obliged to allow the access to the documents, data and information they have, for control personnel empowered for this purpose, of the Authority, and, as appropriate, of the legal person according to paragraph (12), as long as they are necessary to fulfil the legal mission of the Authority, without opposing to that the state secret or office secret character of such documents, data and information.
(9) The control personnel empowered for this purpose, when receiving access to the documents, data and information mentioned at paragraph (8) is bound to strictly observe the state or office secret character legally attributed to the respective documents, data and information.
(10) The Authority notifies the criminal law bodies when it notices infringements of the criminal law.
(11) The Authority notifies the service providers, the EU member states and the EC on all the legal aspects related to the application of the present law and co-operates with the competent authorities in other states for an efficient monitoring and control of the service providers activity.
(12) The Authority may delegate exercising its attributions provided by the present article to another legal person with public right, with monitoring and control attributions in the telecommunication sector.
(13) For the purposes of applying the present law, until the setting-up of the Authority, its attributions are fulfilled by the Ministry of Communications and Information Technology.
Art.18: Codes of Conduct
(1) The associations and non-governmental organisations with professional or trade character or those created for the protection of customers, minors or disabled persons, can elaborate codes of conduct in collaboration with the Authority and the Ministry of Justice, for a proper application of the provisions of the present law.
(2) The Authority and the Ministry of Justice will have in view the introduction into the codes of conduct mentioned by paragraph (1) of provisions especially regarding:
a) Settlement of disputes out of the court;
b) the temporary or permanent interruption of the transmission into a communication network or of the storage of information supplied by a service provider especially by eliminating the information or blocking the access to it, the access to a communication network or the provision of any other information society service;
c) the protection of the recipients regarding commercial communications;
d) the protection of minors and human dignity.
(3) The Authority and the Ministry of Justice support:
a) the translation of the codes of conduct into languages of international circulation;
b) the facilitation of the access to the codes of conduct by electronic means;
c) the awareness of the codes of conduct at the national level and their transmission as well as of assessment on their application and practical impact to the EU member States and the EC.
CHAPTER VI: Dispute settlement
Art.19 Court actions
(1) The entities qualified to bring an action, according to the provisions of paragraph (2), can require to the court the obligation for the defendant to stop any infringement, according to the provisions of the present law, the interdiction for the defendant to resume the action in the future and the obligation of the defendant to pay damages for the impairment caused.
(2) The quality to bring to an action according to paragraph (1) belongs to the following:
a) the natural and legal persons that pretend to be owners of a subjective right provided by the present law or of an interest that cannot be achieved otherwise than through court;
b) the associations and non-governmental organisations mentioned at art.18, paragraph (1);
c) The national Authority for the protection of Consumers, the county consumer protection offices and the protection consumer Office of Bucharest City;
d) The entities created with the purpose to protect consumers in the member states of the EU, under the conditions provided by the application methodological norms of this law.
(3) The action mentioned at paragraph (1) is lost by prescription within a year from the date of the infringement having justified the action.
(4) The persons qualified to bring to an action, according to the provisions of paragraph (2), can require to the court, by presidential ordinance, the ceasing of infringement that is contrary to the provisions of this law, under the conditions of the civil procedure Code.
Art.20: Out-of-court dispute settlement
(1) The service providers and the recipients can submit the disputes between them to arbitration, under the conditions provided by the law, as well as other out-of-court means to settle disputes, provided by the conduct codes elaborated according to art.18.
(2) The use of electronic means for out-of-court dispute settlement is possible under the conditions of the law.
CHAPTER VII: Sanctions
Art.21: Relative nullity of contracts regarding information society services
Any contract regarding the provision of information society services can be annulled at the recipient’s request if it has been concluded with a service supplier that:
a) has not put at the recipient’s disposal, under the conditions provided by the law, the information mentioned at art.5, letter a)-i) or has not supplied all this information or has supplied inaccurate information;
b) has not put at the recipient’s disposal, under the conditions provided by the law, the information mentioned at art.8, paragraph (1) letter a)-e) or has not supplied all this information or has supplied inaccurate information, if the provisions of art.8 paragraph (3) or (5) are not applicable;
c) has infringed the obligation provided by art.8 paragraph (2), if the if the provisions of art.8 paragraph (3) or (5) are not applicable;
d) has infringed the obligation provided by art.8 paragraph (4).
Considered as contravention, if not under the conditions that, according to the criminal law, it represents a crime, and sanctioned by a fine ranging from 10 million to 500 million lei the fact of a service supplier that:
a) makes trade communications by infringing the conditions established by art.6 paragraph (1) and paragraph (2) letter a)-d);
b) does not put at the disposal of recipients and public authorities, under the conditions provide by the law, the information mentioned in art.5 letter a)-i) or does not supply all this information or supplies inaccurate information;
c) does not put at the disposal of recipients, under the conditions provide by the law, the information mentioned in art.8 paragraph (1) letter a)-e) or does not supply all this information or supplies inaccurate information, if the provisions of art.8 paragraph (3) or (5) are not applicable;
d) infringes the obligation provided by art.8 paragraph (2), if the provisions of art.8 paragraph (3) or (5) are not applicable;
e) infringes the obligation provided by art.8 paragraph (4);
f) infringes the obligation provided by art. 9 paragraph (3);
g) infringes the obligation provided by art. 16 paragraphs (1)-(3);
h) does not supply the information required by art.17 paragraph (3) or (5) or does not supply all this information or supplies inaccurate information.
Art.23: Establishing contraventions and applying sanctions
(1) Establish a contravention according to art.22 letter a) and applying the respective sanctions are done at the request of any person or office, by the empowered representatives of ANRC or of the monitoring authority provided by Law no.677/2001 on the protection of people regarding the processing of personal data and their free circulation.
(2) Establishing a contravention and applying sanctions according to art.22 letters b)-h) are done by the empowered representatives of ANRC or of the other competent public authorities, at the request of any person or office.
(3) Establishing contraventions can also be done, in all case, by the police officers and sub-officers.
(4) The provisions of OG no.2/2001 on the legal regime of contraventions, with the later modifications are applied to the contraventions mentioned in art.22.
CHAPTER VIII: Infringements related to the issuing and use of electronic payment means and the use of identity data for financial operations
Art.24: Forgery of electronic payment instruments
(1) The forgery of electronic payment instruments is punished with imprisonment form 3 to 12 years and the banning of rights.
(2) The same punishment is applied for issuing on the market, in any way, of forged electronic payment instruments or owning them in order to put them into circulation.
(3) The punishment is imprisonment from 5 to 15 years and the prohibition of rights if the facts mentioned on paragraph (1) and (2) are carried out by a person who, by the nature of his (her) job:
a) performs technical operations necessary to issue electronic payments instruments or to perform the types of operations mentioned on art.1 item 10; or
b) has access to the security mechanisms involved in issuing or using electronic payment instruments; or
c) has access to the identification data or the security mechanisms involved in carrying out the types of operations mentioned on art.1 item 10.
(4) The tentative is punished.
Art.25: Owning equipment to forge electronic payment instruments
The manufacturing or the owning of equipment, including hardware and software, to be used to forge electronic payment instruments is punished by imprisonment from 6 months to 5 years.
Art.26: The forgery in declarations in view of issuing or using electronic payment instruments
The inaccurate declaration, made by a bank, credit or financial institution or any other legal person authorised, under the conditions of the law, to issue electronic payment instruments or to accept the types of operations mentioned by art.1, item 10, in order to issue or use an electronic payment instrument, for himself (herself0 or another, when, according to the law or the circumstances, the declaration serves to issue or use the respective instrument, is punished with imprisonment from 3 months to 2 years or with a fine.
Art.27: Performing financial operations fraudulently
(1) The carrying out of one of the operations mentioned in art.1, item 10, by using an electronic payment instrument, including the identification data that allow its use, without the consent of the owner of the respective instrument, is punished with imprisonment with 1 to 12 years.
(2) The same punishment is given to performing one of the operations mentioned in art.1, item 10, to the unauthorised use of any identification data or by using false identification data.
(3) The same punishment applies to the unauthorised use, by another person, of any identification data in order to carry out any of the operations mentioned in art.1, item10.
(4) The punishment is imprisonment from 3 to 15 years and the prohibition of the rights if the facts mentioned in paragraphs (1) – (3) are carried out by a person who, by the nature of his (her) job:
a) performs technical operations necessary to issue electronic payments instruments or to perform the types of operations mentioned on art.1 item 10; or
b) has access to the security mechanisms involved in issuing or using electronic payment instruments; or
c) has access to the identification data or the security mechanisms involved in carrying out the types of operations mentioned on art.1 item 10.
(5) The tentative is punished.
Art.28: Accepting financial operations performed fraudulently
(1) Accepting any of the operations mentioned in art.1, item 10, knowing that it is performed by using a forged electronic payment instrument or using an electronic payment instrument without the consent of the owner, is punished with imprisonment from 1 to 12 years.
(2) The same punishment is given for accepting one of the operations mention in art.1, item 10, knowing that it is performed by an unauthorised using of any identification data or by using unreal identification data.
(3) The tentative is punished.
Art.29: Carrying out unauthorised operations in an information system
(1) The authorised access to an information system or a domain is punished by imprisonment from 3 months to 3 years or by fine.
(2) The unauthorised data transfer into an information system or domain for the personal use or to third parties is punished by imprisonment from 1 to 12 years.
(3) The unauthorised modification, partial or total destruction of the stored information into an information system or domain is punished by imprisonment from 3 to 15 years.
Art. 30: Determination and judging of crimes
(1) The crimes mentioned by the present law are determined by the competent public authorities that submit the determination document to the local criminal investigating body.
(2) The crimes mentioned in art.24 and 25 are judged, firstly, by the court.
(3) The provisions of the present chapter are completed with the provisions of the Criminal Code and the criminal procedure Code.
CHAPTER IX: Final provisions
Art.31: Burden of proof in case of disputes on information society service provision
In case of any dispute on the supply of an information society service, occurred between the provider of the respective service and its recipient, the burden to prove the fulfilment of the obligations mentioned by art. 5, 6, 8 and 9 comes to the service provider if the recipient has the consumer quality.
Art.32: The abrogation of contrary provisions
Letter f) of article 6 of OG no.130/2000 on the legal regime of remote contracts is abrogated.
Art.33: Entering into force and application of the law
(1) Within 3 months from the date the law is published in the Official Monitor of Romania, Part I, the Ministry of Communications and Information technology will elaborate the methodological norms for its application, that are approved by a Government Decision.
(2) The present law enters into force at the date of its publication into the Official Monitor of Romania, Part I, and is applied 3 months from the date of its entering into force.
This law was adopted by the Senate, during the meeting on 9th of may 2002, by observing the provisions of art.74, paragraph (1) of the Constitution of Romania.
PRESIDENT OF THE SENATE
This law was adopted by the Chamber of Deputies during the meeting on 9th of May 2002, by observing the provisions of art.74, paragraph (1) of the Constitution of Romania
President of the Deputies Chamber
Published in the Official Monitor with number 483 dated 5 July 2002