HOME/All Jurisdictions/RO

RO — Country Profile

Romania

20TOTAL
15OFFICIAL SOURCES
4TOPIC AREAS
Law / Act3
Executive Order4
Policy / Guidance1
National Strategy5
Other7
19 JAN 2026 · Other

National Supervisory Authority for Personal Data Processing investigation into Continental Automotive Products SRL over alleged failure to protect employee data

On 19 January 2026, the National Supervisory Authority for Personal Data Processing (ANSPDCP) imposed fines totalling EUR 15'000 (RON 25'455 and RON 50'911) against Continental Automotive Products SRL for breaches of the General Data Protection Regulation. The ANSPDCP imposed a EUR 5'000 fine for infringements of Article 5(1)(c) and Article 5(2) on data minimisation and accountability, and a EUR 10'000 fine for infringements of Article 32(1)(b) and Article 32(2) on the security of processing....

✓ OfficialNational Strategydataprotection.ro ↗
20 AUG 2025 · Executive Order

National Cyber Security Directorate order on requirements regarding registration notification process and method of submitting information (Order No. 1/2025)

On 20 August 2025, the National Cyber Security Directorate (DNSC) Order No. 1/2025 for the approval of the requirements regarding the notification process for the registration of essential and important entities and the method of transmitting information entered into force. The order was adopted on the basis of Government Emergency Ordinance No. 155/2024 on establishing a framework for the cybersecurity of networks and information systems in the national civil cyberspace, approved with amendm...

✓ OfficialNational Strategylegislatie.just.ro ↗
20 AUG 2025 · Executive Order

National Cyber Security Directorate order on criteria and thresholds for determining degree of service disruption and methodology for assessing the risk level of entities (Order No. 2/2025)

On 20 August 2025, the National Cyber Security Directorate (DNSC) Order No. 2/2025 for the approval of the Criteria and thresholds for determining the degree of service disruption and the methodology for assessing the risk level of entities enters into force. The order was issued pursuant to Government Emergency Ordinance No. 155/2024 on establishing a framework for the cybersecurity of networks and information systems in the national civil cyberspace, as amended by Law No. 124/2025, and Gove...

✓ OfficialNational Strategylegislatie.just.ro ↗
08 JUL 2025 · Executive Order

Local content requirement in National Audiovisual Council's Decision on audio-visual content regulatory code (Decision No. 573)

On 7 August 2025, the Decision No. 573 establishing an audio-visual content regulatory code, including local content requirements, entered into force. The code applies to all television and radio broadcasters, video-on-demand platforms, and video-sharing services under Romanian jurisdiction. The code mandates a minimum of 50% of broadcasting time for European works, excluding time devoted to information, sports events, games, advertising, teletext and teleshopping services. Additionally, they...

✓ OfficialContent Moderationlegislatie.just.ro ↗
10 JUN 2025 · Law / Act

Content moderation regulation in Digital Age of Majority Law (L190/2025 / PLX356/2025)

On 6 October 2025, the Senate of Romania passed the Digital Age of Majority Law (L190/2025), containing content moderation regulation. The Law would establish requirements for online service providers regarding minors and aims to align with existing online minor protection provisions in the General Data Protection Regulation and the Digital Services Act. The Law would require online service providers with users who are minors to take proportionate measures to protect those users via online in...

Content Moderationsenat.ro ↗
30 APR 2025 · Other

Data Protection Authority investigation into Bitdefender over alleged GDPR violations following email security breach

On 30 April 2025, the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) concluded an investigation into Bitdefender SRL and found violations of Article 32(1)(b) and (d), as well as Article 32(2) of the General Data Protection Regulation (GDPR). As a result, the company was fined RON 49’772. The investigation was initiated following a personal data breach notification submitted by Bitdefender SRL under Article 33 of the GDPR. The breach was caused by a programming ...

✓ OfficialNational Strategydataprotection.ro ↗
20 JAN 2025 · Other

ANSPDCP investigation into Vodafone Romania regarding GDPR compliance in telecom services

On 20 January 2025, the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) issued a ruling against Vodafone Romania for breaching Articles 32(4) and 32(1)(b) of the General Data Protection Regulation (GDPR). Vodafone was fined RON 74’526 (EUR 15’000) for failing to ensure the confidentiality of customer data, including names, personal identification numbers, and addresses. The Investigation revealed unauthorised data disclosures via invoice photos shared with third...

✓ OfficialNational Strategydataprotection.ro ↗
28 NOV 2024 · Other

Supreme Council of National Defence investigation into TikTok over alleged electoral legislation violations

On 28 November 2024, the Supreme Council of National Defence (CSAT) announced an investigation into TikTok for allegedly providing preferential treatment to a candidate in the presidential elections. It was stated that TikTok did not designate the candidate’s account as political and did not label campaign materials with the unique identification code required by the Permanent Electoral Authority. This was identified as non-compliance with electoral legislation, which increased the visibility...

Content Moderationcsat.presidency.ro ↗
26 NOV 2024 · Other

NAC and ANCOM investigation into TikTok for alleged failure to address disinformation and electoral manipulation amplification

On 26 November 2024, the National Audiovisual Council (NAC) submitted a complaint to the European Commission regarding possible violations of the Digital Services Act (DSA) by TikTok in the context of the Romanian presidential elections. The NAC and the National Authority for Management and Regulation in Communications (ANCOM) noted that TikTok allegedly failed to prevent the spread of disinformation and the amplification of electoral manipulation. The NAC and ANCOM requested the European Com...

Content Moderationcna.ro ↗
28 OCT 2024 · Other

ANSPDCP investigation into Vodafone's GDPR compliance

On 28 October 2024, the National Supervisory Authority for the Processing of Personal Data in Romania (ANSPDCP) concluded an investigation into Vodafone Romania SA, identifying a breach of Article 32 of the General Data Protection Regulation (GDPR). The investigation, initiated from a complaint about the improper disclosure of email addresses in communications regarding account manager changes, revealed that Vodafone Romania SA failed to implement adequate technical and organisational measure...

✓ OfficialNational Strategydataprotection.ro ↗
18 APR 2024 · Law / Act

Law No. 50/2024 implementing Digital Services Act and designating Romanian competent authorities and digital services coordinator

On 18 April 2024, the Bill to implement the Digital Services Act (Law No. 50/2024) came into effect. The Act aims to harmonise Romanian legislation with the requirements for digital services under the DSA. Key provisions include the designation of the National Authority for Communications Administration and Regulation (ANCOM) as the competent authority to supervise and ensure compliance with the DSA. ANCOM is designated as the single point of contact regarding the application of the DSA and t...

✓ OfficialContent Moderationlegislatie.just.ro ↗
05 OCT 2021 · Law / Act

Romanian public consultation for implementation of EU DSM directive

The period for comments on the draft law to implement the EU DSM directive ends.

Content Moderationcultura.ro ↗
27 SEP 2021 · Executive Order

Establishment of National Cyber Security Directorate

The Romania National Cyber Security Directorate (DNSC) is established, replacing the Romanian National Cyber Security Incident Response Team (CERT-RO). The DNSC will support the implementation of the new National Cyber Security Strategy and the implementation of the EU Cybersecurity Strategy, the NIS Directive and NIS 2.0. Moreover, it aims to contribute to the state budget, contribute to cyber crisis management and bring together key actors from state institutions, the private sector and aca...

✓ OfficialNational Strategycert.ro ↗
29 DEC 2020 · Other

Competition Council of Romania Investigation into Dante International for abuse of dominance on e-Commerce platform

On 29 December 2020, the Romanian Competition Council (RCC) sanctioned e-commerce provider Dante International for abusing its dominance on its e-commerce platform eMAG with a fine of RON 32.28 million (EUR 6.7 million). Dante International used algorithms to disadvantage other vendors using its eMag platform while displaying its own products in a preferential matter. Dante International acknowledged its wrongdoings, and the fine was reduced by the RCC.

✓ OfficialCompetitionconsiliulconcurentei.ro ↗
Policy / Guidance

Romania - EU AI Regulation Implementation

Romania implements EU AI Act via national regulation, aligning with the EU-wide framework. Romania follows the EU classification system for risk-based AI regulation.

National Implementationcms.law ↗
National Strategy

Government Memorandum No. 20D/31781/MN on Artificial Intelligence (establishing national AI initiatives and governance structures)

AI law in Romania: Government Memorandum No. 20D/31.781/MN (November 2022) establishes a national governance framework for artificial intelligence in Romania, creating the Romanian Committee for Artificial Intelligence and directing the development of national AI initiatives including a Scientific and Ethics Council, Education Council, and a national AI hub. It sets strategic priorities for coordination, monitoring, and the creation of an AI ecosystem aligned with ethical principles and EU-level developments....

✓ OfficialNational Strategyresearch.gov.ro ↗
National Strategy

Cadru Strategic Național în domeniul Inteligenței Artificiale (CSN-IA) — National Strategic Framework for Artificial Intelligence (document submitted to public consultation, October 2023)

AI law in Romania: The CSN-IA is a draft national strategic framework (2023-2027) prepared by the Authority for Digitalisation of Romania (ADR) with partners, submitted to public consultation in October 2023. It sets high-level objectives, governance arrangements, priority programmes (education, infrastructure, RDI, adoption in public administration), and a roadmap to align Romania with European AI policy and responsible AI practices....

✓ OfficialNational Strategyresearch.gov.ro ↗
National Strategy

Government Memorandum (23 April 2024) — Memorandum on establishing a national coordination committee for data, digital services and artificial intelligence (Memorandum privind stabilirea unui comitet de coordonare la nivelul României în domeniul datelor, serviciilor digitale şi inteligenței artificiale)

AI law in Romania: On 23 April 2024 the Romanian Government approved a memorandum establishing a national Coordination Committee for Data, Digital Services and Artificial Intelligence to harmonise and coordinate national implementation of EU rules on data governance, digital services and AI. The Committee brings together relevant national authorities and agencies to exchange expertise, coordinate market interventions, produce guidance and represent Romania in EU-level working groups....

✓ OfficialNational Strategyadr.gov.ro ↗
National Strategy

Government Memorandum (11 November 2022) — Memorandum on establishing the Romanian Committee for Artificial Intelligence (Memorandum privind înființarea Comitetului Român pentru Inteligență Artificială)

AI law in Romania: The Government Memorandum (November 2022) initiates the establishment of the Romanian Committee for Artificial Intelligence (CRIA / "AI Romania") as a national, consultative governance body under the Prime Minister with technical secretariat support from the Ministry of Research, Innovation and Digitalization (MCID). It sets out objectives to coordinate national AI initiatives, advise on ethics and education, support a national AI strategy and to operate as a central contact point for AI-related stakeholders....

✓ OfficialNational Strategymcid.gov.ro ↗
National Strategy

Romanian AI Legislative Proposal L255/2024 (Rejected)

AI law in Romania: No published, consolidated Romanian "AI Act Implementation Law" was located. The closest primary national instrument is a parliamentary proposal titled "Propunere legislativă....

✓ OfficialNational Strategyeur-lex.europa.eu ↗