Privacy and protection of personal data is a relatively new field for the legislative framework in Romania. Being a member of the European Union since January 1st, 2007, Romania implemented the EU Data Protection Directive 95/46/EC into the national legislation in November 2001 through Law no 677/2001 on the protection of individuals with regards to the processing of personal data and the free movement of such data (« The Data Protection Law« ).
LAW
The data protection law applies to the processing of personal data performed, totally or partially, through automatic means, as well as to the processing through means other than automatic. Its provisions also address crucial factors such as legitimate processing, data quality, definitions of the fundamental terms (e.g. operator, data subject, processing etc.), the rights of the data subjects and the obligations of the operators of personal data, and it designates the Romanian Supervisory Authority on data protection.
In addition to providing guarantees in relation to the collection and processing of personal data, it outlaws the processing of « sensitive » data on a person’s race, politics, health, religion, sexual life, criminal record, etc., in the absence of proper legal safeguards. (suite…)