ROMANIA--Alexandru Harsany of Nestor Nestor Kingston & Petersen|
Written Remarks on the Topic of "Transnational Jurisdiction in Cyberspace"
-With Special Reference on Romanian Legislation-
TABLE OF CONTENTS
I. Introduction *
II. Specific Romanian legislation, applicable to IT field *
A. Romanian legislation regarding the author & copyrights on Internet *
(1) Who is the author and when are the author's rights created: *
(2) The object of the protection: *
(3) Exclusive rights of the authors: *
(4) Exemptions from the exclusive rights *
(5) Duration of rights *
(6) Payment of rights *
(7) Sanctions *
(8) Procedural aspects *
B. Provisions applicable to the formation and implementation of contracts and of the means to secure commercial transactions *
(1) Implementation of contract *
(2) On digital (electronic) signature and the safety of commercial transactions *
III. The Code Project of the Information Technology *
A. General background related to the implementation of IT in Romania *
B. The terminology used in the legislation regarding information technology support *
C. Freedom of information in IT activities *
D. Institutional system *
(1) State Secretariate for Information Society *
(2) Romanian Informatics Authority *
E. Data Protection and Safety *
(1) Data protection *
(2) The role of the persons liable for data quality and safety in
the information field *
F. Protection of natural persons from personal data processing *
(1) Object of protection and field of application *
G. Notification *
H. Provisions of the IT Code regarding electronic documents *
I. Sanctions *
IV. Conclusion *
It can be considered that, at the celebration of its 30th anniversary, the computer-based worldwide information network made a wonderful gift to the world by giving new meaning and understanding to the title "Planet Earth Citizen." Irrespective of characteristics, barriers and frontiers, any inhabitant of the planet who has a computer and a possibility to get connected can now exercise planetary citizenship and can experience his affiliation to this title by becoming a resident of the Cyberspace.
No other event of the antique or modern history of humanity had such a rapid and tremendous evolution, and such a profound and dramatic impact upon the world trade, as the Internet. The only comparison which seems appropriate for the explosive development of the Net in the last 5 years was made in an interview by the Internet trade pioneer Jefferey P. Bezos, Chief Executive of Web superstore Amazon.com Inc. "In the Cambrian period, 550 mil years ago something snapped. In the space of less than 10 million years there was an explosion of multi-cellular organisms. Strange new life forms appeared, some with teeth and claws: the world first predators. Evolution tried every conceivable path – really fast. That burst of new life both wondrous and dangerous is precisely what’s happening in e-business today."
As this is booming under our eyes, nobody can say for sure what is going on, much less what is coming next. Starting 10 years ago when computer scientist Timothy Berners Lee introduced the World Wide Web, opening a new chapter in the history of the Net, and than 5 years ago when the World Wide Web made the Net accessible to mere mortals, many grounded and established principles of business have since become relative.
If three years ago Yahoo Inc. Amazon.com Inc. and eToys Inc. were just funny named enterprises, presumable money-losing startups with little chances on the serious business market, currently these are major media corporations that are commanding multibillion dollar markets.
As an estimation of what the Internet has become, according to data gathered by researchers and specialists, in February 1999 there were about 800 million pages (only on the World Wide Web) which are publicly accessible and at any given moment, approx. 25 million surfers are on-line.
In the main trading activities affected by the "magic – e" the figures are talking for themselves:
According to the prediction of specialists, by 2003 the global e-business will rise to USD 1.3 trillion, accounting for 9.4% of total business-to-business sales.
Taking into consideration such a growth rate, the growing truth is that he who is not on the net does not exist.
Internet is a cross-bordered structure and a public society whose non-regulated and unrestricted growth - with the exception of technical restrictions – has for a long time outpaced the existing international and national law advancements. Due to the relative flexibility of national laws, some legislation has already adopted specific rules for this domain (ruling the activity of the servers in the territory of the national state), but at the international level, no general agreement concerning this domain has yet been reached.
Because of the nature of the Internet, presently it does not make much of a difference if one state acts restrictively - irrespective of the state importance in the Net – however, the necessity of imposing an international legal and organizing framework is becoming more and more critical.
On the national scene, the implementation of IT in the Romanian society is ruled and outlined by a series of Governmental Decisions and Strategies (i.e., the Strategy for preparing Romania to join EU, which has been regarded as a strategic objective of the current Romanian Government).
Presently, unfortunately, Romania must close a real technical gap that is continuously growing between it and other EU countries. According to the studies performed by the National Statistical Committee published in the Romanian Statistical Yearbook (for the year 1997), at the beginning of 1998 in Romania there were installed 168,518 PCs (1 PC per 130 inhabitants). As for software products, the Romanian market has bought systems and applications with a total value of approximately 13.7 USD billions in 1998.
Further on, the IT investment per capita in Romania is approximately USD 10-15 and the number of the Net connected computers (per 100,000 people) is 16, which represents approximately 1% of the total population of the country.
With respect to the infrastructure and services supporting connectivity, in Romania there does not exists a public, national or regional backbone, almost all the ISPs being connected at various Net nodes through satellite antennas (generally at 4Mbs) and offering dial-up services (hourly based or full access). The prices for a full access connection per one month in dial-up system (with an ordinary modem) are ranging from 20 to 50 USD to which we should add the prices of the telephone services (which are at the European level of app. 0.02 USD/minute).
The purpose of this memorandum is to provide information on the modality by which the issues concerning jurisdiction in Cyberspace are interpreted, ruled and eventually settled under current Romanian legislation.
In Romania, to the author’s best knowledge, case law concerning jurisdiction on the Internet has not yet been established. The only domain currently benefiting from a relatively appropriate legal framework is the one of intellectual property (the protection of author rights/copyright). Besides this area, no other specific legal provisions regarding the Internet or the connection between informational technologies (hereinafter also described as IT) and the Internet has been issued in Romania. In an attempt to remedy this situation, in 1997, the Romanian Government through the National Information Committee (in collaboration with the Ministry of Justice) elaborated a Draft Code (Draft) concerning the development and utilization of IT (hereinafter described as the IT Code). The IT Code is currently on the agenda for discussion and amendment before the Parliament. A few relevant aspects of this project are detailed below in Chapter III.
As the Romanian legal system is a civil law system, currently only the solutions based on statutory law can be considered. Therefore, we have to try to find the answers in the general international law or in the commercial, civil and criminal national law covering various issues of jurisdiction. In the course of international law history the cases with an international dimension have been an issue for each national state to decide on (of course within the framework of the international law). During the past years, all the national legislation have met with an urging need for conformity, uniformity, the introduction of common general rules being attempted for various fields of activity (mainly in the commercial field). As a result of such need, Romania has signed various international conventions and treaties in fields as Commercial law, Civil Procedure and Civil Law, etc. However, in many other fields, such conventions are presently lacking and we are consequently bound to study each country and case individually.
The Romanian legislature has chosen as the main protection system for computer programs the protection of authors’ rights. The Law concerning authors’ rights and other related rights (hereinafter called "the Copyright Law") come into force on March 26, 1996 and contain, in Chapter IX, a new (for Romania) category of protection – the protection of computer programs. Until the enactment of the future Romanian IT Code, which contains a special Chapter dedicated to the protection of the intellectual property rights in the IT area (in relation with the Internet) the above mentioned law shall apply.
One major problem of all computer programs producers in the world is the pirated software, the yearly losses estimated at USD 15 billion. Unfortunately, Romania, according to the Business Software Alliance (BSA) and Software Publishers Association, is one of the biggest transgressors in this area, with a rate of pirated software being estimated at 95% of the total marketed software.
According to the provisions of the Copyright Law (and other laws which are relevant in such cases), such actions shall entail, as the case may be, civil, material, administrative or disciplinary liability, or liability for offence or minor offence.
The Romanian Copyright Law stipulates that the only person entitled to make copies of the protected materials is the author. Such provision is applicable also for the downloaded materials. Consequently, any kind of copy of a literary, dramatic, musical or artistic material (including the computer programs) without having the consent of the author is an infringement of the author right.
Set forth below is a summary of certain relevant details related to specific problems included in the Romanian Copyright Law:
According to the Romanian Copyright Law, the owner of the rights is the author of the computer program. According to art.4 (I) of the Romanian Copyright Law, "The person under whose name the materials become known to the public for the first time, is presumably the author, until otherwise proved" and according to art.5 (I), a joint work/material is a material created in collaboration by several co-authors;
In case of computer programs created by a legal person (a company), the owner of the author’s rights is the legal person who has hired the employee (if not otherwise agreed between the parties) in those cases where the program was created by one or more employees in execution of their duties or following the instructions of the legal person who has hired them.
The protection conferred by the Copyright Law for the computer programs includes any expression of a program, application programs and operating systems, in any specialized programming language, in source code or object code, the preparation (conception) materials, as well as the manuals.
The ideas, procedures, function methods, mathematical concepts and principles creating any element of a computer program, including the ones creating the interface of the program, are not protected.
Besides the ordinary rights conferred by the paternity of a computer program, under the Romanian Copyright Law, the author benefits from a special protection referring essentially to the right to create and authorize the following:
a) to reproduce permanently or temporarily the program as a whole or only in part, through any modality and form including the case in which the reproduction is determined by loading, displaying, transmitting or copying of the computer program;
b) translation, adaptation, arrangement and any other transformation of a computer program as well as the reproduction of the results of such operations, without bringing prejudice to the rights of the person transforming the computer program;
c) distribution of the original or of copies of a computer program in any form, including renting (lease).
As well as other national laws in this domain, the Romanian Copyright Law contains certain provisions regarding a series of exemptions from the rights stipulated above.
The exemptions are generally provided for the benefit of the authorized users.
In this regard, the authorized user has the right (without the express permission of the author) (i) to make a back-up copy or safety copy of the program, and (ii) to observe, study or test the operation of such computer program, with the purpose of establishing the ideas and principles composing each and every element of the program.
The patrimonial rights for the computer programs are protected for the lifetime of the author, plus 50 years (such right can be transmitted through heritage, according to the Romanian Civil Code).
The author can choose between a fixed amount and a royalty (proportional with the profits obtained in the process of exploitation).
In the case of a joint created computer program, such amount or royalty shall be split between the co-authors, pro-rata with the contribution of each author (and equally split if such contribution can not be established).
The law also contains special provisions regarding the payment of the rights in case of cessation or transmittal (the cessation of the right to utilize the program does not necessarily include the cessation of the author’s rights in connection with the program).
The infringement of the rights provided by the law entails civil, criminal or contraventional liability (as the case may be).
For example, the following acts of a person who, without the consent of the author,
a) reproduces, in whole or in part, a computer program,
b) distributes a computer program,
is considered a crime and may be punished with imprisonment from 3 months to 3 years or with fine amounting to ROL 500, 000 up to 7 million.
According to the Romanian Copyright Law, the authors can request the Courts or other competent bodies to ascertain their rights, to establish the infringement and to recover the prejudice according to the Romanian laws in force.
We must underline that the contents of Romanian Copyright law are practically identical with the contents of the European Council Directive dated May 14, 1991 regarding copyright protection.
According to Romanian law, the exact time and place of the creation of the contract is often determinative of the applicable law. Therefore a key issue is establishing the exact moment when the transaction was closed. Because Cyberspace contracts may be concluded on-line or off-line, we must differentiate between present persons (inter presentes) and remote persons (inter absentes). According to art. 35 of the Romanian Commercial Code (1887), we shall consider the inter presentes contracts those contracts concluded on-line, and the inter absentes contracts the contracts concluded by electronic mail (off-line).
If we assimilate the case of accepting the offer by electronic document with that of accepting the offer by an common paper document, we can reach the conclusion that the day and the time of concluding the contract is the day and time (exact time in terms of minutes, seconds) of delivering the acceptance.
With respect to legal formalism, according to art. 969 of the Romanian Civil Code, by virtue of a mere agreement, the simple will agreement validly expressed by both parties evidences the contract (as per probation in commercial matters the principle is stated by art. 46 of the Romanian Commercial Code). Therefore, the paper documents is not necessary for the initiation of the contract or in order to certify such contract. Obviously there is nothing to prevent such contracts to be also issued as a listing or to be preserved on specific IT supports (magnetic disks, optical disks, non-volatile memory).
Such form is recommendable in view of constituting a document in proof in case of a possible litigation. If the original no longer exists in this context, it results that any copy (and any form) may equally constitute a document in proof. The development of Cybertrade has resulted in the taking over of traditional solutions and adapting them to the new conditions (see the computerized banking sector making the first step by renouncing the paper support of drafts thus reducing the huge amount of paperwork and accelerating operations).
In order to serve as a document in proof in international trade, the written form of a contract is, if not essential, at least recommended. For practical reasons, we deem applicable the utilization of the procedure already used on a large scale in other countries, that is the utilization of an agent to keep an identical document as those held by each of the parties to the transaction.
Certain Web sites send a confirmation of the purchase orders, without being correlated at the level of the stocks resulting from the thousands of orders confirmed, which have to be performed at prices below the production cost due to the rising prices or to the lack of stock. Unfortunately, certain programs do not even ascertain the validity of the details provided by the debit or credit card used to effect payment, unconditionally accepting an order and leaving any non-effected payment to be collected as a civil debt. In this respect, the Internet may constitute the equivalent of an independent third party; consequently being applied the mail regulations of a structure whose organization is similar to that of the international mail services. The issue however is that there is no party responsible for the transmission in whole and that the transmission of a number of packages, differently grouped, may exclude mail regulations.
The field name (country code, i.e., *.Ro) indicates only the registration place. After registering the field, such field may be relocated anywhere in the world. We consider that the same laws should apply as in the case of companies, and that the server should be considered as being located in the country of registration. In this respect, the terms and conditions of the contract should be clearly displayed before carrying it out. Establishing a button labeled "Terms and Conditions" which may be read by the party ordering goods and which may or may not be clicked is not always a sufficient measure.
A series of issues to which Romanian legislation and legal practice do not provide an answer are: establishing the transmission of a message from a person which is party to the transaction to the other party, the admissibility from a legal perspective of a digital signature, the need for encryption by means of a public key and which is to be the length of the key and the frequency for changing it.
As we have learned from practice, Internet addresses may be forged so that the real identity of the sender may be disguised and the message appear to have been sent by a person other than the real sender. The only way to resolve such situations is printing hard copies of the messages, dating and signing them as being valid, and in respect of contracts involving significant amounts of money, sending complete copies to the other party by normal mail so that they may be signed and returned, avoiding in this way any disputes related to the accuracy of the documents.
Apart from the integrity of the message, safety should extend to issues such as rejection of the receipt by one of the parties, the risk of unauthorized intrusion, modification of messages, alteration and loss.
While digital signatures are accepted by those carrying out electronic business, from a legal perspective there are a few problems in this respect since in many European jurisdictions certain transactions are validated only by the traditional signature, that is by hand and ink signature.
We conclude this section by specifying that the regulations included in the Romanian IT Code (draft, discussed below) contain provisions regarding electronic signature and electronic document concepts and to their certified value.
In 1997, the Romanian Government through the National Information Committee (in collaboration with the Ministry of Justice) elaborated a Draft Code concerning the development and utilization of IT. The IT Code is currently on the agenda for discussion and amendment before the Parliament. A few relevant aspects of this project will be detailed below The project of the Romanian IT Code tries to establish the legal frame for the implementation of the IT in various sectors of economic and social life by regulating the introduction, creation and utilization of IT, as well as the rights and liabilities of the natural or legal persons involved in IT activities, establishing various categories of electronic format acts and documents and the forms and conditions required for the legality of such documents.
The IT Code provides that the freedom of information is acknowledged, guaranteed and protected according to the national laws and to the international treaties to which Romania is a party.
The provisions of the IT Code are equal and on a non-discriminatory basis applied to legal and natural persons, whether or not involved in the carrying out and utilization of information technology in Romania. The following computerizing principles are established:
The implementation of IT in Romania is declared to be a strategic objective. The state supports, according to law, the participation of private economic operators to the competition aiming to achieve such objective, to develop the national industry of information technology, especially software industry, as well as international cooperation in the field.
For a better understanding by lawyers of the Romanian legal provisions regarding information technology, the Code includes a presentation of the terms and expressions used in the field of IT (for example, electronic deed or document; database; lawful operation of a database or databank; cryptographic methods; personal data; total or partial automatic data processing; creating anonymity (with respect to the protection of natural persons as regards the processing of personal data, etc).
The circulation of IT data throughout the Romanian territory is free within the legal limits for the participants to the independent information traffic or to that connected to relays or IT systems. The flow and traffic across boundaries of the data subjected to automatic processing and of those collected in view of such processing are allowed if they do not infringe upon human rights, citizenry freedom and obligations and/or the secrecy or confidentiality required in order to maintain order by the effect of law, public order and national safety. In order to protect human rights and freedom, natural and legal persons benefiting from IT products or services are required to:
The following information is considered to belong to a special category and may only be held and processed according to law: personal data regarding race or ethnicity, political options, religious or other beliefs, information related to health or sexual life of a person, information regarding private personal and family relationships as well as information related to criminal convictions; confidential or secret information and data regarding national defense and the principles of the rule of law of the state and society.
According to the Code project, the National Informatics Committee is reorganized in the State Secretariat for Information Society. A specialized Government authority, it is the state authority for the development of information society countrywide, with the mission to secure the preparation, monitoring and evaluation of policies in the information field as well as to coordinate the application of such policies in Romania.
The State Secretariat for Information Society is managed by a State Secretariat – the Head of the Secretariat, designated by the Prime Minister. In fulfilling its duties, the Head of the State Secretariat for Information Society issues orders and instructions, methodological norms, regulations, technical recommendations, other acts for the application of the policies made to achieve information society in Romania and approves any regulation regarding information society, including regulations in the field of international trade related to information technology.
The State Secretariat for Information Society may assign specialized technical authorities to prepare and apply the regulations and technical norms related to the field of information technology, to ensure professional and specialized training of the public institution personnel in the field of information technology, to organize expert appraisals and to provide public domain quality certificates of information products and services, to ensure the inspection and control of such. The State Secretariat for Information Society coordinates the Informatics Research Institute. The specialized technical organizations and the interested commercial companies shall be entirely funded from extra budgetary income.
In order to protect human rights and the lawful interests of natural persons, the Code stipulates that the Romanian Informatics Authority is formed as an autonomous administrative authority. The Romanian Informatics Authority comprises 9 members named by the Romanian Senate for 5-year mandates.
The Romanian Informatics Authority approves its own organization and operation regulations. The Romanian Informatics Authority has its own control body under the authority of its president. The President of the Romanian Informatics Authority designates natural persons to be members of the control body and to represent such Authority and it may ask for the Public Ministry support in view of investigation and control missions performed by such according to law.
The Romanian Informatics Authority supervises and controls the lawfulness of all personal data processing in the public and private sector, according to the provisions of the Code.
Securing data safety is mandatory for the protection of private life, of the secrecy of business and transactions, of intellectual property and of the principles of the rule of law. Securing data safety within the IT systems is achieved by protecting the information stocked, processed or delivered by electronic means against the risk of loss, destruction or damage, as well as against accidental or voluntary unauthorized use or disclosure.
In order to secure information safety, the holders of the information systems are bound to use secured communication infrastructures, operation and administration systems for the secured database, secured administrative procedures and any other means required in order to attain such purpose.
The army as well as other components of the national defense system applies a special information safety treatment, according to their own regulations.
Irrespective whether it is meant for internal or external access or it makes the object of data and information sent to third parties, the database is organized by observing the principles of full responsibility for the quality and safety of the respective data. A person responsible for data processing is assigned for every database of the public domain. Furthermore, persons responsible for informational networks are assigned for: all public, private or mixed informational networks; all communications and telecommunications networks which, according to the legal provisions or to the contractual provisions, are involved in the transport of gross or processed informational data, clear or encrypted, simple or organized as information or information packages.
One of the purposes aimed at by the IT Code is to protect the rights and freedom of natural persons, especially their private life and their right to an image, according to the processing of personal data. The code includes regulations related to data quality and to the lawfulness of the processing, as well as to a person’s rights regarding the processing of the data related to such person.
The rights to information as well as the right of access are limited by specific normative acts in the event that such measure is required in order to secure:
The relevant natural person who considers that its rights have been breached avails itself of the following methods to be applied successively:
The activities for processing data with personal character have to be notified to the Romanian Informatics Authority. If, on the grounds of the notification, the Romanian Informatics Authority considers that the processing implies the risks of affecting the rights and freedom of the concerned natural persons, such authority may order the performance of a control prior to the initiation of the processing, upon a notification addressed to the person in charge with the processing.
Electronic documents may consist of numeric data, texts, charts, static or dynamic images, sound or voice records and, in general, any other structure or reproduction, by automatic means, of certain facts, things or expressions, complying with the requirements of the IT Code (the form of the electronic documents must allow the interested party to read and automatically process them).
According to the provisions of the IT Code, the electronic signature consists in an informatic code, which allows the identification of the issuer and/or the ascertaining of the authenticity of the document’s content and/or the completeness of the stored and transmitted data and/or calendar date. Upon structuring the electronic signature, cryptographic methods may be applied.
Electronic documents constitute the full proof of the represented facts or goods if the person against whom they are invoked does not challenge their conformity with the respective facts or goods; in the event that it challenges them, the proof shall be made by comparison with the original document.
The electronic document supplied with an electronic signature or which has not been challenged shall be the equivalent of the paper document under private signature, as regards both its basic effects and the procedural ones.
Recording, inventorying, selecting, keeping/preserving and using electronic documents as well as depositing them for permanent keeping with the National Archives shall be effected according to the legal provisions in force.
The Ministry of Justice together with the State Secretariat for Information Society may authorize, upon request, the notary offices supplied with IT equipment and connected to communication networks to perform activities specific to the information technology field.
Law firms, legal experts and translators authorized by the Ministry of Justice which are connected to communication networks may perform transposing, transmission, reception and re-transmission activities in relation to electronic documents, under the authorization conditions stipulated by the Code.
A Government decision shall establish both the categories of electronic acts and documents taken in consideration and the form and conditions required of them so as to result in a standardization of the form of the electronic documents, by also taking into account international regulations.
According to the provisions of the Code draft, certain actions shall entail, as the case may be, civil, material, administrative or disciplinary liability, or liability for offence or for minor offence, as follows:
By analyzing the various national laws and the international treaties related to the diversified aspects of the IT field, we should expect a continued lag of the legal system mostly due to the quick development of technical and technological fields.
Although international law stipulates a settlement basis for possible legal issues, vis-à-vis the IT system a satisfactory legislation provided in this field should be prepared both in the legal national system (such as the above-mentioned Romanian laws especially in the criminal field) and with respect to the conclusion of adequate international treaties.
|Chicago-Kent Home Page | Cyberlaw Home Page|