According to Art. 73 of Law No. 031/2022, the procuring entity, through competition, gives preference to:
- Supplies or goods produced or manufactured in Rwanda;
- Consultancy and non-consultancy service providers registered as a domestic legal entity when procuring consultancy and non-consultancy services;
- A legal entity registered in Rwanda as a domestic legal entity when procuring for works; and
- An individual consultant operating in consultancy services.
Ministerial Order No. 001/23/10/TC determines the modalities for applying these preferences. According to Art. 63 of the Order, price preference is used during the financial evaluation stage of bids for international or national tenders, in accordance with the following rules:
(i) A 15% local preference is granted to locally manufactured goods or supplies. When a bid includes both locally manufactured and imported goods or supplies, the preference applies only to the locally manufactured portion.
(ii) A 15% local preference is granted to companies registered in Rwanda as domestic companies for at least six months, when procuring consultancy and non-consultancy services.
Additionally, local preference is granted to joint ventures between a domestic and a foreign company, provided the domestic company fulfils at least 30% of the technical and financial requirements. However, this preference does not apply to tenders for consultancy services.

Rwanda is not a party to the World Trade Organization (WTO) Agreement on Government Procurement (GPA), nor does it have observer status.

The Consumer Rights Directive 2011/83/EU provides an updated framework aimed at encouraging online sales. The Directive has been implemented by Law No. 363/2007 on unfair commercial practices of traders in relation to consumers and harmonising the regulations with the European legislation on consumer protection.

Romania has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Romania has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Romania has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The national transposition by Romania of Directive 2000/31/EC has been carried out through the E-commerce Act. Arts. 11-15 of the law outlines the liability scheme for internet intermediaries. The law largely follows the European Union E-Commerce 'safe harbours' model, immunising intermediaries when they act as a mere conduit or when they cache or host material. Intermediaries remain liable if they are the originators of the information, if they modify the information or if they are aware of the infringing nature of the information. While there is no general monitoring duty imposed on intermediaries, once they are made aware of the infringing content, they must remove it from their platform' rapidly. Art. 16 further provides that the legal remedy brought against these intermediaries is either a take-down or a blocking order (both temporary and permanent injunctive remedies are permitted).
The law differs from the EU model in two primary respects. The law does not use the term ‘internet intermediary’; instead, it identifies specific types of ‘service provider[s]’, suggesting a more nuanced view of the online environment. This enables the law to go further than the EU E-Commerce Directive. Specifically, Art. 15 explicitly extends the internet intermediary liability protection to search engines, which are not considered in the EU directive. Search engines are similarly liable if they fail to block illegal content once they have been made aware of it.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The national transposition by Romania of Directive 2000/31/EC has been carried out through the E-commerce Act. Arts. 11-15 of the law outlines the liability scheme for internet intermediaries. The law largely follows the European Union E-Commerce 'safe harbours' model, immunising intermediaries when they act as a mere conduit or when they cache or host material. Intermediaries remain liable if they are the originators of the information, if they modify the information or if they are aware of the infringing nature of the information. While there is no general monitoring duty imposed on intermediaries, once they are made aware of the infringing content, they must remove it from their platform' rapidly. Art. 16 further provides that the legal remedy brought against these intermediaries is either a take-down or a blocking order (both temporary and permanent injunctive remedies are permitted).
The law differs from the EU model in two primary respects. The law does not use the term ‘internet intermediary’; instead, it identifies specific types of ‘service provider[s]’, suggesting a more nuanced view of the online environment. This enables the law to go further than the EU E-Commerce Directive. Specifically, Art. 15 explicitly extends the internet intermediary liability protection to search engines, which are not considered in the EU directive. Search engines are similarly liable if they fail to block illegal content once they have been made aware of it.

Art. 17 of Directive 2019/790 on Copyright in the Digital Single Market (DSM Directive) mandates that providers of content-sharing services seek authorisation from rights holders and implement technical solutions to remove and prevent unauthorised uploads by their users (so-called upload filters), under penalty of losing their liability safe harbour. Further arrangements are envisaged for complaints and dispute resolution mechanisms. Such upload filters are reported to be a significant cost for online platforms. Graduated exemptions are expected to be put in place for new providers active in the EU for less than three years, with a turnover under EUR 10 million and with fewer than five million users. The provision is subject to a challenge in the Court of Justice by Poland (C-401/19).
To implement Directive 2019/790, the President promulgated Law No. 69 Amending and Supplementing Law No. 8/1996 on Copyright and Related Rights , therefore making online content-sharing service providers partially liable for copyright violations on their platforms.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In Romania, the EU Directive was transposed into domestic law through the amendment of the Audiovisual Law of June 2022 (Law No. 190 of June 28, 2022). According to Art. 23 of the Law, providers of on-demand audiovisual media services in Romania are required to allocate at least 30% of their catalogues to European works, thereby ensuring their effective promotion. Promotion strategies may encompass dedicated sections on the homepage, enhanced search functionality, and marketing campaigns that feature European works. The Member State of jurisdiction is responsible for enforcing compliance when the provider operates multiple national catalogues. However, this obligation does not apply to providers with a turnover below EUR 2 million.
Furthermore, Art. 13 of Ordinance No. 39 of 14 July 2005 establishes the financial requirements applicable to VOD service providers to ensure they possess the necessary financial means for the development of cinematographic activity, as well as to fulfil the functions of the National Cinematography Centre.

In 2021, the Romanian government approved Law No. 163 of 11 June 2021 on the adoption of measures on information and communication infrastructures of national interest and conditions for the deployment of 5G networks, requiring suppliers to have approval from the Supreme Council of National Defence (CSAT) to sell 5G equipment (Art. 3). The legislation states that equipment from untrusted vendors must be replaced by 2026 (core network) and 2028 (RAN equipment). To provide 5G equipment in Romanian mobile networks after 2026 (Core) / 2028 (RAN), the vendor must apply to the Supreme Council of National Defence (CSAT) for approval. It is reported that from 2021 until 2024, Huawei chose not to apply for such a permit. Given that Huawei has not received CSAT approval, Romanian telecom companies would have to remove all Huawei products from their networks within five to seven years, and the major Chinese firm is excluded from taking part in the development of the 5G network.

Art. 109 of "Law No. 207/2015 Regarding the Fiscal Procedure Code" stipulates that entities subject to its provisions must retain tax and accounting records, either in physical or electronic form, within Romania, at the taxpayer’s registered office or secondary establishment corresponding to their domicile.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. The GDPR was implemented in Romania in 2018 through the Law No. 190/2018 Implementing the General Data Protection Regulation (Regulation (EU) 2016/679).

Copyright is not adequately enforced online in Romania. It is reported that online piracy remains a concern, with some notorious pirate sites allegedly hosted or registered in the country. Additionally, penalties for IP infringements are reportedly insufficient, hampering investigations and failing to deter further crimes. Law enforcement agencies often consolidate significant cases into criminal files for tax evasion. Furthermore, Romania lacks an effective and timely mechanism for rights holders to file takedown requests against online marketplaces and hosting platforms for infringing material. Adequate resources, including additional training for law enforcement, are needed to enhance enforcement quality.

Romania and the European Union have adopted the World Intellectual Property Organization (WIPO) Copyright Treaty. Romania ratified the Treaty on 1 February 2001, with its provisions coming into force on 6 March 2002. Subsequently, the European Union ratified the Treaty on 14 December 2009, and it entered into effect on 14 March 2010.