The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The national transposition by Romania of Directive 2000/31/EC has been carried out through the E-commerce Act. Arts. 11-15 of the law outlines the liability scheme for internet intermediaries. The law largely follows the European Union E-Commerce 'safe harbours' model, immunising intermediaries when they act as a mere conduit or when they cache or host material. Intermediaries remain liable if they are the originators of the information, if they modify the information or if they are aware of the infringing nature of the information. While there is no general monitoring duty imposed on intermediaries, once they are made aware of the infringing content, they must remove it from their platform' rapidly. Art. 16 further provides that the legal remedy brought against these intermediaries is either a take-down or a blocking order (both temporary and permanent injunctive remedies are permitted).
The law differs from the EU model in two primary respects. The law does not use the term ‘internet intermediary’; instead, it identifies specific types of ‘service provider[s]’, suggesting a more nuanced view of the online environment. This enables the law to go further than the EU E-Commerce Directive. Specifically, Art. 15 explicitly extends the internet intermediary liability protection to search engines, which are not considered in the EU directive. Search engines are similarly liable if they fail to block illegal content once they have been made aware of it.

Art. 17 of Directive 2019/790 on Copyright in the Digital Single Market (DSM Directive) mandates that providers of content-sharing services seek authorisation from rights holders and implement technical solutions to remove and prevent unauthorised uploads by their users (so-called upload filters), under penalty of losing their liability safe harbour. Further arrangements are envisaged for complaints and dispute resolution mechanisms. Such upload filters are reported to be a significant cost for online platforms. Graduated exemptions are expected to be put in place for new providers active in the EU for less than three years, with a turnover under EUR 10 million and with fewer than five million users. The provision is subject to a challenge in the Court of Justice by Poland (C-401/19).
To implement Directive 2019/790, the President promulgated Law No. 69 Amending and Supplementing Law No. 8/1996 on Copyright and Related Rights , therefore making online content-sharing service providers partially liable for copyright violations on their platforms.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In Romania, the EU Directive was transposed into domestic law through the amendment of the Audiovisual Law of June 2022 (Law No. 190 of June 28, 2022). According to Art. 23 of the Law, providers of on-demand audiovisual media services in Romania are required to allocate at least 30% of their catalogues to European works, thereby ensuring their effective promotion. Promotion strategies may encompass dedicated sections on the homepage, enhanced search functionality, and marketing campaigns that feature European works. The Member State of jurisdiction is responsible for enforcing compliance when the provider operates multiple national catalogues. However, this obligation does not apply to providers with a turnover below EUR 2 million.
Furthermore, Art. 13 of Ordinance No. 39 of 14 July 2005 establishes the financial requirements applicable to VOD service providers to ensure they possess the necessary financial means for the development of cinematographic activity, as well as to fulfil the functions of the National Cinematography Centre.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. The GDPR was implemented in Romania in 2018 through the Law No. 190/2018 Implementing the General Data Protection Regulation (Regulation (EU) 2016/679).

In Romania, Regulation 2019/452 is transposed by Law No. 164/2023 for the Approval of the Government Emergency Ordinance No. 46/2022. According to the law, FDI projects in designated areas of the economy whose value exceeds the EUR 2 million (approx. 2 million USD) threshold, or those that have an impact on national security or public order or present risks to them, are subject to the Government’s authorisation. The regime applies to investors from non-EU countries or to EU investors that non-EU persons directly or indirectly control. The sectors of the economy in which FDI is subject to the Government’s authorisation include the security of Romanian citizens and the community, critical infrastructure, information systems and communications systems.
The law has undergone several amendments in recent years, with the most recent changes introduced through Emergency Ordinance No. 108/2023 in November 2023. These amendments expand the scope of the FDI screening regime to include below-control investments where an investor gains "effective participation in the management" of the target. Additionally, a new filing fee of EUR 10,000 (approx. 10,000 USD) has been instituted for the screening process.

In accordance with Art. 2 of Decision No. 73 of the Supreme Council for National Defence, operations involving the acquisition of control over certain companies or assets, as well as economic concentration transactions established by law, are subject to analysis as provided in Art. 46 of Law No. 21/1996. This analysis also applies to economic concentration operations that could pose a threat to national security. According to Art. 3 of Decision No. 73, mergers potentially impacting national security require notification to the Supreme Council for National Defence. These notifications are specifically relevant to the following areas: a) Security of citizens and communities; f) Security of critical infrastructures; and g) Security of information and communication systems (Art. 2). According to Art. 4 of the Decision, the assessment of national security risks is carried out primarily by the national security system's structures and state authorities with direct responsibilities in the specified areas, following the provision of all necessary information and documents.

Romania is a party to the Patent Cooperation Treaty (PCT).

There is no general principle for the use of copyright-protected material comparable to the fair use/fair dealing principles. Directive 2001/29/EC defines an optional but exhaustive set of limitations from the author´s exclusive rights under the control of the “three-step test” in line with the Berne Convention that establishes three cumulative conditions to the limitations and exceptions of a copyright holder’s rights. Romania has transposed the Directive through several amendments of Law No. 8 of March 1996 on Copyright and Neighboring Rights, including the Government Emergency Order amending Law No. 8/1996 on copyright and related rights, Law No. 15/2019 amending Law No. 8/1996 on copyright and related rights, among others.

Copyright is not adequately enforced online in Romania. It is reported that online piracy remains a concern, with some notorious pirate sites allegedly hosted or registered in the country. Additionally, penalties for IP infringements are reportedly insufficient, hampering investigations and failing to deter further crimes. Law enforcement agencies often consolidate significant cases into criminal files for tax evasion. Furthermore, Romania lacks an effective and timely mechanism for rights holders to file takedown requests against online marketplaces and hosting platforms for infringing material. Adequate resources, including additional training for law enforcement, are needed to enhance enforcement quality.

Romania and the European Union have adopted the World Intellectual Property Organization (WIPO) Copyright Treaty. Romania ratified the Treaty on 1 February 2001, with its provisions coming into force on 6 March 2002. Subsequently, the European Union ratified the Treaty on 14 December 2009, and it entered into effect on 14 March 2010.

Romania and the European Union have adopted the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty. Romania ratified the Treaty on 1 February 2001, with its provisions coming into force on 20 May 2002. Subsequently, the European Union ratified the Treaty on 14 December 2009, and it entered into effect on 14 March 2010.

Trade secrets are protected in Romania, especially by Law No. 11/1991 on combating unfair competition. In April 2019, Romania adopted Government Emergency Ordinance No. 25, which protects undisclosed know-how and business information (trade secrets) against unlawful acquisition, use, and disclosure in compliance with Directive (EU) 2016/943.
The law defines and protects trade secrets by reference to Law No. 11/1991 and information that is not generally known or easily accessible, which is valuable because it is secret and its owner has taken reasonable measures to ensure its secrecy. Protection covers its divulgation, acquisition and use without the owner's consent. Exceptions are specifically provided in certain cases and under clear conditions for:
- Exercising the right to freedom of expression;
- Revealing misconduct, wrongdoing or illegal activity;
- Disclosure by workers to their representatives as part of the legitimate exercise by those representatives of their functions.

It is reported that passive sharing is mandated in Romania, and it is practised in the mobile and fixed sectors based on commercial agreements. In addition, Art. 3.2 of the Directive 2014/61/EU establishes that Member States shall ensure that, upon written request of an undertaking providing or authorised to provide public communications networks, any network operator must meet all reasonable requests for access to its physical infrastructure under fair and reasonable terms and conditions, including price, with a view to deploying elements of high-speed electronic communications networks. Such written request shall specify the elements of the project for which the access is requested, including a specific time frame.

It is reported that Romania does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, accounting separation is required by law.

It is reported that the Autoritatea Naţională pentru Administrare şi Reglementare în Comunicaţii (ANCR), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.