The rapid increase of internet services that has captured both business and the consumer interest in electronic commerce, with its reduced costs and speed in performing the transactions, has been a substantial boon to high tech savvy Romania. E-commerce has given a strong push to small and medium sized companies to use the internet to increase their business and has allowed access to goods and services by Romanian consumers that could not have otherwise been realized.

With such growth, come significant issues that need solutions – for instance, how to best ensure the protection of customer’s personal information; or how to secure electronic contracts; or how to avoid spam and scams. In response to these issues, and with an eye towards Romania’s accession to the European Union (“EU”), Romania adopted Law 365/2002 on electronic commerce (“Law 365”), actually transposing the provisions of the Directive adopted in this field by the EU. There are also other laws regulating different aspects of electronic commerce.

Freedom to provide “services in the informational society”

In full compliance with the provisions of the directive adopted at the EU level, Law 365 establishes the principle of freedom to provide “services in the informational society,” meaning that, in order to provide such services, a company does not need any prior authorization, the services being provided in compliance with the principles of fair trade and free competition. According to Law 365, a “service in the informational society” means any activity providing services or involving the creation, amendment, transfer or termination of a real right on a fixed includes all of the following characteristics: is performed in exchange for something of value to the supplier usually by the recipient, where the supplier and the recipient do not have to be physically present simultaneously at the same place and the activity is carried out by transmitting the information upon the individual request of the recipient. The recipient is defined as any individual or legal entity that uses, in commercial, professional or other purposes, a service in the informational society, in particular for searching information or for acquiring access to such information.

The freedom to provide services in the informational society is ensured by the “home country control principle”, meaning that only one state is to control the legality of the activities performed by a supplier of services in the informational society, and that state is the one on whose territory the supplier is headquartered.

Commercial Communications. Spam

In e-commerce business, using commercial communications is essential for advertising purposes. Law 365 defines commercial communications as any form of communication meant to promote, directly or indirectly, the goods, services, image, name or denomination, company or logo of a trader or a member of a profession. Furthermore, Law 365 settles the minimum conditions that must be fulfilled by service providers performing commercial communications, the basic principle being that sending commercial communications through e-mail is prohibited, with the exception of cases where the receiver has given his consent to receive such communications. The receiver’s consent can be obtained in any form and can be proved by any means by the services supplier. Law 365 and its implementing regulations describe in detail the conditions to be fulfilled by consents transmitted by e-mail messages. The receiver of commercial communications has the right to revoke its consent to receive such communication by simply notifying the sender. The provider has an obligation to implement a free procedure, accessible also by electronic means, through which the receiver is able to revoke its consent, and the provider must make this procedure public on its webpage and in the messages containing commercial communications.

Sending non-requested advertising messages via the Internet has increased dramatically over the past years, with severe consequences leading even to electronic fraud. Such non-requested commercial communications are sometimes considered in non-specialized legal language as “spam”, a term defined in the legislation of other countries, although persons working in Romanian institutions competent in this field consider that “spam” is more than just a “non-requested commercial communication,” spamming being a significant aspect of potential electronic fraud, as well as a great loss of time and money for the parties involved in the process.

In an attempt to limit the potential dangers generated by spam, Law 365 regulates in detail the conditions that must be fulfilled by commercial communications, which represent services in the informational society or a part of such services, in order to be permitted as commercial communications, to wit: they must be clearly identifiable as such; the individual or legal entity in the name of which they are sent must be clearly identified; promotional offers, such as discounts, prizes and gifts, must be clearly identifiable, and the conditions to be met for obtaining them must be easily accessible and clearly presented; and competitions and promotional games must be clearly identifiable as such, and the participation conditions must be easily accessible and clearly presented as well as any other conditions stated by applicable legal provisions.

As the process of transmitting commercial communications entails the existence of an entire database of potential clients’ personal information, and in consideration of the significance in protecting the right of any person’s privacy, Romania adopted a specific law, i.e. Law 506/2004 setting the specific conditions for guaranteeing privacy with regard to the operation of personal data in electronic communications. As an exception to the interdiction to send commercial communications by e-mail without the receiver’s prior approval, Law 506/2004 establishes that, in the event that an individual or legal entity has obtained a client’s e-mail on selling to the latter a product or a service, then the individual / legal entity is entitled to further use that e-mail in the purpose of transmitting commercial communications to the client with regard to similar products or services, but under the condition that they clearly and expressly provide to the clients the opportunity to eliminate such use of e-mail in a simple and free manner.

Contracts Concluded by Electronic Means

In order to facilitate e-commerce transactions, Law 365 contains specific provisions regarding the conclusion of contracts by electronic means. Due to the fact that these contracts do not require the simultaneous presence of the parties, they may be considered as distance contracts, regulated by the Government Ordinance 130/2000, if they are concluded between services providers and consumers, defined as any individuals or legal entities acting in other purposes than in their commercial or professional activity. Contracts concluded by electronic means produce all the effects that the law recognizes for the other contracts, when all of the conditions requested for their validity are met. Such validity conditions do not require that both parties provide their consent to the use of electronic means.

As the conclusion of contracts by electronic means entails certain risks, Law 365 provides for specific guarantees ensuring the transparency of the services providers’ activity, focusing on the latter’s information obligation. Such information obligation of service providers may be analysed from two perspectives: the suppliers’ obligation to inform the receivers, and the suppliers’ obligation to inform consumers.

In the first instance, the service provider has the obligation to place at the disposal of all receivers, before any receiver sends an offer or accepts an offer, at a minimum, the following information in a clear, unequivocal manner and in an accessible language: the technical steps necessary to conclude the contract; if the contract, after conclusion, is or is not stored by the service provider and if it is accessible or not to the receiver; the technical means the service provider puts at the disposal of the receiver to identify and correct any mistakes in the contract; the language of the contract; the relevant conduct codes to which the service provider subscribes and information on how these codes can be reviewed by electronic means; and any other information that may be required by specific laws. The contractual terms and the general conditions must be put at the receiver’s disposal in a way that should permit him to store and to reproduce them.

In the case of consumers, they must be informed with regard to the service providers’ contact data, as well as provided with their registration numbers with the Romanian competent trade and fiscal authorities. Also, service providers must post on their website information on the prices of their products and services, if the delivery costs are or are not included in the price and what are the costs. The prices must be indicated in full compliance with applicable legal provisions in force, mentioning if the VAT is included or not, and the VAT amount.

The information obligation is also extended to the methods by which to conclude the contract. The service provider must inform the consumer on how he can choose a product or a service, on the steps to be followed to order a product, on the payment method, on the delivery and on the right to cancel the contract. To send the order, the consumer must fill in an electronic form with his name, address, phone number, e-mail address and registration password. This password can help the consumer to track the orders he has made, shortening the time necessary to introduce his personal data. The contract is concluded when the acceptance of the offer is received by the service provider, if the parties have not otherwise agreed. When the receiver sends by electronic means an offer to conclude a contract or the acceptance of an offer, the service provider has the obligation to confirm that he has received the offer or the acceptance of the offer.

Concluding contracts by electronic means also entails another specific issue, which is the electronic signature, regulated by Law 455/2001, defined as data in electronic form, attached or logically linked to other data in electronic form, representing an identification method for the party applying such signature.

Liability of Service Suppliers

The sanctioning regime applicable in case of infringement of the provisions of Law 365 was created considering the practical impossibility of performing an efficient and full control over activities performed in the electronic communications field. Therefore, in case of contracts concluded by electronic means, Law 365 provides as sanctions the relative nullity of such contracts, if the service supplier has infringed its legal obligations to duly inform the other contracting party. Therefore, the law actually creates the presumption that if a failure to inform the other contracting party occurs, the service provider has failed to conclude the contract by reason of a flaw in the other party’s consent. In addition, the law provides for a civil fine as a sanction.

The Ministry of Communications and Information Technology, which is the regulatory authority in this field, has established a specific e-mail address where abuses in this area may be reported -, so as to be able to more efficiently correct problems generated in practice by the electronic commerce as quickly as possible.

Law 365 expressly states that, in litigations stems from services in the informational society, the service supplier is the one bearing the burden of providing proof concerning the fulfillment of its information obligations, as well as of the obligations referring to the transmission of commercial communications, when the contracting party is a consumer.


In a fast developing economy, alternative selling channels and increased communication speed, as well as rapid and easy advertising methods, represent the undoubtedly positive aspects of electronic transactions for the service providers. For consumers, e-commerce is less time consuming and offers far greater choice alternatives, as virtual shops can be visited easily and faster from anywhere in Romania where computer access exists. While e-commerce comes with a series of risks for customers stemming from their inability to view and test the products they are purchasing and from the very numerous schemes developed for the purposes of obtaining personal information and bank account information, the benefits for the Romanian consumers have been improved by effective legislation adopted by Romania.

The article was published based upon approval of:

Rubin Meyer Doru & Trandafir