On 5 September 2017, the Romanian Ministry for Internal Affairs published a draft law (“Draft Amendment”) amending the existing Romanian data protection legal framework in view of the upcoming May 2018 application of the EU Regulation no. 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”).

The Draft Amendment endeavours to adapt the Romanian legal framework to the GDPR and, as such, to update Law no. 102/2005 on the National Supervisory Authority for Personal Data Processing (the “Romanian DPA”) as well as to repeal Data Protection Law no. 677/2001.

The Draft Amendment thoroughly revises the Law no. 102/2005 on the Romanian DPA in order to reflect certain requirements under the GDPR – key aspects include: (i) extension of the Romanian DPA’s competences and powers; (ii) new rules concerning the supervisory and compliance role of the Romanian DPA; and (iii) specific mechanisms and procedures for dealing with complaints.

The Draft GDPR Implementation Law is open for public consultation until 25 September 2017 and the full text can be accessed at the following address:

http://81.181.207.101/frontend/documente_transparenta/72_1504614894_proiect%20Lege.pdf