€ 4.9774 USD 1.1670
BizLawyer
CMS | Romanian Senate reviews draft law regulating AI
10 Aprilie 2025 CMS Romania
For more information on the regulation of the AI in Romania, contact your CMS partner or these CMS experts: Cristina Popescu and Carmen Turcu.
On 31 March 2025, the Romanian Senate registered a draft law that regulates the responsible use of artificial intelligence (AI) within the country. This legislative initiative seeks to ensure transparency, protect fundamental rights, and prevent the misuse of AI in critical sectors.
Key Provisions of the draft law:
AI in critical sectors
→ Public Administration: AI systems must be transparent and undergo periodic audits. Decisions made solely by AI without human involvement are forbidden.
→ Judiciary and law enforcement: AI cannot be used to arrive at judicial decisions. AI systems employed by law enforcement agencies must be certified and comply with fundamental rights.
→ Medical field: AI systems used for diagnosis and treatment require scientific validation and approval from relevant authorities. Medical decisions based on AI must be validated by a specialist physician.
Transparency and accountability
→ AI developers are responsible for the impact of algorithms on end users.
→ All AI systems involved in decision-making processes must undergo annual audits by independent entities.
→ Digital platforms must label AI-generated content clearly.
Data Protection and ethical use
→ The use of AI for political profiling without explicit consent is prohibited.
Deepfakes
→ Deepfakes intended to manipulate public opinion or disrupt democratic processes are prohibited.
Sanctions
Individuals found using AI to infringe upon fundamental rights (e.g. through manipulation, discrimination or excessive surveillance) face imprisonment ranging from two to five years. Organisations, including companies and NGOs, that violate these provisions could incur significant fines of between RON 500,000 (approximately EUR 100,500) and RON 100 million (EUR 20.1 million) with responsible individuals subject to criminal liability for economic offenses.
Unauthorised use of AI for constant, non-discriminatory surveillance without a legal ground and authority oversight is punishable by two to five years imprisonment.
Entities developing or implementing AI systems for automated decision-making without ensuring transparency and explainability face fines of up to RON 100 million (EUR 20.1 million) with responsible individuals facing two to five years imprisonment.
Challenges and possible conflicts with the EU AI Act
This is not Romania’s first attempt at regulating AI. A previous draft law introduced in March 2024 was rejected by the Senate with a final rejection expected soon. The EU AI Act, however, has already come into force with some of its provisions directly applicable in Romania.
The new draft law contains different definitions than those found in the EU AI Act and some provisions which overlap with or contradict provisions of the EU AI Act, including applicable sanctions.
Additionally, the following provisions and definitions in the new draft law are vague and incomplete:
→ The law references “certified” or “approved” AI systems but does not specify which entities will provide approvals or under what procedures.
→ “Significant algorithmic decisions” are defined as those affecting “the rights, opportunities, or life of a person” without clear criteria for assessing such impacts.
→ AI developers are responsible for the impact of their algorithms on end users, but the law does not clarify how this impact is determined or assessed.
Conclusion
While the Romanian draft law shares some common objectives with the EU AI Act, discrepancies in definitions, scope and specific provisions, along with gaps in clarity, require refinements to ensure predictability in application and full alignment with EU regulations.
CMS is closely monitoring developments in the digital and AI fields to help companies navigate their obligations.
For more information on the regulation of the AI in Romania, contact your CMS partner or these CMS experts: Cristina Popescu and Carmen Turcu.
Key Provisions of the draft law:
AI in critical sectors
→ Public Administration: AI systems must be transparent and undergo periodic audits. Decisions made solely by AI without human involvement are forbidden.
→ Judiciary and law enforcement: AI cannot be used to arrive at judicial decisions. AI systems employed by law enforcement agencies must be certified and comply with fundamental rights.
→ Medical field: AI systems used for diagnosis and treatment require scientific validation and approval from relevant authorities. Medical decisions based on AI must be validated by a specialist physician.
Transparency and accountability
→ AI developers are responsible for the impact of algorithms on end users.
→ All AI systems involved in decision-making processes must undergo annual audits by independent entities.
→ Digital platforms must label AI-generated content clearly.
Data Protection and ethical use
→ The use of AI for political profiling without explicit consent is prohibited.
Deepfakes
→ Deepfakes intended to manipulate public opinion or disrupt democratic processes are prohibited.
Sanctions
Individuals found using AI to infringe upon fundamental rights (e.g. through manipulation, discrimination or excessive surveillance) face imprisonment ranging from two to five years. Organisations, including companies and NGOs, that violate these provisions could incur significant fines of between RON 500,000 (approximately EUR 100,500) and RON 100 million (EUR 20.1 million) with responsible individuals subject to criminal liability for economic offenses.
Unauthorised use of AI for constant, non-discriminatory surveillance without a legal ground and authority oversight is punishable by two to five years imprisonment.
Entities developing or implementing AI systems for automated decision-making without ensuring transparency and explainability face fines of up to RON 100 million (EUR 20.1 million) with responsible individuals facing two to five years imprisonment.
Challenges and possible conflicts with the EU AI Act
This is not Romania’s first attempt at regulating AI. A previous draft law introduced in March 2024 was rejected by the Senate with a final rejection expected soon. The EU AI Act, however, has already come into force with some of its provisions directly applicable in Romania.
The new draft law contains different definitions than those found in the EU AI Act and some provisions which overlap with or contradict provisions of the EU AI Act, including applicable sanctions.
Additionally, the following provisions and definitions in the new draft law are vague and incomplete:
→ The law references “certified” or “approved” AI systems but does not specify which entities will provide approvals or under what procedures.
→ “Significant algorithmic decisions” are defined as those affecting “the rights, opportunities, or life of a person” without clear criteria for assessing such impacts.
→ AI developers are responsible for the impact of their algorithms on end users, but the law does not clarify how this impact is determined or assessed.
Conclusion
While the Romanian draft law shares some common objectives with the EU AI Act, discrepancies in definitions, scope and specific provisions, along with gaps in clarity, require refinements to ensure predictability in application and full alignment with EU regulations.
CMS is closely monitoring developments in the digital and AI fields to help companies navigate their obligations.
For more information on the regulation of the AI in Romania, contact your CMS partner or these CMS experts: Cristina Popescu and Carmen Turcu.