IN THE SPOTLIGHT

Padlock With Keyhole icon in personal data security Illustrates cyber data or information privacy idea. blue color abstract hi speed internet technology.

DNSC publishes draft order on notification process for registration and information transmission

The National Directorate for Cyber Security (DNSC) published yesterday, March 6, 2025, the Draft Order for the approval of requirements regarding the notification process for registration and the method of information transmission. Currently in the draft stage, the document is open for public consultation and may undergo changes following the feedback received. The draft order aims to establish…
Cyber security safe encrypted digital data networks for secure global information technology - Conceptual 3D illustration rendering

Controller fined for data breach linked to processor’s employee misconduct

On February 6, 2025, the Romanian DPA announced the conclusion of an investigation concerning a controller in the insurance field, finding the company in breach of the GDPR Articles 32(4) in conjunction with 32(1) and 32(2). As a result, the controller has been fined with the lei equivalent of EUR 3000. The investigation commenced following a data breach notification by the controller, which re…
AdobeStock_469644365 [Converted]

AI Act provisions on prohibited practices and literacy start to apply

On February 2, 2025, specific provisions of the European Union's Artificial Intelligence Act became applicable. Thus, since that date, the provisions which prohibit certain AI practices started to apply. These practices include, but are not limited to, exploitative AI that manipulates human behavior, certain surveillance methods and social scoring systems. Additionally, also since February 2…

ARTICLES

Abstract digital data background. Wave with moving dots. Musical stream of sounds. 3D .

Romanian DPA Report – A Year in Review – 2023

Author: Iurie Cojocaru, Mihai Rotaru
Romanian DPA case studies – our top 5 picks 1. Unlawful disclosure of a photo Case study: A doctor complained to the Romanian DPA that the public hospital where she is employed published her personal data without her consent. The hospital (acting as controller) published…
AdobeStock_295690916 [Converted]

Trying to patch up an old law, the EDPB adopts a new ePrivacy guidance

Author: Iurie Cojocaru
It is hard to regulate technology. One of the reasons, amongst many others, is time. What you regulate today does not correspond to the technical landscape of tomorrow. Back in the first decade of 2000, when the ePrivacy Directive was adopted and amended, the European legislator did not…
AdobeStock_235934934 [Converted]

Romanian DPA Report – A Year in Review – 2022

Author: Iurie Cojocaru, Oxana Gorgan
Romanian DPA case studies – our top 5 picks 1. Refusal to provide the contractual clauses which represent the safeguard for the data transfer to a third country Case study: A data subject complained about the refusal of a financial banking institution to provide him with…

Speaking engagements

This technology-inspired data abstract background is perfect for capturing the essence of the internet's vast expanse of information.

NNDKP organized a webinar on the EU AI Act

On 28 May 2024, NNDKP organized the EU AI Act: First steps towards compliance webinar which focused on the legal updates introduced by the new regulation. Together with the participants, our colleagues, Iurie Cojocaru, Partner and Head of the Data Protection Practice, and Madalina Vasile, Managing Associate in the same practice, discussed about the legal provisions of the EU AI Act which compan…
This technology-inspired data abstract background is perfect for capturing the essence of the internet's vast expanse of information.

Iurie Cojocaru – speaker at the „GDPR – Data Privacy Observer 2024” conference

On January 25, Iurie Cojocaru, Partner and Head of the Data Protection Practice, was a speaker at the „GDPR – Data Privacy Observer 2024” conference. Iurie Cojocaru talked in the conference`s first session of discussions and shared information on the personal data protection requirements resulting from the EU`s Data Act, recently entered into force. Moreover, the third edition of the Romanian R…
Colaj 3

NNDKP organized an event dedicated to data protection

On Tuesday, November 21, NNDKP`s Data Protection practice organized an event focused on current issues in the field of data protection and security, an information and debate opportunity dedicated to clients. In an interactive discussion framework, the participants discussed topics of interest with NNDKP`s data protection team members and analyzed various situations encountered in practice, fac…

Statistics