With majority of votes, the Romanian Constitutional Court decided that the cybersecurity law is unconstitutional. This represents the 4th attempt to pass laws violating human rights under the pretext of fighting terrorism.
The Association for Technology and Internet (ApTI) together with 14 other NGOs filed an amicus curiae to support the unconstitutionality claims (in Romanian). In its press release (in Romanian), the Constitutional Court mentioned not only the articles which were brought into attention by the civil society groups, but also showed that putting the National Security Agency (SRI) in charge of cybersecurity is also unconstitutional.
Background information about the cybersecurity law is available here.
A new law on cybersecurity, previously reported in the EDRi-gram, was adopted by the Romanian Parliament at the end of 2014. The law gives the Romanian Intelligence Agency (SRI) access to any computer data owned by private companies, without a court order. The law was sent to the Constitutional Court for analysis and it will be judged on 21 January 2015.
Moreover, the situation regarding surveillance practices in Romania seems to have recently become even blurrier. Even as the events in France were unfolding, a special inter-institutional group formed by several ministries and SRI had already met a couple of times to decide about a revival of the surveillance laws declared unconstitutional in 2014 – the data retention law and the mandatory registration of telephony prepaid cards.