No, sharing passwords in Romania violates multiple legal frameworks, including the Criminal Code (Art. 361) and the Law on Cybersecurity (Law 362/2018), exposing parties to civil and criminal liability. The National Cybersecurity Directorate (DNSC) enforces strict interpretations, particularly under GDPR-equivalent provisions (Law 190/2018), where unauthorized access constitutes a breach. Recent 2026 amendments to the Cybersecurity Law further criminalize password sharing in professional contexts, aligning with EU Directive 2022/2555.
Key Regulations for Sharing Passwords in Romania
- Criminal Code (Art. 361): Unauthorized access to computer systems via shared credentials is punishable by up to 3 years imprisonment or fines, with aggravated penalties for data theft or sabotage.
- Law 362/2018 (Cybersecurity Law): Mandates strict access controls; password sharing violates mandatory security protocols enforced by the DNSC, risking sanctions for non-compliant entities.
- GDPR-Equivalent (Law 190/2018): Treats shared passwords as unauthorized processing of personal data, triggering fines up to 4% of global turnover under Art. 83, with joint liability for data controllers and processors.