Legal and practical analysis over the software law

Cristina Tincu Jianu
Cristina Ticu Jianu
Robert Ticu Jianu
Robert Ticu Jianu

PART I – GENERAL ASPECTS

The aim of the study is to analyze the legal aspects of computer programs (software), starting from their practical aspects, and to facilitate legal practitioners’ familiarity with the computer terminology used by programmers/software programming companies, but also the latter with legal terminology for this field.

In the first part of the study we will present some of the terms used in the field and an inventory (non-exhaustive list) of the relevant legislation, and in the second part, we will deal with the specific clauses that are useful to contain the software license agreement and custom software development agreement, to finally analyze some of the cases discussed in case law.

1) Introductory aspects

The economic reality denotes that society is in a “digital revolution” and more and more activities previously performed directly by human force are now being replaced by various computer programs, or by automating technical processes.

According to a 2017[1] study by Dell Technologies in partnership with the Institute for the Future (IFTF) in California, “85% of the professions that will exist in 2030 have not yet been invented” and “over 10% of current jobs will be automated in the next decade”.

According to the Guide to the Jobs of the Future – the opportunities of the labor market in the world of tomorrow made in September 2018 by the INACO Association, “Robots threaten even the profession of lawyer. In law practice, there are software programs offered by Kira Systems – Machine Learning Contract Search, Review and Analysis with solutions that reduce documentation time by 60%, including scanning documents and identifying the most relevant arguments. Robots have replaced man in the world.

However, the regulations in the field are quite general and brief, and even more so, they have express provisions (e.g. “In the absence of contractual clauses“) which leave it to the parties to determine, for the most part, the content of the legal relationship. From this context results the need for the parties to comply through contractual provisions, the aspects that aim to ensure the contractual balance and reduce the legal and / or contractual risks.

Therefore, in a growing and increasingly competitive market, the correct identification and control of the exploitation of intellectual and / or industrial property rights resulting from software programs is a challenge for programmers, software companies and lawyers, taking into account at least two categories of protection, technical and legal, which should be complementary.

2) Terminological aspects

The domestic legislation does not find a definition of computer programs, although this concept is used when regulating copyright and tax obligations of related revenues, instead, for databases, there is a definition in Law no. 8/1996 on copyright and related rights.

a) In the absence of a definition of computer programs in Law no. 8/1996, we adhered to the description taken from the Wikipedia[2] source from which we reproduce:

Computer software is the representation or implementation of an algorithm in a source code, written in a certain programming language. A collection of individual programs designed to accomplish a common goal is usually called software.”

“The tasks and functions of the programs have grown and are constantly growing, simultaneously with the development of hardware and operating systems […] a single program is not enough to solve complex problems. It takes several programs, which together are called “application“.

In practice, software programs are classified into two categories, operating software (for computer operation) and application software (for performing certain tasks).

The internal legal doctrine[3] has led to the conclusion that the definition can be taken from European regulations, which state, in essence, that “a computer program is a set of instructions intended to be used with a computer in order to obtain results“.

b) Given the fact that in most software programs are included, or result in databases or, more precisely, they do not achieve their purpose in the absence of databases, we found it useful to analyze the concept of “database“.

A database, sometimes referred to as a data bank (abbreviated BD), is a means of storing information and data on an external medium (a storage device), […] it is about working with millions of elements, each of which can consist of quantities of data that must be accessed simultaneously via the Internet by thousands of users around the globe;[4]

3) Software typologies

Currently, in software practice, two types of software are broadly distinguished, that can be made available to users, namely:

a) Standard software (e.g. commercial off-the-shelf- COTS,Saas or Turnkey) through a license agreement (usually a non-exclusive assignment of the right to use a program), which is usually provided :

through the internet or any other electronic network, by making the program available to the user via a computer platform belonging to the provider, and further through an application installed on each of the end stations of the user-indicated access/run persons; and/or user access can be achieved by a user name and password, or

By installing the software at various user workstations or indicated by the user, or providing standard software on tangible means (e.g. CD or other computer data carrier)

b) Custom software (bespoke softwareor tailor-made software) developed and/or adapted to the specific requirements of users (usually exclusive assignment of the right to use a program).

4. The legal basis for the protection of copyright in computer programs and for the database and the protection of their industrial rights.

Regulations in this area can be found both at international, European and internal level and we will review them, without this list being exhaustive, as follows:

a) International Regulations

4.1. The Berne Convention for the Protection of Literary and artistic works of 9 September 1886 with subsequent supplements and revisions, the last one being the one from Paris on 24 July 1971 and amended on 28 September 1979.

Reference are made to this Convention through the current rules in this area, because it establishes the principles on which the protection of copyright is still guided, even if it does not have specific regulations in its content regarding software programs, which is also justified by the times when it was adopted / modified, in which the I.T. it did not yet have a development that required protection.

4.2. TRIPS Agreement[5]Agreement on trade-related aspects of intellectual property rights, Annex 1C to the World Trade Organization agreement concluded after the Uruguay Round in 1994 and the “WTO Agreement” – the Marrakesh Agreement establishing the World Trade Organization, concluded on 15 April 1994, to which Romania adhered on 01.01.1995.

Articles 9-11[6] of the TRIPS Agreement provide explicit rules in the sense that software is qualified as intellectual creation and protected as such.

b) European Regulations

4.3. Directive 2009/24/EC of the European Parliament and of the Council of 23 April 2009 on the legal protection of computer programs[7], not yet incorporated in national law, being transposed into Law No 8/1996 on copyright and related rights, only previous Directive (Council Directive 91/250/EEC of 14 May 1991) which it replaced that in force on that date.

The object of protection, as provided in Article 1[8] of Directive 2009/24, is software, by copyright, which applies to any form of expression of a computer program.

In order to prevent an “absolute” exclusivity of a computer program, the Directive has established that ideas and principles which underlie any element of any computer program, including those which underlie its interfaces, are not protected by copyright, but only if the software is original, in the sense that it represents the author’s own intellectual creation.

Of course, such a criterion, of the originality of the program, has opened up many possibilities for interpretation in specialized practice and legal debates.

4.4. Directive 2001/29/EC of the European parliament and of the council of May 22, 2001 on the harmonization of certain aspects of copyright and related rights in the information society,

4.5. Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases[9], transposed into national legislation by Law No 8/1996.

In article 3[10] of Directive 96/9 can be found the legal protection of databases, which states that databases which, by the choice or arrangement of the elements, constitute an intellectual creation of the author are protected as such by copyright, but this protection shall not extend to their content and shall not affect rights which continue to affect such content.

4.6. Directive (EU) 2019/790 of the European parliament and of the council of 17 April 2019 on copyright and related rights in the Digital Single market and amending Directives 96/9/EC and 2001/29/EC is basically, the most updated and linked to concrete realities act, which is about to be transposed into national legislation.

4.7. Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure, transposed into national law by means of regulations contained in the Civil and Criminal Code, but also through the G.E.O. no. 25/2019 on the protection of undisclosed know-how and business information that constitute trade secrets against illegal acquisition, use and disclosure, as well as for amending and supplementing some normative acts.

This Directive aims to protect companies that invest in the acquisition, development and application of know-how. The investment made in the generation and application of intellectual capital is a determining factor in competitiveness and innovation-related performance in the market. One of these means is the use of intellectual property rights.

The Directive thus aims to include the protection of copyright on computer software as part of the protection of trade secrets.

4.8. Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the compliance of intellectual property rights, internally transposed by the G.E.O. No 100/2005 concerning the compliance of industrial property rights.

4.9. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free transfer of such data, and repealing Directive 95/46/EC (General data Protection Regulation), implemented in national legislation by Law No 190/2018.

c) Internal Regulations

4.10. Law No 8/1996 on copyright and related rights – republished in 2018 and subsequently amended. ®  

The author of the computer software may only be a natural person, not a legal entity, as provided both by national law, by the provisions of Article 3(1)[11], Article 1(1)[12] and Article 7[13] of Law no. 8/1996 and provided by European Law in Article 2 of Directive 2009/24/EC on the legal protection of computer software.

Chapter IX of Law No 8/1996 is intended for computer programs (Articles 73 to 82), and establishes that protection of computer programs includes, according to Article 73[14], any expression of a program, application programs and operating systems, expressed in any language, either in source-code or object-code, preparatory design material as well as manuals.

According to the provisions of Article 32 “the property rights on computer programs shall last for the entire life of the author and after his death shall be transmitted by inheritance, according to civil law, for a period of 70 years.”

In Chapter VII, referred to as the sui-generis rights of database manufacturers, Articles 140[15]-143, establish the legal protection of databases and are largely taken over from Directive 96/9/EC.

In particular, it is the right to prevent unauthorized extraction and/or re-use of a database and is valid for 15 years from the date on which the database creation was completed.

4.11. G.O. nr. 25/2006 on strengthening the administrative capacity of the Romanian Copyright Office.

Government Ordinance No 25/2006 sets out in Article 3 (b)[16] that the R.C.O. (Romanian Copyright Office) administers the national register of computer programs and in art. 4 it is stipulated that registration in national registers is compulsory and is carried out under the sole responsibility of natural or legal persons, the evidence of registration may be given, in accordance with article 19, by the certificate of registration.

But the registration in the register at the R.C.O. has only the attribute to confer an opposition to third parties and shall not be constitutive of copyright.

Article 2 (g)[17] defines the license of the computer software – as the written authorization accompanying the computer program given by the copyright holder regarding the right to use that program.

According to Article 43[18], the non-fulfillment of the registration obligation of computer programs in the national registers managed by the R.C.O. is sanctioned with fine from 2.000 RON to 10.000 RON.

d) Legal basis for the protection of industrial property rights in respect of trademarks under which computer programs are placed on the market.

4.12. Law No 84/1998 on trademarks and geographical indications ®  

In I.T. practice, software programs are put on the market by incorporating, in addition to copyright, an industrial property right, which gives them an exclusive right to use/transfer this program under its own brand (trademark).

Of course, in practice, the combined protection of both the brand under which the software is placed on the market and the protection of the brand of the firm selling such a program can be met.

In other words, trademarks can be registered for a wider range of product and service classes.

e) Legal basis on the financing of software programs

4.13. Law No 533/2004 for amending and completing Government Ordinance No 51/1997 on leasing operations and leasing companies

The regulatory scope of this normative act concerns the possibilities of financing the user both from the perspective of using the program and from the perspective of acquiring a software license.

f) Legal basis on tax aspects of the activity of software programming

4.14. Fiscal Code

In Article 60[19], as amended by Article II[20] of the G.E.O. no. 48/2020 regarding certain financial and fiscal measures, there are provisions regarding the income from salaries as a result of the activity of creating computer programs

According to the provisions of the Fiscal Code[21], it falls within the scope of V.A.T. the assignment of intangible assets, whether or not they are the subject of a property right, such as: transfer and / or assignment of copyrights, licenses, trademarks.

4.15. Order No 1168/2017 / 492/2018 / 3024/2018 / 3337/2017 on the inclusion in the activity of creating computer programs

The regulation takes into account the fiscal aspects, more precisely, it establishes in article 1[22] that the employees of the economic operators who carry out their activity which includes the creation of computer programs (CAEN code 5821, 5829, 6201, 6202, 6209), benefit from the tax exemption on income from salaries and assimilated to salaries, according to article 60 point 2 of Law no. 227/2015 on the Fiscal Code, provided that certain criteria are met, facility that applies only to income from salaries and assimilated to salaries, according to article 4[23] .

4.16. The methodological norms for the application of Law no. 227/2015 regarding the Fiscal Code.

By the methodological norms for applying the fiscal code, at point 8, par. (11) regarding art. 271 of the Fiscal Code, the activity of software services is practically defined in support of the qualification under fiscal aspect of these activities.

The Norms to the Fiscal Code also establish the aspects regarding the territoriality of the income and its taxation Section 1, point 2[24], but also the Provision of services Section 2, point 8[25].

g) Legal basis for consumer protection.

4.17. These are practically a package consisting of Law no. 193/2000 regarding the abusive clauses in the contracts concluded between professionals and consumers, Law no. 449/2003 regarding the sale of products and the guarantees associated with them, Law no. 158/2008 regarding misleading advertising and comparative advertising.

h) Legal basis for cybercrime issues.

The protection of copyrights acquired by creating computer programs also benefits from a protection that provides criminal sanctions for their violation, as follows:

The protection of copyrights acquired by creating computer programs also benefits from a protection that provides criminal sanctions for their violation, as follows:

4.18. Law no. 8/1996 on copyright and related rights, in art. 194 and art. 195[26] establishes criminal sanctions regarding the acts by which it is reproduced without authorization on computer software calculation systems, in any of the following ways: installation, storage, running or execution, display or transmission in the internal network.

4.19. Criminal Code entered into force on 01.02.2014 with subsequent amendments.

The current Criminal Code contains regulations in Chapter VI called – Crimes against the security and integrity of computer systems and data in the art. 360-365[27] . These articles establish criminal penalties for acts related to illegal access to a computer system, illegal interception of a computer data transmission, alteration of computer data integrity, disruption of computer systems, unauthorized transfer of computer data, and illegal operations with computer devices or programs.

4.20. Law no. 161/2003 on some measures to ensure transparency in the exercise of public dignity, public office and in the business environment, prevention and sanctioning of corruption, in Title II[28] entitled Prevention and combating of cybercrime, contains regulations on cyber activity.

In conclusion, we appreciate that professionals, (as defined by Article 3[29] of the Civil Code) in the field of software services contracts, have not a very easy task, to take into account all these rules governing their activity.

PART II – SOFTWARE SERVICE CONTRACTS

a) Relevant legislation.

As we described in the first part of the presentation, computer programs can usually cover two categories of services:

(i) standard software (commercial off-the-shelf-COTS, or Software as a service -SaaS[30], Turnkey) – developed to be sold to multiple customers, commonly called “program license“, for example: Microsoft Office 2019 Corporation professional license[31] or the license of the Oracle MySQL Database Service[32], or

(ii) Customized software (custom software, bespoke software, or tailor-made software) developed to be sold to a single customer as specified.

In their turn, licenses that are open source can be integrated into custom software (hybrid solutions).

Open source[33] is software that is characterized by the freedom given to its users to use, copy, redistribute, study, modify and improve. Open source licenses can be of several types, for example the GNU GPL[34] General Public License, Apache[35].

The object of copyright is, practically, the source code of the software.

In international judicial practice, the first case was in 1983 that recognized a copyright in the matter is the case of Apple Computer, Inc. v. Franklin Computer Corp.[36], No. 714 F.2d 1240 (3d Cir. 1983), when a United States Court considered that a computer’s operating system could be protected by copyright but also that a binary code, the form of software that can be read by machines, has been protected by copyright and not just the form of software code.

Contracts relating to these categories of software (both for a software license and for custom software development) are part of the category of civil contracts not regulated in national law, called “unnamed contracts“.

In this case, the regulation from the internal legislation that can be used to establish the legal regime of a software services contract is the general norm, the Civil Code, respectively the provisions of art. 1166- 1167[37] and art. 1168-1170[38], which must be corroborated with those in the field of copyright that we dealt with in the first part of the article and, of course, the professional practices in the field.

In summary, these provisions show that the parties are free to conclude any contracts and determine their content, within the limits imposed by law, public order and morals, as well as to act in good faith both in negotiating and concluding the contract, and throughout its execution.

Regarding the software licenses, they usually take the form of the adhesion contract (standard contracts[39]), regulated by art. 1175[40] Civil Code, which states that when the essential clauses of a contract are imposed, or are drafted by one of the parties, for this party or as a result of its instructions, the other party having only to accept them as such, the legal relationship may be qualified as an adhesion contract.

Most of the software service contracts are part of the category of cross-border contracts, which include provisions regarding the legislation applicable to the contract. For example, provisions regarding the conclusion, execution of the contract, including those regarding the ownership of data, regarding the fiscal aspects of the effects of the contract, regarding double taxation, force majeure, settlement of possible disputes etc.

b) The main clauses which are useful to be included in a software services contract.

1) Parties of the contract.

1.1 The provider / supplier / licensor of the software program can be both a natural person, for example, the persons holding the specialization mentioned in Annex 1 to Order no. 1168/2017 / 492/2018 / 3024/2018 / 3337/2017 regarding the inclusion in the activity of creating computer programs, annex containing the occupations specific to the activities of creating computer programs[41], as well as a legal entity whose object of activity includes , creation of computer programs (CAEN code 5821, 5829, 6201, 6202, 6209).

1.2. The beneficiary / purchaser, the user of the software program, can also be any natural or legal person, regardless of the field in which operates.

2) Object of the contract.

In general, the object of the software services contract consists in the providing of IT services, respectively software development, which is defined in practice[42] as the process of conception, specifying, designing, programming, documenting, testing and fixing errors involved in creating and maintaining applications, frames or other software components.

Software development is a process of writing and maintaining source code.

Depending on the type of software, the object of the contracts may contain elements of differentiation, as follows:

2.1. In the case of software licenses, they have as object, an already developed program (off-the-shelf-COTS), with a predefined technical specification.

The license usually transmits (assigns) from the provider to the user a right of use for a definite or indefinite period, non-exclusive and non-transferable to the computer program in question, the user has only the task of analyzing the technical / computer specification of the program, to identify whether or not it meets its needs.

In terms of formalities, the license of the computer program – (“PROOF OF LICENSE” or “POL”, or “Certificate of Authenticity”) is defined in the internal legislation at art. 2 letter g)[43] of the G.E.O. no. 25/2006, which establishes that the license represents the written authorization that accompanies the computer program, given by the copyright holder regarding the right to use that program.

2.2. In the case of contracts having as object the development of a computer program / application (custom software) according to the beneficiary’s request, the object of the contract is made up of the software development service, according to the beneficiary’s request, and the right to use the program thus realized.

In this case, the object of the contract is determinable, it is established progressively, by identifying the functional requirements of the software program, taking into account the requirements of those who will interact with the application, practically the specification of the program is established by the collaboration of both parties, provider (professional) and beneficiary.[44]

Subsequent to the development of the program, the object of the contract may even be the exclusive right to assign the right of use, in the sense that the parties may agree by contract (being at the free choice of the parties) that the beneficiary be the sole user of custom software and therefore they may provide the possibility for the Beneficiary to prohibit the Provider from granting to other persons the software license developed according to its requirements.

We appreciate that the identification of the program requirements has a special importance in correctly establishing the object of the software services contract, in the sense that the object of the contract must be identified or at least identifiable, in order to comply with the contract validity requirement.

In judicial practice, we have identified disputes in the execution of contracts, generated precisely by the insufficient description of the program requirements.

3) Examples of software service contract specific clauses.

3.1. The clause regarding the creation of a prototype of the program.

In the case of the customized program that has as object a program of greater complexity, in order to eliminate the risks of misunderstanding the software requirements, one can also call for the inclusion of a clause for the creation of a prototype by the provider to permit verifying certain scenarios.

About the contents of the specifications in case of a public procurement, details can be found in the Software Procurement Guide for public institutions.[45]

3.2. Hardware and software infrastructure clause.

For both software licenses and software development contracts, it is useful to include a clause on the identification of the hardware and software infrastructure owned or recommended to be owned by the beneficiary / purchaser (eg description of beneficiary stations, minimum hardware, operating system, browser, software, number of stations and servers etc.) with which the new system / program must integrate, the purpose being their interoperability.

For details on this technical aspect, see Course 1 – Software Development Stages[46].

3.3. Internet Connectivity Clause.

There are software programs that can only be run over the internet, in which case data about certain connection characteristics can be included in the contract, for example: fiber optic cable internet, 4G or 5G technology or a number of MB / s upload / download necessary to run the program in optimal conditions.

3.4. Clause regarding the internationalization of the program / application.

It is useful when the program / software application will have to work (run) in several countries, such as „e-commerce” software[47].

In that case are common the requirements regarding:

– development of the interface in several languages;

– multi-currency support;

– the function of changing the format used for numbers and calendar data;

– operation in different time zones.

3.5. Scalability clauses

One of the requirements of software is scalability, which is defined in practice[48] as follows: “it is an indicator that measures how well the system behaves if the size of the problem for which it was designed to solve it increases. (…).”

Some examples of concrete indicators that express the scalability of a system:

– Number of simlutaneous requests ( Request Load )

– Number of simultaneous connections ( „Simultaneous Connections”) – number of simultaneously users

– Data dimension (Data Size)

– Distribution (Deployment)

– Tolerance to changes (Modifiability).

3.6. Security clauses.

Regarding the security aspects of the program, some of the elements that could be included in the content of the contract are the following:

– “Authentication[49] is the process by which a user is identified (it can be both a person and another computer system). An example of a security requirement might be user and password based, or Unique Identification Marking, UID marking,

Authorization: authenticated users and applications have certain access rights to system resources. For example, a salesperson has access only to his or her own sales data.

Encryption[50]: messages sent to and from the application are encrypted;

Integrity: ensures that the content of a message is not changed during transmission;

Non-repudiation: the sender of a message is sure that the message has reached the recipient, and the recipient is sure of the identity of the sender. ”

For program security there is antivirus software that is generally used to prevent and eliminate computer viruses, malware, ransomware.

3.7. Clauses regarding programs update and patches.

– The program update represents its periodic update.

In the case of software licenses, updating is a condition for its proper functioning, and in the case of customized software, it is a market requirement, because an outdated program has a low interest in use, in relation to the speed with which software programs are currently evolving.

– A patch[51] is a set of changes to a computer program or its supporting data designed to update, repair, or improve it. This includes fixing security vulnerabilities and other bugs, these patches are usually called bugs or bug fixes, and improving usability or performance.

In practice, such requirements are common in software services contracts; they are also a way of complying with the warranty obligations of the software product, but also the principle of good faith in the execution of the contract.

3.8. Maintenance clause.

The parties to the contract may stipulate whether, following the development and implementation of the software solution, the Provider will also provide a maintenance service for maintaining or restoring the program.

3.9. Copyright clauses

(i) Juridical aspects.

Starting from the observance of the provisions (art. 79 of Law no. 8/1996) which show that the assignment of the right to use a computer program does not imply the transfer of copyright on it, in commercial usages are, in most cases, two methods of transmission that we have indicated in point 2 above regarding the object of the contract.

(ii) Technical aspects.

In order for the legal aspects agreed in the contract to be applicable, it is necessary to take into account the technical aspects regarding the source code and the possibilities for further modification of the software program.

In the case of custom software contracts, it is necessary to explicitly state in the contract whether the beneficiary of the program will have access to the source code.

In the field of informatics[52], the following were retained:

“To avoid a dependency relationship, you need to make sure that you can change the source code independently of the original provider, transfer the source code to another provider, or hire another provider for changes or maintenance services. (…) The option of unrestricted licensing of the solution and the transfer of the source code and all deliverables in processable / editable form, will allow your institution to modify the solution in any form without depending on the supplier. Also, this option does not involve additional constraints for the provider. It will also be able to reuse project results in other projects (e.g. reusable components).”

3.10. Data ownership

(i) To the extent that the software includes personal data, it is necessary to be transmitted from the user to the provider the agreement in order to be able to process the data for the software / cloud services for the purpose agreed by the agreement.

(ii) In order to ensure the protection of other data contained in the software, data that may constitute trade secrets of the beneficiary / user, it is necessary that, regardless of the type of software chosen (software license or custom program) the contract provides that the data remain the property of the beneficiary / user.

In the practice of software licenses, it is established that at any time, implicitly in case of termination of the contract (e.g. SaaS subscription type), the beneficiary will receive all data loaded (populated) in the program, through various technical solutions that allow the data be extracted from the software in a processable form (export in a standard format, excel etc.) and transmitted to the user (this being the owner of the data).

3.11. Clauses on industrial property rights, trademarks.

The contract may provide clauses to inform the user of the program that the copyright holder submitting the software license also benefits from the legal protection of a trademark, or a registered trademark® for both software (e.g. a name, a logo of the software, or a distinctive sign) as well as for other classes of products / services.

3.12. Warranty clauses

(i) The Supplier / Provider will guarantee that a licensed / developed program in a customized version will work in all aspects according to the program documentation (user manual) for a certain period of time.

In practice, the warranty period provided by suppliers is between 3-12 months from delivery; this is a sufficient period of time in which the user of the program can detect any non-conformities of the software.

The supplier/provider guarantees that the ordered services will be provided in a professional manner in accordance with industry standards.

For example, in case of providing License Services for a determined period, the guarantee of good execution may have a duration equal to that of the license, subsequently the guarantee can be unlocked, if necessary.

(ii) The Supplier/Provider will guarantee that it is the copyright holder of the licensed program and that it owns all the rights that have been assigned by contract / license.

3.13. Clauses regarding the program documents:

Software documents may include the following

– licensing agreement,

– Invoices for licensing services (if applicable),

– Minutes of reception,

– Minutes of commissioning of the software,

– test report,

– Functional specifications.

3.14. Clauses concerning the choice of law and court/arbitration tribunal.

Most of the software service contracts fall into the category of cross-border contracts, with effects on the territory of several states and it is necessary to provide an arbitration clause, which can establish from the conclusion of the contract that any dispute in respect of that contract, will be settled, for example, by arbitration, organized by the Court of Arbitration near a certain Chamber of Commerce, in accordance with its Rules of Arbitration Procedure.

In conclusion, software service contracts have a wide range of specific issues that need to be negotiated and included in the contract.

4) Duration of the contract

The duration of the contract may differ depending on the type of contract, as follows:

4.1. In the case of software licenses, even more software usage options are common, for example:

(i) Subscription-based licensing (Software as a service -SaaS) for a limited period of time (6 months / one year etc.), or on-demand software, or

(ii) Unlimited licensing of the right to use the program.

4.2. In the case of contracts for custom software development, the duration of the contract has two components:

(i) Software delivery times, which must take into account all stages: analysis, design, implementation, testing, possible training of the beneficiary staff, and

(ii) The duration of use of the program, that is usually unlimited.

5) The price of the Contract

Regarding software licenses, the prices are, as a rule, pre-established by the supplier, and cannot be negotiated by the user.

However, in the case of custom software contracts, the price is usually determinable, and its foundation is, in many cases, a challenge, in the sense that it is often difficult to estimate the total price for program development.

Therefore, the parties can call for the establishment of an hourly rate / being differentiated depending on the category of programmer, based on criteria such as the number and complexity of requirements (object of the contract) that implicitly influence the duration of program implementation.

In the customs of the IT field, there is a way to establish the contract price by reference to the method Full-time equivalent (FTE) or whole time equivalent (WTE).

c) Judicial practice

In judicial practice there are disputes arising from software service contracts, both in the European Court of Justice (E.C.J.) and in domestic courts.

In the following we will analyze a case pronounced by each.

(i) Case analyzed by the European Union court of justice.

A case that is a reference in the matter, is the one analyzed by the E.C.J and settled by a preliminary ruling in Case C 128/11[53] UsedSoft GmbH v Oracle International Corp. on 3 July 2012 on “Legal protection of computer programs – Marketing of second-hand licenses for computer programs downloaded from the Internet – Directive 2009/24 / EC – Articles 4 (2) and 5 (1) – Exhaustion of the distribution right – The concept of ‘lawful acquirer”.

By its judgment, the E.C.J. established, in essence, that the distribution right (of the copyright holder of the program) over a copy of the computer program for which a related license agreement was concluded is exhausted at the time of the first sale, regardless of how the copy of the program has been made available to the customer by the holder of that right, either by downloading from the latter’s website or by a material (tangible) medium such as a CD ROM or a DVD.

In this case it was examined the factual situation in which Oracle invoked the fact that it was developing and marketing computer programs and that it held the exclusive rights to use those programs under copyright, and that it was also the owner of the German word marks and of the Oracle Community Word Marks.

It was also argued that “Oracle sells computer programs, namely database programs, in 85% of cases, by downloading from the Internet,” but also that, “The customer downloads a copy of the program to his computer directly from the page from the Internet to Oracle. These are “client server” computer programs. The right to use such a program, granted under a license agreement, includes the right to permanently store a copy of that program on a server and to provide access to it to a certain number of users by the fact that it will be uploaded to central memory of workstations. Under program maintenance agreement, updated versions of that computer program (“updates”) and bug fixes (“patches”) can be downloaded from the Oracle website. At the customer’s request, the computer programs in question may also be provided on CD ROM or DVD.

“UsedSoft sells second-hand licenses for computer programs, especially user licenses for Oracle’s computer programs in the main proceedings. To that end, UsedSoft purchases such licenses from Oracle customers, more specifically some of them if the licenses originally purchased concern a number of users that exceeds the needs of the first buyer.”

In those circumstances, Oracle filed a claim before the German courts, requiring UsedSoft to cease such practices.

The first national court admitted Oracle’s conclusions. The appeal made by UsedSoft against that decision was dismissed, and subsequently, in the judgment of the appeal, the court invested E.C.J. to give a preliminary ruling in that case.

The solution of E.C.J. was as follows:

“For these reasons, the Court (Grand Chamber) hereby rules:

1. Article 4 (2) of Directive 2009/24 / EC of the European Parliament and of the Council of 23 April 2009 on the legal protection of computer programs must be interpreted as meaning that the right to distribute a copy of a computer program is exhausted in the case that the copyright holder, who authorized, even free of charge, the downloading of this copy from the Internet on a data medium, also granted with payment of a price intended to enable him to obtain a remuneration corresponding to the economic value of the copy the work of which he is the owner, a right to use that copy for an unlimited period.

2. Articles 4 (2) and 5 (1) of Directive 2009/24 must be interpreted as meaning that, in the case of the resale of a license to use which involves the resale of a copy of a computer program downloaded from the to the copyright holder, a license that was originally granted to the first acquirer by that copyright holder for an indefinite period and with payment of a price intended to enable the latter to obtain a remuneration corresponding to the economic value of that copy of his work, the second the licensee of that license, as well as any subsequent acquirer of the license, may claim the exhaustion of the distribution right provided in Article 4 (2) of that Directive and may therefore be considered as the legal purchasers of a copy of a program for computer within the meaning of Article 5 (1) of that Directive, and will be able to benefit of the reproduction rights provided in the latter provision. “

(ii) Case analyzed by the national courts.

In another case, the national courts in Romania[54] analyzed the dispute regarding the request of the copyright holder concerning a program called “Automaster”.

The plaintiff, a company X from Finland, sued the defendant,  a company Y from Bucharest, asking the Court to oblige the defendant to cease any infringement of the applicant’s copyright in respect of the computer program called “Automaster” and in respect of derivative works made from this computer program, committed by

(a) unauthorized use of the “Automaster” computer program, including, but not limited to, reproduction, distribution, public communication (including by making available to third parties by allowing access to them from a place and at a time chosen by third parties), rental, lending, broadcasting, cable retransmission, importation for marketing and production of derivative works of the computer program “AutoMaster” and any modifications, alterations, additional features, documentation or translations thereof, and by

(b) Affirmation of quality of author on the “AutoMaster” software and/or of works derived from the “Automaster” software.

Bucharest Court – Civil Section V, by civil sentence no. 113 of 26.01.2017, ordered, in essence, the following:

It upheld the action filed by the applicant, in contradiction with the defendant.

It obliged the defendant to cease copyright infringement on the computer program “Automaster” and on the derivative works of this program by reproducing, distributing and making derivative works and any modifications.

It forbade the carrying out of the actions of manufacturing and offering for sale the products bearing the sign “Automaster”.

Among the recitals, the Bucharest Court noted the following: “In order to decide the lawful or unlawful nature of the creation of the programs, the Court verified the considerations of the judgment of the European Union Court of Justice in case C-406/10 S__ Institute Inc./World Programming Ltd.” In its judgment, the Court upheld that:

“It should be noted in this context that if a third party were to obtain the part of the source code or object code relating to the programming language or data file format used in a computer program and would use similar code to create such elements in its own computer program, that conduct is likely to constitute partial reproduction within the meaning of Article 4 (a) of Directive 91/250.

However, as appears in the referral decision, WPL did not have access to the source code of the program created by the S__ Institute and did not decompile the object code of that program. By analyzing, studying and testing the behavior of the program created by the S__ Institute, WPL reproduced its functionality using the same programming language and the same data file format”.

The Bucharest Court also noted that the defendant had access to these elements of the program by carrying out the distribution contract, so that his situation is not that of a third party who obtained the ideas and principles underlying the elements of the programs by simple analysis and study.

In the same sense are the provisions of Law 8/1996 – art. 78-80.

The tribunal retains the applicability of art. 79 letter c of Law 8/1996: the derived programs are similar, and the information was obtained by the defendant by reproducing the plaintiff’s program, the information being necessary for the interoperability of a computer program with other computer programs; compared to the defendant’s claims, this reproduction itself – which can only look at parts of the program – is indispensable for obtaining information, given that the defendant showed that “these applications connect to the Automaster program and exchange information.”

Subsequently, the sentence of the Bucharest Court was changed on appeal by the Bucharest Court of Appeal, Civil Section IV by Civil Decision no. 488 a / 2017 25.04.2018[55], in the sense that it rejected the restricted action as unfounded.

In the recitals of the decision of the Bucharest Court of Appeal the following were noted, inter alia:

The Court finds that the two works registered at the Romanian Copyright Office, having in their name the phrase “AM”, respectively AM DICTIONAR ROMANIA and AM SETARI ROM SPECIFIC correspond to the definition of derivative works given by art. 8 lit. a) of Law no. 8/1996, in the form in force at the time of making these software, according to which “Without prejudice to the copyrights of the authors of original work, are also subject to copyright derivative works that have been created from one or more pre-existing works, namely:… a) translations, adaptations, annotations,… which represent an intellectual work of creation;”

These two works were made based on the clauses of the distribution contract: the translation was made considering the obligations established in art. 3.6.2. from the distribution contract, and the specific settings were made taking into account the obligations established in art. 3.6.1. Moreover, as noted above, without the realization of these derivative works the distribution contract could not produce effects, due to the lack of interest of economic agents operating in Romania to purchase software not adapted to their linguistic and fiscal needs. Regarding the translation, article 3.6.2 expressly established that this is the responsibility of the Distributor. As for the adaptation to the specific requirements in Romania, it derives from the provisions of art. 3.6.1. from the distribution contract and from the necessity to fulfill this requirement so that the distribution of the Automaster software can be made on the Romanian territory.

“Therefore, there was the applicant’s consent to the performance of those derivative works. Moreover, those derivative works were necessary for the use of the Automaster program on the territory of Romania corresponding to its destination and, therefore, even if there had been no express consent of the applicant, it would have been applicable the provisions of art. 76 of Law no. 8/1996, according to which “Unless otherwise stated, are not subject to the authorization of the copyright holder the documents provided in art. 73 lit. a) and b), if they are necessary to enable the legitimate acquirer to use the computer program in a manner appropriate to its intended purpose, including to correct errors”.

Therefore, in relation to the above, the Bucharest Court of Appeal finds that the Bucharest Court erred in finding that the defendant infringed the applicant’s copyright in the Automaster program on the basis that the defendant’s software reproduced the source-code of the Automaster program in an impermissible manner, provided that it is proved and, moreover, it is not even claimed by the applicant.”

Currently, the case is on final appeal, pending before the High Court of Cassation and Justice and we are going to find the final solution on this case.

d) Conclusions

In conclusion, it is undeniable that the software services market has evolved at a rapid pace, and the ability to understand the effects that a software services contract may produce must be adapted to the same extent.

Therefore, we appreciate that it is in the interest of all parties involved in such operations, to analyze the contracts from as many perspectives as possible, including the legal one.

As we have seen in those is presented in this presentation, one of the concerns of the parties could be to reduce, as much as possible, legal and contractual risks, such as: the risk of insufficient determination of the object of the contract, the copyright (including means of protection-opposability), disclosure of the client’s trade secret (know how), IP disclosure, disclosure / use of source code / object code, without right, data confidentiality, and last but not least, fiscal risks (especially in cross-border contracts).


[1] Available here (pg 16)
[2] Available here
[3] Available here -„Universul Juridic” magazine no. 5/2019 –  Contributions to the study of the legal regime of computer programs in the Romanian law system, by Teodor Bodoașcă- May 2, 2019
[4] Available here
[5] Available here
[6] Annex 1C- Agreement On Trade-Related Aspects Of Intellectual Property Rights
 Article 9 Relation to the Berne Convention
1. Members shall comply with Articles 1 through 21 of the Berne Convention (1971) and the Appendix thereto. However, Members shall not have rights or obligations under this Agreement in respect of the rights conferred under Article 6bis of that Convention or of the rights derived there from.
2. Copyright protection shall extend to expressions and not to ideas, procedures, methods of operation or mathematical concepts as such.
Article 10 Computer Programs and Compilations of Data
1. Computer programs, whether in source or object code, shall be protected as literary works under the Berne Convention (1971).
2. Compilations of data or other material, whether in machine readable or other form, which by reason of the selection or arrangement of their contents constitute intellectual creations shall be protected as such. Such protection, which shall not extend to the data or material itself, shall be without prejudice to any copyright subsisting in the data or material itself.
Article 11 – Rental Rights
In respect of at least computer programs and cinematographic works, a Member shall provide authors and their successors in title the right to authorize or to prohibit the commercial rental to the public of originals or copies of their copyright works.  A Member shall be excepted from this obligation in respect of cinematographic works unless such rental has led to widespread copying of such works which is materially impairing the exclusive right of reproduction conferred in that Member on authors and their successors in title.  In respect of computer programs, this obligation does not apply to rentals where the program itself is not the essential object of the rental.
[7] Available here
[8] “Article 1 subject matter of protection
In accordance with the provisions of this Directive, Member States shall protect computer programs, by copyright, as literary works within the meaning of the Berne Convention for the Protection of Literary and artistic works. For the purposes of this Directive, the term ‘computer program’ includes preparatory design material.
Protection in accordance with this Directive shall apply to any form of expression of a computer program. Ideas and principles which underlie an element of any computer program, including those which underlie its interfaces, are not protected by copyright under this Directive.
(3) A computer program shall be protected if it is original in the sense that it represents an intellectual creation of its own. No other criteria shall be applied to determine whether the protection is eligible.”
[9] Available here
[10] “Article 3 subject matter of protection
(1) In accordance with this Directive, databases which, by their choice or arrangement of elements, constitute the author’s own intellectual creation shall be protected as such by copyright. No other criteria shall apply to determine whether databases qualify for such protection.
(2) The protection of databases by copyright provided for in this Directive shall not extend to their contents and shall not affect rights which continue to affect such content.”
[11] “Art. 3 –The natural person or persons who created the work shall be the author.”
[12] “Art. 1 – (1) Copyright in a literary, artistic or scientific work, as well as in other works of intellectual creation, is recognized and guaranteed under the terms of this Act. This right is linked to the author’s person and has moral and economic attributes.”
[13] “Art. 7 – An object of copyright shall be the original works of intellectual creation in the field of literary, artistic or scientific works, whatever the creation, mode or form of expression and irrespective of their value and intended use, such as: (a) literary and publishing writings, conferences, predictions, oral submissions, lectures and any other written or oral works, and computer programs;”
[14] “Art. 73- Law no. 8/1996
(1) By this law, computer program protection includes any expression of a program, application programs and operating systems, expressed in any language, whether in source code or object code, preparatory design material and manuals.”
[15] “Art. 140 – Law no. 8/1006
The provisions of this Chapter concern the legal protection of databases in any form whatsoever.
(2) for the purposes of this law, a database shall mean a collection of works, data or other independent items, whether protected by copyright or related rights, arranged in a systematic or methodical manner and individually accessible by electronic means or by any other means.
Protection under this Chapter shall not apply to computer programs used in the manufacture or operation of databases accessible by electronic means.”
[16] “Art. 3 – The Romanian Copyright Office shall administer the following national registers: (…) b) national computer program register;
Art. 4 – Registration or entry in the national registers referred to in Article 3 shall be compulsory and shall be carried out under the sole responsibility of natural or legal persons. The registration shall not be constitutive of copyright or related rights.”
[17] “Art. 2 – For the purposes of this ordinance, the following terms and expressions shall have the following meaning: (…) (g) computer program license – the written authorization, which accompanies the computer program, given by the copyright holder regarding the right to use that program.”
[18] “Art. 43 –  (1) The following acts constitute contraventions and are sanctioned as follows: a) non-registration or non-registration in the national registers administered by the Romanian Copyright Office, according to the provisions of this ordinance, with a fine from 2,000 lei to 10,000 lei;”
[19] “Art. 60 – Exemptions The following taxpayers shall be exempt from income tax: (…) natural persons in respect of income earned on salaries and similar to wages referred to in article 76 (1) to (3) as a result of the work of creating computer programs, under the conditions laid down by common order of the minister of communications and the information society, the minister of labor and social justice, the minister for national education and the minister for public finance;”
[20] “Art. II – (1) By way of derogation from the provisions of art. 60, 1381 and 154 (1) r) of Law no. 227/2015 on the Fiscal Code, with subsequent amendments and completions, during the state of emergency established by decree issued by the President of Romania, for the allowances provided in art. XI (1) and art. XV of the Government Emergency Ordinance no. 30/2020 for amending and supplementing some normative acts, as well as for establishing measures in the field of social protection in the context of the epidemiological situation determined by the spread of SARS-CoV-2 corona virus, with subsequent amendments and completions, and art. 3 of Law no. 19/2020 on granting parents days off for the supervision of children, in case of temporary closure of schools, with subsequent amendments and completions, borne by the unemployment insurance budget, respectively from the state budget, no tax facilities are granted. (2) The provisions of paragraph 1 shall apply to allowances granted from the unemployment insurance budget or the State budget as from April 2020.”
[21] (TITLE VII value added tax > CHAPTER IV operations covered by the tax >) Article 271 – the provision of services > (3) services includes operations such as: (b) the assignment of intangible assets, whether or not they are the subject of a proprietary right, such as the transfer and/or assignment of copyright, patents, licenses, trademarks and other similar rights;
[22] “Art. 1 – Employees of economic operators operating in Romania in accordance with the legislation in force, whose object of activity includes the creation of computer programs (CAEN code 5821, 5829, 6201, 6202, 6209), benefit from the income tax exemption from salaries and assimilated to salaries, provided in art. 60 point 2 of Law no. 227/2015 on the Fiscal Code, with subsequent amendments and completions, if the following conditions are cumulatively met:”
[23] “Art. 4 – The tax exemption on income from salaries and assimilated to salaries, provided in art. 60 point 2 of Law no. 227/2015 on the Fiscal Code, with subsequent amendments and completions, applies monthly only for income from salaries and assimilated to salaries, obtained from carrying out an activity of creating computer programs, based on an individual employment contract, regardless of the time of employment which benefits from the exemption, and without being conditioned by its contribution to the achievement of the minimum income ceiling provided in art. 1 (1) lit. e).”
[24] “SECTION 1 Taxable income obtained from Romania. In applying the provisions of art. 223 par. (1) lit. d) and e) of the Fiscal Code: (3) In the case of a transaction involving the transfer of software, the classification as fee of the amount to be paid shall depend on the nature of the rights transferred. (4) In the case of a partial transfer of copyright on software, the amount to be paid is a royalty if the recipient acquires the right to use that software, so that failure to do so constitutes an infringement of copyright. Examples of such transactions are transfers of rights to reproduce and distribute any software to the public, as well as transfers of the right to modify and make public any software. (5) In analyzing the nature of a transaction involving the transfer of software, the right to copy a program exclusively in order to allow the actual exploitation of the program by the user shall not be taken into account. Consequently, an amount to be paid is not a royalty if the only right transferred is a limited right to copy a program in order to allow the user to exploit it. The same result applies to “network or site rights”, in which the recipient obtains the right to make multiple copies of a program, exclusively in order to allow the operation of the program on multiple computers or in the recipient’s network. (6) The amounts paid by software intermediaries under a contract which frequently grants the right to distribute copies of the software without giving the right to reproduce shall not be royalty. Distribution may be made on tangible media or electronically, without the distributor having the right to reproduce the software. Also, the amount paid for software to be customized in order to install it is not a royalty. In these transactions, distributor intermediaries pay only for the purchase of software and not to exploit a copyright in the software. (7) The amount to be paid for the use or right to use ideas or principles regarding software, such as logic diagrams, algorithms or programming languages, is a royalty. (8) Software is any program or series of programs that contains instructions for a computer, both for operating the computer (operating software) and for performing other tasks (application software).”
[25] “SECTION 2 Provision of services (11) For the purposes of art. 271 of the Fiscal Code, the following are considered services: a) the provision of standard software programs via the Internet or through any other electronic network and which is mainly automated, requiring minimal human intervention, being a service provided electronically, according to art. 266 par. (1) point 28 of the Fiscal Code; b) the provision of licenses within a license agreement regarding software programs, which allows the customer to install the software on various workstations, together with the provision of standard software programs on diskette or another data carrier, according to art. 271 par. (3) lit. b) of the Fiscal Code; c) providing customized software, even if the software is provided on a diskette or other data carrier. The customized software program represents any software program created or adapted to the specific needs of the clients, according to the requirements expressed by them;”
[26] “Art. 194. Law no. 8/1996 – It is a criminal offence and punishable by imprisonment from 6 months to 3 years or a fine for making available to the public, including through the Internet or other computer networks, without right, works or products bearing related rights or sui generis rights of database manufacturers or their copies, regardless of the medium, so that the public can access them at any place or at any time individually chosen.
Art. 195. – Law no. 8/1996 – It is a criminal offence and punishable by imprisonment from 6 months to 3 years or a fine the unauthorized reproduction on computer systems of computer programs in any of the following ways: installation, storage, running or execution, display or transmission in the internal network.”
[27] “Article 360 – Unauthorized access to a computer system shall be punishable by imprisonment from 3 months to 3 years or by a fine. (2) The deed provided in par. (1), committed for the purpose of obtaining computer data, shall be punished by imprisonment from 6 months to 5 years. (3) If the deed provided in par. (1) was committed in relation to a computer system to which, through specialized procedures, devices or programs, access is restricted or prohibited for certain categories of users, the penalty is imprisonment from 2 to 7 years. *) According to Decision no. 15/2013, published in the Official Gazette of Romania no. 760 of 06.12.2013, the High Court of Cassation and Justice admitted the appeal in the interest of the law formulated by the General Prosecutor of the Prosecutor’s Office of the High Court of Justice Cassation and Justice and established that:
The installation at the ATM of the autonomous devices for reading the magnetic tape of the authentic card and of the PIN code afferent to it (skimmers, mini-video cameras or false keyboard type devices) constitutes the crime provided by art. 46 par. (2) of Law no. 161/2003 [art. 365 par. (1) of the current Criminal Code].
– The use of an authentic bank card at the ATM, without the consent of its holder, for the purpose of making cash withdrawals, constitutes the offense of fraudulently carrying out financial transactions using an electronic payment instrument, including identification data that allow the use of it, provided by art. 27 par. (1) of Law no. 365/2002 [art. 250 of the current Criminal Code], in multiple offences with the crime of access, without right, to a computer system committed for the purpose of obtaining computer data by violating security measures, provided by art. 42 par. (1), (2) and (3) of Law no. 161/2003 [art. 360 of the current Criminal Code].
– The use at the ATM of a forged bank card, for cash withdrawals, constitutes the offense of fraudulently carrying out financial operations by using an electronic payment instrument, including the identification data that allow its use, provided by art. 27 par. (1) of Law no. 365/2002 [art. 250 of the current Criminal Code], in multiple offences with the crime of access, without right, to a computer system committed for the purpose of obtaining computer data by violating security measures, provided by art. 42 par. (1), (2) and (3) of Law no. 161/2003 [art. 360 of the current Criminal Code], and with the crime of forgery of electronic payment instruments, provided by art. 24 par. (2) of Law no. 365/2002 [art. 313 of the current Criminal Code].
The release of the issue of law remains mandatory for the courts even after February 1, 2014.
Illegal interception of a computer data transmission
Article 361. – The interception, without right, of a computer data transmission which is not public and which is intended for a computer system, comes from such a system or is carried out within a computer system shall be punished by imprisonment from one to 5 years.
(2) With the same punishment shall be sanctioned the interception, without right, of an electromagnetic emission from a computer system, which contains computer data that are not public.
Altering the integrity of computer data
Article 362. – The act of modifying, deleting or damaging computer data or restricting access to such data, without right, is punishable by imprisonment from one to 5 years.
Disruption of computer systems
Article 363. – The act of seriously disrupting, without right, the operation of a computer system, by entering, transmitting, modifying, deleting or damaging computer data or by restricting access to computer data, is punishable by imprisonment from 2 to 7 years.
Unauthorized transfer of computer data
Article 364. – Unauthorized transfer of data from a computer system or from means of storing computer data is punishable by imprisonment from one to 5 years.
Illegal operations with computer devices or programs
Article 365 (1 The act of a person who, without right, produces, imports, distributes or makes available in any form: a) computer devices or programs designed or adapted for the purpose of committing one of the offenses provided in art. 360-364; b) passwords, access codes or other such computer data that allow total or partial access to a computer system, for the purpose of committing one of the offenses provided in art. 360-364, shall be punished by imprisonment from 6 months to 3 years or by a fine. *) According to Decision no. 15/2013, published in the Official Gazette of Romania no. 760 of 06.12.2013, the High Court of Cassation and Justice admitted the appeal in the interest of the law formulated by the General Prosecutor of the High Court of Cassation and Justice and established that: The installation at the ATM of the autonomous devices for reading the magnetic tape of the authentic card and of the PIN code afferent to it (skimmers, mini-video cameras or false keyboard type devices) constitutes the crime provided by art. 46 par. (2) of Law no. 161/2003 [art. 365 par. (1) of the current Criminal Code]. The release of the issue of law remains mandatory for the courts even after February 1, 2014. (2) Possession, without right, of a device, a computer program, a password, an access code or other computer data from those provided in par. (1), for the purpose of committing one of the offenses provided in art. 360-364, shall be punished by imprisonment from 3 months to 2 years or by a fine.”
[28] “TITLE III Prevention of and fight against cybercrime
CHAPTER I General provisions
Article 34. – This title regulates the prevention and fight against cybercrime, through specific measures to prevent, detect and sanction crimes committed through computer systems, ensuring respect for human rights and the protection of personal data.
Article 35. – In this Title, the terms and expressions below have the following meanings: a) computer system means any device or set of devices interconnected or in a functional relationship, one or more of which ensures the automatic processing of data, by means of a computer program; b) by automatic data processing is meant the process by which data from a computer system are processed by means of a computer program; c) computer program means a set of instructions that can be executed by a computer system in order to obtain a determined result; d) computer data means any representation of facts, information or concepts in a form that can be processed by a computer system. This category also includes any computer program that can determine the performance of a function by a computer system; e) service provider means: any natural or legal person that offers users the possibility to communicate through computer systems; any other natural or legal person who processes or stores computer data for the persons referred to in point 1 and for the users of the services provided by them; f) data relating to information traffic means any computer data relating to a communication made through and produced by a computer system, which is part of the communication chain, indicating the origin, destination, route, time, date, size, the volume and duration of the communication, as well as the type of service used for the communication; g) user data means any information that may lead to the identification of a user, including the type of communication and service used, postal address, geographical address, telephone or other access numbers and the method of payment for that service, such as and any other data that may lead to the identification of the user; h) security measures means the use of specialized procedures, devices or software by means of which access to a computer system is restricted or prohibited for certain categories of users; i) child pornography means any material that depicts a minor having explicit sexual behavior or an adult who is portrayed as a minor having explicit sexual behavior or images that, although not depicting a real person, simulate credible, a minor with explicit sexual behavior. For the purposes of this Title, the person who is in one of the following situations shall act without right: a) is not authorized under the law or a contract; b) exceeds the authorization limits; c) does not have the permission, from the competent natural or legal person, according to the law, to grant it, to use, manage or control an information system or to carry out scientific research or to carry out any other operation in an information system.
CHAPTER II Prevention of cybercrime
Article 36. – To ensure the security of information systems and the protection of personal data, public authorities and institutions with expertise in the field, service providers, non-governmental organizations and other representatives of civil society carry out joint activities and programs to prevent cybercrime.
Article 37. – Public authorities and institutions with expertise in the field, in cooperation with service providers, non-governmental organizations and other representatives of civil society, shall promote policies, practices, measures, procedures and minimum standards for the security of information systems.
Article 38. – Public authorities and institutions with expertise in the field, in cooperation with service providers, non-governmental organizations and other representatives of civil society, shall organize information campaigns on cybercrime and the risks to which users of information systems are exposed.
Article 39. – (1) The Ministry of Justice, the Ministry of Internal Affairs, the Ministry of Communications and Information Technology, the Romanian Intelligence Service and the Foreign Intelligence Service constitute and continuously update databases on cybercrime. (2) The National Institute of Criminology subordinated to the Ministry of Justice shall carry out periodic studies in order to identify the causes that determine and the conditions that favor cybercrime.
Article 40. – The Ministry of Justice, the Ministry of Internal Affairs, the Ministry of Communications and Information Technology, the Romanian Intelligence Service and the Foreign Intelligence Service carry out special programs for the training and improvement of staff with responsibilities in preventing and combating cybercrime.
Article 41. – Owners or administrators of computer systems to whom access is prohibited or restricted for certain categories of users have an obligation to warn users about the legal conditions of access and use, as well as about the legal consequences of unauthorized access to these computer systems. The warning must be accessible to any user.”
[29] “Article 3. – The provisions of this Code shall also apply to relations between professionals and to relations between them and any other subjects of civil law. (2) All those who operate an enterprise are considered professionals. (3) The exploitation of an enterprise is the systematic exercise, by one or more persons, of an organized activity consisting in the production, administration or alienation of goods or in the provision of services, regardless of whether or not it has a lucrative purpose.”
[30] https://www.oracle.com/ro/applications/what-is-saas/
[31] Available here
[32] Available here
[33] Available here
[34] Available here
[35] Available here
[36] Available here
[37]“ Article 1.166. – A contract is the agreement of wills between two or more persons with the intention of establishing, amending or extinguishing a legal relationship.
Rules applicable to contracts
Article 1,167. – (1) All contracts are subject to the general rules of this chapter. (2) The particular rules regarding certain contracts are provided in this code or in special laws.”
[38] “Rules applicable to unnamed contracts
Article 1,168. – The provisions of this chapter shall apply to contracts not regulated by law, and if they are not sufficient, the special rules regarding the contract with which they most resemble.
Freedom to contract
Article 1,169. – The parties are free to conclude any contracts and to determine their content, within the limits imposed by law, public order and morals.
Good faith
Article 1,170. – The parties must act in good faith both in the negotiation and conclusion of the contract and throughout its execution. They may not remove or limit this obligation.”
[39] The phrase was retained by the courts (Teleorman Court dec. No. 301 of April 26, 2015, www legalis.ro) cited in the Law of civil and commercial contracts – Theory, jurisprudence, models Vasile Nemes and Gabriela Firbinteanu – Hamangiu 2020 Publishing House, – pg. 158.
[40]The adhesion contract
Article 1.175. – The contract is of adhesion when its essential clauses are imposed or drafted by one of the parties, for this party or as a result of its instructions, the other party having only to accept them as such.”
[41] 1. Database Administrator 2. Analyst 3. Computer System Engineer 4. Software System Engineer 5. Computer Project Manager 6. Developer 7. Computer System Designer 8. Computer System Developer 9. Assistant Developer 10. Analyst help.
[42] Available here
[43] Ordinance no. 25/2006 on strengthening the administrative capacity of the Romanian Copyright Office
[44] Details can be found in the course on Designing Complex Software Systems (pg2): available here
[45] Available here
[46] Available here
[47] Available here
[48] Available here
[49] Available here (PG 25)
[50] Available here
[51] Available here
[52] Available here
[53] Available here
[54] Available here
[55] Available here


Cristina Ticu Jianu
Robert Ticu Jianu