Additional attributions for the National Authority for Consumer Protection on the basis of the EU Regulation regarding the cooperation between national authorities responsible for the enforcement of consumer protection laws

In this alert:

The Romanian National Authority for Consumer Protection (“NACP”) proposes in public consultation a draft legislative proposal (the “Proposal”) regarding the attributions for the single liaison office and for the competent authorities in accordance with the EU Regulation 2017/2394 regarding the cooperation between national authorities responsible for the enforcement of consumer protection laws (“Regulation”). Considering that starting with 17 January 2020, the Regulation is directly applicable in all EU members states, NACP considers that it is necessary to establish a structure which will have both the quality of a single liaison office and of a competent authority with respect to the enforcement of the Regulation’s provisions.

Which are the infringements sanctioned by the Regulation?

a) „intra-Union infringement” - any act or omission contrary to Union laws that protect consumers’ interests that has done, does or is likely to do harm to the collective interests of consumers residing in a Member State other than the Member State in which:
- the act or omission originated or took place;
- the trader responsible for the act or omission is established; or
- evidence or assets of the trader pertaining to the act or omission are to be found;
b) „widespread infringement” – any act or omission contrary to Union’s laws that protect consumers’ interests that has done, does or is likely to do harm to the collective interests of consumers residing in at least two Member States other than the Member State;
c) „widespread infringement with a Union dimension” – any act or omission what has done, does, or is likely to do harm in at least two thirds of Member State, which cumulatively represent at least two thirds of the Union’s population.
Attributions on the basis of the Regulation
Under the Regulation, the competent authorities have the following attributions:
- access to any relevant documents, data or information related to an infringement covered by this Regulation;

- the power to require any relevant information, data or documents, in any form or format and irrespective of their storage medium, or the place where they are stored, for the purposes of establishing whether an infringement covered by this Regulation, including tracing financial and data flows, ascertaining the identity of persons involved in financial and data flows, and ascertaining bank account information and ownership of websites;

- the power to carry out necessary on-site inspections, including the power to enter any premises, land or means of transport that the trader concerned by the inspection uses for purposes related to his trade, business, craft or profession, or to request other public authorities to do so, in order to examine, seize, take or obtain copies of information, data or documents, irrespective of their storage medium;

- the power to purchase goods or services as test purchases, where necessary, under a cover identity, in order to detect infringements covered by the Regulation’s provisions and to obtain evidence, including the power to inspect, observe, study, disassemble or test goods or services.

What brings new the legislative proposal initiated by the NACP?

The Proposal reiterates the provisions of the Regulation with respect to the case in which the content of an online interface breaches the legislation and no other effective means are available to bring about the cessation or the prohibition of the infringement covered by this Regulation and in order to avoid the risk of serious harm to the collective interests of consumers. More precisely, the competent authorities have the following attributions to:
- the power to remove content or to restrict access to an online interface or to order the explicit display of a warning to consumers when they access an online interface;
- the power to order a hosting service provider to remove, disable or restrict access to an online interface;
- the power to order domain registries or registrars to delete a fully qualified domain name and to allow the competent authority concerned to register it.

According to the provisions of GD 89/2020 regarding the organization and operation of the Authority for the Digitalization of Romania, this authority is empowered to perform activities necessary for the fulfillment of the Regulation’s provisions, so it remains to be seen how the attributions of NACP will further be harmonized.

Furthermore, the Proposal provides that in case where it may be considered necessary, taking into account all the interests involved and, in particular, the public interest, even in the lack of proof of loss or an effective prejudice or of the willful intent or negligence of the trader, the competent authorities may impose, through motivated order or decision, the publication of the website’s name on a “black list”. The removal from the “black list” will be granted through motivated order or decision of the competent authorities.

At the same time, the Proposal provides that the following actions represent a minor offence and shall be subject to a fine ranging between 60,000 lei – 100,000 lei:

a)       refusal by the trader to comply, in any way, with the control activity performed by the competent authorities for the enforcement of the Regulation;

b)       failure to observe by the hosting providers, domain registers or registry operators of the measures imposed by the competent authorities for the enforcement of the Regulation;

c)       refusal to comply in any way by the traders with the control activity performed by NACP for the purpose of exercising its attribution to monitor the market at local level;

d)       failure to observe by the hosting providers, domain registers or registry operators of the measures imposed by NACP.

According to the Project, the legal framework applicable to minor offences is the one provided by GO 2/2001 regarding the minor offences framework. Thus, the minutes regarding the certification of a minor offence will be challenged by the trader through a complaint, which will be settled by the court-of-law in the jurisdiction where the alleged action has taken place. The complaint will suspend the respective sanction imposed.

Current context

In January 2020, the European Commission has published the results of an EU-wide screening (“sweep”) of nearly 500 e-shops, following the entering into force of the Regulation. This sweep was carried out by consumer protection authorities of 27 countries under the coordination of the Commission, while the findings revealed that two-thirds of the screened websites do not comply with basic EU consumer rights.

At the same time, Romania will need to implement the new consumer protection EU directives, respectively Omnibus Directive and Directives 2019/770 (regarding the supply of digital content and digital services), as well as Directive 2019/771 (regarding contracts for the sale of goods), which provide for enlarged consumers’ rights and focus on the informing and transparency requirements for the traders (in connection with the reviews or comments from the websites or prices personalization).

In this context, we expect that ensuring compliance with the consumers’ protection framework will acquire a more and more important role in the future in both online and offline environments.

Also, ensuring compliance and preparation in case of controls initiated by NACP may be performed by the traders through (i) adoption of certain measures aimed to ensure continuous preparation for the employees, as well as training sessions for the personnel and internal communication of legislative updates necessary for the observance of consumer protection requirements; as well as through (ii) internal procedures meant to ensure observance by the trader of its attributions regarding traders’ rights, including for the improvement of products and services offered to consumers, as well as for documenting them at the level of the company.