Regulation (EU) 2020/1056 of the European Parliament and of the Council of 15 Jul... (32020R1056)
EU - Rechtsakte: 13 Industrial policy and internal market

REGULATION (EU) 2020/1056 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

of 15 July 2020

on electronic freight transport information

(Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,
Having regard to the Treaty on the Functioning of the European Union, and in particular Article 91 and Article 100(2) thereof,
Having regard to the proposal from the European Commission,
After transmission of the draft legislative act to the national parliaments,
Having regard to the opinion of the European Economic and Social Committee (1),
After consulting the Committee of the Regions,
Acting in accordance with the ordinary legislative procedure (2),
Whereas:
(1) The efficiency of freight transport and logistics is vital for the growth and competitiveness of the Union economy, the functioning of the internal market and the social and economic cohesion of all regions of the Union.
(2) The aim of this Regulation is to encourage the digitalisation of freight transport and logistics to reduce administrative costs, improve enforcement capabilities of competent authorities, and enhance the efficiency and sustainability of transport.
(3) The movement of goods, including waste, is accompanied by a large amount of information which is still exchanged in paper format among businesses, and between businesses and competent authorities. The use of paper documents represents a significant administrative burden for logistics operators and an additional cost for logistics operators and related industries (such as trade and manufacturing), in particular for SMEs, and has a negative impact on the environment.
(4) The absence of a uniform legal framework at Union level requiring competent authorities to accept relevant freight transport information, required by legislation, in electronic form, is considered to be the main reason for the lack of progress towards the simplification and greater efficiency of information exhanges made possible by available electronic means. The acceptance by competent authorities of information in electronic form with common specifications would ease not only communication between competent authorities and economic operators but, indirectly, also the development of uniform and simplified business-to-business electronic communication across the Union. It would also lead to significant administrative cost savings for economic operators, and particularly SMEs, which constitute the large majority of transport and logistics companies within the Union.
(5) Some areas of Union transport law require competent authorities to accept digitised information, but this concerns far from all relevant Union legal acts. It should be possible to use electronic means to make regulatory information on the transport of goods available to competent authorities throughout the territory of the Union in respect of all relevant phases of transport operations conducted within the Union. Furthermore, that possibility should apply to all regulatory information and to all transport modes.
(6) Competent authorities should therefore be required to accept information made available electronically whenever economic operators are obliged to make information available as proof of compliance with requirements laid down in Union legal acts covered by this Regulation. This requirement should also cover information requested by the authorities as additional information in accordance with the provisions of those Union legal acts, for example, when some information is missing. The same should apply where national law requires the provision of regulatory information identical, in whole or in part, to information to be provided pursuant to Union legal acts falling within the scope of this Regulation. Authorities should also endeavour to communicate electronically with the economic operators concerned in relation to that information. Such communication should be without prejudice to relevant provisions of Union legal acts and national law related to follow-up measures during or after regulatory information checks. The obligation for competent authorities to accept information made available electronically by economic operators should also apply whenever provisions of Union legal acts or national law falling within the scope of this Regulation require information that is also referred to in relevant international conventions such as the conventions governing the international contracts of carriage in the different transport modes, for example the UN Convention on the Contract for the International Carriage of Goods by Road (CMR), the Convention concerning International Carriage by Rail (COTIF), the IATA Resolution 672 on E-air Waybill, the Convention for the Unification of Certain Rules for International Carriage by Air (Montreal Convention), and the Budapest Convention on the Contract for the Carriage of Goods by Inland Waterways (CMNI).
(7) Since this Regulation is only intended to facilitate and encourage the provision of information between the economic operators and competent authorities by electronic means, it should be without prejudice to the provisions of Union legal acts or national law determining the content of regulatory information and, in particular, should not impose any additional regulatory information or language requirements. While this Regulation is intended to allow the compliance with regulatory information requirements by electronic means rather than by means of paper documents, it is without prejudice to the possibility for the economic operators concerned to present that information in paper format, as provided for in the relevant provisions of Union legal acts or national law, and should be without prejudice to relevant Union requirements regarding the documents to be used for the structured presentation of the information in question. This Regulation should be without prejudice to the provisions of Regulation (EC) No 1013/2006 of the European Parliament and of the Council (3) concerning procedural requirements for shipments of waste and to the provisions referring to controls by customs offices. This Regulation should also be without prejudice to the reporting obligations, including those relating to the competence of customs offices or the competence of other authorities, set out in Regulation (EU) No 952/2013 of the European Parliament and of the Council (4) or in implementing or delegated acts adopted thereunder or in Regulation (EU) 2019/1239 of the European Parliament and of the Council (5).
(8) The use of electronic means to exchange regulatory information can reduce administrative costs for economic operators and can enhance the efficiency of competent authorities. Both economic operators and competent authorities would need to take the necessary measures to make possible electronic exchanges of regulatory freight transport information (eFTI) in machine-readable format via platforms based on information and communications technology (eFTI platforms), including acquiring the necessary equipment. However, the economic operators concerned should remain responsible for providing information in human-readable format whenever specifically requested by competent authorities in order to allow competent authorities to perform their duties in situations where access to an eFTI platform is not available.
(9) In order to enable economic operators to provide relevant information in electronic form in the same way in all Member States, it is necessary to rely on common specifications, which should be adopted by the Commission by means of delegated and implementing acts referred to in this Regulation.
(10) Common specifications on the definition and technical characteristics of data elements should ensure data interoperability by establishing a single comprehensive data set to be used for the electronic communication of the information. This comprehensive data set should contain all the data elements corresponding to the information requirements contained in the relevant provisions of Union legal acts and national law, where each data element that is common to one or more subsets is included only once.
(11) Common specifications should also set out common procedures and detailed rules for access and processing of that information by competent authorities, including any related communication between competent authorities and the economic operators concerned, such as requests for additional information, necessary for competent authorities to exercise their respective regulatory enforcement competences in accordance with the relevant provisions of Union legal acts and national law.
(12) When laying down those common specifications, due account should be taken of relevant data exchange specifications laid down in relevant Union legal acts and contained in relevant European and international standards for data exchange, including multimodal standards, and of the principles and recommendations set out in the Commission’s Communication of 23 March 2017 entitled the ‘European Interoperability Framework – Implementation Strategy’, which provides an approach to the delivery of European digital public services commonly agreed by the Member States. Due care should also be taken that those specifications remain technologically neutral and open to innovative technologies.
(13) With a view to minimising costs for both competent authorities and economic operators, the establishment of access points for competent authorities could be considered. Those access points would act only as intermediaries between the eFTI platforms and competent authorities, and should therefore neither store nor process the eFTI data to which they mediate access, except for metadata connected to eFTI data processing, such as operation logs necessary for monitoring or statistical purposes. Member States could also agree to establish joint access points for their respective competent authorities.
(14) This Regulation should establish the functional requirements applicable to eFTI platforms which should be used by economic operators to make regulatory freight transport information available to competent authorities in electronic form in order to meet the conditions for the mandatory acceptance of this information by competent authorities, as laid down in this Regulation. Requirements should also be established for third-party platform service providers (eFTI service providers). Those requirements should ensure, in particular, that all eFTI data can be processed solely in accordance with a comprehensive rights-based access-control system that provides assigned functionalities, that all competent authorities can have immediate access to that data in accordance to their respective regulatory enforcement competences, that the processing by electronic means of personal data can be carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (6), and that the processing of sensitive commercial information can be carried out in a way that respects the confidentiality of that information.
(15) The Commission should adopt specifications regarding the functional requirements for eFTI platforms. When adopting those specifications, the Commission should seek to ensure the interoperability of the eFTI platforms in order to facilitate the exchange of data between such platforms and to allow economic operators to use the eFTI platform of their choice. In order to facilitate implementation and minimise costs, the Commission should also take into account relevant technical solutions and standards used by existing ICT systems. At the same time, the Commission should ensure that those specifications remain technologically neutral to the greatest extent possible, in order to encourage continuous innovation and to avoid technological lock-in.
(16) To build the confidence of both competent authorities and economic operators as regards compliance by eFTI platforms and eFTI service providers with those functional requirements, the Member States should put in place a certification system underpinned by accreditation in accordance with Regulation (EC) No 765/2008 of the European Parliament and of the Council (7). To take advantage of the benefits of certification, providers of ICT systems that are already in use are encouraged to ensure that those systems comply with the requirements for eFTI platforms laid down in this Regulation, and to apply for certification. The certification of ICT systems should be carried out without delay.
(17) The use of eFTI platforms provides economic operators with guaranteed acceptance of regulatory information and provides competent authorities with reliable and secure access to that information. Nevertheless, and notwithstanding the obligation for all competent authorities to accept the information made available through a certified eFTI platform in accordance with this Regulation, the use of other ICT systems should remain possible if a Member State so chooses. At the same time, this Regulation should not prevent the business-to-business use of eFTI platforms, or prevent the use of additional functionalities on eFTI platforms, provided that this does not adversely affect the processing of the regulatory information that falls within the scope of this Regulation, in compliance with the requirements of this Regulation.
(18) In order to ensure uniform conditions for the implementation of the obligation to accept regulatory information made available in electronic form pursuant to this Regulation, implementing powers should be conferred on the Commission. In particular, implementing powers should be conferred on the Commission to establish common procedures and detailed rules for competent authorities for the access to and processing of that regulatory information where the economic operators concerned make that information available electronically, including detailed rules and technical specifications, and to establish detailed specifications for the implementation of the requirements for eFTI platforms and for eFTI service providers. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council (8).
(19) In order to ensure the proper application of this Regulation, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union should be delegated to the Commission in respect of amending Part A of Annex I to take into account any delegated or implementing acts adopted by the Commission which establish new Union regulatory information requirements in relation to the transport of goods; and amending Part B of Annex I, in order to incorporate the lists of regulatory information requirements in national law that have been notified to the Commission by the Member States in accordance with this Regulation, and in order to incorporate any new provision of relevant national law which introduces changes to the national regulatory information requirements, or lays down new relevant regulatory information requirements that fall within the scope of this Regulation that have been notified to the Commission by the Member States in accordance with this Regulation; and in respect of supplementing this Regulation by establishing and amending the common data set and data subsets in relation to the respective regulatory information requirements covered by this Regulation; and supplementing certain technical aspects of this Regulation, namely as regards the rules on certification and the use of the certification mark of eFTI platforms and the rules on certification of eFTI service providers. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making (9).
In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States’ experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. Furthermore, the engagement of all relevant stakeholders in the appropriate fora, such as the group of experts established by Commission Decision of 13 September 2018 setting up the ‘Digital Transport and Logistics Forum’, is important in the development and preparation of those acts.
(20) Since the objective of this Regulation, namely to ensure a uniform approach to acceptance by competent authorities of freight transport information made available electronically, cannot be sufficiently achieved by the Member States but can rather, by reason of the need to establish common requirements, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.
(21) Processing by electronic means of personal data required as part of freight transport regulatory information should be carried out in accordance with Regulation (EU) 2016/679.
(22) The Commission should carry out an evaluation of this Regulation. Information should be collected in order to inform this evaluation and to assess the performance of this Regulation against the objective that it pursues.
(23) Effective and efficient enforcement necessitates that all competent authorities have direct and real-time access to relevant regulatory information in electronic form. To that end, and in accordance with the ‘digital by default’ principle mentioned in the Commission’s Communication of 19 April 2016 entitled ‘EU eGovernment Action Plan 2016–2020 – Accelerating the digital transformation of government’, the use of electronic means should become the predominant way to exchange regulatory information between the economic operators and competent authorities. Therefore, the Commission should assess possible initiatives with a view to establishing an obligation for economic operators to use electronic means to make regulatory information available to competent authorities. The Commission should propose, where appropriate, corresponding initiatives, including possible amendments to this Regulation and other relevant Union legal acts. With a view to improving the enforcement capabilities of competent authorities and minimising costs for both competent authorities and the economic operators, the Commission should also consider further measures such as enhanced interoperability of and a common access point to ICT systems and platforms used for recording and processing regulatory information as provided for in other Union transport law.
(24) This Regulation cannot be effectively applied before the delegated and implementing acts provided for in it have entered into force. For that reason, the Commission has a legal obligation to adopt those delegated and implementing acts and should start immediately to work on them in order to ensure the timely adoption of the relevant specifications, where possible in advance of the respective deadlines set in this Regulation. The timely adoption of those delegated and implementing acts is essential for the Member States and economic operators to have enough time to take the necessary measures in compliance with this Regulation. Therefore, different application periods in this Regulation should be set accordingly.
(25) Likewise, the notification obligation of Member States under this Regulation should be performed within one year of the date of entry into force of this Regulation in order to enable the Commission to adopt the first delegated act pursuant to this Regulation in a timely manner.
(26) The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 of the European Parliament and of the Council (10),
HAVE ADOPTED THIS REGULATION:

CHAPTER I

GENERAL PROVISIONS

Article 1

Subject matter

This Regulation establishes a legal framework for the electronic communication of regulatory information between the economic operators concerned and competent authorities in relation to the transport of goods on the territory of the Union.
For that purpose, this Regulation:
(a) lays down the conditions based on which competent authorities are required to accept regulatory information when that information is made available electronically by the economic operators concerned;
(b) lays down rules on the provision of services related to making regulatory information available electronically by the economic operators concerned to competent authorities.

Article 2

Scope

1.   This Regulation applies to:
(a) regulatory information requirements set out in:
(i) Article 6(1) of EEC Council Regulation No 11 (11);
(ii) Article 3 of Council Directive 92/106/EEC (12);
(iii) Article 8(3) of Regulation (EC) No 1072/2009 of the European Parliament and of the Council (13);
(iv) point (c) of Article 16 and Article 18(1) of Regulation (EC) No 1013/2006; this Regulation is without prejudice to controls by customs offices provided for in relevant provisions of Union legal acts;
(v) Chapter 5.4 of Part 5 of Annex A to the European Agreement concerning the International Carriage of Dangerous Goods by Road (ADR), concluded at Geneva on 30 September 1957, as referred to in Section I.1 of Annex I to Directive 2008/68/EC of the European Parliament and of the Council (14); Chapter 5.4 of Part 5 of the Regulations concerning the International Carriage of Dangerous Goods by Rail (RID), appearing as Appendix C to COTIF concluded at Vilnius on 3 June 1999, as referred to in Section II.1 of Annex II to that Directive; and Chapter 5.4 of Part 5 of the Regulations annexed to the European Agreement concerning the International Carriage of Dangerous Goods by Inland Waterways (ADN), concluded at Geneva on 26 May 2000, as referred to in Section III.1 of Annex III to that Directive;
(b) regulatory information requirements laid down in delegated or implementing acts adopted by the Commission pursuant to a Union legal act referred to in point (a) of this paragraph or pursuant to Directive (EU) 2016/797 of the European Parliament and of the Council (15) or to Regulation (EC) No 300/2008 of the European Parliament and of the Council (16). Those delegated or implementing acts shall be listed in Part A of Annex I to this Regulation;
(c) regulatory information requirements set out in the provisions of national law listed in Part B of Annex I to this Regulation.
2.   By 21 August 2021, Member States shall notify the Commission of the provisions of national law and corresponding regulatory information requirements that require the provision of information identical, in whole or in part, to the information to be provided pursuant to the regulatory information requirements referred to in points (a) and (b) of paragraph 1.
Subsequent to that notification, the Member States shall notify the Commission of any provisions of national law that:
(a) introduce changes to regulatory information requirements set out in the provisions of national law listed in Part B of Annex I; or
(b) lay down new relevant regulatory information requirements that require the provision of information identical, in whole or in part, to the information to be provided pursuant to the regulatory information requirements referred to in points (a) and (b) of paragraph 1.
Member States shall make such notifications within one month from the adoption of such provisions.
3.   The Commission shall adopt delegated acts in accordance with Article 14, amending:
(a) Part A of Annex I in order to incorporate references to any regulatory information requirements referred to in point (b) of paragraph 1 of this Article;
(b) Part B of Annex I in order to incorporate or delete references to national law and regulatory information requirements in accordance with the notifications made pursuant to paragraph 2 of this Article.

Article 3

Definitions

For the purposes of this Regulation, the following definitions apply:
(1) ‘regulatory information’ means information, whether or not presented in the form of a document, that is related to the transport of goods in the territory of the Union, including of goods in transit, which is to be made available by an economic operator concerned in accordance with the provisions referred to in Article 2(1) in order to prove compliance with the relevant requirements of the acts laying down those provisions;
(2) ‘regulatory information requirement’ means a requirement to provide regulatory information;
(3) ‘competent authority’ means a public authority, agency or other body which is competent to perform tasks pursuant to the legal acts referred to in Article 2(1) and for which access to regulatory information is necessary, such as checking, enforcing, validating or monitoring compliance on the territory of a Member State;
(4) ‘electronic freight transport information’ or ‘eFTI’ means a set of data elements that are processed by electronic means for the purpose of exchanging regulatory information among the economic operators concerned and between the economic operators concerned and competent authorities;
(5) ‘eFTI data subset’ means a set of structured data elements that correspond to the regulatory information required pursuant to specific Union legal act or national law referred to in Article 2(1);
(6) ‘eFTI common data set’ means a comprehensive set of structured data elements that correspond to all the eFTI data subsets, where the data elements common to the different eFTI data subsets are included only once;
(7) ‘data element’ means the smallest unit of information which has a unique definition and precise technical characteristics, such as format, length and character type;
(8) ‘processing’ means an operation or set of operations performed on eFTI, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making eFTI available, alignment or combination, restriction, erasure or destruction;
(9) ‘operation log’ means an automated record of the electronic processing of eFTI;
(10) ‘eFTI platform’ means a solution based on information and communication technology (ICT), such as an operating system, an operating environment, or a database, intended to be used for the processing of eFTI;
(11) ‘eFTI platform developer’ means a natural or legal person which has developed or acquired an eFTI platform either for the purpose of processing regulatory information related to its own economic activity or for putting that platform on the market;
(12) ‘eFTI service’ means a service consisting of eFTI processing by means of an eFTI platform, alone or in combination with other ICT solutions, including other eFTI platforms;
(13) ‘eFTI service provider’ means a natural or legal person which provides an eFTI service to the economic operators concerned on the basis of a contract;
(14) ‘economic operator concerned’ means a transport or logistics operator, or any other natural or legal person, who is responsible for making regulatory information available to competent authorities in accordance with the relevant regulatory information requirements;
(15) ‘human-readable format’ means a way of presenting data in an electronic form that can be used as information by a natural person without requiring any further processing;
(16) ‘machine-readable format’ means a way of presenting data in an electronic form that can be used for automatic processing by a machine;
(17) ‘conformity assessment body’ means a conformity assessment body within the meaning of Regulation (EC) No 765/2008, which is accredited in accordance with that Regulation to carry out the conformity assessment of eFTI platforms or eFTI service providers;
(18) ‘shipment’ means the transport of a determined set of goods, including waste, between the first place of pick-up and final place of delivery under the terms of a single transport contract or of multiple consecutive transport contracts, including, where applicable, the transfer between different modes of transport, irrespective of the quantity or number of containers, packages or pieces transported.

CHAPTER II

REGULATORY INFORMATION MADE AVAILABLE ELECTRONICALLY

Article 4

Requirements for economic operators concerned

1.   For the purposes of Article 5(1), (2) and (3), the economic operators concerned shall comply with the requirements set out in this Article.
2.   Where the economic operators concerned make regulatory information available electronically to a competent authority, they shall do so on the basis of data processed on a certified eFTI platform and, if applicable, by a certified eFTI service provider. That regulatory information shall be made available by the economic operators concerned in machine-readable format and, at the request of the competent authority, in human-readable format.
3.   Information in machine-readable format shall be made available via an authenticated and secure connection to the data source of an eFTI platform. The economic operators concerned shall communicate the unique electronic identifying link referred to in point (e) of Article 9(1) that enables the competent authority to uniquely identify the regulatory information related to the shipment.
4.   Information in human-readable format requested by competent authorities shall be made available on the spot, on the screen of an electronic device owned by the economic operator concerned.

Article 5

Requirements for competent authorities

1.   As from 30 months after the date of entry into force of the first of the delegated and implementing acts referred to in Articles 7 and 8, competent authorities shall accept regulatory information made available electronically by the economic operators concerned in accordance with Article 4, including where such regulatory information is requested by competent authorities as additional information.
2.   Where the economic operator concerned has made, regulatory information required pursuant to Regulation (EC) No 1013/2006 available electronically in accordance with Article 4 of this Regulation, the competent authorities concerned shall also accept such regulatory information without the agreement referred to in Article 26(3) and (4) of Regulation (EC) No 1013/2006.
3.   Where regulatory information required pursuant to a specific Union legal act or national law referred to in Article 2(1) includes official validation, such as stamps or certificates, the respective authority shall provide that validation electronically, in accordance with the requirements established by the delegated and implementing acts referred to in Articles 7 and 8.
4.   In order to comply with the requirements set out in paragraphs 1 to 3 of this Article, Member States shall take measures to enable all their competent authorities to access and process regulatory information made available by the economic operators concerned in accordance with Article 4. Those measures shall comply with delegated and implementing acts referred to in Articles 7 and 8.

Article 6

Confidential commercial information

Competent authorities, eFTI service providers and the economic operators concerned shall take measures to ensure the confidentiality of commercial information that is processed and exchanged in accordance with this Regulation and ensure that such information may be accessed and processed only when authorised.

Article 7

eFTI common data set and eFTI data subsets

1.   The Commission shall adopt delegated acts in accordance with Article 14 to supplement this Regulation by establishing and amending the eFTI common data set and eFTI data subsets in relation to the respective regulatory information requirements referred to in Article 2(1), including corresponding specifications on the definition and technical characteristics for each data element included in the eFTI common data set and eFTI data subsets.
2.   When adopting the delegated acts referred to in paragraph 1, the Commission shall:
(a) take into account relevant international conventions and Union law; and
(b) seek to ensure the interoperability of the eFTI common data set and eFTI data subsets with relevant data models that are accepted internationally or at Union level, including multimodal data models.
3.   The first such delegated act shall cover all the elements referred to in paragraph 1 and shall be adopted no later than 21 February 2023.

Article 8

Common procedures and rules for access

1.   The Commission shall adopt implementing acts laying down common procedures and detailed rules, including common technical specifications, for access by competent authorities to eFTI platforms, including procedures for the processing of regulatory information and for communication between competent authorities and the economic operators concerned in relation to that information.
2.   When adopting the implementing acts referred to in paragraph 1, the Commission shall seek to enhance the efficiency of the administrative procedures and to minimise compliance costs both for the economic operators concerned and competent authorities.
3.   Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 15(2). The first such implementing act shall cover all the elements referred to in paragraph 1 of this Article and shall be adopted no later than 21 February 2023.

CHAPTER III

eFTI PLATFORMS AND eFTI SERVICE PROVIDERS

SECTION 1

Requirements for eFTI platforms and eFTI service providers

Article 9

Functional requirements for eFTI platforms

1.   The eFTI platforms used for processing regulatory information shall provide functionalities that ensure that:
(a) personal data can be processed in accordance with Regulation (EU) 2016/679;
(b) commercial data can be processed in accordance with Article 6;
(c) competent authorities can access and process data in accordance with the specifications adopted by means of delegated and implementing acts referred to in Articles 7 and 8;
(d) the economic operators concerned can make information available to competent authorities in accordance with Article 4;
(e) a unique electronic identifying link can be established between a shipment and the related data elements, including a structured reference to the eFTI platform where the data is made available, such as a unique reference identifier;
(f) data can be processed solely on the basis of authorised and authenticated access;
(g) all data processing is duly recorded in operation logs in order to allow, as a minimum, the identification of each distinct processing operation, the natural or legal person having made the operation and the sequencing of the operations on each individual data element; if an operation involves modifying or erasing an existing data element, the original data element shall be preserved;
(h) data can be archived and remain accessible for competent authorities in accordance with the relevant Union legal acts and national law laying down the respective regulatory information requirements;
(i) the operation logs referred to in point (g) of this paragraph are archived and remain accessible for competent authorities for auditing purposes for the period of time specified in the relevant Union legal acts and national law laying down the respective regulatory information requirements and, for monitoring purposes, for the periods of time referred to in Article 17;
(j) data is protected against corruption and theft;
(k) the data elements processed correspond to the eFTI common data set and to eFTI data subsets as established by the delegated acts referred to in Article 7, and can be processed in any of the official languages of the Union as provided for by the relevant Union legal acts and national law laying down the respective regulatory information requirements.
2.   The Commission shall adopt implementing acts laying down detailed specifications regarding the requirements set out in paragraph 1 of this Article. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 15(2). When adopting those specifications, the Commission shall:
(a) seek to ensure the interoperability of the eFTI platforms;
(b) take into account relevant existing technical solutions and standards;
(c) ensure that those specifications remain, to the largest extent possible, technologically neutral.
The first such implementing act shall cover all the elements referred to in paragraph 1 of this Article and shall be adopted no later than 21 August 2023.

Article 10

Requirements for eFTI service providers

1.   eFTI service providers shall ensure that:
(a) data is processed only by authorised users and in accordance with clearly defined and assigned processing rights within the eFTI platform, in accordance with the relevant regulatory information requirements;
(b) data is stored and accessible in accordance with the Union legal acts and national law laying down the respective regulatory information requirements;
(c) competent authorities have immediate access to regulatory information concerning a freight transport operation processed by means of their eFTI platforms, free of any charges or fees;
(d) data is appropriately secured, including against unauthorised or unlawful processing and against accidental loss, destruction or damage.
2.   The Commission shall adopt implementing acts laying down detailed rules regarding the requirements set out in paragraph 1 of this Article. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 15(2). The first such implementing act covering all the elements referred to in paragraph 1 of this Article shall be adopted no later than 21 August 2023.

SECTION 2

Certification

Article 11

Conformity assessment bodies

1.   Conformity assessment bodies shall be accredited in accordance with Regulation (EC) No 765/2008 for the purposes of performing the certification of eFTI platforms and eFTI service providers as set out in Articles 12 and 13 of this Regulation.
2.   For the purposes of accreditation, conformity assessment bodies shall meet the requirements laid down in Annex II. National accreditation bodies shall communicate to the national authority designated in accordance with paragraph 3 of this Article the address of the website where they make publicly available the information on the accredited conformity assessment bodies, including an up-to-date list of these bodies.
3.   Each Member State shall designate an authority that shall maintain an up-to-date list of the accredited conformity assessment bodies, eFTI platforms and eFTI service providers which hold a valid certification on the basis of the information provided pursuant to paragraph (2) of this Article and to Article 12(2) and Article 13(2). Those designated national authorities shall make that list publicly available on an official government website.
4.   By 31 March each year, those designated national authorities shall notify to the Commission the list referred to in paragraph 3 together with the address of the website where that list is publicly available. The Commission shall publish those website addresses on its official website.

Article 12

Certification of eFTI platforms

1.   Upon application by an eFTI platform developer, a conformity assessment body shall assess the compliance of the eFTI platform with the requirements laid down in Article 9(1). In the case of a positive assessment, the conformity assessment body shall issue a compliance certificate for that eFTI platform. In the case of a negative assessment, the conformity assessment body shall provide the reasons for the negative assessment to the applicant.
2.   Each conformity assessment body shall maintain an up-to-date list of the eFTI platforms that it has certified and for which it has withdrawn or suspended certification. It shall make that list publicly available on its website and shall communicate the address of that website to the designated national authority referred to in Article 11(3).
3.   Information made available to competent authorities by means of a certified eFTI platform shall be accompanied by a certification mark.
4.   The eFTI platform developer shall apply for a reassessment of its certification if the technical specifications laid down in the implementing acts referred to in Article 9(2) are revised.
5.   The Commission is empowered to adopt delegated acts in accordance with Article 14 to supplement this Regulation by laying down rules on the certification of eFTI platforms and on the use of the certification mark, including rules on the renewal, suspension and withdrawal of certification.

Article 13

Certification of eFTI service providers

1.   Upon application by an eFTI service provider, a conformity assessment body shall assess the compliance of the eFTI service provider with the requirements laid down in Article 10(1). In the case of a positive assessment, the conformity assessment body shall issue a compliance certificate. In the case of a negative assessment, the conformity assessment body shall provide the reasons for the negative assessment to the applicant.
2.   Each conformity assessment body shall maintain an up-to-date list of the eFTI service providers that it has certified and for which it has withdrawn or suspended certification. It shall make that list publicly available on its website and shall communicate the address of that website to the designated national authority referred to in Article 11(3).
3.   The Commission is empowered to adopt delegated acts in accordance with Article 14 to supplement this Regulation by laying down rules on certification of eFTI service providers, including rules on the renewal, suspension and withdrawal of certification.

CHAPTER IV

DELEGATIONS OF POWER AND IMPLEMENTING PROVISIONS

Article 14

Exercise of the delegation

1.   The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.
2.   The power to adopt delegated acts referred to in Article 2(3), Article 7, Article 12(5) and Article 13(3) shall be conferred on the Commission for a period of five years from 20 August 2020. The Commission shall draw up a report in respect of the delegation of power no later than nine months before the end of the five-year period. The delegation of power shall be tacitly extended for periods of an identical duration, unless the European Parliament or the Council opposes such extension no later than three months before the end of each period.
3.   The delegation of power referred to in Article 2(3), Article 7, Article 12(5), Article 13(3) may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the
Official Journal of the European Union
or at a later date specified therein. It shall not affect the validity of any delegated acts already in force.
4.   Before adopting a delegated act, the Commission shall consult experts designated by each Member State in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making.
5.   As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.
6.   A delegated act adopted pursuant to Article 2(3), Article 7, Article 12(5) and Article 13(3) shall enter into force only if no objection has been expressed either by the European Parliament or by the Council within a period of two months of notification of that act to the European Parliament and to the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by two months at the initiative of the European Parliament or of the Council.

Article 15

Committee procedure

1.   The Commission shall be assisted by a committee. That committee shall be a committee within the meaning of Regulation (EU) No 182/2011.
2.   Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply.

CHAPTER V

FINAL PROVISIONS

Article 16

Review

1.   No later than 21 February 2029, the Commission shall carry out an evaluation of this Regulation and present a report on the main findings to the European Parliament, to the Council and to the European Economic and Social Committee.
The Commission shall also assess possible initiatives with a view in particular to:
(a) establishing the obligation for economic operators to make available electronically regulatory information to competent authorities, in accordance with this Regulation;
(b) establishing further interoperability and interconnectivity between the eFTI environment and the different ICT systems and platforms used for recording and processing regulatory information as provided for in other Union transport law.
These assessments shall in particular cover the amendment of this Regulation and that of other relevant Union legal acts and shall be accompanied, where appropriate, by a legislative proposal.
2.   Member States shall provide the Commission with the necessary information set out in Article 17 for the preparation of the report referred to in paragraph 1 of this Article.

Article 17

Monitoring

By 21 August 2027, and every five years thereafter, Member States shall provide the Commission, on the basis of the operation logs referred to in points (g) and (i) of Article 9(1), with the number of times competent authorities accessed and processed the regulatory information that was made available electronically by the economic operators concerned in accordance with Article 4.
That information shall be provided in respect of each year covered by the reporting period.

Article 18

Entry into force and application

1.   This Regulation shall enter into force on the twentieth day following that of its publication in the
Official Journal of the European Union
.
2.   It shall apply from 21 August 2024.
3.   However, Article 2(2), Article 5(4), Article 7, Article 8, Article 9(2) and Article 10(2) shall apply from the date of entry into force of this Regulation.
This Regulation shall be binding in its entirety and directly applicable in all Member States.
Done at Brussels, 15 July 2020.
For the European Parliament
The President
D.M. SASSOLI
For the Council
The President
J. KLOECKNER
(1)  
OJ C 62, 15.2.2019, p. 265
.
(2)  Position of the European Parliament of 12 March 2019 (not yet published in the Official Journal) and position of the Council at first reading of 7 April 2020 (
OJ C 157, 8.5.2020, p. 1
). Position of the European Parliament of 8 July 2020 (not yet published in the Official Journal).
(3)  Regulation (EC) No 1013/2006 of the European Parliament and of the Council of 14 June 2006 on shipments of waste (
OJ L 190, 12.7.2006, p. 1
).
(4)  Regulation (EU) No 952/2013 of the European Parliament and of the Council of 9 October 2013 laying down the Union Customs Code (
OJ L 269, 10.10.2013, p. 1
).
(5)  Regulation (EU) 2019/1239 of the European Parliament and of the Council of 20 June 2019 establishing a European Maritime Single Window environment and repealing Directive 2010/65/EU (
OJ L 198, 25.7.2019, p. 64
).
(6)  Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (
OJ L 119, 4.5.2016, p. 1
).
(7)  Regulation (EC) No 765/2008 of the European Parliament and of the Council of 9 July 2008 setting out the requirements for accreditation and market surveillance relating to the marketing of products and repealing Regulation (EEC) No 339/93 (
OJ L 218, 13.8.2008, p. 30
).
(8)  Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by the Member States of the Commission’s exercise of implementing powers (
OJ L 55, 28.2.2011, p. 13
).
(9)  
OJ L 123, 12.5.2016, p. 1
.
(10)  Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (
OJ L 8, 12.1.2001, p. 1
).
(11)  EEC Council: Regulation No 11 concerning the abolition of discrimination in transport rates and conditions, in implementation of Article 79(3) of the Treaty establishing the European Economic Community (
OJ P 52, 16.8.1960, p. 1121
).
(12)  Council Directive 92/106/EEC of 7 December 1992 on the establishment of common rules for certain types of combined transport of goods between Member States (
OJ L 368, 17.12.1992, p. 38
).
(13)  Regulation (EC) No 1072/2009 of the European Parliament and of the Council of 21 October 2009 on common rules for access to the international road haulage market (
OJ L 300, 14.11.2009, p. 72
).
(14)  Directive 2008/68/EC of the European Parliament and of the Council of 24 September 2008 on the inland transport of dangerous goods (
OJ L 260, 30.9.2008, p. 13
).
(15)  Directive (EU) 2016/797 of the European Parliament and of the Council of 11 May 2016 on the interoperability of the rail system within the European Union (
OJ L 138, 26.5.2016, p. 44
).
(16)  Regulation (EC) No 300/2008 of the European Parliament and of the Council of 11 March 2008 on common rules in the field of civil aviation security and repealing Regulation (EC) No 2320/2002 (
OJ L 97, 9.4.2008, p. 72
).

ANNEX I

REGULATORY INFORMATION THAT FALLS WITHIN THE SCOPE OF THIS REGULATION

PART A – Regulatory information requirements referred to in point (b) of Article 2(1)

List of delegated and implementing acts referred to in point (b) of Article 2(1):
(1) Commission Implementing Regulation (EU) 2015/1998 (1) laying down detailed measures for the implementation of the common basic standards on aviation security: Annex 6.3.2.6 (a), (b), (c), (d), (e), (f) and (g).

PART B – National law

The relevant provisions of national law requiring the provision of information identical, in whole or in part, to the information specified in points (a) and (b) of Article 2(1) are listed below.
[Member State]
(1) Legal act: [provision]
(1)  Commission Implementing Regulation (EU) 2015/1998 of 5 November 2015 laying down detailed measures for the implementation of the common basic standards on aviation security (
OJ L 299, 14.11.2015, p. 1
).

ANNEX II

REQUIREMENTS RELATING TO CONFORMITY ASSESSMENT BODIES

1.   
A conformity assessment body shall be established under national law and have legal personality.
2.   
A conformity assessment body shall be a third-party body independent of the organisation or the eFTI platform or platform service provider it assesses.
A body belonging to a business association or professional federation representing undertakings involved in the design, manufacturing, provision, assembly, use or maintenance of eFTI platform or platform service provider which it assesses may, on condition that its independence and the absence of any conflict of interest are demonstrated, be considered such a body.
3.   
A conformity assessment body, its top level management and the personnel responsible for carrying out the conformity assessment tasks shall not be the designer, manufacturer, supplier, installer, purchaser, owner, user or maintainer of the eFTI platform or platform service provider which they assess, nor the representative of any of those parties.
A conformity assessment body, its top level management and the personnel responsible for carrying out the conformity assessment tasks shall not be directly involved in the design, manufacture or construction, the marketing, installation, use or maintenance of that eFTI platform or platform service provider, or represent the parties engaged in those activities. They shall not engage in any activity that may conflict with their independence of judgement or integrity in relation to conformity assessment activities for which they are accredited. This shall in particular apply to consultancy services.
Conformity assessment bodies shall ensure that the activities of their subsidiaries or subcontractors do not affect the confidentiality, objectivity or impartiality of their conformity assessment activities.
4.   
Conformity assessment bodies and their personnel shall carry out the conformity assessment activities with the highest degree of professional integrity and the requisite technical competence in the specific field, and shall be free from all pressures and inducements, particularly financial, which might influence their judgement or the results of their conformity assessment activities, especially as regards persons or groups of persons with an interest in the results of those activities.
5.   
A conformity assessment body shall be capable of carrying out all the conformity assessment tasks assigned to it by Articles 12 and 13 of this Regulation, whether those tasks are carried out by the conformity assessment body itself or on its behalf and under its responsibility.
A conformity assessment body shall have at its disposal the necessary:
(a) personnel with technical knowledge and sufficient and appropriate experience to perform the conformity assessment tasks;
(b) descriptions of procedures in accordance with which conformity assessment is carried out;
(c) procedures for the performance of activities which take due account of the size of an undertaking, the sector in which it operates, its structure and the degree of complexity of the technology in question.
A conformity assessment body shall have the means necessary to perform the technical and administrative tasks connected with the conformity assessment activities in an appropriate manner.
6.   
The personnel responsible for carrying out conformity assessment tasks shall have the following:
(a) sound technical and vocational training covering all the conformity assessment activities;
(b) satisfactory knowledge of the requirements of the assessments they carry out and adequate authority to carry out those assessments;
(c) appropriate knowledge and understanding of the requirements set out in Articles 9 and 10 of this Regulation;
(d) the ability to draw up compliance certificates, records and reports demonstrating that assessments have been carried out.
7.   
The impartiality of the conformity assessment bodies, their top level management and of the personnel responsible for carrying out the conformity assessment tasks shall be guaranteed.
The remuneration of the top level management and personnel responsible for carrying out the conformity assessment tasks of a conformity assessment body shall not depend on the number of assessments carried out or on the results of those assessments.
8.   
Conformity assessment bodies shall take out liability insurance, unless liability is assumed by the State in accordance with national law or the Member State itself is directly responsible for the conformity assessment.
9.   
The personnel of a conformity assessment body shall observe professional secrecy with regard to all information obtained in carrying out their tasks under Articles 12 and 13 of this Regulation or any provision of national law giving effect to them, except to the competent authorities of the Member State in which its activities are carried out. Proprietary rights shall be protected.
10.   
Conformity assessment bodies shall participate in, or ensure that their personnel responsible for carrying out the conformity assessment tasks are informed of, the relevant standardisation activities and relevant regulatory activities.
Markierungen
Leseansicht