Commission Implementing Regulation (EU) 2020/857 of 17 June 2020 laying down the ... (32020R0857)
EU - Rechtsakte: 13 Industrial policy and internal market

COMMISSION IMPLEMENTING REGULATION (EU) 2020/857

of 17 June 2020

laying down the principles to be included in the contract between the European Commission and the .eu top-level domain Registry in accordance with Regulation (EU) 2019/517 of the European Parliament and of the Council

(Text with EEA relevance)

THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) 2019/517 of the European Parliament and of the Council of 19 March 2019 on the implementation and functioning of the .eu top-level domain name and amending and repealing Regulation (EC) No 733/2002 and repealing Commission Regulation (EC) No 874/2004 (1), and in particular Article 8(2) thereof,
Whereas:
(1) The purpose of this Regulation is to set out the principles to be included in the contract between the Commission and the Registry for the organisation, administration and management of the .eu top-level domain (‘TLD’).
(2) The Registry should manage the .eu TLD in a manner that enhances the Union identity, promotes Union values online and promotes the use of the .eu domain name.
(3) To increase the accessibility and the usage of the .eu TLD by all who are eligible to register a .eu TLD under Regulation (EU) 2019/517, the Registry, upon request by the Commission, should offer registrar services to specific underserved geographical areas in the Union or specific categories of users identified by the Commission.
(4) To fulfil the obligations set by Regulation (EU) 2019/517, it is essential that the Registry ensures good governance of the .eu TLD, in cooperation with the Commission and taking into account the opinions of the Multistakeholder Advisory Group set up by Regulation (EU) 2019/517 when requested by the Commission.
(5) To ensure the competitiveness and widespread use of the .eu TLD, the Registry should pursue operational excellence and ensure a high quality of service at competitive prices. It should ensure trust, security and consumer protection by deploying state-of-the-art methodologies and technologies and cooperate with competent authorities.
(6) The Registry should manage its budget in accordance with the principle of sound financial management, namely in accordance with the principles of economy, efficiency and effectiveness. Any annual surplus beyond costs and investments should be transferred to the Union budget.
(7) The Registry should ensure the continuity of its services and the functioning of the .eu TLD. To this end, the Registry should have in place and regularly update a business recovery plan.
(8) The Registry should promote the Union objectives in internet governance as developed in the Council Conclusions of 27 November 2014 entitled ‘Internet Governance’ and in the Communication of the Commission on internet Policy and Governance Europe’s role in shaping the future of internet Governance (2). Upon request by the Commission, it may set aside part of the annual surplus to fund internet governance objectives.
(9) To increase public trust in the online space and protect legitimate rights as defined by Union law, the Registry should take all the necessary measures to prevent and tackle speculative and abusive registrations. In doing so, the Registry should cooperate with the European Union Intellectual Property Office and other Union agencies.
(10) With a view to increasing end-users’ trust in the .eu TLD and ensuring a high level of consumer protection, in the provision of their services, the Registry should take measures to ensure the cybersecurity of the systems.
(11) The Registry should provide simple and efficient procedures to solve contractual disputes concerning .eu domain names.
(12) Maintaining accurate databases of domain names and registration data and providing lawful access to such data, in line with Union data protection rules, is essential to ensure the security, stability and resilience of the domain name system. For this purpose, the Registry should collect and guarantee the integrity and availability of WHOIS data for the .eu TLD and enable lawful access to those data in line with Union data protection rules through appropriate means. The Registry should put in place adequate measures to prevent and correct inaccurate registration data.
(13) The measures provided for in this Regulation are in accordance with the opinion of the Communications Committee (COCOM) established by Directive (EU) 2018/1972 of the European Parliament and of the Council (3),
HAS ADOPTED THIS REGULATION:

Article 1

Subject matter

This Regulation establishes the principles to be included in the contract between the Commission and the Registry for the organisation, administration and management of the .eu TLD, in accordance with Regulation (EU) 2019/517.

Article 2

Promotion of the Union values online

1.   The Registry shall contribute to enhancing the Union identity and promoting the Union values online. In particular, the Registry, through its policies and its interactions with registrars, registrants and other stakeholders, shall promote openness, innovation, multilingualism and accessibility, freedom of expression and information, respect for human rights and the rule of law and shall take measures to promote users’ security online and to respect users’ privacy.
2.   The Registry shall actively promote the use of all the official languages of the Union.

Article 3

Promotion of the .eu TLD

1.   The Registry shall raise awareness and promote the use of the .eu TLD across the Union, with a view to supporting the digital single market, building an online European identity and encouraging cross-border online activities.
2.   To promote the use of the .eu TLD in specific underserved geographical areas in the Union or towards specific categories of registrants, the Registry shall, upon request by the Commission, act as a registrar by providing domain name registration services directly to registrants. This activity shall be limited to those geographical areas and categories of registrants identified by the Commission.
3.   The Registry shall promote the use of the .eu TLD in all its available variants and in all European languages.

Article 4

Good governance

1.   The Registry shall ensure good governance of the .eu TLD. The Registry’s internal governance structure shall ensure broad stakeholder representation, efficiency, effectiveness, accountability, transparency and responsiveness.
2.   To correct or improve the organisation, administration and management of the .eu TLD, the Registry shall seek advice, cooperate and implement specific instructions from the Commission concerning the .eu TLD and take into account opinions of the Multi-stakeholder Advisory Group when requested by the Commission.

Article 5

Good management

1.   The Registry shall manage the .eu TLD in the public interest, with a view to enhancing public trust in the online environment.
2.   The Registry shall pursue operational excellence and ensure a high quality of service at competitive prices.
3.   The Registry shall implement procedures to ensure that the management and administration of the .eu TLD complies with the principles of transparency, security, stability, predictability, reliability, accessibility, efficiency, non-discrimination and that it ensures fair conditions of competition and consumer protection, in accordance with Union law.
4.   The Registry shall adopt procedures to ensure that it provides the registrars with services and information under the same conditions and with the same quality as it uses for its own equivalent services, in particular, when it acts as a registrar in accordance with Article 3(2).
5.   The Registry shall manage the .eu TLD in accordance with the principles of sound financial management. The Registry shall provide evidence of compliance with those principles at the request of the Commission, in particular for its allocation of financial and human resources in implementing the contract. The Registry shall submit themselves to an external audit at least every two years.
6.   The Registry shall offer its services in all the official languages of the Union.

Article 6

Security and consumer protection

1.   The Registry shall ensure a high level of security for the network and information systems that it operates when managing the .eu TLD. In doing so, it shall put in place specific policies and comply with state-of-the-art cybersecurity risk management practices.
2.   The Registry shall adopt a business continuity and recovery plan with prior written agreement of the Commission. The Registry shall periodically revise the plan, with the prior written agreement of the Commission.
3.   The Registry shall:
(a) provide registrars and registrants with state-of-the-art tools and technologies to protect themselves against cybersecurity threats;
(b) employ advanced methodologies to prevent abusive registrations.

Article 7

Fees and surplus

1.   The Registry shall communicate in advance to the Commission the fees that it intends to impose for registering a .eu domain name and information about how they relate to the costs incurred. The fees shall be published by the Registry.
2.   At the end of each accounting year, the Registry shall transfer any recorded surplus that is not invested in enhancing the quality of its services or in order to promote the Union objectives in internet governance, to the Union budget.
3.   The Registry shall communicate to the Commission the amounts planned for investments that are expected to be deducted from the potential surplus amount to be transferred to the Union budget.

Article 8

Internet governance

1.   The Registry shall promote the Union objectives in internet governance. In doing so, it shall cooperate with the Commission and take into account opinions issued by the .eu Multi-stakeholder Advisory Group when requested by the Commission.
2.   Upon the Commission’s request, the Registry shall set aside part of the surplus generated by the .eu TLD to promote Union objectives in internet governance.
3.   The Registry shall have a detailed plan in place to fund internet governance objectives. It shall adopt the plan with prior written agreement of the Commission.

Article 9

Speculative and abusive registrations

1.   The Registry shall have policies and procedures in place to actively mitigate speculative and abusive domain names registrations in the .eu TLD in compliance with paragraphs (b), (c), (e) of Article 11 of Regulation (EU) 2019/517. In doing so, it shall cooperate with the European Union Intellectual Property Office and other Union agencies.
2.   The Registry shall take into consideration at least the intellectual property rights covered in Commission Statement 2005/295/EC (4), including copyright, trademarks, and geographical indications provided in Union or national law, and, in as far as they are protected under national law in the Member States where they are held: unregistered trademarks, trade names, business identifiers, company names, family names, and distinctive titles of protected literary and artistic works.
3.   To mitigate speculative and abusive domain names registrations, the Registry shall have in place policies and procedures ensuring the accuracy of registration data, in particular data identifying registrants. The Registry shall ensure that the registrars manage the registrations in line with the principles of security and accuracy of the data and in accordance with Union law.
4.   The Registry shall have in place policies and procedures for registration requests and for the verification of registration criteria and of registrants’ data, which shall ensure that any verification of the information takes place prior to the registration or subsequently, at the initiative of the Registry or as a result of a dispute related to the registration of the domain name in question.

Article 10

Revocation of domain names

1.   The Registry shall implement policies and procedures for the revocation of domain names at its own initiative as described in Article 4(3) of Regulation (EU) 2019/517 or using an appropriate extra-judicial or judicial procedure. In particular, the Registry shall revoke domain names that have been registered without rights or legitimate interests in the name, or that are used in bad faith.
2.   The procedure for the revocation of domain names shall include a notice to the domain name holder and shall afford the holder an opportunity to take appropriate measures.

Article 11

Alternative dispute resolution (ADR) procedure

1.   The Registry shall provide simple, accessible, efficient and uniform procedures to solve disputes pertaining to the registration of .eu domain names.
2.   The rules on alternative dispute resolution procedures adopted by the Registry shall comply with Directive 2013/11/EU of the European Parliament and the Council (5). They shall take into account international best practice in this area, including relevant World Intellectual Property Organization recommendations, and they shall comply with uniform procedural rules that are in line with those set out in ICANN’s uniform domain name dispute resolution policy.
3.   The Registry may select reputable alternative dispute resolution providers with appropriate expertise. The selection process shall be objective, transparent and non-discriminatory. The list of these providers shall be published by the Registry.

Article 12

Databases of domain names and registration data

1.   The Registry shall have policies and procedures in place to ensure that the WHOIS database includes accurate and up to date information and to ensure that the publication and access to these data is in line with Union data protection rules.
2.   The deliberate submission of inaccurate information shall constitute grounds for considering the domain name registration to have been in breach of the terms of registration.

Article 13

Cooperation with competent authorities

1.   The Registry shall cooperate with competent authorities involved in the fight against cybercrime. It shall also cooperate with competent authorities and public and private bodies involved in the fight against speculative and abusive registrations, in cybersecurity and information security, in consumer protection, and in the protection of fundamental rights. It shall provide access to data to competent authorities and public bodies in line with Union or national law that complies with Union law, including with orders by courts or competent authorities vested with relevant powers.
2.   The Registry shall establish procedures to facilitate the cooperation with competent authorities and public and private bodies.

Article 14

Entry into force

This Regulation shall enter into force on the twentieth day following that of its publication in the
Official Journal of the European Union
.
This Regulation shall be binding in its entirety and directly applicable in all Member States.
Done at Brussels, 17 June 2020.
For the Commission
The President
Ursula VON DER LEYEN
(1)  
OJ L 91, 29.3.2019, p. 25
.
(2)  COM/2014/072.
(3)  Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code (
OJ L 321, 17.12.2018, p. 36
).
(4)  Statement by the Commission concerning Article 2 of Directive 2004/48/EC of the European Parliament and of the Council on the enforcement of intellectual property rights (
OJ L 94, 13.4.2005, p. 37
).
(5)  Directive 2013/11/EU of the European Parliament and of the Council of 21 May 2013 on alternative dispute resolution for consumer disputes and amending Regulation (EC) No 2006/2004 and Directive 2009/22/EC (
OJ L 165, 18.6.2013, p. 63
).
Markierungen
Leseansicht