Commission Decision of 16 October 2009 setting out measures facilitating the use of procedures by electronic means through the ‘points of single contact’ under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market (notified under document C(2009) 7806) (Text with EEA relevance) (2009/767/EC)

Commission Decision

of 16 October 2009

setting out measures facilitating the use of procedures by electronic means through the ‘points of single contact’ under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market

(notified under document C(2009) 7806)

(Text with EEA relevance)

(2009/767/EC)

THE COMMISSION OF THE EUROPEAN COMMUNITIES,

Having regard to the Treaty establishing the European Community,

Having regard to Directive 2006/123/EC of the European Parliament and of the Council of 12 December 2006 on services in the internal market(1), and in particular Article 8(3) thereof,

Whereas:

(1) The obligations of administrative simplification imposed on Member States in Chapter II of Directive 2006/123/EC, in particular Articles 5 and 8 thereof, include the obligation to simplify the procedures and formalities applicable to the access to and exercise of a service activity and the obligation to ensure that those procedures and formalities may be easily completed by service providers at a distance and by electronic means through the ‘points of single contact’.

(2) The completion of procedures and formalities through the ‘points of single contact’ must be possible across borders between Member States as set out in Article 8 of Directive 2006/123/EC.

(3) To comply with the obligation to simplify procedures and formalities and to facilitate the cross-border use of the ‘points of single contact’, procedures by electronic means should rely on simple solutions, including as regards the use of electronic signatures. In cases where, after an appropriate risk assessment of concrete procedures and formalities, a high level of security or equivalence to a handwritten signature is deemed to be necessary, advanced electronic signatures based on a qualified certificate, with or without a secure signature creation device, could be required from service providers for certain procedures and formalities.

(4) The Community framework for e-signatures was established in Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures(2). In order to facilitate effective cross-border use of advanced electronic signatures based on a qualified certificate, trust in these electronic signatures should be enhanced irrespective of the Member State in which the signatory or the certification service provider issuing the qualified certificate is established. This could be achieved by making the information necessary to validate the electronic signatures more easily available in a trustworthy form, in particular information relating to certification service providers who are supervised/accredited in a Member State and to the services they offer.

(5) It is necessary to ensure that Member States make this information publicly available through a common template in order to facilitate its use and ensure an appropriate level of detail allowing the receiving side to validate the electronic signature,

HAS ADOPTED THIS DECISION:

Article 1U.K.Use and acceptance of electronic signatures

1.If justified on the basis of an appropriate assessment of the risks involved and in accordance with Article 5(1) and (3) of Directive 2006/123/EC, Member States may require, for the completion of certain procedures and formalities through the points of single contact under Article 8 of Directive 2006/123/EC, the use by the service provider of advanced electronic signatures based on a qualified certificate, with or without a secure-signature-creation device, as defined and governed by Directive 1999/93/EC.

2.Member States shall accept any advanced electronic signature based on a qualified certificate, with or without a secure-signature-creation device, for the completion of the procedures and formalities referred to in paragraph 1, without prejudice to the possibility for Member States to limit this acceptance to advanced electronic signatures based on a qualified certificate and created by a secure-signature-creation device if this is in accordance with the risk assessment referred to in paragraph 1.

3.Member States shall not make the acceptance of advanced electronic signatures based on a qualified certificate, with or without a secure-signature-creation device, subject to requirements which create obstacles to the use, by service providers, of procedures by electronic means through the points of single contact.

4.Paragraph 2 does not prevent Member States from accepting electronic signatures other than advanced electronic signatures based on a qualified certificate, with or without a secure-signature-creation device.

Article 2U.K.Establishment, maintenance and publication of trusted lists

1.Each Member State shall establish, maintain and publish, in accordance with the technical specifications set out in the Annex, a ‘trusted list’ containing the minimum information related to the certification service providers issuing qualified certificates to the public who are supervised/accredited by them.

2.Member States shall establish and publish, as a minimum, a human readable form of the trusted list in accordance with the specifications set out in the Annex.

3.Member States shall notify to the Commission the body responsible for the establishment, maintenance and publication of the trusted list, the location where the trusted list is published and any changes thereto.

Article 3U.K.Application

This Decision shall apply from 28 December 2009.

Article 4U.K.Addressees

This Decision is addressed to the Member States.

Done at Brussels, 16 October 2009.

For the Commission

Charlie McCreevy

Member of the Commission