THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 21(2) and Article 114(1) thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Economic and Social Committee(1),

Acting in accordance with the ordinary legislative procedure(2),

Whereas:

(1) The internal market is one of the Union’s most tangible achievements. By allowing people, goods, services and capital to move freely it offers new opportunities for citizens and businesses. This Regulation is a key element of the Single Market Strategy established by the communication of the Commission of 28 October 2015 entitled ‘Upgrading the Single Market: more opportunities for people and business’. That strategy has the objective of unlocking the full potential of the internal market by making it easier for citizens and businesses to move within the Union and to trade, establish themselves and expand their businesses across borders.

(2) The communication of the Commission of 6 May 2015 entitled ‘A Digital Single Market Strategy for Europe’ recognised the role of the internet and digital technologies in transforming our lives, changing the way in which citizens and businesses access information, acquire knowledge, buy goods and services, participate in the market and work, thereby facilitating opportunities for innovation, growth and jobs. That communication, along with several resolutions adopted by the European Parliament, acknowledged that the needs of citizens and businesses in their own country and across borders could be better met by extending and integrating existing European-level portals, websites, networks, services and systems and by linking them with different national solutions, thereby creating a single digital gateway serving as a European single entry point (‘the gateway’). The communication of the Commission of 19 April 2016 entitled ‘EU eGovernment Action Plan 2016-2020 — Accelerating the digital transformation of government’ listed the gateway amongst one of its actions for 2017. The Commission’s report of 24 January 2017, entitled ‘Strengthening Citizens’ Rights in a Union of Democratic Change — EU Citizenship Report 2017’ considered the gateway to be a priority for the rights of the Union’s citizens.

(3) The European Parliament and the Council have repeatedly called for a more comprehensive and more user-friendly package of information and assistance to help citizens and businesses navigate the internal market and to strengthen and streamline internal market tools in order to better meet the needs of citizens and businesses in their cross-border activities.

(4) This Regulation responds to those calls by offering citizens and businesses easy access to the information, the procedures, and the assistance and problem-solving services that they need in order to exercise their rights in the internal market. The gateway could contribute to the greater transparency of rules and regulations relating to different business and life events, in areas such as travel, retirement, education, employment, healthcare, consumer rights and family rights. Furthermore, it could help improve consumers’ confidence, address the lack of knowledge about consumer protection and internal market rules and reduce compliance costs for businesses. This Regulation establishes a user-friendly, interactive gateway which, based on users’ needs, should guide them to the most appropriate services. In that context, the Commission and Member States should play an important role in achieving those objectives.

(5) The gateway should facilitate interactions between citizens and businesses, on the one hand, and competent authorities, on the other hand, by providing access to online solutions, facilitating the day-to-day activities of citizens and businesses and minimising the obstacles encountered in the internal market. The existence of a single digital gateway providing online access to accurate and up-to-date information, to procedures and to assistance and problem-solving services could help raise the users’ awareness of the different existing online services and could save them time and expense.

(6) This Regulation has three objectives, namely to reduce any additional administrative burden on citizens and businesses that exercise or want to exercise their internal market rights, including the free movement of citizens, in full compliance with national rules and procedures, to eliminate discrimination and to ensure the functioning of the internal market with regard to the provision of information, of procedures and of assistance and problem-solving services. Since it covers free movement of citizens, which cannot be considered to be merely incidental, this Regulation should be based on Article 21(2) and Article 114(1) of the Treaty on the Functioning of the European Union (TFEU).

(7) In order for Union citizens and businesses to enjoy their right to free movement within the internal market, the Union should adopt specific, non-discriminatory measures allowing citizens and businesses to have easy access to sufficiently comprehensive and reliable information about their rights under Union law and to information about the applicable national rules and procedures which they need to comply with when they move to, live or study, or when they establish or carry on a business, in a Member State other than their own. Information should be considered to be sufficiently comprehensive if it includes all the information that is necessary for the users to understand what their rights and obligations are and identifies the rules that apply to them in relation to the activities they want to undertake as cross-border users. The information should be stated in a clear, concise and understandable way and be operational and well adapted to the target user group. Information on procedures should cover all foreseeable procedural steps that are relevant for the user. It is important for citizens and businesses facing complex regulatory environments, such as those active in e-commerce and the collaborative economy, that they can easily find the applicable rules and how they apply to their activities. Easy and user-friendly access to information means enabling the users to easily find the information, to easily identify which parts of the information are relevant for their particular situation and to easily understand the relevant information. The information to be provided at national level should not only concern national rules implementing Union law, but also any other national rules that apply both to non-crossborder and cross-border users.

(8) Rules on the provision of information in this Regulation should not apply to national judicial systems, since information in that area relevant for cross-border users is already included in the e-Justice portal. In some situations covered by this Regulation, courts should be considered to be competent authorities, for instance where courts are managing business registers. In addition, the non-discrimination principle should also apply to online procedures that give access to court proceedings.

(9) It is clear that citizens and businesses from other Member States can be at a disadvantage due to their lack of familiarity with the national rules and administrative systems, the different languages used and their lack of geographic proximity to the competent authorities in a Member State other than their own. The most efficient way to reduce the ensuing obstacles to the internal market is to enable cross-border and non-crossborder users to access information online in a language they are able to understand in order to enable them to complete procedures for compliance with national rules fully online and to offer them assistance where rules and procedures are not clear enough or where they encounter obstacles to the exercise of their rights.

(10) A number of Union acts have aimed to provide solutions by creating sectorial one-stop shops, including points of single contact established by Directive 2006/123/EC of the European Parliament and of the Council(3) which offer online information, assistance services and access to procedures relevant for the provision of services; Product Contact Points, established by Regulation (EC) No 764/2008 of the European Parliament and of the Council(4), and Product Contact Points for Construction, established by Regulation (EU) No 305/2011 of the European Parliament and of the Council(5), which provide access to product-specific technical rules; and national assistance centres for professional qualifications, established by Directive 2005/36/EC of the European Parliament and of the Council(6), which assist professionals moving cross-border. In addition, networks have been established, such as European Consumer Centres, in order to promote the understanding of Union consumers’ rights and to assist in resolving complaints about purchases made in other Member States within the network, when travelling or shopping online. Furthermore, SOLVIT as referred to in Commission Recommendation 2013/461/EU(7) seeks to deliver fast, effective and informal solutions to individuals and businesses when their internal market rights are denied by public authorities. Finally, several information portals, such as Your Europe, in respect of the internal market, and the e-Justice portal, in relation to the area of justice, were established to inform users about Union and national rules.

(11) As a result of the sectorial nature of those Union acts, the current provision of online information and of assistance and problem-solving services together with online procedures for citizens and businesses remains very fragmented. There are discrepancies in the availability of online information and procedures, there is a lack of quality in relation to the services and a lack of awareness regarding that information and those assistance and problem-solving services. Cross-border users also experience problems finding and accessing those services.

(12) This Regulation should establish a single digital gateway to act as the single entry point through which citizens and businesses are able to access information about the rules and requirements that they have to comply with, by virtue of Union or national law. The gateway should simplify citizens’ and businesses’ contact with the assistance and problem-solving services established at Union or national level and make that contact more effective. The gateway should also facilitate access to and completion of online procedures. This Regulation should not affect in any way the existing rights and obligations under Union or national law within those policy areas. For the procedures listed in Annex II to this Regulation and the procedures provided for in Directives 2005/36/EC and 2006/123/EC, and in Directives 2014/24/EU(8) and 2014/25/EU(9) of the European Parliament and of the Council, this Regulation should support the use of the ‘once-only’ principle and should fully respect the fundamental right to the protection of personal data, for the purpose of the exchange of evidence between competent authorities in different Member States.

(13) The gateway and its content should be user-centric and user-friendly. The gateway should aim to avoid overlaps and should provide links to existing services. It should allow citizens and businesses to interact with public bodies at national and Union level by providing them with the opportunity to give feedback in relation to both the services offered through the gateway and the functioning of the internal market as they experience it. The feedback tool should enable the user to point out, in a way that makes it possible for the user to remain anonymous, perceived problems, deficiencies and needs in order to encourage the continuous improvement of the quality of the services.

(14) The success of the gateway will depend on the joint effort of the Commission and the Member States. The gateway should include a common user interface integrated into the existing Your Europe portal, to be managed by the Commission. The common user interface should provide links to information, to procedures and to assistance or problem-solving services available on portals managed by competent authorities in Member States and by the Commission. In order to facilitate the use of the gateway, the common user interface should be available in all official languages of the institutions of the Union (‘official languages of the Union’). The existing Your Europe portal and its main access webpage, adapted to the requirements of the gateway, should preserve this multilingual approach to the information provided. The functioning of the gateway should be supported by technical tools developed by the Commission in close cooperation with the Member States.

(15) In the Charter for the electronic Points of Single Contact under Directive 2006/123/EC, which was endorsed by the Council in 2013, Member States made a voluntary commitment to take a user-centric approach in the provision of information through the points of single contact, in order to cover areas of particular importance for businesses including VAT, income taxes, social security or labour law requirements. Based on the Charter and in the light of experience with the Your Europe portal, that information should also include a description of the assistance and problem-solving services. Citizens and businesses should be able to refer to such services when they have problems understanding the information, applying that information to their situation or completing a procedure.

(16) This Regulation should list the information areas which are relevant for citizens and businesses exercising their rights and complying with their obligations within the internal market. For those areas, sufficiently comprehensive information should be provided at national level, including at regional and local levels, and at Union level, explaining the applicable rules and obligations and the procedures to be completed by citizens and businesses in order to comply with those rules and obligations. In order to ensure the quality of the services offered, the information provided through the gateway should be clear, accurate and up-to-date, the use of complex terminology should be minimised and the use of acronyms should be limited to those which provide simplified and easily understandable terms that do not require a pre-existing knowledge of the issue or area of law. That information should be provided in such a way that users can easily understand the basic rules and requirements applicable to their situation in such areas. Users should also be informed about the absence, in certain Member States, of national rules in the information areas listed in Annex I, especially where those areas are subject to national rules in other Member States. Such information about the absence of national rules could be included in the Your Europe portal.

(17) Wherever possible, information already collected by the Commission from the Member States under existing Union law or voluntary arrangements — such as information collected for the EURES portal, established by Regulation (EU) 2016/589 of the European Parliament and of the Council(10), the e-Justice portal, established by Council Decision 2001/470/EC(11), or the Regulated professions database, established by Directive 2005/36/EC — should be used to cover part of the information to be made accessible to citizens and businesses at Union and national level in accordance with this Regulation. Member States should not be required to provide on their national websites information which is already available in the relevant databases managed by the Commission. Where Member States already have to provide online information pursuant to other Union acts, such as Directive 2014/67/EU of the European Parliament and of the Council(12), it should be sufficient for Member States to provide links to the existing online information. Where certain policy areas have already been fully harmonised through Union law, for instance consumer rights, information provided at Union level should generally be sufficient for users to be able to understand their relevant rights or obligations. In such cases, Member States should be required only to provide additional information regarding their national administrative procedures and assistance services or any other national administrative rules if it is relevant for users. Information regarding consumer rights, for instance, should not affect contract law, but should rather inform users about their rights under Union and national law in the context of commercial transactions.

(18) This Regulation should enhance the internal market dimension of online procedures, and thereby contribute to the digitalisation of the internal market, by upholding the general principle of non-discrimination, inter alia, in relation to the access by citizens or businesses to online procedures already established at national level on the basis of Union or national law and to procedures that are to be made available fully online in accordance with this Regulation. Where a user, in a situation exclusively confined to a single Member State, is able to access and complete a procedure online in that Member State in an area covered by this Regulation, a cross-border user should also be able to access and complete that procedure online, either by using the same technical solution or an alternative, technically separate solution leading to the same outcome, without any discriminatory obstacles. Such obstacles might consist of nationally-designed solutions, such as using form fields that require national phone numbers, national prefixes for phone numbers or national postal codes, payment of fees that can only be done through systems which do not provide for cross-border payments, the lack of detailed explanations in a language understood by cross-border users, the lack of possibilities to submit electronic evidence from authorities located in another Member State and the lack of acceptance of electronic means of identification issued in other Member States. Member States should provide solutions for those obstacles.

(19) When users are completing online procedures across borders, they should be able to receive all the relevant explanations in an official language of the Union that is broadly understood by the largest possible number of cross-border users. This does not mean that Member States are required to translate their administrative forms related to the procedure, or the output of that procedure, into that language. Member States are however encouraged to use technical solutions which would allow users to complete the procedures in as many cases as possible, in that language, while respecting the Member States’ rules on the use of languages.

(20) The online national procedures that are relevant for cross-border users to enable them to exercise their internal market rights depend on whether they are resident or established in the Member State concerned, or want to access the procedures of that Member State while being resident or established in another Member State. This Regulation should not prevent Member States from requiring that cross-border users who are resident or established on their territory obtain a national identification number in order to get access to the online national procedures, provided this does not entail an unjustifiable additional burden or cost for those users. For cross-border users who are not resident or established in the Member State concerned, online national procedures that are not relevant for the exercise of their internal market rights, for instance enrolment in order to receive local services, such as garbage collection and parking permits, do not need to be made fully accessible online.

(21) This Regulation should build on Regulation (EU) No 910/2014 of the European Parliament and of the Council(13), which lays down conditions under which Member States recognise certain electronic identification means for natural and legal persons subject to a notified electronic identification scheme of another Member State. Regulation (EU) No 910/2014 lays down the conditions subject to which users are permitted to use their means of electronic identification and authentication to access online public services in cross-border situations. Union institutions, bodies, offices and agencies are encouraged to accept means of electronic identification and authentication for the procedures for which they are responsible.

(22) A number of sectorial Union acts such as Directives 2005/36/EC, 2006/123/EC, 2014/24/EU and 2014/25/EU require that procedures are made fully available online. This Regulation should require a number of other procedures of key importance to the majority of citizens and businesses exercising their rights and complying with their obligations across borders to be fully made available online.

(23) In order to allow citizens and businesses to directly enjoy the benefits of the internal market without incurring an unnecessary additional administrative burden, this Regulation should require a full digitalisation of the user interface of certain key procedures for cross-border users, which are listed in Annex II to this Regulation. This Regulation should also lay down the criteria for determining how those procedures qualify as fully online. The obligation to make such a procedure fully available online should only apply where the procedure has been established in the Member State concerned. This Regulation should not cover the initial registration of a business activity, the procedures leading to the constitution of companies or firms as legal entities or any subsequent filing by such companies or firms, since such procedures necessitate a comprehensive approach aimed at facilitating digital solutions throughout a company’s lifecycle. When businesses establish themselves in another Member State, they are required to register with a social security scheme and an insurance scheme in order to register their employees and pay contributions to both schemes. They might need to notify their business activities, obtain permissions or register changes to their business activity. Those procedures are common for businesses operating in many sectors of the economy, and it is therefore appropriate to require that those procedures are made available online.

(24) This Regulation should clarify what offering a procedure fully online entails. A procedure should be considered to be fully online if the user can take all steps, from access to completion, interacting with the competent authority, the ‘front office’, electronically, at a distance and through an online service. This online service should guide the user through a list of all the requirements to be fulfilled and all supporting evidence to be provided, should enable the user to provide the information and proof of compliance with all such requirements and should provide an automatic acknowledgement of receipt to the user, unless the output of the procedure is delivered immediately. This should not prevent competent authorities from contacting the users directly, where necessary in order to obtain further clarifications needed for the procedure. The output of the procedure, as set out in this Regulation, should also be provided by the competent authorities to the user in an electronic way, where possible under applicable Union and national law.

(25) This Regulation should not affect the substance of the procedures listed in Annex II which are established at national, regional or local level and does not lay down material or procedural rules within the areas covered by Annex II, including the area of taxation. The purpose of this Regulation is to lay down the technical requirements in order to ensure that such procedures, where they have been established in the Member State concerned, are made available fully online.

(26) This Regulation should not affect the competences of national authorities in any procedure, including the verification of the accuracy and the validity of information or evidence submitted and the verification of authenticity where evidence is submitted by means other than the technical system based on the ‘once-only’ principle. This Regulation should also not affect the procedural workflows within and between the competent authorities, the ‘back office’, whether digitalised or not. Where necessary, as part of some of the procedures for registering changes of business activities, Member States should continue to be able to require the involvement of notaries or lawyers who might want to use means of verification including videoconference or other online means that provide real-time audiovisual connection. However, such involvement should not prevent the completion of procedures for registering such changes in their entirety online.

(27) In some cases users might be required to submit evidence to prove facts that cannot be established by online means. Such evidence could include a medical certificate, proof of being alive, proof of roadworthiness of motor vehicles or confirmation of their chassis numbers. Provided that such evidence can be submitted in electronic format, this should not constitute an exception to the principle that a procedure should be offered fully online. In other cases, it might still be necessary for users of a procedure to appear in person before a competent authority as part of an online procedure. Any such exceptions, other than those resulting from Union law, should be limited to situations which are justified by an overriding reason of public interest in the areas of public security, public health or the fight against fraud. In order to ensure transparency, Member States should share with the Commission and the other Member States information about such exceptions and the grounds on which, and circumstances in which, they can be applied. Member States should not be required to report about each individual case in which, exceptionally, physical presence was required, but should rather communicate the national provisions which provide for such cases. Best practices at national level and technical developments allowing further digitalisation in this regard should be discussed regularly in a gateway coordination group.

(28) In cross-border situations, the procedure to register a change of address might consist of two separate procedures, one in the Member State of origin to request deregistration from the old address, and the other in the Member State of destination to request registration at the new address. Both procedures should be covered by this Regulation.

(29) Since the digitalisation of requirements, procedures and formalities relating to the recognition of professional qualifications is already covered by Directive 2005/36/EC, this Regulation should only cover the digitalisation of the procedure to request the academic recognition of diplomas, certificates or other proof of courses completed with regard to a person wishing to begin or to continue studying, or to use an academic title outside the formalities relating to the recognition of professional qualifications.

(30) This Regulation should not affect the social security coordination rules set out in Regulations (EC) No 883/2004(14) and (EC) No 987/2009(15) of the European Parliament and of the Council, which define the rights and obligations of insured persons and social security institutions, as well as the procedures applicable in the field of social security coordination.

(31) Several networks and services have been established at Union and national level to assist citizens and businesses in their cross-border activities. It is important that those services, including existing assistance or problem-solving services established at Union level, such as the European Consumer Centres, Your Europe Advice, SOLVIT, the Intellectual Property Rights helpdesk, Europe Direct and the Enterprise Europe Network, form part of the gateway in order to ensure that all potential users can find them. The services listed in Annex III were established by binding Union acts, whilst other services operate on a voluntary basis. Services established by binding Union acts should be bound by the quality requirements laid down in this Regulation. Services operated on a voluntary basis should comply with those quality requirements if the intention is to make them accessible through the gateway. The scope and nature of those services, their governance arrangements, existing deadlines, and the voluntary, contractual or other basis on which they operate should not be altered by this Regulation. For instance, where the assistance that they provide is of an informal nature, this Regulation should not have the effect of changing such assistance into legal advice of a binding nature.

(32) Furthermore, the Member States and the Commission should be able to add to the gateway other national assistance or problem-solving services provided by competent authorities or by private or semi-private entities, or public bodies, such as chambers of commerce or non-governmental assistance services for citizens, under the conditions laid down in this Regulation. In principle, competent authorities should be responsible for assisting citizens and businesses with any queries they have in relation to applicable rules and procedures that cannot be fully addressed by online services. However, in very specialised areas and where the service provided by private or semi-private bodies meets the users’ needs, Member States can propose to the Commission that it includes such services in the gateway, provided that those services meet all conditions laid down in this Regulation and do not duplicate the assistance or problem-solving services already included.

(33) In order to assist users to identify the appropriate service, this Regulation should provide an assistance service finder that automatically guides users to the right service.

(34) Compliance with a minimum list of quality requirements is essential for the success of the gateway in order to ensure that the provision of information or services is reliable, since, otherwise, the credibility of the gateway as a whole would be seriously undermined. The overarching objective of compliance is to ensure that the information or service is presented in a clear and user-friendly way. It is the responsibility of the Member States to determine how information is presented over the course of the user journey in order to meet this objective. For instance, while it is helpful for users to be informed, before launching a procedure, about the generally available means of redress when a procedure results in a negative outcome, it is much more user-friendly to provide any specific information about the possible steps to take in such a case at the end of the procedure.

(35) The accessibility of information for cross-border users can be substantially improved where that information is made available in an official language of the Union broadly understood by the largest possible number of cross-border users. This language should in most cases be the foreign language most widely studied by users across the Union, but in some specific cases, more particularly in the case of information to be provided at local level by small municipalities close to the border of a Member State, the most suitable language may be the one used as a first language by the cross-border users in the neighbouring Member State. The translation from the official language or languages of the Member State in question into this other official language of the Union should accurately reflect the content of the information provided in the original language or languages. Translation may be limited to the information that users need in order to understand the basic rules and requirements that apply to their situation. While Member States should be encouraged to translate as much information as possible into an official language of the Union that is broadly understood by the largest possible number of cross-border users, the volume of information to be translated under this Regulation will depend on the financial resources available for this purpose, in particular those from the Union budget. The Commission should make the appropriate arrangements to ensure the efficient delivery of translations to the Member States at their request. The gateway coordination group should discuss and provide guidance on the official language or languages of the Union into which such information should be translated.

(36) In accordance with Directive (EU) 2016/2102 of the European Parliament and of the Council(16), Member States are required to ensure that the websites of their public bodies are accessible in accordance with the principles of perceivability, operability, understandability and robustness and that they comply with the requirements laid down in that Directive. The Commission and the Member States should ensure compliance with the United Nations Convention on the Rights of Persons with Disabilities, in particular Articles 9 and 21 thereof, and, in order to foster access to information for persons with intellectual disabilities, alternatives in easy-to-read language should be provided to the greatest possible extent in accordance with the principle of proportionality. The Member States, by ratifying, and the Union, by concluding(17), that Convention, have committed themselves to taking appropriate measures to ensure access for persons with disabilities, on an equal basis with others, to new information and communication technologies and systems, including the internet, by facilitating access to information for persons with intellectual disabilities, providing alternatives in easy-to-read language to the greatest possible extent and proportionately.

(37) Directive (EU) 2016/2102 does not apply to websites and mobile applications of Union institutions, bodies, offices and agencies, but the Commission should ensure that the common user interface and the webpages under its responsibility that are to be included in the gateway are accessible to persons with disabilities, meaning that they are perceivable, operable, understandable and robust. Perceivability means that information and the common user interface components must be presentable to users in ways they can perceive; operability means that the common user interface components and navigation must be operable; understandability means that information and the operation of the common user interface must be understandable; and robustness means that content must be robust enough to be interpreted reliably by a wide variety of user agents, including assistive technologies. In respect of the terms perceivable, operable, understandable and robust, the Commission is encouraged to comply with the relevant harmonised standards.

(38) In order to facilitate the payment of fees required as part of online procedures or for the provision of assistance or problem-solving services, cross-border users should be able to use credit transfers or direct debits as specified in Regulation (EU) No 260/2012 of the European Parliament and of the Council(18) or other generally used cross-border payment means including debit or credit cards.

(39) It is useful for users to be informed about the expected time a procedure may take. Accordingly, users should be informed about applicable deadlines or tacit approval or administrative silence arrangements or, if these are not applicable, at least of the average, estimated or indicative time that the procedure in question usually requires. Such estimates or indications should only help the users in planning their activities or any subsequent administrative steps and should have no legal effect.

(40) This Regulation should also allow for the verification of the evidence provided in electronic format by the users, where that evidence is submitted without electronic seal or certification from the issuing competent authority, or where the technical tool established by this Regulation or another system enabling the direct exchange or verification of evidence between competent authorities of different Member States is not available. For such cases, this Regulation should provide for an effective mechanism for administrative cooperation among the competent authorities of the Member States, based on the Internal Market Information System (‘IMI’) established by Regulation (EU) No 1024/2012 of the European Parliament and of the Council(19). In such cases, the decision of a competent authority to use IMI should be voluntary, but once that authority has submitted a request for information or cooperation through IMI, the requested competent authority should be bound to cooperate and to provide a response. The request can be sent through IMI either to the competent authority issuing the evidence or to the central authority to be designated by Member States in accordance with their own administrative rules. To avoid unnecessary duplication and as Regulation (EU) 2016/1191 of the European Parliament and of the Council(20) covers part of the evidence relevant for the procedures covered by this Regulation, the cooperation arrangements for IMI laid down in Regulation (EU) 2016/1191 can also be used for the purpose of other evidence required in procedures covered by this Regulation. In order to allow Union bodies, offices or agencies to become actors within IMI, Regulation (EU) No 1024/2012 should be amended.

(41) Online services provided by competent authorities are crucial for increasing the quality and security of the services provided to citizens and businesses. Public administrations within Member States are increasingly working towards the reuse of data, dispensing with the requirement that citizens and businesses supply the same information several times. The reuse of data should be facilitated for cross-border users in order to reduce additional burden.

(42) In order to enable the lawful cross-border exchange of evidence and information by means of the Union-wide application of the ‘once-only’ principle, the application of this Regulation and of the ‘once-only’ principle should comply with all applicable data protection rules, including the principle of data minimisation, accuracy, storage limitation, integrity and confidentiality, necessity, proportionality and purpose limitation. Its implementation should also comply fully with the principles of security by design and of privacy by design, and should also respect the fundamental rights of individuals, including those related to fairness and transparency.

(43) Member States should ensure that users of procedures are provided with clear information on how personal data relating to them will be processed in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council(21) and Articles 15 and 16 of Regulation (EU) 2018/1725(22).

(44) In order to further facilitate the use of online procedures, this Regulation should, in line with the ‘once-only’ principle, provide the basis for the creation and use of a fully operational, safe and secure technical system for the automated cross-border exchange of evidence between the actors involved in the procedure, where this is explicitly requested by citizens and businesses. Where the exchange of evidence includes personal data, the request should be considered to be explicit if it contains a freely given, specific, informed and unambiguous indication of the individual’s wish to have the relevant personal data exchanged, either by statement or by affirmative action. If the user is not the person concerned by the data, the online procedure should not affect his or her rights under Regulation (EU) 2016/679. The cross-border application of the ‘once-only’ principle should result in citizens and businesses not having to supply the same data to public authorities more than once, and that it should also be possible to use those data at the request of the user for the purposes of completing cross-border online procedures involving cross-border users. For the issuing competent authority, the obligation to use the technical system for the automated exchange of evidence between different Member States should apply only where authorities lawfully issue, in their own Member State, evidence in an electronic format that makes such an automated exchange possible.

(45) Any cross-border exchange of evidence should have an appropriate legal basis such as Directive 2005/36/EC, 2006/123/EC, 2014/24/EU or 2014/25/EU or, for the procedures listed in Annex II, other applicable Union or national law.

(46) It is appropriate that this Regulation lays down, as a general rule, that the cross-border automated exchange of evidence takes place at the explicit request of the user. However, this requirement should not apply where the relevant Union or national law allows for automated cross-border data exchange without an explicit user request.

(47) The use of the technical system established by this Regulation should remain voluntary and the user should remain free to submit evidence by other means outside the technical system. The user should have the possibility to preview the evidence and the right to choose not to proceed with the exchange of evidence in cases where the user, after previewing the evidence to be exchanged, discovers that the information is inaccurate, out-of-date, or goes beyond what is necessary for the procedure in question. The data included in the preview should not be stored longer than is technically necessary.

(48) The secure technical system that should be set up to enable the exchange of evidence under this Regulation should also give requesting competent authorities certainty that the evidence has been provided by the right issuing authority. Before accepting information provided by a user in the context of a procedure, the competent authority should be able to verify the information where it gives rise to doubts, and to conclude that it is accurate.

(49) A number of building blocks offering basic capabilities exist that can be used to set up the technical system, such as the Connecting Europe Facility, established by Regulation (EU) No 1316/2013 of the European Parliament and of the Council(23), and the eDelivery and eID building blocks that form a part of that facility. Those building blocks consist of technical specifications, sample software and supporting services, and aim to ensure interoperability between the existing information and communication technology (ICT) systems in different Member States so that citizens, businesses and administrations, wherever they are in the Union, can benefit from seamless digital public services.

(50) The technical system established by this Regulation should be available in addition to other systems providing mechanisms for cooperation between authorities, such as IMI, and should not affect other systems, including the system provided for in Regulation (EC) No 987/2009, the European Single Procurement Document, under Directive 2014/24/EU, the Electronic Exchange of Social Security Information, under Regulation (EC) No 987/2009, the European Professional Card, under Directive 2005/36/EC, the interconnection of national registers and the interconnection of central, commercial and company registers, under Directive (EU) 2017/1132 of the European Parliament and of the Council(24), and the interconnection of insolvency registers, under Regulation (EU) 2015/848 of the European Parliament and of the Council(25).

(51) In order to ensure uniform conditions for the implementation of a technical system allowing for the automated exchange of evidence, implementing powers should be conferred on the Commission to lay down, in particular the technical and operational specifications of a system for the processing of a user’s request for evidence to be exchanged and for the transfer of such evidence, as well as to lay down the rules necessary to ensure the integrity and confidentiality of the transfer. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council(26).

(52) With a view to ensuring that the technical system provides a high level of security for the cross-border application of the ‘once-only’ principle, the Commission should, when adopting implementing acts setting out the specifications for such a technical system, take due account of the standards and technical specifications drawn up by European and international standardisation organisations and bodies, in particular the European Committee for Standardisation (CEN), the European Telecommunications Standards Institute (ETSI), the International Organisation for Standardisation (ISO) and the International Telecommunication Union (ITU), as well as of the security standards referred to in Article 32 of Regulation (EU) 2016/679 and Article 22 of Regulation (EU) 2018/1725.

(53) Where necessary in order to ensure the development, availability, maintenance, supervision, monitoring and security management of the parts of the technical system for which the Commission is responsible, the Commission should request the advice of the European Data Protection Supervisor.

(54) The competent authorities and the Commission should ensure that the information, procedures and services for which they are responsible comply with the quality criteria. The national coordinators appointed under this Regulation and the Commission should, at regular intervals, supervise compliance with the quality and security criteria at national and Union level respectively, and address any problems that arise. The national coordinators should in addition assist the Commission in monitoring the functioning of the technical system enabling the cross-border exchange of evidence. This Regulation should afford the Commission a range of means to address any deterioration in the quality of services offered through the gateway, depending on the seriousness and persistence of such deterioration, involving, where necessary, the gateway coordination group. This should not prejudge the overall responsibility of the Commission regarding the monitoring of the compliance with this Regulation.

(55) This Regulation should specify the main functionalities of the technical tools supporting the functioning of the gateway, in particular the common user interface, the repository for links, and the common assistance service finder. The common user interface should ensure that users can easily find information, procedures and assistance and problem-solving services on national and Union level websites. Member States and the Commission should aim to provide links to a single source of the information required for the gateway in order to avoid confusion among the users as a result of different or fully or partly duplicative sources of the same information. This should not exclude the possibility of providing links to the same information offered by local or regional competent authorities regarding different geographical areas. It should also not prevent some duplication of information where this is unavoidable or desirable, for instance where some Union rights, obligations and rules are repeated or described on national webpages to improve user-friendliness. To minimise human intervention in the updating of the links to be used by the common user interface, a direct connection between the relevant technical systems of the Member States and the repository for links should, where technically possible, be established. The common ICT support tools might use the Core Public Services Vocabulary (CPSV) to facilitate interoperability with national service catalogues and semantics. Member States should be encouraged to use the CPSV, but are free to decide to use national solutions. The information included in the repository for links should be made publicly available in open, commonly used and machine-readable format, for example by application programming interfaces (APIs), in order to enable its reuse.

(56) The search facility of the common user interface should lead users to the information they need wherever it is on Union or national level webpages. In addition, as an alternative way to guide users to useful information, it will continue to be helpful to create links between existing and complementary websites or webpages, streamlining and grouping them together as much as possible, and to create links between webpages and websites at Union and national level providing access to online services and information.

(57) This Regulation should also specify quality requirements for the common user interface. The Commission should ensure that the common user interface complies with those requirements, and the interface should in particular be available and accessible online through various channels, as well as being easy to use.

(58) In order to ensure uniform conditions for the implementation of the technical solutions supporting the gateway, implementing powers should be conferred on the Commission to lay down, where necessary, the applicable standards and interoperability requirements in order to make it easier to find the information on rules and obligations, on procedures and on assistance and problem-solving services for which the Member States and Commission are responsible. Those powers should be exercised in accordance with Regulation (EU) No 182/2011.

(59) This Regulation should also clearly allocate the responsibility regarding the development, availability, maintenance and security of the ICT applications supporting the gateway between the Commission and Member States. As part of their maintenance tasks, the Commission and the Member States should regularly monitor the proper functioning of those ICT applications.

(60) In order to develop the full potential of the different areas of information, the procedures and the assistance and problem-solving services that should be included in the gateway, target audiences’ awareness of their existence and operation needs to be improved significantly. Their inclusion in the gateway should make it much easier for users to find the information, the procedures and the assistance and problem-solving services that they need, even when they are not familiar with any of them. In addition, coordinated promotional activities will be needed to ensure that citizens and businesses across the Union become aware of the existence of the gateway and of the advantages it offers. Such promotional activities should include search engine optimisation and other online awareness raising actions, since they are the most cost-effective and have the potential to reach the largest possible target audience. For maximum efficiency, those promotional activities should be coordinated within the framework of the gateway coordination group and Member States should adjust their promotional efforts so that there is a common brand reference in all relevant contexts, with a possibility of co-branding the gateway with national initiatives.

(61) All Union institutions, bodies and agencies should be encouraged to promote the gateway by including its logo and links to it on all relevant webpages for which they are responsible.

(62) The name by which the gateway is to be known and promoted to the general public should be ‘Your Europe’. The common user interface should be prominent and easy to find, particularly on relevant Union and national webpages. The logo of the gateway should be visible on relevant Union and national websites.

(63) In order to obtain adequate information for measuring and improving the performance of the gateway, this Regulation should require the competent authorities and the Commission to collect and analyse the data related to the use of the different information areas, procedures and services offered through the gateway. The collection of user statistics, such as data relating to the number of visits to specific webpages, the number of users within a Member State compared to the number of users from other Member States, the search terms used, the most visited webpages, the referral webpages, or the number, origin and subject matter of requests for assistance should improve the functioning of the gateway by helping to identify the audience, to develop promotional activities and to improve the quality of the services offered. The collection of such data should take into account the annual eGovernment Benchmarking done by the Commission in order to avoid any duplication.

(64) In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission to lay down uniform rules on the method of collecting and exchanging user statistics. Those powers should be exercised in accordance with Regulation (EU) No 182/2011.

(65) The quality of the gateway depends on the quality of Union and national services provided through the gateway. Therefore, the quality of the information, procedures, assistance and problem-solving services available through the gateway should also be regularly monitored through a user feedback tool that asks users to assess and give feedback on the coverage and quality of the information, procedure or assistance and problem-solving service which they have used. This feedback should be collected in a common tool to which the Commission, the competent authorities and the national coordinators should have access. In order to ensure uniform conditions for implementation of this Regulation in relation to the common functionalities of user feedback tools and the detailed arrangements for the collection and sharing of the user feedback, implementing powers should be conferred on the Commission. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. The Commission should publish, in anonymised form, online summary overviews of the problems emerging from the information, the main user statistics and the main user feedback collected in accordance with this Regulation.

(66) In addition, the gateway should include a feedback tool that enables users to signal, voluntarily and anonymously, any problems and difficulties that they encountered while exercising their internal market rights. This tool should be considered only to be complementary to the complaint handling mechanisms, since it cannot offer a personalised response to users. The received input should be combined with aggregated information from assistance and problem-solving services about the cases that they have handled in order to produce an overview of the internal market as perceived by its users and to identify problem areas for possible future action in order to improve the functioning of the internal market. That overview should be linked to existing reporting tools, such as the Single Market Scoreboard.

(67) The right of Member States to decide who should carry out the role of the national coordinator should be unaffected by this Regulation. Member States should be able to adapt the functions and responsibilities of their national coordinators in relation to the gateway to their internal administrative structures. Member States should be able to appoint additional national coordinators to carry out the tasks under this Regulation alone or jointly with others, with responsibility for a division of the administration or a geographic region, or in accordance with other criteria. Member States should inform the Commission of the identity of the single national coordinator that they have appointed for contacts with the Commission.

(68) The gateway coordination group composed of the national coordinators and chaired by the Commission should be set up with a view to facilitating the application of this Regulation, in particular by exchanging best practices and working together to improve the consistency of the presentation of information as required by this Regulation. The work of the gateway coordination group should take into account the objectives set out in the annual work programme, which the Commission should submit to it for consideration. The annual work programme should take the form of guidelines or recommendations, which are not binding for Member States. The Commission, upon the request of the European Parliament, can decide to invite Parliament to send experts to attend meetings of the gateway coordination group.

(69) This Regulation should clarify which parts of the gateway are to be financed through the Union budget and which parts are to be the responsibility of the Member States. The Commission should assist the Member States in identifying reusable ICT building blocks and financing available through various Union level funds and programmes that can contribute to covering the costs for ICT adaptations and developments needed at national level to comply with this Regulation. The budget required for the implementation of this Regulation should be compatible with the applicable Multiannual Financial Framework.

(70) Member States are encouraged to coordinate, exchange and collaborate more with one another in order to increase their strategic, operational, research and development capacities in the area of cybersecurity, in particular through the implementation of the network and information security, as referred to in Directive (EU) 2016/1148 of the European Parliament and of the Council(27), to strengthen the security and resilience of their public administration and services. Member States are encouraged to increase the security of transactions and to ensure a sufficient level of confidence in electronic means by using the eIDAS framework laid down by Regulation (EU) No 910/2014 and in particular adequate assurance levels. Member States can take measures in accordance with Union law to safeguard cybersecurity and to prevent identity fraud or other forms of fraud.

(71) Where the application of this Regulation entails the processing of personal data, it should be carried out in accordance with Union law on the protection of personal data, in particular Regulation (EU) 2016/679 and Regulation (EU) 2018/1725. Directive (EU) 2016/680 of the European Parliament and of the Council(28) should also apply in the context of this Regulation. As provided for in Regulation (EU) 2016/679, Member States can maintain or introduce further conditions, including limitations, with regard to the processing of data concerning health, and they can also provide for more specific rules on the processing of employees’ personal data in the context of employment.

(72) This Regulation should promote and facilitate the streamlining of governance arrangements for the services covered by the gateway. For this purpose, the Commission should, in close cooperation with the Member States, review the existing governance arrangements and adapt them where necessary, in order to avoid duplication and inefficiencies.

(73) The objective of this Regulation is to ensure that users who operate in other Member States have online access to comprehensive, reliable, accessible and understandable Union and national information on rights, rules and obligations, to online procedures that are fully transactional cross-border and to assistance and problem-solving services. As that objective cannot be sufficiently achieved by the Member States, but can rather, by reason of the scale and effects of this Regulation, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.

(74) In order for the Member States and the Commission to develop and implement the necessary tools to give effect to this Regulation, certain of its provisions should apply from two years after its entry into force. Municipal authorities should be given until four years after the entry into force of this Regulation to implement the requirement to provide information regarding the rules, procedures and assistance and problem-solving services within their responsibility. The provisions of this Regulation regarding procedures to be offered fully online, the cross-border access to online procedures and the technical system for the cross-border automated exchange of evidence in accordance with the ‘once-only’ principle should be implemented by five years after the entry into force of this Regulation at the latest.

(75) This Regulation respects the fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union, and should be implemented in accordance with those rights and principles.

(76) The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 of the European Parliament and of the Council(29) and delivered an opinion on 1 August 2017(30),

HAVE ADOPTED THIS REGULATION: