PART 1GENERAL

CHAPTER 4GENERAL PRINCIPLES

Rules applicable to communicationI3I1I4I238

I31

Subject to paragraphs (3), (5) and (8), a utility must ensure that all communication and information exchange, including submission, pursuant to these Regulations is performed using electronic means of communication in accordance with this regulation.

I32

Subject to paragraph (13), the tools and devices to be used for electronic means of communication, and their technical characteristics, must—

a

be non-discriminatory;

b

be generally available;

c

be interoperable with the information and communication technology products in general use; and

d

not restrict economic operators’ access to the procurement.

I33

A utility is not obliged to require electronic means of communication in the submission process where—

a

due to the specialised nature of the procurement, the use of electronic means of communication would require specific tools, devices or file formats that are not generally available or supported by generally available applications;

b

the applications supporting file formats that are suitable for the description of the tenders use file formats that cannot be handled by any other open or generally available applications or are under a proprietary licencing scheme and cannot be made available by the utility for downloading or remote use;

c

the use of electronic means of communication would require specialised office equipment that is not generally available to a utility; or

d

the procurement documents require the submission of physical or scale models which cannot be transmitted using electronic means.

I34

Where, in accordance with paragraph (3), electronic means of communication is not required, communication must be carried out—

a

by post or by other suitable carrier; or

b

by a combination of post or other suitable carrier and, to the extent that electronic means of communication is possible, by such means.

I35

A utility is not obliged to require electronic means of communication in the submission process to the extent that the use of means of communication other than electronic means is necessary—

a

because of a breach of security of the electronic means of communication; or

b

for the protection of information of a particularly sensitive nature which requires such a high level of protection that it cannot properly be ensured by using electronic tools and devices that are either generally available to economic operators or that can be made available to them by suitable alternative means of access in accordance with paragraph (14).

I36

Where, in accordance with paragraph (3), a utility requires means of communication in the submission process other than electronic means, the utility must state the reason for this in the documentation referred to in regulation 96 (reporting and documentation requirements).

I37

Where electronic means of communication is not required for a reason referred to in paragraph (5), the utility must state in the documentation referred to in regulation 96 (reporting and documentation requirements) the reasons why use of means of communication other than electronic means has been considered necessary under that paragraph.

8

Notwithstanding paragraph (1), oral communication may be used in respect of communications other than those concerning the essential elements of a procurement, provided that the content of the oral communication is documented by the utility.

9

For the purposes of paragraph (8) reference to “the essential elements of a procurement” includes the procurement documents, requests for participation, confirmations of interest and tenders.

10

A utility must, to a sufficient extent and by appropriate means, document oral communications with tenderers which could have a substantial impact on the content and assessment of the tenders, in particular, by preparing written or audio records or summaries of the main elements of the communication.

11

In all communication, exchange and storage of information, a utility must ensure that the integrity of data and the confidentiality of tenders and requests to participate are preserved.

12

A utility must examine the content of tenders and requests to participate only after the time limit set for submitting them has expired.

13

A utility may, where necessary, require the use of tools and devices which are not generally available, provided that the utility offers suitable alternative means of access.

14

A utility shall be deemed to offer suitable alternative means of access where the utility—

a

offers unrestricted and full direct access free of charge by electronic means to those tools and devices from the date of publication of the call for competition or from the date when the invitation to confirm interest is sent;

b

ensures that tenderers having no access to the tools and devices concerned, or no possibility of obtaining them within the relevant time limits (provided that the lack of access is not attributable to the tenderer) may access the procurement through the use of provisional tokens made available free of charge online; or

c

supports an alternative channel for electronic submission of tenders.

15

For the purpose of paragraph (14)(a) “date of publication of the call for competition” means the date of publication in the Official Journal after being sent in accordance with regulation 69 (form and manner of sending notices for publication at EU level).

16

A utility must specify in the call for competition or the invitation to confirm interest, referred to in paragraph (14)(a), the internet address at which those tools and devices are accessible.

17

Tools and devices for the electronic receipt of tenders, requests to participate, applications for qualification and, in design contests, plans and projects, must—

a

enable the precise determination of the exact time and date of the receipt of tenders, requests to participate, applications for qualification and the submission of plans and projects;

b

to the extent reasonably possible, ensure that, before the time limit referred to in paragraph (12) has expired, no-one can have access to data transmitted to the utility using the tools and devices;

c

ensure that only authorised persons may set or change the dates for opening data received;

d

ensure that, during the various stages of the qualification procedure, the procurement or the design contest, only authorised persons may have access to data submitted or to part of such data;

e

ensure that only authorised persons may give access to data transmitted and only after the time limit referred to in paragraph (12) has expired;

f

ensure that data received and opened in accordance with the requirements in sub‑paragraphs (a) to (e) remains accessible only to persons authorised to acquaint themselves with the data; and

g

to the extent reasonably possible, ensure that any infringement, or attempted infringement, of the conditions referred to in sub-paragraphs (b) to (f) is clearly detectable.

18

In addition to the requirements set out in paragraph (17), a utility must comply with all of the following requirements in relation to tools and devices for the electronic transmission and receipt of tenders and for the electronic receipt of requests to participate—

a

information on specifications for the electronic submission of tenders and requests to participate, including encryption and time-stamping, must be available to interested parties;

b

a utility must specify the level of security required for the electronic means of communication in the various stages of the specific procurement;

c

the level of security specified in accordance with sub-paragraph (b) must be proportionate to the risks attached;

d

where paragraph (19) applies, the utility must accept advanced electronic signatures supported by a F1qualified certificate for electronic signature, created with or without a secure signature creation device, subject to compliance with all of the following conditions—

i

the utility must establish the required advanced electronic signature format on the basis of formats established in the Electronic Signature Commission Decision and must put in place necessary measures to be able to process these formats technically;

ii

where a different format of electronic signature is used, the electronic signature or the electronic document carrier must include information on existing validation possibilities;

iii

the validation possibilities must allow the utility to validate the received electronic signature as an advanced electronic signature supported by a F1qualified certificate for electronic signature, such validation to be online, free of charge and in a way that is understandable for non-English speakers;

iv

where a tender is signed with an advanced electronic signature with the support of a F1qualified certificate for electronic signature from a provider that is included on a trusted list provided for in the Trusted Lists Commission Decision as amended from time to time, the utility must not apply additional requirements that may hinder the use of the signature by the tenderer.

19

This paragraph applies where a utility concludes that the level of risk assessed in accordance with paragraphs (21) and (22) is such that advanced electronic signatures as defined by F2the eIDAS Regulation38 as amended from time to time, are required.

20

A utility shall assess the certificate referred to in paragraph (18)(d) by taking into account whether the certificate is provided by a certificate services provider which is on a trusted list provided for in the Trusted Lists Commission Decision as amended from time to time.

21

In deciding the level of security required at each stage of a procurement, and in concluding whether the level of risk is such that advanced electronic signatures are required, a utility must assess the risks having regard to—

a

the likelihood of particular risks materialising;

b

the potential adverse consequences if those risks materialise;

c

the need for consistency as between similar procurements performed by the same utility; and

d

the need for proportionality between the expected benefits of any particular security requirements (in terms of eliminating or reducing any of the risks referred to in paragraph (22)) and the costs, burdens and obligations which those requirements may impose upon an economic operator.

22

A utility must assess all relevant risks, including, in particular, where applicable—

a

the risk to the proper functioning and integrity of the specific procurement process, including risks of breaching these Regulations;

b

risks to national security;

c

the risk of inadvertent or unauthorised disclosure of, or access to, any economic operator’s confidential information;

d

the risk of inadvertent or unauthorised disclosure of, or access to, information held by the utility including information relating to the specific procurement;

e

the risk that use of electronic communications could provide opportunity for malicious attacks on the electronic systems of, or data held by, the utility, any economic operator or any other person, including introduction of malware or denial of service attacks; and

f

any other material risk relating to the procurement in question.

23

Paragraph (24) applies where—

a

a competent authority of the United Kingdom located in Scotland; or

b

another issuing entity located in Scotland,

signs and issues a document for use in a procurement within the scope of the Utilities Contracts Directive, whether the procedure is under these Regulations or under the law of any member State.

24

The competent authority or issuing entity may establish the required advanced signature format in accordance with the requirements set out in Article 1(2) of the Electronic Signature Commission Decision, as amended from time to time, and where it does so—

a

it must put in place the necessary measures to be able to process that format technically by including the information required for the purpose of processing the signature in the document concerned; and

b

the documents must contain, in the electronic signature or in the electronic document carrier, information on existing validation possibilities that allow the validation of the received electronic signature online, free of charge and in a way that is understandable for non-English speakers.

25

In this regulation—

  • “Electronic Signature Commission Decision” means Commission Decision 2011/130/EU establishing minimum requirements for the cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market (notified under document C(2011) 1081)39; and

  • “Trusted Lists Commission Decision” means Commission Decision 2009/767/EC setting out measures facilitating the use of procedures by electronic means through the points of single contact under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market (notified under document C(2009) 7806)40.