EUR-Lex Access to European Union law
This document is an excerpt from the EUR-Lex website
Document 52011PC0522
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on administrative cooperation through the Internal Market Information System(‘the IMI Regulation’)
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on administrative cooperation through the Internal Market Information System(‘the IMI Regulation’)
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on administrative cooperation through the Internal Market Information System(‘the IMI Regulation’)
/* COM/2011/0522 final - 2011/0226 (COD) */
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on administrative cooperation through the Internal Market Information System(‘the IMI Regulation’) /* COM/2011/0522 final - 2011/0226 (COD) */
EXPLANATORY MEMORANDUM 1. CONTEXT OF THE PROPOSAL ·
Grounds for and objectives of the proposal Member State public administrations responsible
for applying EU law are increasingly required by EU law to cooperate with their
counterparts in other Member States. To support them in their tasks, the
Internal Market Information System (‘IMI’) was designed and developed by the
European Commission as a generic, customisable administrative cooperation
platform and has been offered as a free service to Member States since 2008. It
provides more than 6 000 registered authorities in the 27 Member States and three EEA
countries with a fast and secure communication channel for cross-border
information exchange with their counterparts, effectively overcoming barriers
due to different languages and administrative structures. IMI is currently used
for the exchange of information pursuant to Directive 2005/36/EC of the
European Parliament and of the Council of 7 September 2005 on the recognition
of professional qualifications[1] (‘the Professional
Qualifications Directive’) and Directive 2006/123/EC of the European Parliament
and of the Council of 12 December 2006 on services in the internal market[2]
(‘the Services Directive’). In 2010, some 2 000 requests for
information were exchanged through IMI. Cross-border administrative cooperation
frequently involves processing and exchanging personal data of EU citizens, as
is the case under the Services Directive and the Professional Qualifications
Directive. From a legal point of view, IMI operates on the basis of a
Commission decision, a ‘comitology’ decision, and a Commission recommendation[3].
The lack of a single legal instrument adopted by the European Parliament and
the Council underlying its operations came to be seen as an obstacle to further
expansion of IMI. In practice, IMI guarantees a high level of technical and
procedural data protection. Thanks to the many procedural and technical
privacy-enhancing features that were built into the system following the
privacy-by-design principle, the processing of personal data in IMI offers a
considerably higher level of protection and security than other methods of
information exchange such as mail, telephone, fax or e-mail. In addition, data
protection considerations are addressed in the day-to-day use of the system and
are included in the training material for IMI users. According to the Commission Communication
‘Towards a Single Market Act’, extending IMI to other sectors ‘with a view to
creating a genuine face-to-face electronic network for European
administrations’ is one of the keys to promoting better governance of the
single market[4]. The Commission
Communication[5] ‘Better governance of the
Single Market through greater administrative cooperation: A strategy for
expanding and developing the Internal Market Information System (“IMI”)’ (‘the
IMI Strategy Communication’) adopted on 21 February 2011 set out plans for
future expansion of IMI to other areas of EU law. The Commission Communication
‘A Single Market Act’ stressed the importance of IMI for strengthening
cooperation among the actors involved, including at local level, thus
contributing to better governance of the single market[6]. The objectives of the present proposal are to: (1)
Establish a sound legal framework for IMI and a
set of common rules to ensure that it functions efficiently; (2)
Provide a comprehensive data protection
framework by setting out the rules for the processing of personal data in IMI; (3)
Facilitate possible future expansion of IMI to
new areas of EU law; and (4)
Clarify the roles of the different actors
involved in IMI. ·
General context In its Decisions C/2006/3606 of 14 August 2006,
C/2007/3514 of 25 July 2007 and C/2008/1881 of 14 May 2008, the Commission
decided to finance and set up the Internal Market Information System as a
project of common interest under the programme on the interoperable delivery of
pan-European eGovernment services to public administrations, businesses and
citizens (IDABC). Further financing was provided by Commission Decision
C/2007/3514 of 25 July 2007 on the fourth revision of the IDABC Work Programme. Commission Decision 2008/49/EC laid down the
functions, rights and obligations of IMI actors and users, taking the opinion
of the Article 29 Working Party[7] into account. Following
the adoption of the Decision, the European Data Protection Supervisor (EDPS)
issued an opinion[8] in which it called for
the adoption of a legal instrument by the European Parliament and the Council
in view of the envisaged expansion of IMI to additional areas of internal
market legislation. Pending the adoption of such a legal
instrument, it was agreed to follow a step-by-step approach, starting with the
adoption of guidelines for the implementation of data protection rules in IMI
drawn up in close consultation with the EDPS[9]. The
Commission considered that this step-by-step approach proved effective in
ensuring a high level of technical and procedural data protection in IMI[10]. ·
Existing provisions in the area of the proposal The processing of personal data in IMI is
addressed by the Commission Decisions and Recommendation listed in footnote 3. 2. RESULTS OF CONSULTATIONS WITH THE
INTERESTED PARTIES AND IMPACT ASSESSMENTS ·
Consultation of interested parties Over the past year the Commission informed IMI
stakeholders, including national IMI coordinators and authorities using the
system, through various fora, about its plans for future IMI expansions. The
reactions received showed general support for the Commission’s intention to
propose a horizontal legal instrument that would remove any doubts as to the
binding nature of the rules for the processing of personal data in the system. The EDPS was consulted informally at the early
stages of the preparation of the proposal, as well as formally during the
inter-service consultation, and provided a vital contribution. ·
Impact assessment As already mentioned, the present proposal
consolidates the current rules governing IMI within a single horizontal legally
binding instrument. Consequently, no alternative policy options need to be
considered at this stage. Moreover, the present proposal does not anticipate or
preclude any future decisions on possible extension of IMI to new areas of
Union law, but will merely facilitate such possible expansion by providing a
robust legal framework for the functioning of IMI and a flexible procedure for
future expansion decisions, which will be based on the criteria set out in the
IMI Strategy Communication mentioned above. For these reasons, the proposal has
not been subject to an impact assessment analysis. Any subsequent decisions
concerning the expansion of the use of IMI beyond the areas of Union law for
which it is currently used will require proportionate impact assessments. 3. LEGAL ELEMENTS OF THE PROPOSAL ·
Summary of the proposed action The present proposal aims at improving the
conditions for the functioning of the internal market by providing an effective
and user-friendly tool facilitating the practical implementation of provisions
of Union law mandating administrative cooperation and information exchange. The proposed Regulation also lays down the main
principles of data protection through IMI, including the rights of data
subjects, in a single legal instrument, thus increasing transparency and
enhancing legal certainty. The list of areas of Union acts currently supported
by IMI is set out in Annex I. Areas of possible future expansion are listed in
Annex II. The procedural and budgetary aspects aimed at facilitating future
expansion of IMI are in line with the IMI Strategy Communication mentioned above.
·
Legal basis: Article 114 TFEU ·
Subsidiarity and proportionality principles Given the nature of IMI as a centralised
communication tool developed and hosted by the Commission, it is necessary to
establish a common set of rules applicable to the system and to implement them
in a centralised manner. The objectives of IMI, namely the removal of obstacles
to cross-border cooperation, such as language barriers, different
administrative and working cultures and the lack of established procedures for
information exchange, cannot be achieved by the Member States and require
action at European Union level. This proposal does not go beyond what is
necessary to achieve those objectives. ·
Choice of instruments Proposed instrument: regulation In view of the above objectives, it is
essential to establish a set of common rules for the functioning of IMI. This
could not be achieved in a directive which, by its very nature, is only binding
as to the result to be achieved, but leaves to the national authorities the
choice of form and methods. Yet, in the case of the present proposal, it is
necessary to precisely define the form and methods of administrative
cooperation through IMI. In terms of useful precedents, it may be pointed out
that regulations have also been used for other large IT systems at EU level to
address data protection and other issues[11]. In turn, to
propose an act to be adopted by the Commission and not by the European
Parliament and the Council, such as a Commission decision, would simply emulate
the status quo and would not address the concerns about legal certainty
towards the citizen expressed in the past by the EDPS. 4. BUDGETARY IMPLICATION As the use of IMI is mandatory for Member
States under the Services Directive and the recently adopted Directive on the
application of patients’ rights in cross-border healthcare[12],
it is necessary to ensure that IMI can continue to operate on a permanent
basis. For this reason, as well as to allow more efficient management and
better control of the budget, it is proposed that the expenditure related to
IMI be re-grouped by bringing all costs under the same budget line managed by
DG MARKT (12.02.01 Implementation and development of the Internal Market), as
explained in the accompanying legislative financial statement. The present proposal does not have a
budgetary impact over and above what is already foreseen in the years to come
in the official programming of the Commission and it is without prejudice to
the decisions on the post-2013 multi-annual financial framework. 5. OPTIONAL ELEMENTS ·
European Economic Area The proposed act concerns an EEA matter and
should therefore be extended to the European Economic Area. ·
Detailed explanation of the proposal Choice of the legal basis The main objective of the proposal is to
improve the conditions for the functioning of the internal market by providing
an effective and user-friendly tool which facilitates the practical
implementation of those provisions of Union acts which require Member States to
cooperate with one another and with the Commission and to exchange information
(including, in many instances, personal data). In order to ensure the efficient
functioning of IMI, it is necessary to lay down certain common rules related to
its governance and use. This includes the obligation to appoint one national
IMI coordinator per Member State (Article 7), the obligation on competent
authorities to provide an adequate response in a timely manner (Article 8(1))
and the provision that information exchanged via IMI may be used for providing
evidence in the same way as similar information obtained within the same Member
State (Article 8(2)). At the same time, a high level of data
protection should be ensured in the implementation of IMI. Chapter I (General provisions) A number of provisions of Union acts require
Member States to cooperate with one another and with the Commission by
exchanging information. As an example, the Professional Qualifications
Directive mandates administrative cooperation and the exchange of certain
information, including personal data, among Member States’ administrations.
Since 2008, Member States have agreed to use IMI for such cooperation and
exchanges for a range of professions that has been expanded gradually with a
view to covering all regulated professions. The Services Directive assigns
mutual assistance obligations to Member States, including the obligation to
supply information by electronic means (Article 28(6)). Commission Decision
2009/739/EC of 2 October 2009 sets out the practical arrangements for the exchange
of information between Member States under the Services Directive. Since 16 May 2011, authorities across the EU
that deal with posted workers are able to exchange information through IMI on a
pilot basis[13]. Moreover, the recently
adopted Directive on the application of patients’ rights in cross-border
healthcare makes the use of IMI obligatory for exchanging information on the
right to practise of health professionals[14]. The
accompanying document to the ‘IMI Strategy Communication’ lists further areas
that could benefit from IMI. Furthermore, synergies between IMI and other IT
tools used by the Commission, including in the area of problem solving, should
be explored. The provisions of Articles 1, 2 and 3 aim to
establish the purpose and scope of IMI. The proposed
mechanism for expanding IMI to new Union acts (Article 4) aims at providing the
necessary flexibility for the future while ensuring a high level of legal
certainty and transparency, in particular for data subjects. To that end, Union
acts currently supported by IMI are set out in Annex I. In addition, Annex II
lists areas of possible future expansion of IMI. Following an assessment of
technical feasibility, cost-efficiency, user-friendliness and overall impact on
the system, as well as the results of a possible test phase, as appropriate,
the Commission will be empowered to update the list of areas in Annex I
accordingly, adopting a delegated act. Chapter II (Functions and
responsibilities in relation to IMI) The provisions of this chapter are crucial for
the efficient functioning of the system (e.g. the respective roles of the
national IMI coordinator, Article 7, and competent authorities,
Article 8). In particular, competent authorities should not be allowed to
question the evidentiary value of a document received from another Member State
solely because it was received by means of IMI and should treat it in the same
way as similar documents originating in their Member State. The provisions also
reflect the flexibility offered by IMI to the Member States in allocating the
different roles within the system in line with their national administrative
structure. Article 9 clarifies the role of the Commission.
For the types of administrative cooperation currently covered by IMI, this
remains limited to ensuring the security, availability, maintenance and
development of the software and IT infrastructure for IMI. However, the
Commission could also take an active part in IMI workflows, for instance for
notification procedures, on the basis of legal provisions or other arrangements
underlying the use of IMI in a given area of the internal market. Article 10 on access rights is central to
ensuring effective protection for the personal data processed in the system. It
specifies in particular that access to personal data processed in IMI must be
limited to the IMI users taking part in the procedure in question. Chapter III (Data processing and
security) Processing of personal data by means of IMI
will continue to be based on pre-defined workflows, question sets and other
procedures (Article 12). This constitutes an additional guarantee of
transparency for data subjects. Personal data processed by means of IMI should
not remain accessible for longer than necessary. It is therefore important to
establish maximum retention periods, following which the data should be
blocked, i.e. rendered inaccessible to IMI users via the normal interface and
then automatically deleted from the system five years after the closure of an
administrative cooperation procedure (Article 13). The option of blocking data
after 18 months (rather than immediate deletion) is preferable to ensure that
data subjects are able to effectively exercise their rights, for example by
obtaining evidence that an exchange of information through IMI took place in
order to appeal against a decision based on such an exchange. This approach is
also in line with the Court of Justice ruling in Case C-553/07 Rijkeboer. The processing of personal data of IMI users
(e.g. employees of national administrations using IMI) should be possible for
purposes related to the functioning of IMI, such as ensuring the proper
functioning of the system by IMI coordinators and the Commission or gathering
information related to administrative cooperation in the internal market via surveys
(Article 14). Article 15 reflects the fact that already
today, under the Professional Qualifications and Services Directives, IMI is
used to exchange data of a sensitive nature, including e.g. information about
disciplinary or criminal sanctions. It is important to clarify that — since IMI is
developed, maintained and hosted centrally by the Commission — the applicable
data security rules are those set out in Regulation (EC) No 45/2001 (Article
16). Chapter IV (Rights of data subjects and
supervision) Given the diversity of competent authorities
using IMI (more than 6 000 as of March 2011), as well as the variety of situations and
contexts in which IMI may be used in the future, it is not possible to lay down
a one-size-fits-all solution for the exercise of data subjects’ rights in the
proposed Regulation. The obligations of competent authorities are, in
principle, covered by national data protection legislation, while Articles 15
and 16 cover issues specific to IMI (e.g. blocked data), as well as the obligations
of the Commission. It is also important to ensure transparency for data
subjects whenever the exercise of their rights in the context of IMI is limited
by national legislation (Article 19). Provisions for coordinated supervision follow
the model established in the VIS and SIS II Regulations[15]
(Article 20). Chapter V (Geographic scope of IMI) The legal instrument for IMI should provide
sufficient flexibility to accommodate future developments with respect to the
use of the system, including possibly involving third countries in the
information exchanges in certain areas (Article 22), or the use of the system
in a purely domestic context (Article 21), for which some Member States have
already expressed an interest. In all such cases, the guarantees for personal
data protection should continue to apply. Chapter VI (Final provisions) To allow for the extension of IMI to further
Union acts, the Commission will be empowered to update the list of provisions
already covered by IMI, as listed in Annex I, with additional provisions
included in Annex II. The Commission undertakes to produce regular
reports on the functioning of IMI, inter alia based on statistical information
retrieved from the system and provided by Member States on request, as
appropriate (Article 26). 2011/0226 (COD) Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT
AND OF THE COUNCIL on administrative cooperation through the
Internal Market Information System
(‘the IMI Regulation’) (Text with EEA relevance) THE EUROPEAN PARLIAMENT AND THE
COUNCIL OF THE EUROPEAN UNION, Having regard to the Treaty on the
Functioning of the European Union, and in particular Article 114 thereof, Having regard to the proposal from the
European Commission, After transmission of the draft legislative
act to the national Parliaments, Having regard to the opinion of the
European Economic and Social Committee[16], Having regard to the opinion of the
European Data Protection Supervisor, Acting in accordance with the ordinary
legislative procedure, Whereas: (1)
The application of certain Union acts governing
the free movement of goods, persons, services and capital in the internal
market requires Member States to cooperate and exchange information with one
another and with the Commission. As practical means to implement such
information exchange are often not specified in those acts, appropriate
practical arrangements need to be made. (2)
The Internal Market Information System
(hereinafter ‘IMI’) is a software application accessible via the Internet,
developed by the European Commission in cooperation with the Member States, in
order to assist Member States with the practical implementation of information
exchange requirements laid down in Union acts by providing a centralised
communication mechanism to facilitate cross-border exchange of information and
mutual assistance. In particular, IMI helps competent authorities to identify
their counterpart in another Member State, manage the exchange of information,
including personal data, on the basis of simple and unified procedures and
overcome language barriers on the basis of pre-defined and pre-translated
workflows. (3)
The purpose of IMI should be to improve the
functioning of the internal market by providing an effective, user-friendly
tool for the implementation of administrative cooperation between the Member
States and the Commission, thus facilitating the application of Union acts set
out in the Annexes to this Regulation. (4)
The Commission Communication[17]
‘Better governance of the Single Market through greater administrative cooperation:
A strategy for expansion and further development of the Internal Market
Information System (“IMI”)’ set out plans for the possible expansion of IMI to
other Union acts. The Commission Communication ‘A Single Market Act’ stressed
the importance of IMI for strengthening cooperation among the actors involved,
including at local level, thus contributing to better governance of the single
market[18]. It is therefore
necessary to establish a sound legal framework for IMI and a set of common
rules to ensure that the system functions efficiently. (5)
Where the application of a provision of a Union
act requires Member States to exchange personal data and provides for the
purpose of this processing, such a provision should be considered an adequate
legal basis for the processing of personal data, subject to conditions set out
in Articles 8 and 52 of the Charter of Fundamental Rights of the European
Union. IMI should be seen primarily as a tool used for the exchange of
information (including personal data) which would otherwise take place via
other means, including regular mail, fax or electronic mail on the basis of a
legal obligation imposed on Member States' authorities and bodies in Union
acts. (6)
Following the privacy-by-design principle, IMI
has been developed with the requirements of data protection legislation in mind
and has been data protection-friendly from its inception, in particular because
of the restrictions imposed on access to personal data exchanged in the system.
Therefore, IMI offers a considerably higher level of protection and security
than other methods of information exchange such as mail, telephone, fax or
e-mail. (7)
Administrative cooperation by electronic means
between Member States and between Member States and the Commission should
comply with the rules on the protection of personal data laid down in Directive
95/46/EC of the European Parliament and of the Council of 24 October 1995 on
the protection of individuals with regard to the processing of personal data
and on the free movement of such data[19] and in Regulation (EC)
No 45/2001 of the European Parliament and of the Council of 18 December 2000 on
the protection of individuals with regard to the processing of personal data by
the Community institutions and bodies and on the free movement of such data[20]. (8)
In order to ensure transparency, in particular
for data subjects, the Union acts for which IMI is to be used should be listed
in Annex I to this Regulation. Areas of possible further expansion should be
set out in Annex II. It is appropriate to identify in Annex II, a set of Union
acts where it is necessary to evaluate the technical feasibility; cost
efficiency, user friendliness and the overall impact on the system, before it
is decided to use IMI for such acts. (9)
Nothing in this Regulation should preclude
Member States and the Commission deciding to use IMI for the exchange of
information which does not involve the processing of personal data. (10)
This Regulation should set out the rules for
using IMI for the purposes of administrative cooperation, which may cover inter
alia the one-to-one exchange of information, notification procedures, alert
mechanisms, mutual assistance arrangements and problem solving. (11)
Member States should be able to adapt functions
and responsibilities in relation to IMI to their internal administrative
structures or to take into account particular needs of a specific IMI workflow.
The tasks of IMI coordinators may be carried out by one or more delegated IMI
coordinators, alone or jointly with others, for a particular area of the internal
market, a division of the administration, a geographic region, or according to
another criterion. (12)
While IMI is in essence a communication tool for
public authorities, not open to the general public, technical means may need to
be developed to allow external actors such as citizens, enterprises and
organisations to interact with the competent authorities in order to supply
information and retrieve data, or to exercise their rights as data subjects.
Such technical means should include appropriate safeguards for data protection. (13)
The exchange of information through IMI follows
from the legal obligation on Member States’ authorities to give mutual
assistance. To ensure that the internal market functions properly, information
received by a competent authority through IMI from another Member State should
not be deprived of its value as evidence in administrative proceedings solely
on the ground that it originated in another Member State or was received by
electronic means, and it should be treated by the authority in the same way as
similar documents originating in its Member State. (14)
To guarantee a high level of data protection,
maximum retention periods for personal data in IMI need to be established.
However, these periods also need to be long enough to allow data subjects to
fully exercise their rights, for instance by obtaining evidence that an
information exchange took place in order to appeal against a decision. (15)
It should be possible to process the name and
contact details of IMI users for purposes compatible with the objectives of
this Regulation, including monitoring of the use of the system by IMI
coordinators and the Commission, communication, training and awareness-raising
initiatives, and gathering information on administrative cooperation or mutual
assistance in the internal market. (16)
The European Data Protection Supervisor should
monitor and ensure the application of the provisions of this Regulation,
including the relevant provisions on data security. (17)
Data subjects should be informed about the
processing of their personal data in IMI and that they have the right of access
to the data relating to them, and the right to have inaccurate data corrected
and illegally processed data erased, in accordance with national legislation
implementing Directive 95/46/EC. (18)
The administrative cooperation procedures
provided for in IMI should be facilitated by predefined workflows, question
sets and forms drawn up for this purpose by the Commission, supplemented as
appropriate by attached files and free text input. In order to ensure
sufficient transparency for data subjects, the predefined workflows and forms
and other arrangements relating to administrative cooperation procedures in IMI
should be made public. (19)
Where Member States apply, in accordance with
Article 13 of Directive 95/46/EC, any limitations on or exceptions to the
rights of data subjects, information about such limitations or exceptions
should be made public in order to ensure full transparency for data subjects. Such
exceptions or limitations should be necessary and proportionate to the intended
purpose and subject to adequate safeguards. (20)
Commission Decision 2008/49/EC of 12 December
2007 concerning the implementation of the Internal Market Information System
(IMI) as regards the protection of personal data should be repealed[21].
Commission Decision 2009/739/EC of 2 October 2009 setting out the practical
arrangements for the exchange of information by electronic means between the
Member States under Chapter VI of Directive 2006/123/EC of the European
Parliament and of the Council on services in the internal market[22]
should continue to apply to issues relating to the exchange of information
under Directive 2006/123/EC on services in the internal market[23]. (21)
The Commission should be empowered to adopt
delegated acts in accordance with Article 290 of the Treaty in respect of Union
acts, among those listed in Annex II, in which provisions on administrative
cooperation and information exchange can be implemented by means of IMI. HAVE ADOPTED THIS REGULATION: Chapter
I GENERAL
PROVISIONS Article 1 Subject
matter This Regulation lays down rules for the use
of an Internal Market Information System, hereinafter ‘IMI’, for administrative
cooperation, including processing of personal data, among competent authorities
in the Member States and the Commission. Article 2 Establishment
of the Internal Market Information System An Internal Market Information System is
hereby established. Article 3 Scope IMI shall be used for exchange of
information between competent authorities in the Member States and the
Commission necessary for the implementation of internal market acts which
provide for administrative cooperation, including the exchange of personal
data, between Member States or between Member States and the Commission. The
internal market acts are set out in Annex I. Article 4 Development
of IMI 1.
For the acts listed in Annex II to this
Regulation, the Commission may decide that IMI shall be used, taking into
account technical feasibility, cost-efficiency, user-friendliness and overall
impact on the system. In such cases, the Commission shall be empowered to
include those acts in Annex I following the procedure referred to in Article
23. 2.
The adoption of the delegated act may be
preceded by a test phase (pilot project) of a limited duration involving
several or all Member States. Article 5 Definitions For the purposes of this Regulation, the
definitions in Directive 95/46/EC and Regulation (EC) No 45/2001 shall apply. In addition, the following definitions
shall also apply: (a)
‘Internal Market Information System’ (‘IMI’)
means the electronic tool provided by the European Commission to facilitate
administrative cooperation between national administrations and the Commission;
(b)
‘administrative cooperation’ means competent
authorities of Member States and the Commission working in close collaboration,
by exchanging information, including through notifications, or by providing
mutual assistance, including for the resolution of problems, for the purpose of
better application of Union law; (c)
‘internal market area’ means a legislative or
functional field of the internal market within the meaning of Article 26(2) of
the Treaty in which IMI is used in accordance with Article 3 above; (d)
‘administrative cooperation procedure’ means a
pre-defined workflow provided for in IMI allowing IMI actors to communicate and
interact with each other in a structured manner; (e)
‘competent authority’ means any body established
at either national, regional or local level with specific responsibilities
relating to the application of national or Union law in one or more internal
market areas whose registration in IMI has been validated by an IMI
coordinator; (f)
‘IMI coordinator’ means a body appointed by the
Member States to perform support tasks necessary for the efficient functioning
of IMI in accordance with this Regulation; (g)
‘IMI user’ means a natural person working under
the control of a competent authority, of an IMI coordinator or of the
Commission and registered in IMI on their behalf; (h)
‘IMI actors’ means the competent authorities, IMI
coordinators and the Commission; (i)
‘external actors’ means natural or legal persons
other than IMI users that may use IMI through technical means and in accordance
with a specific pre-defined workflow provided for this purpose; (j)
‘blocking’ means applying technical means by
which personal data become inaccessible to IMI users via the normal interface
of the application. Chapter
II FUNCTIONS
AND RESPONSIBILITIES IN RELATION TO IMI Article 6 General
purpose IMI actors shall exchange and process
personal data only for the purposes defined in the relevant legal basis as
referred to in Annex I. Article 7 IMI
coordinators 1.
Each Member State shall appoint one national IMI
coordinator whose tasks shall include: (a)
registering or validating registration of IMI
coordinators and competent authorities; (b)
acting as the main contact point for issues
related to IMI and as the interlocutor of the Commission, including for aspects
related to the protection of personal data; (c)
providing knowledge, training and support,
including technical support, to competent authorities and IMI users; (d)
ensuring the efficient functioning of the
system, including timely and adequate responses by competent authorities to
requests for administrative cooperation. 2.
Each Member State may additionally appoint one
or more IMI coordinators in order to carry out one or more of the above tasks,
according to its internal administrative structure. 3.
Member States shall inform the Commission of the
IMI coordinators appointed in accordance with paragraphs 1 and 2 and of the
tasks for which they shall be responsible. The Commission shall share this
information with other Member States. 4.
Member States shall ensure that IMI coordinators
have adequate resources to perform their duties in accordance with this
Regulation. 5.
All IMI coordinators may act as competent
authorities. In such cases an IMI coordinator shall have the same access rights
as a competent authority. Each IMI coordinator shall be a controller with
respect to its own data processing activities as an IMI actor. Article 8 Competent
authorities 1.
When cooperating by means of IMI, the competent
authorities shall ensure that an adequate response is provided within the
shortest possible period of time or within the deadline set by the applicable
Union act, acting through IMI users in accordance with administrative
cooperation procedures. 2.
Competent authorities may invoke as evidence any
information, documents, findings, statements, certified true copies or
intelligence communicated by means of IMI, on the same basis as similar
documents obtained in their own country, for purposes compatible with the
purposes for which the data was originally collected. 3.
Each competent authority shall be a controller
with respect to its own data processing activities performed by an IMI user under
its authority and shall ensure that data subjects can exercise their rights in
accordance with Chapters III and IV, where appropriate. 4.
Member States shall ensure that competent
authorities have adequate resources to perform their duties in accordance with
this Regulation. Article 9 Commission 1.
The Commission shall ensure the security,
availability, maintenance and development of the software and IT infrastructure
for IMI. It shall provide a multilingual system, training in cooperation with
the Member States, and a helpdesk to assist Member States in the use of IMI. 2.
The Commission may participate in administrative
cooperation procedures involving the processing of personal data where required
by a Union act listed in Annex I. 3.
The Commission shall register the national IMI
coordinators and shall grant them access to IMI. 4.
The Commission shall perform processing
operations on personal data in IMI where provided for in this Regulation. 5.
For the purposes of performing its tasks under
this Article and for producing reports and statistics, the Commission shall
have access to the necessary information relating to the processing operations
performed in IMI. Article 10 Access rights of IMI actors and users 1.
Only IMI users duly authorised by and acting on
behalf of an IMI actor shall have access to IMI. 2.
Member States, in cooperation with the
Commission, shall designate the IMI coordinators and competent authorities and
the internal market areas in which they have competence. 3.
Each IMI actor shall grant and revoke, as necessary,
appropriate access rights to its IMI users in the internal market area for
which it is competent. 4.
Appropriate technical means shall be put in
place to ensure that IMI users are able to access personal data processed in
IMI only on a need-to-know basis and within the internal market area or areas
for which they were granted access rights in accordance with paragraph 3. 5.
The use of personal data processed by means of
IMI for a specific purpose in a way incompatible with that original purpose
shall be prohibited, unless explicitly provided for by law. 6.
Where an administrative cooperation procedure
involves the processing of personal data, only the IMI users participating in
that procedure shall have access to such personal data. 7.
External actors may use IMI with the technical
means provided for this purpose, where necessary to facilitate administrative
cooperation between competent authorities in Member States, or in order to
exercise their rights as data subjects, or where otherwise provided for by a
Union act. Article 11 Confidentiality 1.
Each Member State shall apply its rules of
professional secrecy or other equivalent duties of confidentiality to its IMI
actors and IMI users, in accordance with national legislation. 2.
IMI actors shall ensure that requests of other
IMI actors for confidential treatment of information exchanged by means of IMI
are complied with by IMI users working under their authority. Article 12 Administrative
cooperation procedures IMI shall be
based on administrative cooperation procedures developed and updated for that
purpose by the Commission, in close cooperation with the Member States. Chapter
III DATA
PROCESSING AND SECURITY Article 13 Retention
of personal data 1.
Personal data processed in IMI shall be blocked
at the latest eighteen months after the formal closure of an administrative
cooperation procedure, unless blocking before that period is expressly
requested by a competent authority, on a case-by-case basis. 2.
Where an administrative cooperation procedure in
IMI establishes a repository of information for future reference by IMI actors,
the personal data included in such a repository may be processed for as long as
it is needed for this purpose either with the consent of the data subject or
where this is necessary to comply with a Union act. 3.
Personal data blocked pursuant to this Article
shall, with the exception of their storage, only be processed for purposes of
proof of an information exchange by means of IMI, or with the data subject’s
consent. 4.
The blocked data shall be automatically deleted
after five years have elapsed from the closure of the administrative
cooperation procedure. 5.
The Commission shall ensure by technical means
the blocking and deletion of personal data and their retrieval in accordance
with paragraph 3. Article 14 Retention
of personal data of IMI users 1.
By derogation from Article 13, paragraphs 2 and
3 shall apply to the retention of personal data of IMI users. 2.
Personal data relating to IMI users shall be
stored in IMI as long as they continue to be users of IMI and may be processed
for purposes compatible with the objectives of this Regulation. These personal data shall include the full name
and all electronic and other means of contact necessary for the purposes of
this Regulation. 3.
When a natural person ceases to be an IMI user,
the personal data relating to him or her shall be blocked by technical means
for a period of five years. They shall, with the exception of their storage,
only be processed for purposes of proof of an information exchange by means of
IMI and shall be deleted at the end of the five-year period. Article 15 Processing
of special categories of data 1.
The processing of special categories of data
referred to in Article 8(1) of Directive 95/46/EC and Article 10(1) of
Regulation (EC) 45/2001 by means of IMI shall be allowed only on the basis of a
specific ground mentioned in Article 8(2) of the Directive and Article 10(2) of
the Regulation and with appropriate safeguards to ensure the rights of
individuals whose personal data are processed. 2.
IMI may be used for the processing of data
relating to offences, criminal convictions or security measures referred to in
Article 8(5) of Directive 95/46/EC and Article 10(5) of Regulation (EC)
45/2001, including information on disciplinary, administrative or criminal
sanctions or other information necessary to establish the good repute of an
individual or a legal person, where the processing of such data is provided for
in a Union act constituting the basis for the processing or with the explicit
consent of the data subject, subject to appropriate specific safeguards. Article 16 Security 1.
The processing of personal data under this
Regulation shall comply with the rules on data security adopted by the
Commission further to Article 22 of Regulation (EC) No 45/2001. 2.
The Commission shall put in place the necessary
measures to ensure security of personal data processed in IMI, including
appropriate data access control and a security plan which shall be kept
up-to-date. 3.
The Commission shall ensure that, in case of a
security incident, it is possible to verify what personal data has been
processed in IMI, when, by whom and for what purpose. Chapter
IV RIGHTS
OF DATA SUBJECTS AND SUPERVISION Article 17 Information
to data subjects and transparency 1.
IMI actors shall ensure that data subjects are
informed about processing of their personal data in IMI and that they have
access to a privacy notice explaining their rights and how to exercise them, in
accordance with Articles 10 or 11 of Directive 1995/46/EC and national
legislation which is in accordance with that Directive. 2.
The Commission shall make publicly available: (a)
a comprehensive privacy notice concerning IMI in
accordance with Articles 10 and 11 of Regulation (EC) No 45/2001, in a clear
and understandable form; (b)
information on the data protection aspects of
administrative cooperation procedures in IMI as referred to in Article 12; (c)
information on exceptions to or limitations of
data subjects’ rights as referred to in Article 19. Article 18 Right
of access, correction and erasure 1.
IMI actors shall ensure that the data subject may effectively exercise the right of access to data relating to him
or her, and the right to have inaccurate or incomplete data corrected and
unlawfully processed data deleted, in accordance with national legislation. The
correction and deletion shall be carried out within 60 days by the IMI actor
responsible. 2.
Personal data blocked
pursuant to Article 13(1) shall not be rectified or deleted unless it can be
clearly demonstrated that such rectification or deletion is necessary to
protect the rights of the data subject and does not undermine their value as
proof of an information exchange by means of IMI. 3.
Where the accuracy or lawfulness of data blocked
pursuant to Article 13(1) is contested by the data subject, this fact shall be recorded
as well as the accurate, corrected information. Article 19 Exceptions
and limitations Where Member States provide for exceptions to or limitations of data subjects’ rights set out in
this Chapter in national legislation in accordance with Article 13 of Directive
95/46/EC, they shall inform the Commission thereof. Article 20 Supervision 1.
The national supervisory authority or
authorities designated in each Member State and endowed with the powers
referred to in Article 28 of Directive 95/46/EC (the ‘National Supervisory
Authority’) shall monitor the lawfulness of the processing of personal data by
the competent authorities within their territory and in particular shall ensure
that the rights of data subjects set out in this Chapter are respected. 2.
The European Data Protection Supervisor shall
ensure that the personal data processing activities of the Commission in its
role as an IMI actor are carried out in accordance with this Regulation. The
duties and powers referred to in Articles 46 and 47 of Regulation (EC) No
45/2001 shall apply accordingly. 3.
The National Supervisory Authorities and the
European Data Protection Supervisor, each acting within the scope of their
respective competences, shall ensure coordinated supervision of the IMI system
and its use by competent authorities in Member States. The European Data
Protection Supervisor may invite the National Supervisory Authorities to meet
for that purpose when necessary. The costs of these meetings shall be for the
account of the European Data Protection Supervisor. Further working methods for
this purpose, including rules of procedure, may be developed jointly as
necessary. A joint report of activities shall be sent to the European
Parliament, the Council and the Commission at least every three years. Chapter
V GEOGRAPHIC
SCOPE OF IMI Article 21 National
use of IMI 1.
A Member State may use IMI for the purpose of
administrative cooperation between competent authorities within its territory
in accordance with national law, on condition that: (a)
no substantial changes to the existing
administrative cooperation procedures are required; and (b)
a notification of the envisaged use of IMI has
been submitted to the National Supervisory Authority; and (c)
it has no significant impact on the efficient
functioning of IMI. 2.
Where the national use of IMI is likely to have
a significant impact on the efficient functioning of IMI, the Member State
shall notify such use to the Commission and seek its prior approval. Where
necessary, an agreement setting out inter alia the technical, financial
and organisational arrangements, including the responsibilities of the IMI
actors, shall be concluded between the Member State and the Commission. Article 22 Information
exchange with third countries 1.
Personal data may be exchanged in IMI pursuant
to this Regulation between IMI actors within the Union
and in a third country only where the following conditions are satisfied: (a)
the data are processed pursuant to a provision
listed in the Annex I and an equivalent provision of law of the third country; (b)
the data are exchanged or made available in
accordance with an international agreement providing for the application of a
provision listed in Annex I by the third country; and (c)
the Commission has adopted a decision finding
that the third country in question ensures adequate protection of personal data
in accordance with Article 25(6) of Directive 95/46/EC, or the provision of
Article 26 of Directive 95/46/EC apply, including adequate safeguards that the
data processed in IMI shall only be used for the purpose for which they were
initially exchanged. 2.
Where the Commission is an IMI actor, Articles
9(1) and 9(7) of Regulation 45/2001 shall apply to any exchange of personal
data processed in IMI with IMI actors in a third country. 3.
The Commission shall publish in the Official
Journal of the European Union an updated list of third countries concerned
by information exchanges in accordance with this Article. Chapter VI FINAL PROVISIONS Article 23 Exercise
of the delegation 1.
The powers to adopt the delegated acts referred
to in Article 4 shall be conferred on the Commission for an indeterminate
period of time. 2.
As soon as it adopts a delegated act, the
Commission shall notify it simultaneously to the European Parliament and to the
Council. 3.
The powers to adopt delegated acts are conferred
on the Commission subject to the conditions laid down in Articles 24 and 25. Article 24 Revocation
of the delegation 1.
The delegation of power
referred to in Article 3 may be
revoked by the European Parliament or by the Council. 2.
The institution which has commenced an internal
procedure for deciding whether to revoke the delegation of power shall inform
the other legislator and the Commission at the latest one month before the
final decision is taken, stating the delegated powers which could be subject to
revocation and the reasons for a revocation. 3.
The decision of a revocation shall put an end to
the delegation of the powers specified in that decision. It shall take effect
immediately or at a later data specified therein. It shall not affect the
validity of the delegated acts already in force. It shall be published in the Official
Journal of the European Union. Article 25 Objections
to delegated acts 1.
The European Parliament and the Council may
object to the delegated act within a period of two months from the date of
notification. At the initiative of the European Parliament or the Council this
period shall be extended by one month. 2.
If, on expiry of that period, neither the
European Parliament nor the Council has objected to the delegated act, or if,
before that date, the European Parliament and the Council have both informed
the Commission that they have decided not to raise objections, the delegated
act shall enter into force at the date stated in its provisions. 3.
If the European Parliament or the Council
objects to the adopted delegated act, it shall not enter into force. The
institution which objects shall state the reasons for objecting to the
delegated act. Article 26 Monitoring
and reporting 1.
The Commission shall report to the European
Parliament and the Council on the functioning of IMI on a yearly basis. 2.
Every three years, the Commission shall report
to the European Data Protection Supervisor on aspects relating to the
protection of personal data in IMI, including data security. 3.
For the purpose of producing the reports
referred to in paragraphs 1 and 2, Member States shall provide the Commission,
on request, with any information relevant to the application of this
Regulation, including on the application in practice of the data protection
requirements laid down in this Regulation. Article 27 Costs 1.
The costs incurred for the development,
operation and maintenance of IMI shall be borne by the general budget of the
European Union, without prejudice to arrangements under Article 21(2). 2.
Unless otherwise stipulated in a Union act, the
costs for the IMI operations at Member State level, including the human
resources needed for training, promotion and technical assistance (helpdesk)
activities, as well as for the administration of the system at national level,
shall be borne by each Member State. Article 28 Entry
into force This Regulation shall enter into force on
the […] day following that of its publication in the Official Journal of the
European Union. This
Regulation shall be binding in its entirety and directly applicable in all
Member States. Done at […], For the European Parliament For
the Council The President The
President Annex I referred to in Article 3 listing
the provisions on administrative cooperation in Union acts that are implemented
by means of IMI 1. Directive 2006/123/EC of the
European Parliament and of the Council of 12 December 2006 on services in the
internal market: Chapter VI 2. Directive 2005/36/EC of the
European Parliament and of the Council of 7 September 2005 on the recognition
of professional qualifications: Articles 8, 50, 51 and 56 3. Directive 2011/24/EU of the
European Parliament and of the Council of 9 March 2011 on the application of
patients' rights in cross-border healthcare: Article 10[24] Annex II referred to in Article 4 on
potential areas in which provisions on administrative cooperation may be
implemented by means of IMI I. Internal market and free
movement of goods (1)
Commission Recommendation of 7 December 2001 on
principles for using 'SOLVIT' – the Internal Market Problem Solving Network:
Chapters I and II[25] II. Freedom of establishment and
to provide services (1)
Directive 2006/123/EC of the European Parliament
and of the Council of 12 December 2006 on services in the internal market:
Articles 15(7) and 39(5) (2)
Directive 96/71/EC of the European Parliament
and of the Council of 16 December 1996 concerning the posting of workers in the
framework of the provision of services: Article 4[26]
. (3)
Directive 2000/31/EC of the European Parliament
and of the Council of 8 June 2000 on certain legal aspects of information
society services, in particular electronic commerce, in the Internal Market
('Directive on electronic commerce'): Article 3[27] [4. Proposal for a DIRECTIVE OF
THE EUROPEAN PARLIAMENT AND OF THE COUNCIL amending Directives 89/666/EEC,
2005/56/EC and 2009/101/EC as regards the interconnection of central,
commercial and companies registers (COD/2011/0038)] III. Free movement of persons (1)
Directive 2011/24/EU of the European Parliament
and of the Council of 9 March 2011 on the application of patients' rights in
cross-border healthcare: Article 6 IV. Freedom of capital and
payments [1. Proposal for a REGULATION OF
THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the professional cross border
transport of euro cash by road between euro-area Member States (COD/2010/0204)] LEGISLATIVE FINANCIAL
STATEMENT FOR PROPOSALS [to
be used for any proposal or initiative submitted to the legislative authority (Articles
28 of the Financial Regulation and 22 of the implementing rules)] 1. FRAMEWORK OF THE PROPOSAL/INITIATIVE 1.1. Title of the proposal/initiative 1.2. Policy
area(s) concerned in the ABM/ABB structure 1.3. Nature
of the proposal/initiative 1.4. Objective(s)
1.5. Grounds
for the proposal/initiative 1.6. Duration
and financial impact 1.7. Management
method(s) envisaged 2. MANAGEMENT MEASURES 2.1. Monitoring
and reporting rules 2.2. Management
and control system 2.3. Measures
to prevent fraud and irregularities 3. ESTIMATED FINANCIAL IMPACT OF THE PROPOSAL/INITIATIVE
3.1. Heading(s)
of the multiannual financial framework and expenditure budget line(s) affected 3.2. Estimated
impact on expenditure 3.2.1. Summary of
estimated impact on expenditure 3.2.2. Estimated impact
on operational appropriations 3.2.3. Estimated impact
on appropriations of an administrative nature 3.2.4. Compatibility
with the current multiannual financial framework 3.2.5. Third-party
participation in financing 3.3. Estimated impact on revenue LEGISLATIVE FINANCIAL STATEMENT FOR PROPOSALS
1.
FRAMEWORK OF THE PROPOSAL/INITIATIVE
1.1.
Title of the proposal/initiative
Regulation (EC) No xxx of the European Parliament and of the Council
on administrative cooperation through the Internal Market Information System
(‘the IMI Regulation’)
1.2.
Policy area(s) concerned in the ABM/ABB
structure[28]
Internal Market — Services
1.3.
Nature of the proposal/initiative
þThe proposal/initiative relates to the extension of an existing
action
1.4.
Objectives
1.4.1.
The Commission’s multiannual strategic
objective(s) targeted by the proposal/initiative
In its Communication ‘Europe 2020: A strategy for smart, sustainable
and inclusive growth’ (COM(2010) 2020), the Commission proposed that
bottlenecks in the single market be tackled by, inter alia, ‘reinforcing
structures to implement single market measures on time and correctly, including
[…] the Services Directive […], enforce them effectively and when problems
arise, resolve them speedily’. The Internal Market Information System (‘IMI’) is an on-line
communication tool developed by the European Commission and offered as a free
service to Member States since 2008. It is currently used for the exchange of
information pursuant to Directive 2005/36/EC of the European Parliament and of
the Council of 7 September 2005 on the recognition of professional
qualifications[29] (‘the Professional
Qualifications Directive’) and Directive 2006/123/EC of the European Parliament
and of the Council of 12 December 2006 on services in the internal market[30]
(‘the Services Directive’). IMI allows national, regional and local authorities to communicate
quickly and easily with their counterparts across borders, following uniform
working methods agreed by all Member States. IMI helps its users to (i) find
the right authority to contact, (ii) communicate with them using pre-translated
sets of questions and answers and (iii) follow the progress of the information
request through a tracking mechanism. For example, an authority in Ireland that
needs information from a Hungarian body can select a question in English. The
Hungarian authority sees the question and corresponding reply options in
Hungarian; its reply will be received in English. According to the Commission Communication ‘Towards a Single Market
Act’, extending IMI to other sectors ‘with a view to creating a genuine
face-to-face electronic network for European administrations’ is one of the
keys to promoting better governance of the single market[31].
The Commission Communication 'A Single Market Act' stressed the importance of
IMI for strengthening cooperation among the actors involved, including at local
level, thus contributing to better governance of the single market[32].
1.4.2.
Specific objective(s) and ABM/ABB activity(ies)
concerned
Specific objective No 12: Develop the
full potential of the Internal Market Information System (IMI) to support
improved implementation of single market legislation. The use of IMI is mandatory under the Services Directive. The Commission set out plans for the future expansion of IMI to
other areas of Union law in its Communication ‘Better governance of the Single
Market through greater administrative cooperation: A strategy for expanding and
developing the Internal Market Information System (COM(2011) 75 final) (‘the
IMI Strategy Communication’). The objectives of this proposal are to: - establish a sound legal framework for IMI and a set of
common rules to ensure that it functions efficiently; - provide a comprehensive data protection framework by
setting out the rules for personal data protection which apply to IMI in a single
horizontal legal instrument; - facilitate possible future expansion of IMI to new areas of
Union law; - clarify the roles of the different actors involved in the
IMI system. In order to achieve these objectives, we will continue the following
activities: 1. Maintenance, i.e. prevention and correction of failure,
minor improvements to existing functionalities, ensuring operational continuity
of the system; 2. Hosting of system infrastructure; 3. Development, i.e. implementation of new system requirements;
and 4. Communication and awareness-raising activities, including
conferences, training sessions and the preparation of promotional and training
material. ABM/ABB activity(ies) concerned 12/03 4: Internal Market for Services As the system expands to other areas of Union law, other ABM/ABB
activities may be concerned.
1.4.3.
Expected result(s) and impact
Specify the effects
which the proposal/initiative should have on the beneficiaries/groups targeted. 1. A high level of legal certainty with respect to the processing
of personal data of EU citizens by means of IMI and thereby removal of legal
barriers to the expansion of IMI to new areas of Union law; 2. A flexible framework for possible future expansion of IMI
to new areas of Union law; 3. Clarification of the respective roles and obligations of
the Commission, Member States, national authorities and the European Data
Protection Supervisor with respect to information exchanges by means of IMI; 4. Cost savings by re-using an existing IT tool in new areas
instead of developing new single-purpose tools; 5. Ensuring future sustainability of the financing of IMI,
given its mandatory status under the Services Directive and possible future
expansion, in line with the IMI Strategy Communication.
1.4.4.
Indicators of results and impact
Specify the
indicators for monitoring implementation of the proposal/initiative. The proposal will contribute to more effective application of Union
law in areas for which IMI is used and will save IT development and maintenance
costs. Its direct impact could be measured using the following indicators: - the number of legislative areas covered by IMI (increase
compared to the two areas existing in 2011); - the number of information exchanges taking place by means
of IMI on a yearly basis; - the number of competent authorities actively using the
system (i.e. not simply registered as users); - estimated cost savings per new policy area added.
1.5.
Grounds for the proposal/initiative
1.5.1.
Requirement(s) to be met in the short or long
term
The proposal will provide a high level of legal certainty with
respect to the processing of personal data in IMI, in line with the suggestions
of the European Data Protection Supervisor. In the long term, it will
facilitate the possible future expansion of IMI to new areas of Union law by
providing a flexible framework for such expansion.
1.5.2.
Added value of EU involvement
Given the nature of IMI as a centralised communication tool
developed and hosted by the Commission, it is necessary to establish a common
set of rules applicable to the system and to implement them in a centralised
manner. The Commission offers IMI as a free service to Member States, providing
maintenance and development services, a helpdesk and hosting the computing
infrastructure. These tasks could not be performed in a decentralised manner. IMI overcomes obstacles to cross-border cooperation, such as
language barriers, different administrative and working cultures and the lack
of established procedures for information exchange. Because of the involvement
of Member States in designing the system, IMI offers uniform working methods
agreed by all Member States.
1.5.3.
Lessons learned from similar experiences in the
past
IMI was launched in 2008. More than 5 700 competent authorities
and 11 000 users are currently registered in the system. Some 2 000
information exchanges took place in 2010. From a legal point of view, IMI operates on the basis of a
Commission decision, a ‘comitology’ decision, and a Commission recommendation[33].
The lack of a single legal instrument adopted by the European Parliament and
the Council came to be seen as an obstacle to further expansion. The initial development cost of IMI was funded by the IDABC
(Interoperable Delivery of Pan-European e-Government Services to Public
Administrations, Business and Citizens) programme, until it came to an
end in 2009. Until July 2010, DG MARKT bore the costs associated with
maintenance, second-line support, system administration, hosting, training,
communication and awareness raising. In July 2010, the ISA (Interoperability
Solutions for European Public Administrations) programme (2010-2015)[34] agreed to finance IMI, funding the operation and improvement of the
application in 2010. It is anticipated that the ISA programme will continue to
provide funding for IMI at least until 2012. DG MARKT continues to bear the
cost of hosting, training, communication and awareness raising. Since use of the system is mandatory for the Services Directive and
given the plans for the future expansion of IMI to new areas of Union law,
financing aspects will need to be clarified and a stable and sustainable
financing beyond 2012 will need to be ensured.
1.5.4.
Coherence and possible synergy with other
relevant instruments
The Commission Communication ‘Better governance of the Single Market
through greater administrative cooperation: A strategy for expansion and
further development of the Internal Market Information System (‘IMI’)’
(COM(2011) 75 final) set out plans for the future expansion of IMI to other
areas of EU law. The Commission Communication 'A Single Market Act' stressed the
importance of IMI for strengthening cooperation among the actors involved,
including at local level, thus contributing to better governance of the single
market[35].
1.6.
Duration and financial impact
þ Proposal/initiative of unlimited
duration The proposal is expected to enter into force in
2013.
1.7.
Management mode(s) envisaged[36]
þ Centralised direct management by the Commission
2.
MANAGEMENT MEASURES
2.1.
Monitoring and reporting rules
Specify frequency
and conditions. The Commission will produce an annual report on the development and
performance of IMI. In addition, a report on IMI data protection issues,
including security, will be submitted to the European Data Protection
Supervisor periodically.
2.2.
Management and control system
2.2.1.
Risk(s) identified
The Commission is the ‘system owner’ of IMI, and responsible for its
daily operation, maintenance and development. The system is developed and
hosted by an internal supplier, namely a Commission DG (DIGIT), which ensures a
high level of business continuity. With the expansion of IMI to new legislative areas governance may
become more complex as the group of stakeholders will grow and different
demands may need to be reconciled. This process needs to be carefully managed.
2.2.2.
Control method(s) envisaged
The IT maintenance and development of IMI is governed by a
memorandum of understanding between MARKT and DIGIT which sets out the rules
and procedures and the respective responsibilities and obligations of the
system owner (MARKT) and the system supplier (DIGIT). Regular meetings and
reporting instruments facilitate close monitoring of the IT maintenance and
development work. The IMI Steering committee, including representatives of all
stakeholders in the IMI project (system owner, system supplier, Internal Market
Advisory Committee and IMI users) is responsible for, inter alia, high-level
monitoring and control. The IMAC IMI Working Group (a sub-group of the Internal
Market Advisory Committee) advises the Commission on horizontal issues relating
to IMI development. In addition, pursuant to Article 19 of the proposal, the European
Data Protection Supervisor will ensure that personal data processing by the
Commission in IMI is carried out in accordance with the applicable rules. The
national data protection authorities will monitor the processing of personal
data by the competent authorities at Member State level.
2.3.
Measures to prevent fraud and irregularities
Specify existing or
envisaged prevention and protection measures. For the purposes of combating fraud, corruption and any other
illegal activity, the provisions normally applicable to the activities of the
Commission, including Regulation (EC) No 1073/1999 of the European Parliament
and of the Council of 25 May 1999 concerning investigations conducted by the
European Anti-Fraud Office (OLAF), will apply in the context of IMI without any
restriction.
3.
ESTIMATED FINANCIAL IMPACT OF THE PROPOSAL/INITIATIVE
3.1.
Heading(s) of the multiannual financial
framework and expenditure budget line(s) affected
· Existing expenditure budget lines Heading of multiannual financial framework || Budget line || Type of expenditure || Contribution Number [Description………………………...……….] || DA/NDA ([37]) || from EFTA[38] countries || from candidate countries[39] || from third countries || within the meaning of Article 18(1)(aa) of the Financial Regulation 1A || 12.02.01 Implementation and development of the Internal Market || DA || YES || NO || NO || NO 1A || 12.01.04 Implementation and development of the Internal Market – Expenditure on administrative management || NDA || YES || NO || NO || NO 1A || 26.03.01.01 Interoperability Solutions for European Public Administrations (ISA) || DA || YES || YES || NO || NO
3.2.
Estimated impact on expenditure
3.2.1.
Summary of estimated impact on expenditure
EUR million (to 3 decimal places) Heading of multiannual financial framework: || 1B || Implementation and development of the Internal Market DG: MARKT || || || Year 2013 || || || || || || || TOTAL Operational appropriations || || || || || || || || 12.02.01 || Commitments || (1) || 1.440 || || || || || || || 1.440 Payments || (2) || 1.440 || || || || || || || 1.440 || || || || || || || || TOTAL appropriations for DG MARKT || Commitments || =1+1a +3 || 1.440 || || || || || || || 1.440 Payments || =2+2a +3 || 1.440 || || || || || || || 1.440 The present proposal is expected to come
into force in 2013 and it does not have a budgetary impact over and above what
is already foreseen for the years to come in the official programming of the
Commission. Moreover, the proposal is without prejudice to the decisions on the
post-2013 multi-annual financial framework. In 2010, the financing of IMI was covered
by the following sources: ISA programme (€ 500 000 – budget line
26.03.01.01) and internal market budget lines (€ 925 000). For
2011-2012 the planned financing from ISA will amount to ca. € 1 150 000
per year. However, the financing from the ISA programme is subject to annual
review of the overall programme priorities and available budget. It is
anticipated that the ISA programme will continue to provide funding for IMI
until at least 2012. In order to ensure that IMI can continue to
be offered to Member States on a permanent basis, as well as to allow more
efficient management and better control of the budget, the Commission will
examine the possibility of bringing all costs under a single budget line
managed by DG MARKT (12.02.01 Implementation and development of the Internal
Market). This would entail a net increase in this budget line in 2013 by
redeployment from other budget lines. In any event, it is expected that the total
cost of IMI will start decreasing from 2012 onwards, due to the projected lower
needs for developing new functionalities, which should generally be in place by
that time. TOTAL operational appropriations || Commitments || (4) || 1.440 || || || || || || || 1.440 Payments || (5) || 1.440 || || || || || || || 1.440 TOTAL appropriations of an administrative nature financed from the budget of specific programmes || (6) || || || || || || || || TOTAL appropriations under HEADING 1A of the multiannual financial framework || Commitments || =4+ 6 || 1.440 || || || || || || || 1.440 Payments || =5+ 6 || 1.440 || || || || || || || 1.440 Payments || =5+ 6 || || || || || || || || Heading of multiannual financial framework: || 5 || ‘Administrative expenditure’ EUR million (to 3 decimal places) || || || Year 2013 || || || || || || || TOTAL DG: MARKT || Human resources || || || || || || || || Other administrative expenditure || || || || || || || || TOTAL DG MARKT || Appropriations || || || || || || || || TOTAL appropriations under HEADING 5 of the multiannual financial framework || (Total commitments = Total payments) || || || || || || || || EUR million (to 3 decimal places) || || || Year 2013[40] || || || || || || || TOTAL TOTAL appropriations under HEADINGS 1 to 5 of the multiannual financial framework || Commitments || || || || || || || || 1.440 Payments || || || || || || || ||
3.2.2.
Estimated impact on operational appropriations
–
þ The proposal/initiative requires the use of operational
appropriations, as explained below: Commitment appropriations in EUR million (to 3 decimal
places) Indicate objectives and outputs ò || || || Year 2013 || || || || || || || TOTAL OUTPUTS Type of output[41] || Average cost of the ouput || Number of ouputs || Cost || || || || || || || || || || || || || Total number of ouputs || Total cost SPECIFIC OBJECTIVE No 1[42]… || || || || || || || || || || || || || || || || - Maintenance A || 0.4 || || 0.4 || || || || || || || || || || || || || || 0.4 - Hosting B || 0.24 || || 0.24 || || || || || || || || || || || || || || 0.24 - Development C || 0.3 || || 0.6 || || || || || || || || || || || || || || 0.6 - Communication & awareness D || 0.2 || || 0.2 || || || || || || || || || || || || || || 0.2 Sub-total for specific objective No 1 || || 1.440 || || || || || || || || || || || || || || 1.440 SPECIFIC OBJECTIVE No 2 || || || || || || || || || || || || || || || || - Output || || || || || || || || || || || || || || || || || || Sub-total for specific objective No 2 || || || || || || || || || || || || || || || || TOTAL COST || || 1.440 || || || || || || || || || || || || || || 1.440
3.2.3.
Estimated impact on appropriations of an
administrative nature
3.2.3.1.
Summary
–
þ The proposal/initiative does not require the use of administrative
appropriations –
¨ The proposal/initiative requires the use of administrative
appropriations, as explained below:
3.2.3.2.
Estimated requirements of human resources
–
þ The proposal/initiative does not require the use of additional
human resources –
¨ The proposal/initiative requires the use of human resources, as
explained below:Compatibility with the current multiannual financial framework –
þ Proposal/initiative is compatible with the current multiannual
financial framework.
3.2.4.
Third-party contributions
–
þ The proposal/initiative does not provide for co-financing by third
parties
3.3.
Estimated impact on revenue
–
þ Proposal/initiative has no financial impact on revenue. [1] OJ L 255, 30.9.2005, p. 22. [2] OJ L 376, 27.12.2006, p. 36. [3] Commission Decision 2008/49/EC of 12 December 2007
concerning the implementation of the Internal Market Information System (IMI)
as regards the protection of personal data (OJ L 13, 16.1.2008, p. 18),
Commission Decision 2009/739/EC of 2 October 2009 setting out the practical
arrangements for the exchange of information by electronic means between Member
States under Chapter VI of Directive 2006/123/EC of the European Parliament and
of the Council on services in the internal market (OJ L 263, 7.10.2009, p. 32),
Commission Recommendation of 26 March 2009 on data protection guidelines for
the Internal Market Information System (IMI) (OJ L 100, 18.4.2009, p. 12). [4] Communication from the Commission to the European
Parliament, the Council, the Economic and Social Committee and the Committee of
the Regions ‘Towards a Single Market Act. For a highly competitive social
market economy. 50 proposals for improving our work, business and exchanges
with one another’, COM(2010) 608 final, proposal No 45 on p. 31. [5] COM(2011) 75. [6] COM(2011) 206. [7] Opinion 01911/07/EN, WP 140. [8] Opinion of 22 February 2008 of the European Data
Protection Supervisor (‘EDPS’) on the Commission Decision of 12 December
2007 concerning the implementation of the Internal Market Information System
(IMI) as regards the protection of personal data, OJ C 270, 25.10.2008, p.
1. [9] Commission Recommendation of 26 March 2009 on data
protection guidelines for the Internal Market Information System (IMI), OJ L
100, 18.4.2009, p. 12. [10] Commission Report of 22 April 2010 on the state of data
protection in the Internal Market Information System, COM(2010) 170 final. [11] See e.g. Regulation (EC) No 1987/2006 of the European
Parliament and of the Council of 20 December 2006 on the establishment,
operation and use of the second generation Schengen Information System (SIS II)
(OJ L 381, 28.12.2006, p. 4) and Regulation (EC) No 767/2008 of the European
Parliament and of the Council of 9 July 2008 concerning the Visa Information
System (VIS) and the exchange of data between Member States on short-stay visas
(VIS Regulation) (OJ L 218, 13.8.2008, p. 60). [12] Directive 2011/24/EC of the European Parliament and of
the Council of 9 March 2011 on the application of patients’ rights in
cross-border healthcare (OJ L 88/45, 4.04.2011, p. 45). [13] Directive 96/71/EC of the European Parliament and of
the Council of 16 December 1996 concerning the posting of workers in the
framework of the provision of services (OJ L 018, 21.01.1997, p. 1). See also
Council conclusions of 7 March 2011 available at: http://www.consilium.europa.eu/uedocs/cms_data/docs/pressdata/en/lsa/119621.pdf [14] See footnote 12 above, Article 10(4). [15] Council conclusions of 10 December 2010. [16] OJ C , , p. . [17] COM (2011) 75. [18] COM(2011) 206 [19] OJ L 281, 23.11.1995, p.31 [20] OJ L 8, 12.01.2001, p.1 [21] OJ L 13, 16.01.2008, p.18 [22] OJ L 263, 07.10.209, p.32 [23] OJ L 376, 27.12.2006, p.36 [24] OJ L 88, 04.04.2011, p.45 [25] OJ L 331, 15.12.2001, p.79 [26] OJ L 018, 21.1.1997, p.1 [27] OJ L 178, 17.7.2000, p.1 [28] ABM: Activity-Based Management — ABB: Activity-Based
Budgeting. [29] OJ L 255, 30.9.2005, p. 22. [30] OJ L 376, 27.12.2006, p. 36. [31] Communication from the Commission to the European
Parliament, the Council, the Economic and Social Committee and the Committee of
the Regions ‘Towards a Single Market Act. For a highly competitive social
market economy. 50 proposals for improving our work, business and exchanges
with one another’, COM(2010) 608 final, proposal No 45 on p. 31. [32] See footnote 6 above. [33] Commission Decision 2008/49/EC of 12 December 2007
concerning the implementation of the Internal Market Information System (IMI)
as regards the protection of personal data (OJ L 13, 16.1.2008, p. 18),
Commission Decision 2009/739/EC of 2 October 2009 setting out the practical
arrangements for the exchange of information by electronic means between Member
States under Chapter VI of Directive 2006/123/EC of the European Parliament and
of the Council on services in the internal market (OJ L 263, 7.10.2009, p. 32),
Commission Recommendation of 26 March 2009 on data protection guidelines for
the Internal Market Information System (IMI) (OJ L 100, 18.4.2009, p. 12). [34] Decision No 922/2009/EC, OJ L 260; 3.10.2009, p. 20. [35] See footnote 6 above. [36] Details of management modes and references to the
Financial Regulation may be found on the BudgWeb site: http://www.cc.cec/budg/man/budgmanag/budgmanag_en.html. [37] DA= Differentiated appropriations / DNA=
Non-Differentiated Appropriations. [38] EFTA: European Free Trade Association. [39] Candidate countries and, where applicable, potential
candidate countries from the Western Balkans. [40] Year N is the year in which implementation of the
proposal/initiative starts. [41] Outputs are products and services to be supplied (e.g.
number of student exchanges financed, number of km of roads built, etc.). [42] As described in Section 1.4.2. ‘Specific objective(s)…’.