‘ANNEX III

ELECTRONIC MESSAGES AND THE UNION MARITIME INFORMATION AND EXCHANGE SYSTEM (SAFESEANET)

1.   General concept and architecture

The Union maritime information and exchange system, SafeSeaNet, shall enable the receipt, storage, retrieval and exchange of information for the purpose of maritime safety, port and maritime security, marine environment protection and the efficiency of maritime traffic and maritime transport.

SafeSeaNet is a specialised system established to facilitate the exchange of information in an electronic format between Member States and to provide the Commission and Member States with the relevant information in accordance with Union legislation. It is composed of a network of national SafeSeaNet systems in Member States and a SafeSeaNet central system acting as a nodal point.

The Union Maritime Information and Exchange network shall link all national SafeSeaNet systems, established in accordance with this Directive, and include the SafeSeaNet central system.

2.   Management, operation, development and maintenance

2.1.   Responsibilities

2.1.1.   National SafeSeaNet systems

Member States shall establish and maintain a national SafeSeaNet system allowing for the exchange of maritime information between authorised users under the responsibility of a national competent authority (NCA).

The NCA shall be responsible for the management of the national system, which shall include the national coordination of data users and data providers as well as ensuring that UN LOCODES are designated and that the necessary national IT infrastructure and the procedures described in the interface and functionalities control document referred to in point 2.3 are established and maintained.

The national SafeSeaNet system shall enable the inter-connection of users authorised under the responsibility of an NCA and may be made accessible to identified shipping actors (shipowners, agents, masters, shippers and others) when authorised by the NCA, in particular in order to facilitate the electronic submission and reception of reports in accordance with Union legislation.

2.1.2.   Central SafeSeaNet system

The Commission is responsible for the management and development at policy level of the central SafeSeaNet system and for the oversight of the SafeSeaNet system, in cooperation with Member States, while, in accordance with Regulation (EC) No 1406/2002 of the European Parliament and of the Council (1), the European Maritime Safety Agency, in cooperation with the Member States and the Commission, is responsible for:

—	the technical implementation and documentation of SafeSeaNet,

—	development, operation and integration of the electronic messages and data as well as maintenance of the interfaces with the central SafeSeaNet system, including AIS data collected by satellite, and the different information systems in this Directive and as referred to in point 3.

The central SafeSeaNet system, acting as a nodal point, shall interconnect all national SafeSeaNet systems and shall establish the necessary IT infrastructure and procedures as described in the interface and functionalities control document referred to in point 2.3.

2.2.   Principles of management

The Commission shall establish a high-level steering group, which shall adopt its rules of procedure, composed of representatives of the Member States and of the Commission to:

—	make recommendations to improve the effectiveness and security of the system,

—	provide appropriate guidance for the development of the system,

—	assist the Commission in reviewing the performance of the system,

—	provide appropriate guidance for the development of the interoperable data exchange platform combining information from SafeSeaNet with information from the other information systems as referred to in point 3,

—	approve the interface and functionalities control document referred to in point 2.3, and any amendments thereto,

—	adopt guidelines for the collection and distribution of information through SafeSeaNet related to competent authorities designated by Member States to perform relevant functions under this Directive,

—	liaise with other relevant working forums, in particular the group on maritime administrative simplification and electronic information services.

2.3.   Interface and functionalities control document and technical documentation

The Commission shall develop and maintain, in close cooperation with the Member States, an interface and functionalities control document (IFCD).

The IFCD shall describe in detail the performance requirements and procedures applicable to the national and central elements of the SafeSeaNet system designed to ensure compliance with the relevant Union legislation.

The IFCD shall include rules for:

—	access rights guidance for data quality management,

—	integration of data, as referred to in point 3, and their distribution through the SafeSeaNet system,

—	operational procedures for the Agency and the Member States defining the control mechanisms for the SafeSeaNet data quality,

—	security specifications for data transmission and exchange, and

—	the archiving of information at national and central level.

The IFCD shall indicate the means of storage and the availability of the information on dangerous or polluting goods concerning scheduled services to which an exemption has been granted in accordance with Article 15.

Technical documentation related to SafeSeaNet, such as standards for data exchange format, interoperability with other systems and applications, users' manuals, network security specifications and reference databases used to support reporting obligations, shall be developed and maintained by the Agency in cooperation with the Member States.

3.   Exchange and sharing of data

The system shall use industry standards and be able to interact with public and private systems used to create, provide or receive information within SafeSeaNet.

The Commission and the Member States shall cooperate in order to examine the feasibility and development of functionalities that as far as possible will ensure that the data providers, including masters, owners, agents, operators, shippers and relevant authorities, need to submit information only once, taking due account of the obligations in Directive 2010/65/EU (2) and other relevant Union legislation. Member States shall ensure that the information submitted is available for use in all relevant reporting, notification, information sharing and VTMIS systems.

Member States shall develop and maintain the necessary interfaces for automatic transmission of data by electronic means to SafeSeaNet.

The central SafeSeaNet shall be used for the distribution of electronic messages and data exchanged or shared in accordance with this Directive and relevant Union legislation, inter alia:

—	Directive 2000/59/EC of the European Parliament and of the Council (3) of 27 November 2000 on port reception facilities for ship-generated waste and cargo residues, as regards Article 12(3) thereof,

—	Directive 2005/35/EC of the European Parliament and of the Council (4) of 7 September 2005 on ship-source pollution and on the introduction of penalties, including criminal penalties, for pollution offences, as regards Article 10 thereof,

—	Directive 2009/16/EC of the European Parliament and of the Council (5) of 23 April 2009 on port State control, as regards Article 24 thereof,

—	Directive 2010/65/EU of the European Parliament and of the Council of 20 October 2010 on reporting formalities for ships arriving in and/or departing from ports of the Member States in so far as Article 6 thereof applies.

The operation of the SafeSeaNet system should support the facilitation and establishment of the European Maritime Transport Space without Barriers.

Where internationally-adopted rules allow routing of LRIT information concerning third country vessels, SafeSeaNet networks shall be used to distribute amongst Member States, with an appropriate level of security, the LRIT information received in accordance with Article 6b of this Directive.

4.   Security and access rights

The central and the national SafeSeaNet systems shall comply with the requirements of this Directive concerning confidentiality of information, as well as with the security principles and specifications described in the IFCD, in particular as regards access rights.

Member States shall identify all users to which a role and a set of access rights is attributed in compliance with the IFCD.’