Regulation (EU) 2024/903 of the European Parliament and of the Council of 13 March 2024 laying down measures for a high level of public sector interoperability across the Union (Interoperable Europe Act)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 172 thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Economic and Social Committee (1),

Having regard to the opinion of the Committee of the Regions (2),

Acting in accordance with the ordinary legislative procedure (3),

Whereas:

(1) It is necessary to strengthen the development of the cross-border interoperability of network and information systems which are used to provide or manage public services in the Union, in order to allow public administrations in the Union to cooperate and make public services function across borders. The existing informal cooperation should be replaced by a clear legal framework to enable interoperability across different administrative levels and sectors and to facilitate seamless cross-border data flows for truly European digital services that strengthen the internal market while respecting the principle of subsidiarity. Public sector interoperability has an important impact on the right to free movement of goods, persons, services and capital laid down in the Treaties, as burdensome administrative procedures can create significant obstacles, especially for small and medium-sized enterprises (SMEs).

(2) Cooperation with regard to cross-border interoperability between public sector bodies can address common challenges, in particular in the border regions, and can ensure seamless cross-border data flows.

(3) The Union and Member States have been working for more than two decades to support the modernisation of public administrations through digital transformation and to foster the deep interconnections needed for a truly European digital space. In its communication of 9 March 2021 entitled ‘2030 Digital Compass: the European way for the Digital Decade’, the Commission underlined the need to speed up the digitalisation of public services by 2030, including by ensuring interoperability across all levels of administration and across public services. Moreover, Decision (EU) 2022/2481 of the European Parliament and of the Council (4) sets a clear target of 100 % online accessible provision of key public services by 2030. Furthermore, the COVID-19 pandemic increased the speed of digitalisation, pushing public administrations to adapt to the online paradigm, including for cross-border digital public services, as well as for the smarter and greener use of technologies in accordance with the climate and energy targets set in the European Green Deal and in Regulation (EU) 2021/1119 of the European Parliament and of the Council (5). This Regulation aims to significantly contribute to those Union objectives by creating a structured cooperation framework on cross-border interoperability among Member States and between the Commission and Member States to support the setup of digital public services, helping to reduce costs and save time for citizens, businesses and the public sector.

(4) In the pursuit of enhancing cross-border interoperability in the Union, it is imperative to underscore that interoperability, while of the utmost importance, does not ensure, in isolation, the accessibility and seamlessness of trans-European digital public services. A comprehensive and sustainable ecosystem of digital infrastructures, with adequate financial support, is equally important to achieving the objectives set out in Decision (EU) 2022/2481. In line with the communication of the Commission of 30 June 2021 entitled ‘A long-term Vision for the EU’s Rural Areas – Towards stronger, connected, resilient and prosperous rural areas by 2040’, particular attention should be paid to extending connectivity to rural and remote areas within the Union, areas affected by industrial transition, and regions which suffer from severe and permanent natural or demographic handicaps such as islands, cross-border and mountain regions, ensuring that the benefits of digital transformation align with and support established Union initiatives for enhanced regional inclusivity and connectivity.

(5) The development of cross-border interoperability for trans-European digital public services set out in this Regulation should take into account legal interoperability. As a catalyst for the development of organisational, semantic and technical interoperability, legal interoperability facilitates reaping the benefits of cross-border interoperability generally, including swift access for citizens and businesses to information, faster procedures and services and the reduction of administrative obstacles. Furthermore, as the language barrier is one of the obstacles to interoperability, to the reuse of solutions and to the establishment of cross border services, semantic interoperability is key to facilitating effective communication in diverse multi-linguistic environments, including at regional and local level.

(6) Trans-European digital public services are digital services provided by Union entities or public sector bodies to one another or to natural or legal persons in the Union, and requiring interaction across Member State borders, among Union entities or between Union entities and public sector bodies, by means of their network and information systems. Trans-European digital public services should include, inter alia, the key public services as defined in Decision (EU) 2022/2481, covering essential services that are relevant for major life events for natural persons, such as finding a job or studies, and for legal persons in their professional life-cycle. Key public services with trans-European relevance are intended to give rise to major benefits for citizens where they become interoperable across borders. Examples of trans-European digital public services are services that, by means of cross-border exchanges of data, allow for the mutual recognition of academic diplomas or professional qualifications, exchanges of vehicle data for road safety, access to social security and health data, including pandemic and vaccination certificates, access to single window systems, the exchange of information related to taxation, customs, public tender accreditation, digital driving licenses or commercial registers, and in general all those services that implement the ‘once-only’ principle to access and exchange cross-border data.

(7) Without prejudice to the competence of the Member States to define what constitutes public services, Union entities and public sector bodies are encouraged to reflect on user needs and accessibility in the design and development of such services, in line with the European Declaration of 15 December 2022 on Digital Rights and Principles for the Digital Decade (6). Also, Union entities and public sector bodies are encouraged to ensure that people with disabilities, older people and other vulnerable groups are able to use public services at service levels comparable to those provided to other citizens.

(8) A new governance structure, with the Interoperable Europe Board (the ‘Board’) at its centre, should be established and should have a legal mandate to drive, together with the Commission, the further development of cross-border interoperability in the Union, including the European Interoperability Framework (EIF) and other common legal, organisational, semantic and technical interoperability solutions, such as specifications and applications. Furthermore, this Regulation should establish a clear and easily recognisable label for certain interoperability solutions (Interoperable Europe solutions). The creation of a vibrant community around open government technology solutions should be fostered.

(9) Regional and local authorities will play an active role in the development of interoperability solutions. They should also seek to involve SMEs, research and educational organisations and civil society and share the outcome of such exchanges.

(10) It is in the interests of a coherent approach to public sector interoperability in the Union and of supporting the principle of good administration and the free movement of personal and non-personal data within the Union to align the rules as far as possible for all Union entities and public sector bodies that set binding requirements for trans-European digital public services, and thus affect the ability of those entities and bodies to share data through their network and information systems. That objective includes the Commission and other Union entities, as well as public sector bodies in the Member States across all levels of administration: national, regional and local. Union entities play an important role in collecting regulatory reporting data from Member States. Therefore, the interoperability of such data should also fall within the scope of this Regulation.

(11) The fundamental right to the protection of personal data is safeguarded, in particular, by Regulations (EU) 2016/679 (7) and (EU) 2018/1725 (8) of the European Parliament and of the Council. Directive 2002/58/EC of the European Parliament and of the Council (9) protects, in addition, private life and the confidentiality of communications, including by way of conditions for any personal and non-personal data storing in, and access from, terminal equipment. Those Union legislative acts provide the basis for sustainable and responsible data processing, including where datasets include a mix of personal and non-personal data. This Regulation complements and is without prejudice to Union law on the protection of personal data and privacy, in particular Regulations (EU) 2016/679 and (EU) No 2018/1725 and Directive 2002/58/EC. No provision of this Regulation should be applied or interpreted in such a way as to diminish or limit the right to the protection of personal data or the right to privacy and confidentiality of communications.

(12) Cross-border interoperability is not solely enabled by means of centralised digital infrastructures in the Member States, but also by means of a decentralised approach. This entails the need for trust between public administrations, allowing for data exchange between local administrations in different Member States without necessarily going through national nodes. Therefore, it is necessary to develop common interoperability solutions that are reusable across all administrative levels. Interoperability solutions encompass different forms ranging from higher-level tools like conceptual frameworks and guidelines to more technical solutions such as reference architectures, technical specifications or standards. Moreover, concrete services and applications, as well as documented technical components such as source code, including artefacts and artificial intelligence models can be interoperability solutions, if they address legal, organisational, semantic, or technical aspects of cross-border interoperability. Needs for cross-border digital interactions are increasing, which requires solutions that can fulfil those needs. This Regulation intends to facilitate and encourage exchanges at all levels of administration, overcoming cross-border barriers and administrative burdens, thereby increasing the efficiency of public services across the Union.

(13) Interoperability facilitates the successful implementation of policies, in particular those with a strong public sector connection, such as justice and home affairs, taxation and customs, transport, energy, health, agriculture, and employment, as well as in business and industry regulation. However, a single sector interoperability perspective is associated with the risk that the adoption of different or incompatible solutions at national or sectoral levels will give rise to new electronic barriers that impede the proper functioning of the internal market and the associated freedoms of movement. Furthermore, it risks undermining the openness and competitiveness of markets and the delivery of services of general interest to citizens and business. Therefore, this Regulation should also facilitate, encourage and apply to cross-sector interoperability, thereby supporting the removal of barriers, incompatibilities and the fragmentation of digital public services.

(14) In order to eliminate fragmentation in the interoperability landscape in the Union, a common understanding of interoperability in the Union and a holistic approach to interoperability solutions should be promoted. A structured cooperation should support measures promoting a digital-ready and interoperability-by-design policy set-up. Furthermore, it should promote the efficient management and use of digital service infrastructures and their respective components by Union entities and public sector bodies that permit the establishment and operation of sustainable and efficient public services, with the aim of ensuring accessibility up to the lowest administrative division.

(15) Union entities and public sector bodies can introduce binding requirements for trans-European digital public services. To ensure that such services are able to exchange data cross-border, a mechanism should be established to allow for the discovery of legal, organisational, semantic and technical barriers to cross-border interoperability (interoperability assessment). That mechanism should ensure adequate consideration of cross-border interoperability aspects in all decisions that can have an effect on the design of such services.

(16) To set up binding requirements for trans-European digital public services, it is important to focus on the interoperability aspect as early as possible in the policymaking process following the digital-by-default principle and interoperability-by-design approach. Therefore, a Union entity or public sector body that intends to set binding requirements for one or more trans-European digital public services that have an effect on cross-border interoperability, for example in the course of the digitalisation of key public services as referred to in Decision (EU) 2022/2481, should carry out an interoperability assessment. To ensure the effectiveness and efficiency of this task, a Member State can decide on the internal resources and the collaboration between its public sector bodies necessary to support carrying out those interoperability assessments.

(17) An interoperability assessment is necessary to understand the magnitude of the impact of the planned requirements and to propose measures to reap the benefits and address the potential costs. In situations in which an interoperability assessment is not mandatory, the Union entity or public sector body should be able to carry out the interoperability assessment on a voluntary basis. This Regulation therefore fosters interoperability in general.

(18) Binding requirements include any obligations, prohibitions, conditions, criteria, or limits of a legal, organisational, semantic or technical nature within a law, regulation, administrative provision, contract, call for tender, or other official document. Binding requirements affect how trans-European digital public services and their networks and information systems used for their provision are designed, procured, developed and implemented, thereby influencing the inbound or outbound data flows of those services. However, tasks such as evolutive maintenance that do not introduce substantive change, security or technical updates, or the simple procurement of standard information and communication technologies (ICT) equipment do not usually affect the cross-border interoperability of trans-European digital public services, and do not therefore give rise to a mandatory interoperability assessment within the meaning of this Regulation.

(19) The approach to conducting interoperability assessments should be proportionate and differentiated in accordance with the level and scope at which they are undertaken. In some circumstances, it can be reasonable and economical for the subject of an interoperability assessment to be broader than a single project, including where public sector bodies intend to establish a common application or processing platform. In such cases, the interoperability assessment should be strongly encouraged to go beyond the achievement of the Interoperable Europe objectives towards the full implementation of interoperability. Similarly, the requirements for interoperability assessments conducted at the level of single project implementation, such as in a local authority, should be pragmatic and allow for a narrow focus, taking into account the fact that the wider benefits of interoperability assessments are generally harvested at the early stages of policy design and the development of reference architecture, specifications and standards. Where the Board adopts guidelines on the content of the interoperability assessment, it should take into account, inter alia, the capacity of regional and local public sector bodies and avoid excessive administrative burden.

(20) In the process of consulting those directly affected or their representatives, the Union entity or public sector body should be able to make use of established consultation practices and current data.

(21) The interoperability assessment should evaluate the effects of the planned binding requirements for trans-European digital public services on cross-border interoperability, for example, having regard to the origin, nature, particularity and scale of those effects. The outcome of that assessment should be taken into account when determining the appropriate measures that need to be taken in order to set up or modify the binding requirements for trans-European digital public services.

(22) The Union entity or public sector body should publish a report on the outcome of the interoperability assessment in a public location designated by the national competent authorities or the interoperability coordinators for Union entities, at least on an official website in a machine-readable format. Publication of the report should not compromise intellectual property rights or trade secrets, and should be restricted where justified on the grounds of public order or security. Union law governing the protection of personal data should be complied with. The Union entity or public sector body should share the outcome of the interoperability assessment electronically with the Board. On that basis, the Board should analyse and provide proposals for improving the cross-border interoperability of trans-European digital public services. The Board’s proposals should be published on the Interoperable Europe portal.

(23) A common checklist for interoperability assessment reports is needed to facilitate the tasks of Union entities and public sector bodies of carrying out those assessments and to enable the Board to draw up recommendations based on their outcomes in order to improve cross-border interoperability. Accordingly, the report representing the outcome of the interoperability assessment process should summarise the effects of the assessed requirement on the legal, organisational, semantic, technical and governance dimensions of cross-border interoperability, along with the type of Interoperable Europe solution used to tackle such effects and the remaining barriers that are not yet tackled. The use of that common checklist should be further explained by guidelines adopted by the Board.