Kommisjonens gjennomføringsforordning (EU) 2025/1944 av 29. september 2025 om fastsettelse av regler for anvendelse av europaparlaments- og rådsforordning (EU) nr. 910/2014 med hensyn til referansestandarder for prosesser for sending og mottak av data i kvalifisert elektronisk registrert leveringstjeneste
eIDAS-forordningen: krav til kvalifiserte elektronisk registrerte tjenester
Commission Implementing Regulation (EU) 2025/1944 of 29 September 2025 laying down rules for the application of Regulation (EU) No 910/2014 of the European Parliament and of the Council as regards reference standards for processes for sending and receiving data in qualified electronic registered delivery services and as regards interoperability of those services
Kommisjonsforordning publisert i EU-tidende 30.9.2025
Tidligere
- Utkast til forordning lagt fram av Kommisjonen 15.4.2025 med tilbakemeldingsfrist 13.5.2025
Bakgrunn
(fra kommisjonsforordningen)
(1) Qualified electronic registered delivery services provide a secure channel for the transmission of documents, including proof of sending and receiving the data. They aim at providing certainty in identifying the addressee and ensure a high level of confidence in the identification of the sender.
(2) The presumption of compliance laid down in Article 44(1a) of Regulation (EU) No 910/2014 should only apply where qualified trust services for the provision of qualified electronic registered delivery services comply with the standards set out in this Regulation. These standards should reflect established practices and be widely recognised within the relevant sectors. They should be adapted to include additional controls ensuring the security and trustworthiness of the qualified trust service.
(3) If a trust service provider adheres to the requirements set out in the Annex I to this Regulation, supervisory bodies should presume compliance with the relevant requirements of Regulation (EU) No 910/2014 and duly consider such presumption for granting or confirming the qualified status of the trust service. However, a qualified trust service provider may still rely on other practices to demonstrate compliance with the requirements of Regulation (EU) No 910/2014.
(4) Pursuant to Article 44(2a) of Regulation (EU) No 910/2014, where qualified trust service providers agree to make their services interoperable, it is important that they adhere to appropriate standards and specifications laid down in Annex II to this Implementing Regulation in order to easily transfer electronic registered data between two or more qualified trust service providers and to promote fair practices in the internal market.
(5) The Commission regularly assesses new technologies, practices, standards or technical specifications. In accordance with recital 75 of Regulation (EU) 2024/1183 of the European Parliament and of the Council (2), the Commission should review and update this Regulation, if necessary, to keep it in line with global developments, new technologies, standards or technical specifications and to follow the best practices on the internal market.
(6) Regulation (EU) 2016/679 of the European Parliament and of the Council (3), and, where relevant, Directive 2002/58/EC of the European Parliament and of the Council (4) apply to all personal data processing activities under this Regulation.
(7) The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council (5) and delivered its opinion on 6 June 2025.
(8) The measures provided for in this Regulation are in accordance with the opinion of the committee established by Article 48 of Regulation (EU) No 910/2014,