Annexes to COM(2021)281 - Amendment of Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity

Please note

This page contains a limited version of this dossier in the EU Monitor.

dossier COM(2021)281 - Amendment of Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity.
document COM(2021)281 EN
date April 11, 2024
ANNEX I

In Annex I to Regulation (EU) No 910/2014, point (i) is replaced by the following:

‘(i) the information or the location of the services that can be used to enquire about the validity status of the qualified certificate;’.

ANNEX II

In Annex II to Regulation (EU) No 910/2014, points 3 and 4 are deleted.

ANNEX III

In Annex III to Regulation (EU) No 910/2014, point (i) is replaced by the following:

‘(i) the information or the location of the services that can be used to enquire about the validity status of the qualified certificate;’.

ANNEX IV

Annex IV to Regulation (EU) No 910/2014 is amended as follows:


(1) point (c) is replaced by the following:

‘(c) for natural persons: at least the name of the person to whom the certificate has been issued, or a pseudonym; if a pseudonym is used, it shall be clearly indicated;

(ca) for legal persons: a unique set of data unambiguously representing the legal person to whom the certificate is issued, with at least the name of the legal person to whom the certificate is issued and, where applicable, the registration number as stated in the official records;’;


(2) point (j) is replaced by the following:

‘(j) the information or the location of the certificate validity status services that can be used to enquire about the validity status of the qualified certificate.’.

ANNEX V

ANNEX V

REQUIREMENTS FOR QUALIFIED ELECTRONIC ATTESTATION OF ATTRIBUTES

Qualified electronic attestation of attributes shall contain:


(a) an indication, at least in a form suitable for automated processing, that the attestation has been issued as a qualified electronic attestation of attributes;


(b) a set of data unambiguously representing the qualified trust service provider issuing the qualified electronic attestation of attributes including at least, the Member State in which that provider is established and:


(i) for a legal person: the name and, where applicable, registration number as stated in the official records;


(ii) for a natural person: the person’s name;


(c) a set of data unambiguously representing the entity to which the attested attributes refer; if a pseudonym is used, it shall be clearly indicated;


(d) the attested attribute or attributes, including, where applicable, the information necessary to identify the scope of those attributes;


(e) details of the beginning and end of the attestation’s period of validity;


(f) the attestation identity code, which must be unique for the qualified trust service provider and, if applicable, the indication of the scheme of attestations that the attestation of attributes is part of;


(g) the qualified electronic signature or qualified electronic seal of the issuing qualified trust service provider;


(h) the location where the certificate supporting the qualified electronic signature or qualified electronic seal referred to in point (g) is available free of charge;


(i) the information or location of the services that can be used to enquire about the validity status of the qualified attestation.’.

ANNEX VI

‘ANNEX VI

MINIMUM LIST OF ATTRIBUTES

Pursuant to Article 45e, Member States shall ensure that measures are taken to allow qualified trust service providers of electronic attestations of attributes to verify by electronic means at the request of the user, the authenticity of the following attributes against the relevant authentic source at national level or via designated intermediaries recognised at national level, in accordance with Union or national law and where these attributes rely on authentic sources within the public sector:


1. Address;


2. Age;


3. Gender;


4. Civil status;


5. Family composition;


6. Nationality or citizenship;


7. Educational qualifications, titles and licences;


8. Professional qualifications, titles and licences;


9. Powers and mandates to represent natural or legal persons;


10. Public permits and licences;


11. For legal persons, financial and company data.’.

ANNEX VII

‘ANNEX VII

REQUIREMENTS FOR ELECTRONIC ATTESTATION OF ATTRIBUTES ISSUED BY OR ON BEHALF OF A PUBLIC BODY RESPONSIBLE FOR AN AUTHENTIC SOURCE

An electronic attestation of attributes issued by or on behalf of a public body responsible for an authentic source shall contain:


(a) an indication, at least in a form suitable for automated processing, that the attestation has been issued as an electronic attestation of attributes issued by or on behalf of a public body responsible for an authentic source;


(b) a set of data unambiguously representing the public body issuing the electronic attestation of attributes, including at least, the Member State in which that public body is established and its name and, where applicable, its registration number as stated in the official records;


(c) a set of data unambiguously representing the entity to which the attested attributes refer; if a pseudonym is used, it shall be clearly indicated;


(d) the attested attribute or attributes, including, where applicable, the information necessary to identify the scope of those attributes;


(e) details of the beginning and end of the attestation’s period of validity;


(f) the attestation identity code, which must be unique for the issuing public body and, if applicable, an indication of the scheme of attestations that the attestation of attributes is part of;


(g) the qualified electronic signature or qualified electronic seal of the issuing body;


(h) the location where the certificate supporting the qualified electronic signature or qualified electronic seal referred to in point (g) is available free of charge;


(i) the information or location of the services that can be used to enquire about the validity status of the attestation.’.

56/56

ELI: http://data.europa.eu/eli/reg/2024/1183/oj

1

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).’;


(3) Article 3 is amended as follows:


(a) points (1) to (5) are replaced by the following:

‘(1) “electronic identification” means the process of using person identification data in electronic form uniquely representing either a natural or legal person, or a natural person representing another natural person or a legal person;