Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the implementation and functioning of the .eu Top Level Domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004

REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Brussels, 27.4.2018

COM(2018) 231 final

2018/0110(COD)

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the implementation and functioning of the .eu Top Level Domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004 (Text with EEA relevance)

{SEC(2018) 205 final}{SWD(2018) 120 final}{SWD(2018) 121 final}{SWD(2018) 122 final}

EXPLANATORY MEMORANDUM

The .eu top-level domain (TLD) was set up by Regulation (EC) No 733/2002 of the European Parliament and of the Council of 22 April 2002 on the implementation of the .eu top-level domain. The .eu TLD was delegated ¹ by the Internet Corporation for Assigned Names and Numbers (ICANN) on 22 March 2005 and uploaded in the Internet root zone ² on 2 May 2005. The .eu top-level domain (TLD) is further governed by the rules provided in Commission Regulation (EC) No 874/2004 of 28 April 2004 laying down public policy rules concerning the implementation and functions of the .eu TLD and the principles governing registration.

The .eu top-level domain is the domain name of the European Union and its citizens. The existence of a specific domain name for the European Union under a very clear and identifiable common label is an important and valuable building block for the European online identity. In line with the objectives of the Digital Single Market Strategy ³ , the .eu TLD enables European businesses and citizens to participate in e-commerce and increases their participation in the online single market.

Since the adoption of the .eu Regulations, the political and legislative context in the Union and the online environment and market have changed considerably. For instance, in 2013, a very large expansion of the domain name market took place, leading to the introduction of more than 1300 new generic top-level domains (gTLDs) like .shop, .design or .wine. To ensure that the .eu legal framework still serves its intended purpose and values, the Commission Work Programme included a Regulatory Fitness and Performance Programme (REFIT) review of the .eu Regulations. The initiative included a "back-to-back" evaluation and impact assessment. In line with the Better Regulation guidelines, the evaluation exercise assessed the effectiveness, efficiency, relevance, coherence, and EU added value of the current .eu Regulations. The impact assessment outlined policy responses to the challenges identified by the evaluation, forming the basis for the review of the regulatory framework of the .eu.

The evaluation ⁴ found that the .eu is a well-established TLD and continues to function well. It is nevertheless governed by an outdated and rigid legal framework, in the sense of (i) obsolete or rigid provisions that cannot easily be updated, and in the sense of (ii) not providing for an optimum governance structure in terms of oversight and accountability in line with the Commission’s stated approach to internet governance, so that (iii) increasing difficulties can be foreseen for the .eu TLD in a time of rapidly changing markets.

The problem currently is not dramatic, it is observed in the functioning and management of the .eu TLD and therefore at the moment it affects primarily the actors that are involved in these functions. Nevertheless, if precautionary action is not taken, the problem is likely to become large enough to affect end users, in terms of the sustainability of the .eu extension and the attractiveness of the .eu compared to other competitive domain names.

The initiative is about making sure that a TLD that has worked relatively well continues to do so in the future. In light of that evaluation, the proposal aims to:

a) remove outdated legal and administrative requirements, while ensuring that the new regulatory framework is future-proof and allows the .eu TLD to adapt to rapid changes of the top-level domain market and the dynamic digital landscape;

b) continue incorporating and promoting EU priorities in the online world, ensuring a governance structure which reflects both technical and governance best practices, serving the EU public interest;

c) relax the current eligibility criteria for registration of .eu domains to allow Union citizens to register a .eu domain name, independently of their place of residence;

d) lift the strict prohibitions on vertical separation while providing clear provisions safeguarding the application of the rules of fair competition in accordance with the Treaty on the Functioning of the European Union (TFEU ).

The proposal responds to a greater ambition for the use of .eu TLD and ensures that the benefits linked to it can reach as many Union citizens as possible in the near future. By creating a principles-based, future-proof regulatory framework that does not require legislative revision to implement domain name industry’s novelties, the proposal will foster innovation in the .eu ecosystem, both at the level of the registry and in the downstream markets of registrars and registrants.

This proposal is consistent with the objectives of the Digital Single Market Strategy to encourage online cross-border activities in Europe, reinforce security and trust in the online environment, promote European entrepreneurship and start-ups and uphold citizens' rights, including privacy, in the digital age. By providing a revised, simplified and streamlined regulatory framework for the .eu TLD, this proposal will enable a better management and functioning of the .eu TLD, thus contributing to positively complement EU policies in particular in the area of the digital single market, trust and security on the Internet, multilingualism, Internet governance, promotion of European entrepreneurship and start-ups and the digitisation of European economy and society.

In the Council Conclusions on Internet Governance of 27 November 2014 ⁵ , the Union reaffirmed its commitment to promote multistakeholder governance structures that are based on a coherent set of global Internet governance principles, consistent with human rights and fundamental freedom online. In line with these Conclusions, the proposal creates a multistakeholder Council to advise the Commission on strengthening and broadening input for the good governance of the .eu Registry. This would bring the model into line with the Commission's stated policy on Internet Governance, as articulated in its Communication on "Internet Policy and Governance: Europe's role in shaping the future of Internet Governance" ⁶ .

This proposal also aims to ensure that the benefits offered by the .eu TLD reach as many Union citizens as possible. Having innovative, future-proof, responsive mechanisms will reassure the users that the .eu domain owner is established in or genuinely connected to the Union, and that any commercial undertaking using a .eu domain is subject to Union law.

The legal basis for Union action is Article 172 of the Treaty on the Functioning of the European Union (TFEU), which covers measures supporting the establishment and development of trans-European networks in the areas of transport, telecommunications and energy infrastructures.

Domain names are essential to promote access to and interoperability between Internet networks and services. In accordance with Articles 170 and 171 TFEU, the .eu top-level domain should continue, as it has been doing since its creation, to improve the interoperability of trans-European networks by providing a complementary registration domain in addition to existing country code top-level domains (ccTLDs) in EU Member States (like .es, .fr, .de) and global registration in the generic top-level domains (gTLDs).

The .eu top-level domain has, by definition, a cross-border dimension. It is the top-level domain of the European Union and is a symbol of the European online identity of citizens, institutions and businesses. It gives users wishing to operate across the Single Market a specific European connotation which is globally recognised.

Public policy responsibility for the .eu TLD rests with the European Union. While ccTLDs of EU Member States are managed in accordance with the relevant national jurisdiction, oversight and governance mechanisms, regulatory action in respect of the .eu TLD cannot be sufficiently achieved by the Member States at national level and can only be achieved at EU level.

Regulatory action taken at Member States level would not be able to deliver on the fundamental objectives standing behind the creation and management of a trusted and innovative namespace for the EU, to promote the European Union's priorities on the Internet and to deliver added value in terms of increased choice for users, in addition to the national ccTLDs. Regulation of the .eu TLD is therefore within EU competence and cannot be delegated to the Member States.

A regulatory framework at EU level for the .eu TLD is useful in order to continue providing for and expanding a domain name space on the Internet under the .eu TLD, in which relevant EU law, data and consumer protection rules apply.

The proposed Regulation does not affect how Member States manage their own country code top-level domain name (ccTLDs). EU action is therefore justified on grounds of subsidiarity and proportionality. The proposed Regulation does not go beyond what is necessary to achieve its policy objectives and therefore respects the principle of proportionality.

This proposal reviews the .eu TLD legal framework which is composed by two different instruments: Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004 ('the .eu Regulations')

The Commission is proposing a Regulation to ensure consistency and legal certainty for users and businesses alike. A Regulation provides a solid legal basis for ensuring that the Union is responsible for the .eu TLD and for the designation of its operator. It avoids any potential divergent interpretation by the Member States.

Firmly anchoring the management of the .eu TLD in a Union Regulation will ensure strong protection of fundamental rights, in particular in the area of data protection, privacy, security, and multilingualism, as well as of intellectual property rights.

The REFIT exercise examined whether the .eu legal framework still serves its purpose. The Commission, according to the evaluation study, assessed the effectiveness, efficiency, relevance, coherence and EU-added value of the current .eu legal framework under current circumstances, which have changed since the TLD was introduced. The evaluation's main findings are the following:

Effectiveness: the .eu Regulations have been efficient at making .eu domain names widely available throughout the EU, at a low cost to consumers. While the .eu Regulations have been effective in supporting e-commerce and the internal market, there are signs of relative decline in the .eu TLD performance.
Efficiency: the .eu Regulations are the source of some inefficiency, which places the .eu TLD at a competitive disadvantage in the market, and reduce the potential benefits in terms of supporting e-commerce and the single market. With detailed provisions, which are time-consuming and costly to change, the .eu TLD is unable to implement operational or technical changes as swiftly as the market demands and as its competitors are able to.
Relevance: the objectives of the .eu Regulations continue to be relevant to Union citizens, as indicated in the high level of uptake, active usage, and renewal of .eu domains by businesses and institutions throughout the Union. The .eu TLD represents a concrete symbol of “being European” for Union citizens and companies in their digital experience. However, the .eu Regulations are overly complex to ensure quick technical updates (for instance in the technical standards relating to Internationalised Domain Names ⁷ ) and are no longer in line with international best practices.
Coherence: there are numerous indicators that the measure is no longer fully coherent: an over-rigid regulatory framework places the .eu Registry at a competitive disadvantage amid toughening market conditions; the .eu TLD legal framework does not reflect current Union priorities such as the Digital Single Market; and .eu Regulations do not reflect international best practices in multi-stakeholder governance.

EU added value: the .eu domain has by definition a cross-border dimension. The existence of a specific domain name for the Union under a very clear and identifiable common label is an important and valuable building block for a Union online identity.

The original .eu legal framework was pivotal in enabling the creation of a dedicated namespace for the Union, but, because of being outdated and rigid, it is no longer effective, efficient, or coherent in today’s fast-changing technological market environment.

As part of the REFIT review of the .eu TLD legal framework, the European Commission conducted comprehensive stakeholder consultations. These consultations sought to gather input for the evaluation, assessing the .eu TLD legal framework against the evaluation criteria of effectiveness, efficiency, coherence, relevance and EU added value. It also aimed to collect input on issues that may need to be reviewed under the current .eu legal framework through eventual legislative and/or non-legislative initiatives.

The consultation strategy supporting the revision of the .eu Regulations distinguished between three groups of stakeholders: parties directly impacted by the Regulations in their day-to-day activities, i.e. the .eu Registry and the .eu registrars; users of the .eu TLD and other stakeholders in the Domain Name System (DNS) ecosystem; and stakeholders that potentially benefit from the contribution the .eu TLD makes to the Digital Single Market and the online EU identity, and thus are indirectly impacted by the .eu Regulation. The strategy also included a public consultation, direct outreach and ad-hoc meetings with stakeholders, a roundtable discussion with European registries, a survey amongst European ccTLDs registries, and a survey targeting the current .eu registrars. The public consultation also led to a number of written contributions from stakeholders. The ‘Public consultation on the evaluation and revision of the .eu top-level domain Regulations’ was held between 12 May and 4 August 2017 and received 43 replies from respondents in 17 Member States. The results of the public consultations are published online ⁸ .

The Commission gathered qualitative and quantitative evidence from various sources, including:

Public consultation: a public consultation on the evaluation and revision of the .eu top-level domain Regulation.
Surveys: EURid registrar survey and CENTR survey on the country code Top Level Domain registries (ccTLD).
Stakeholder meetings: brainstorming session with EURid on the .eu regulatory framework; meeting with EURid Registrar Advisory Board on eligibility criteria and vertical integration; session at joint High Level Group on Internet Governance (HLIG)/CENTR on the role of country code Top Level Domains (ccTLDs) in Internet Governance; meeting with the European country code Top Level Domain Registry .at on the regulatory framework /Internet Foundation; meeting with ICANN on the regulatory framework and Internet Governance.
Written stakeholders contribution: Open-Xchange on DNS security, DNSSEC ; MARQUES, the European Association of Trade Mark Owners on the role of Internet Governance and the regulatory framework; European Communities Trade Mark Association; EURid on the regulatory framework; European Union Intellectual Property Office on the regulatory framework and operational perspectives.

remove outdated legal/administrative requirements in order to ensure the .eu TLD will fully deliver on its potential to positively contribute to the Union’s objectives, in particular in the area of digital policies;
ensure the rules are future-proof and will allow the .eu TLD to adapt to rapid changes of the Top Level Domain market and the dynamic digital landscape while enabling the use of the .eu TLD as a vehicle to promote Union’s priorities in the online world;
ensure a governance structure that both reflects technical and governance best practices and serves the Union’s interest;
promote the attractiveness of the .eu TLD.

baseline scenario: maintenance of the current regulatory framework for the .eu;

commercialisation: simplifying the regulatory framework while outsourcing the operation and management of the Registry to an external for-profit service provider;
modernising the legal framework: replacing the current legal framework with one principle-based legal instrument. An external management system for the .eu TLD, based on a contract, would be maintained;
separate governance: combines the option of modernisation with the creation of a separate multi-stakeholder advisory body to the Commission to effectively strengthen and widen input into the good governance of the .eu Registry; this body would be independent from the Registry.
institutionalisation: management and operation of the Registry within a department of the Commission or a Union Agency.

The analysis led to the conclusion that the preferred option is the "separate governance" option together with lifting strict requirements for direct registration, a citizenship criterion for natural persons and a residency criterion for organisations and companies.

The preferred option would allow a more streamlined, principles-based legal framework. It would provide the necessary flexibility for the .eu TLD to adapt to rapidly changing technical improvements to the Domain Name System. End users would therefore be able to enjoy the benefits of technical improvements without waiting for the time it takes to amend the Regulations. The preferred option would also improve the functioning of the .eu TLD and therefore increase its attractiveness in the Top Level Domain market. A more adaptable and responsive .eu TLD will be, in the long term, better positioned to innovate, quickly adopt new technical standards and therefore offer a better and more competitive product on the market.

On 16 February 2018, the Regulatory Scrutiny Board delivered a positive opinion with reservations. In line with the Board's recommendations, the Commission further improved its impact assessment report to streamline the evaluation's findings in the problem definition section and clarified the magnitude of the problem, and stakeholder' interest in this issue. The baseline scenario was further substantiated as an option. The description of the options was streamlined to refrain from analysing the impacts or setting out early conclusions. The separate governance option was further elaborated to explain what kind of legal requirements will be introduced in relation to the creation and functioning of the separate multistakeholder advisory body and the tasks and powers of the Commission. The text on the early discarded options was redrafted to provide stronger argumentation explaining why these options had been discarded. Further clarifications were provided on the direct registration and the eligibility criteria, including in the preferred option. In the monitoring section, core indicators that pertain to the domain name industry were further clarified and the link to operational objectives made more transparent. These were, in turn, linked to the initiative's four specific objectives. The report clarified that the success criteria for the preferred option will be regularly evaluated, through the report the Commission will have to submit to the European Parliament and the Council on the implementation, effectiveness and functioning of the .eu TLD. In the new framework, this reporting will also serve as assessment tool to test the success of the preferred option, by means of examining and reporting on all the core indicators set.

This initiative includes simplification and improved efficiency objectives. These are clearly articulated in specific objective (a) "remove outdated legal/administrative requirements" and in specific objective (b) "create futureproof rules for the .eu TLD". The proposal creates a lightweight, principles-based framework. Primary legislation will contain only the principles which the functioning of the .eu TLD must abide by, while all unnecessary and detailed administrative and technical requirements will either be removed if they are outdated, or detailed in the contract to be concluded between the European Commission and the appointed Registry operator. This will enable the .eu TLD to adapt to rapid changes in the TLD market and dynamic digital landscape.

The proposal will mean reduced waiting times for holders of the .eu TLD with respect to the availability of technical and market innovations in the domain name sector. The reduction in these waiting times will be measured in terms of the lead time necessary to amend the .eu legal framework to enable such innovations in relation to the .eu TLD.

By establishing future-proof legislation and an easily adaptable set of detailed policies for the management and administration of the .eu TLD, the proposal aims to make the .eu domain name ready to cope with a rapidly changing internet environment.

The Commission will monitor and supervise the organisation, administration and management of the .eu TLD by the Registry.

The Commission will assess the implementation, effectiveness and functioning of the .eu TLD no later than five years after the date of application of this Regulation, and each three years thereafter.

The Commission will submit a report to the European Parliament and the Council on the findings of this assessment.

2018/0110 (COD)

Chapter I of the Regulation contains the general provisions: the subject-matter and the objectives (Article 1) and the definitions (Article 2).

Chapter II of the Regulation contains the main provisions regarding the implementation of the .eu Top Level Domain name.

Section I under this Chapter lays out the general principles of registration of a .eu Top Level Domain name: it outlines the eligibility criteria (Article 3), the general conditions of registration and revocation of domain names (Article 4), the languages, the applicable law and the jurisdiction (Article 5), the procedures for the reservation of domain names by the Registry, the Commission and Member States (Article 6), and the accreditation procedures for Registrars (Article 7).

Section II concerns the appointment and general functioning of the Registry. These provisions span from its designation by the Commission (Article 8) and characteristics (Article 9) to its key obligations (Article 10). The section also lays down a list of principles and procedures on the functioning of the .eu TLD to be included in the contract with the Registry which aim to provide the policy framework within which the Registry will function (Article 11). Finally, a specific provision on the functioning and purpose of the WHOIS database is provided (Article 12).

Section III relates to the oversight of the Registry operator. The provisions on the supervisory powers of the Commission (Article 13) and establishment of a .eu Multistakeholder Council (Article 14) provide the basis for this group to advise the Commission on strengthening and widening input into the good governance of the .eu Registry and increase the transparency of its functioning.

Finally, Chapter III of the Regulation lays down the final provisions: the reservation of rights (Article 15), Evaluation and review (Article 16), the committee procedure (Article 17) according to Article 5 and 8 of the Regulation (EU) No 182/2011. Furthermore, the chapter provides the transitional provisions for the contract (Article 18) and the provisions on the repeal of the current legal framework (Article 19) and the entry into force (Article 20). A maximum limit of three years after the entry into force of the Regulation is foreseen for its entry into application. This is to limit any risks of disruption of services of the .eu TLD in the shifting between the old and new regulatory framework, taking into consideration the need for the Commission to designate and to enter into a new contract with the Registry and for the Registry to prepare for the organisation, administration and management of the .eu TLD.

on the implementation and functioning of the .eu Top Level Domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004

(Text with EEA relevance)

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 172 thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Economic and Social Committee ⁹ ,

Having regard to the opinion of the Committee of the Regions ¹⁰ ,

Acting in accordance with the ordinary legislative procedure,

Whereas:

The .eu Country Code Top Level Domain (ccTLD) was established by Regulation (EC) No 733/2002 of the European Parliament and of the Council ¹¹ and by Commission Regulation (EC) No 874/2004 ¹² . Since the adoption of Regulation (EC) No 733/2002 and Regulation (EC) No 874/2004, the political and legislative context in the Union, the online environment and the market have changed considerably.
TLDs are an essential component in the hierarchical structure of the Domain Name System (DNS) which ensure an interoperable system of unique identifiers, available throughout the world, on any application and any network.
The .eu TLD should promote the use of, and access to, the Internet networks in accordance with Articles 170 and 171 of the TFEU, by providing a complementary registration to existing country code Top Level Domains (ccTLDs) or global registration in the generic Top Level domains.
The .eu TLD should provide a clearly identified link with the Union and the European market place. It should enable undertakings, organisations and natural persons within the Union to register a domain name under the .eu TLD. Union citizens should be allowed to register a .eu domain name, regardless of their place of residence.
Domain names in the .eu TLD should be allocated to the eligible parties subject to availability.
To ensure better protection of rights of the parties to contract with, respectively, the Registry and Registrars, the disputes on registrations of domain names in the .eu TLD should be solved by bodies located in the Union applying the respective laws of Member States, without prejudice to rights and obligations recognised by the Member States or by the Union arising from international instruments.
The principles and procedures on the functioning of the .eu TLD should be annexed to the contract between the Commission and the appointed Registry.
In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred to the Commission to adopt the lists of reserved and blocked domain names by Member States, to establish the criteria and the procedure for the designation of the Registry and to designate the Registry on duly justified grounds of urgency. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commission’s exercise of implementing powers. Such lists should be compiled subject to the domain names' availability taking into account domain names at second level already reserved or registered by the Member States.
The Commission should, on the basis of an open, transparent and non-discriminatory selection procedure, designate a Registry for the .eu TLD. The Commission should enter into a contract with the selected Registry which should include the detailed principles and procedures applying to the Registry for the organisation, administration and management of the .eu TLD. The contract should be limited in time and renewable.
This Regulation is without prejudice to the application of the rules on competition provided in Articles 101 and 102 TFEU.
The Registry should comply with the principles of non-discrimination and transparency and should implement measures to safeguard fair competition, to be authorised in advance by the Commission, in particular when it provides services to undertakings with whom it competes on downstream markets.
The Internet Corporation for Assigned Names and Numbers (ICANN) is at present responsible for coordinating the delegation of codes representing ccTLD to Registries. The Registry should enter into appropriate contract with ICANN providing for the delegation of the .eu ccTLD code taking account of the relevant principles adopted by the Governmental Advisory Committee (GAC).
The Registry should enter into an appropriate escrow agreement to ensure continuity of service, and in particular to ensure that in the event of re-delegation or other unforeseen circumstances it is possible to continue to provide services to the local Internet community with minimum disruption. The Registry should submit to the escrow agent on a daily basis an electronic copy of the current content of the .eu database.
Alternative Dispute Resolution (ADR) procedures should take into account the international best practices in this area and in particular the relevant World Intellectual Property Organization (WIPO) recommendations, to ensure that speculative and abusive registrations are avoided as far as possible. ADR should respect a minimum of uniform procedural rules, in line with the ones set out in the Uniform Dispute Resolution Policy adopted by ICANN.
The policy on abusive registration of .eu domain names should provide for verification by the Registry of data it receives, specifically concerning the identity of registrants, as well as revocation and blocking from future registration of domain names considered by a final decision of a Member State court to be defamatory, racist or otherwise contrary to the law of the Member State. The Registry should undertake utmost care to ensure the correctness of the data it receives and holds.
The Registry should support law enforcement agencies in the fight against crime by implementing technical and organisational measures aimed at enabling competent authorities to have access to the data in the Registry for purposes of prevention, detection, investigation and prosecution of crimes, as provided by Union or national law.
This Regulation should be implemented in compliance with the principles relating to privacy and the protection of personal data. The Registry should comply with relevant Union data protection rules, principles and guidelines, in particular, with relevant security requirements, the principles of necessity, proportionality, purpose limitation and proportionate data retention period. Also, personal data protection by design and data protection by default should be embedded in all data processing systems and databases developed and/or maintained.
In order to ensure effective periodic supervision, the Registry should be audited at its own expense at least every two years by an independent body with the purpose of confirming that the Registry complies with the requirements laid down in this Regulation. The Registry should submit the resulting conformity assessment report to the Commission in accordance with the procedure laid down in the contract with the Registry.
The contract concluded with the Registry should provide for procedures to improve the organisation, administration and management of the .eu TLD by the Registry in line with the instructions of the Commission resulting from the supervisory activities provided by this Regulation.
The Council Conclusions on Internet Governance of 27 November 2014 reaffirmed the European Union's commitment to promote multistakeholder governance structures that are based on a coherent set of global Internet governance principles. An inclusive Internet governance refers to the development and applications by governments, the private sector, civil society, international organisations and the technical community, in their respective roles, of shared principles, norms, rules, decision-making procedures and programmes that shape the evolution and use of Internet.

A .eu Multistakeholder Council should be set up with an advisory role to the Commission in order to strengthen and widen input into the good governance of the Registry and the matters covered by the principles and procedures on the functioning of the .eu TLD and increase the transparency of the Registry's commercial and operational practices. The members of the group should reflect Internet Governance multistakeholder model and be appointed by the Commission on the basis of an open and transparent procedure.
The Commission should carry out an evaluation on the effectiveness and functioning of the .eu TLD. The evaluation should have regard to the designated Registry working practices and the relevance of its tasks.
Since the objective of this Regulation, namely the implementation of a pan-European TLD in addition to the national ccTLDs, cannot be sufficiently achieved by the Member States, but can rather, by reason of its scale and effects, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.
In order to limit any risks of disruption of services of the .eu TLD in the shifting between the old and new regulatory framework, transitional provisions are foreseen by this Regulation.
Regulation (EC) No 733/2002 of the European Parliament and of the Council and Commission Regulation (EC) No 874/2004 should therefore be repealed.

HAVE ADOPTED THIS REGULATION:

CHAPTER I

General Provisions

Article 1

Subject-matter and objectives

1. This Regulation implements the .eu country code Top Level Domain (‘ccTLD’) and lays down the conditions for its implementation, including the designation and characteristics of the Registry. This Regulation also establishes the legal and general policy framework within which the designated Registry will function.

2. This Regulation shall apply without prejudice to arrangements in Member States regarding their national ccTLDs.

Article 2

Definitions

For the purposes of this Regulation:

(a) "Registry" means the entity entrusted with the organisation, administration and management of the.eu TLD including maintenance of the corresponding databases and the associated public query services, registration of domain names, operation of the Registry of domain names, operation of the Registry TLD name servers and dissemination of TLD zone files;

(b) "Registrar" means a natural or legal person that, on the basis of a contract with the Registry, provides domain name registration services to registrants;

(c) "Internationalised Domain Names (IDNs) protocols" mean standards and protocols that support the use of domain names in characters that are not American Standard Code for Information Interchange (ASCII) characters;

(d) "WHOIS database" means a collection of data containing information on the technical and administrative aspects of the .eu Top Level Domain registrations;

(e) "principles and procedures on the functioning of the .eu TLD" means detailed rules concerning the functioning and management of the .eu TLD;

(f) "registration" means a series of acts and procedural steps, from initiation to completion, taken by Registrars and/or the Registry upon the request of a natural or legal person aimed at implementing the registration of a domain name for a specified duration.

CHAPTER II

Implementation of the .eu TLD

Section 1

GENERAL PRINCIPLES

Article 3

Eligibility criteria

Registration of one or more domain names under the .eu TLD can be requested by any of the following:

(i) a Union citizen, independently of their place of residence; or

(ii) a natural person who is not a Union citizen and who is resident of a Member State; or

(iii) an undertaking established within the Union; or

(iv) an organisation established within the Union without prejudice to the application of national law.

Article 4

Registration and revocation of domain names

1. A domain name shall be allocated to the eligible party whose request has been received first by the Registry in the technically correct manner as laid down by the procedures for registration requests on the basis of point (b) of Article 11.

2. A registered domain name shall be unavailable for further registration until the registration expires without renewal, or until the domain name is revoked.

3. The Registry may revoke a domain name at its own initiative and without submitting the dispute to any extrajudicial settlement of conflicts, on the following grounds:

(a) outstanding unpaid debts owed to the Registry;

(b) non-fulfilment by the domain name holder of the eligibility criteria pursuant to Article 3;

(c) breach by the domain name holder of the requirements for registration requests laid down on the basis of point (b) of Article 11.

4. A domain name may also be revoked, and where necessary subsequently transferred to another party, subject to an appropriate alternative dispute resolution (‘ADR’) or judicial procedure, where that name is identical or confusingly similar to a name in respect of which a right is established by national or Union law, and where it:

(a) has been registered by its holder without rights or legitimate interest in the name; or

(b) has been registered or is being used in bad faith.

5. Where a domain name is considered by a court of a Member State to be defamatory, racist or contrary to public policy, it shall be blocked by the Registry upon notification of a court decision and shall be revoked upon notification of a final court decision. The Registry shall block from future registration those names which have been subject to such a court order as long as such order remains valid.

Article 5

Languages, applicable law and jurisdiction

1. The registration of domain names shall be performed in all the alphabetic characters of the official languages of the Union in accordance with the available international standards as allowed by the relevant Internationalised Domain Names (IDNs) protocols.

2. Without prejudice to Regulation (EU) No 1215/2012 and rights and obligations recognised by the Member States or by the Union arising from international instruments, contracts between the Registry and Registrars as well as contracts between Registrars and registrants of domain names shall not designate, as applicable law, a law other than the law of one of the Member States, nor shall they designate as dispute-resolution body, a court, an arbitration court or another body located outside the Union.

Article 6

Reservation of domain names

1. The Registry may reserve a number of domain names considered necessary for its operational functions in accordance with the contract referred to in Article 8 (3).

2. The Commission may instruct the Registry to introduce domain names directly under the .eu TLD for use by the Union institutions and bodies.

3. Member States, without prejudice to domain names already reserved or registered, may notify to the Commission a list of domain names which:

(a) may not be registered, based on national law; or

(b) may be registered or reserved only under a second level domain by the Member States. These domain names must be limited to broadly-recognised geographical and/or geopolitical terms which affect the Member States' political or territorial organisation.

4. The Commission shall adopt the lists notified by the Member States by means of implementing acts. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 17(2).

Article 7

Registrars

1. The Registry shall accredit registrars in accordance with reasonable, transparent and non-discriminatory accreditation procedures, which have been approved in advance by the Commission. The Registry shall make the accreditation procedures publicly available in readily accessible form.

2. The Registry shall apply equivalent conditions in equivalent circumstances in relation to the accredited .eu registrars providing equivalent services, and provide them with services and information under the same conditions and of the same quality as provided for its own equivalent services.

Section 2

REGISTRY

Article 8

Designation of the Registry

1. The Commission shall establish the criteria and the procedure for the designation of the Registry by means of implementing acts. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 17(2).

2. The Commission shall designate the Registry following the completion of the procedure referred to in paragraph 1.

3. The Commission shall enter into a contract with the designated Registry. The contract shall specify the rules, policies and procedures for the provision of services by the Registry and the conditions according to which the Commission supervises the organisation, administration and management of the.eu TLD by the Registry. The contract shall be limited in time and renewable and shall include the principles and procedures on the functioning of the .eu TLD laid down on the basis of Article 11.

4 By way of derogation from the procedures referred to in paragraphs 1 and 2, on imperative grounds of urgency, the Commission may designate the Registry by means of immediately applicable implementing acts in accordance with the procedure referred to in Article 17(3).

Article 9

Characteristics of the Registry

1. The Registry shall have its registered office, central administration and principal place of business within the territory of the Union.

2. The Registry may impose fees directly related to costs incurred, in so far as authorised by the contract concluded pursuant to Article 8 (3).

Article 10

Obligations of the Registry

The Registry shall:

(a) observe the rules, policies and procedures laid down in this Regulation and the contract referred to in Article 8 (3);

(b) organise, administer and manage the .eu TLD in the general interest and on the basis of principles of quality, efficiency, reliability, transparency, accessibility and non-discrimination and by ensuring fair conditions of competition;

(c) enter into an appropriate contract providing for the delegation of the .eu TLD code, subject to prior consent of the Commission;

(d) perform the registration of domain names in the .eu TLD where requested by any eligible party referred to in Article 3;

(e) ensure, without prejudice to any court proceedings and subject to adequate procedural guarantees for the parties concerned, the possibility for Registrars and registrants to bring any contractual dispute with the Registry to an Alternative Dispute Resolution (ADR) body;

(f) ensure the availability and authenticity of the databases of domain names;

(g) enter into an agreement, at its own expenses and with the consent of the Commission, with a reputable trustee or other escrow agent established within the territory of the Union designating the Commission as the beneficiary of the escrow agreement and submit to the respective trustee or escrow agent, on a daily basis, an electronic copy of the content of the .eu TLD database;

(h) implement the lists referred to in Article 6 (3);

(i) promote the objectives of the Union in the field of internet governance;

(j) publish the principles and procedures on the functioning of the .eu TLD laid down on the basis of Article 11 in all official languages of the Union;

(k) undertake an audit by an independent body at its own expense and at least every two years to certify compliance with the present Regulation and send the outcome to the Commission;

(l) participate, at the request of the Commission, in the work of the .eu Multistakeholder Council and cooperate with the Commission for improving the functioning and management of the .eu TLD.

Article 11

Principles and procedures on the functioning of the .eu TLD

The contract, concluded between the Commission and the designated Registry in accordance with Article 8 (3), shall contain the principles and procedures concerning the functioning of the .eu TLD, in compliance with this Regulation, including the following:

(a) an ADR policy;

(b) requirements and procedures for registration requests, policy on verification of registrants data and speculative registration of domain names;

(d) policy on revocation of domain names;

(e) treatment of intellectual property rights;

(f) measures aimed at enabling competent authorities to have access to the data in the Registry for the purposes of prevention, detection, investigation and prosecution of crime, as provided by Union or national law;

(g) detailed procedures to amend the contract.

Article 12

WHOIS database

1. The Registry shall set up and manage a WHOIS database facility for the purpose of providing accurate and up to date registration information about the domain names under the .eu TLD.

2. The WHOIS database shall contain relevant information, which is not excessive in relation to the purpose of the database, about the points of contact administering the domain names under the .eu TLD and the holders of the domain names. Where the domain name holder is a natural person, the information that is to be made publicly available shall be subject to the domain name holder’s consent within the meaning of Regulation 2016/679.

Section 3

OVERSIGHT OF THE REGISTRY

Article 13

Supervision

1. The Commission shall monitor and supervise the organisation, administration and management of the .eu TLD by the Registry.

2. The Commission shall ascertain the soundness of financial management, the compliance with the Regulation and with the principles and procedures on the functioning of the .eu TLD referred to in Article 11 by the Registry and may request information for that purpose.

3. In accordance with its supervisory activities, the Commission may convey specific instructions to the Registry for correcting and/or improving the organisation, administration and management of the .eu TLD.

4. The Commission may, as appropriate, consult stakeholders and seek expert advice on the results of the supervisory activities provided in this Article and on ways to improve the organisation, administration and management of the .eu TLD by the Registry.

Article 14

.eu Multistakeholder Council

1. A .eu Multistakeholder Council shall be established to advise the Commission on the implementation of the present Regulation.

2. The .eu Multistakeholder Council shall be composed of representatives drawn from the private sector, the technical community, Member States and international organisations, civil society and academia and appointed by the Commission on the basis of an open and transparent procedure.

3. The .eu Multistakeholder Council shall have the following tasks:

(a) assist and advise the Commission in the implementation of the present Regulation;

(b) issue opinions on matters of management, organisation and administration of the .eu TLD;

CHAPTER III

Final provisions

Article 15

Reservation of rights

The Union retains all rights relating to the .eu TLD including, in particular, intellectual property rights and other rights to the Registry databases required to ensure the implementation of this Regulation and the right to re-designate the Registry.

Article 16

Evaluation and review

1. No later than five years after the date of application of this Regulation, and each three years thereafter, the Commission shall assess the implementation, effectiveness and functioning of the .eu TLD.

2. The Commission shall submit a report to the European Parliament and the Council on the findings of the assessment referred to in paragraph 1.

Article 17

Committee procedure

1. The Commission shall be assisted by a committee. That committee shall be a committee within the meaning of Regulation (EU) No 182/2011.

2. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply.

3. Where reference is made to this paragraph, Article 8 of Regulation (EU) No 182/2011, in conjunction with Article 5 thereof, shall apply.

Article 18

Transitional provisions

1. Domain name holders that have domain names registered pursuant to point (b) of Article 4 (2) of Regulation (EC) No 733/2002 shall retain the rights on the existing registered domain names under the .eu TLD.

2. By [date – no later than two years after the entry into force] the Commission shall take the necessary measures to designate and to enter into a contract with the Registry pursuant the present Regulation. The contract shall produce effects as from [date – of the application of present regulation: no later than three years after the entry into force].

3. The contract concluded between the Commission and the Registry pursuant to point (c) of Article 3 (1) of Regulation (EC) No 733/2002 shall continue to produce effects until [date – minus 1 day of the date of application of present regulation: no later than three years after the entry into force].

Article 19

Repeal

Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004 are repealed with effect from [date – of the application of present regulation: no later than three years after the entry into force].

Article 20

Entry into force

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

It shall apply from [date – no later than three years after the entry into force].

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels,

ANNEX to the Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the implementation and functioning of the .eu Top Level Domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004

Brussels,27.4.2018

COM(2018) 231 final

{SEC(2018) 205 final}{SWD(2018) 120 final}{SWD(2018) 121 final}{SWD(2018) 122 final}

Legislative financial statement

LEGISLATIVE FINANCIAL STATEMENT

◻The proposal/initiative relates to a new action

◻ The proposal/initiative relates to a new action following a pilot project/preparatory action ¹

☒ The proposal/initiative relates to the extension of an existing action [it is a REFIT initiative]

◻ The proposal/initiative relates to an action redirected towards a new action

Specific objective(s)

Specific objective N1: Remove outdated legal/administrative requirements.

Specific objective N2: Ensure the rules are future-proof and allow the .eu to adapt to the rapid evolution of the TLD market and the dynamic digital landscape, while at the same time incorporating and promoting EU priorities in the on line world

Specific objective N3: Ensure a governance structure that both reflects technical and governance best practices and serves EU public interest.

Specific objective N4: Promote the attractiveness of .eu.

In the remainder of the fiche, we focus on Specific objective N3.

Specify the effects which the proposal/initiative should have on the beneficiaries/groups targeted.

In relation to Specific objective N3, the proposal introduces a separate governance framework: while the current model of outsourcing the daily operational activities to an external operator would continue, the creation of a separate multistakeholder body with an advisory role is foreseen. The introduction of a multistakeholder body (the .eu Multistakeholder Council) would effectively strengthen and widen the input into the good governance of the .eu Registry and increase the transparency of its corporate governance.

The .eu Multistakeholder Council will need to be adequately resourced. The cost is estimated around €50.000 annually (for reimbursing experts travel and subsistence, organising the meetings, and costs in relation to activities such as production of external reports and studies) to be covered by the Commission.

Specify the indicators for monitoring implementation of the proposal/initiative.

Expected generated EU added value (ex-post): The existence of the .eu TLD is highly symbolic and reflects the existence of a European online community (of citizens, institutions and businesses) who wishes to be clearly identified as such. The .eu TLD gives users wishing to operate across the Single Market a specific European connotation which is recognised globally.

A regulatory framework at EU level for the .eu is useful in order to continue providing for and expanding a domain name space on the Internet under the .eu TLD, in which relevant EU law, data and consumer protection rules are applicable.

Regulatory action taken at Member States level would not be able to deliver on the fundamental objectives standing behind the creation and management of a trusted and innovative namespace for the EU, to promote the European Union's image on the Internet and to deliver added value in terms of increased choice for users, in addition to the national ccTLDs.

◻ Proposal/initiative of limited duration

◻ Proposal/initiative in effect from [DD/MM]YYYY to [DD/MM]YYYY
◻ Financial impact from YYYY to YYYY

☒ Proposal/initiative of unlimited duration ²

Implementation with a start-up period from 2020 to 2020,
followed by full-scale operation.

☒ Direct management by the Commission

☒ by its departments, including by its staff in the Union delegations;
◻ by the executive agencies

◻ Shared management with the Member States

◻ Indirect management by entrusting budget implementation tasks to:

◻ third countries or the bodies they have designated;
◻ international organisations and their agencies (to be specified);
◻the EIB and the European Investment Fund;
◻ bodies referred to in Articles 208 and 209 of the Financial Regulation;
◻ public law bodies;
◻ bodies governed by private law with a public service mission to the extent that they provide adequate financial guarantees;
◻ bodies governed by the private law of a Member State that are entrusted with the implementation of a public-private partnership and that provide adequate financial guarantees;
◻ persons entrusted with the implementation of specific actions in the CFSP pursuant to Title V of the TEU, and identified in the relevant basic act.
If more than one management mode is indicated, please provide details in the ‘Comments’ section.

Comments

Specify frequency and conditions.

The basic practical modalities of setting up the separate body are spelled out in the legal text of the regulation. The set-up of the .eu Multistakeholder Council will be executed by the Commission using established principles on expert groups. The legal requirements will include:

a) Measures to guarantee that the newly formed governance body has the necessary autonomy and independence from the Registry;

b) The guarantee that the newly formed governance body will work in line with Commission's objectives and policies;

c) The key tasks (in principle, only advisory) entrusted to the newly formed governance body and its relations vis-à-vis the Commission and the Registry;

d) The role and powers of the Commission vis-à-vis the Registry and the newly formed governance body (e.g. the oversight power of the Commission over the Registry).

Specify existing or envisaged prevention and protection measures.

Existing budget lines

In order of multiannual financial framework headings and budget lines.

Heading of multiannual financial framework

Budget line

Type of
expenditure

Contribution

Number Heading

Diff./Non-diff. ⁴

from EFTA countries ⁵

from candidate countries ⁶

from third countries

within the meaning of Article 21(2)(b) of the Financial Regulation

Definition and implementation of Union’s policy in the field of electronic communications

09.0201

Diff.

[This section should be filled in using the spreadsheet on budget data of an administrative nature (second document in annex to this financial statement) and uploaded to DECIDE for interservice consultation purposes.]

EUR million (to three decimal places)

Heading of multiannual financial
framework

Competitiveness for growth and employment

DG CONNECT			Year 2019	Year 2020	Year 2021	Year 2022	Enter as many years as necessary to show the duration of the impact (see point 1.6)	TOTAL
09 02 01	Commitments	(1a)		0.050				0.050
	Payments	(2a)		0.025	0.025			0.050
Appropriations of an administrative nature financed from the envelope of specific programmes ⁷
Number of budget line		(3)
TOTAL appropriations for DG CONNECT	Commitments	=1+1a +3		0.050				0.050
	Payments	=2+2a +3		0.025	0.025			0.050

• TOTAL operational appropriations	Commitments	(4)	0.050		0.050
	Payments	(5)	0.025	0.025	0.050
• TOTAL appropriations of an administrative nature financed from the envelope for specific programmes		(6)
TOTAL appropriations under HEADING <1a.> of the multiannual financial framework	Commitments	=4+ 6	0.050		0.050
	Payments	=5+ 6	0.025	0.025	0.050

If more than one heading is affected by the proposal / initiative:

• TOTAL operational appropriations	Commitments	(4)	0.050		0.050
	Payments	(5)	0.025	0.025	0.050
• TOTAL appropriations of an administrative nature financed from the envelope for specific programmes		(6)
TOTAL appropriations under HEADINGS 1 to 4 of the multiannual financial framework (Reference amount)	Commitments	=4+ 6	0.050		0.050
	Payments	=5+ 6	0.025	0.025	0.050

Heading of multiannual financial
framework

‘Administrative expenditure’

EUR million (to three decimal places)

	Year N	Year N+1	Year N+2	Year N+3	Enter as many years as necessary to show the duration of the impact (see point 1.6)	TOTAL
DG:

• Other administrative expenditure (.eu Multistakeholder Council)
TOTAL DG Connect

TOTAL appropriations
under HEADING 5
of the multiannual financial framework

(Total commitments = Total payments)

EUR million (to three decimal places)

		Year 2019	Year 2020	Year 2021	Year 2022	Enter as many years as necessary to show the duration of the impact (see point 1.6)	TOTAL
TOTAL appropriations under HEADINGS 1 to 5 of the multiannual financial framework	Commitments		0.050				0.050
	Payments		0.025	0.025			0.050

◻ The proposal/initiative does not require the use of operational appropriations
☒ The proposal/initiative requires the use of operational appropriations, as explained below:

Commitment appropriations in EUR million (to three decimal places)

Indicate objectives and outputs

⇩

Year
2020

Year
2021

Year
2022

Year
N+3

Enter as many years as necessary to show the duration of the impact (see point 1.6)

TOTAL

OUTPUTS

Type ⁸

Average cost

Cost

Total No

Total cost

.eu Multistakeholder Council

- reimbursement of experts travel and subsistence

0,001

0.032

- Meetings organisation

0,004

0.008

- Other costs (external reports, studies)

0,005

0.010

Subtotal for specific objective No 3

0.050

TOTAL COST

0,05

0.05

☒ The proposal/initiative does not require the use of appropriations of an administrative nature
◻ The proposal/initiative requires the use of appropriations of an administrative nature, as explained below:

EUR million (to three decimal places)

Year
2019

Year
2020

Year
2021

Year
2022

Enter as many years as necessary to show the duration of the impact (see point 1.6)

TOTAL

HEADING 5 of the multiannual financial framework
Human resources
Other expenditure of an administrative nature
Subtotal HEADING 5 of the multiannual financial framework

Outside HEADING 5 ⁹ of the multiannual financial framework
Human resources
Other expenditure of an administrative nature
Subtotal outside HEADING 5 of the multiannual financial framework

TOTAL

The appropriations required for human resources and other expenditure of an administrative nature will be met by appropriations from the DG that are already assigned to management of the action and/or have been redeployed within the DG, together if necessary with any additional allocation which may be granted to the managing DG under the annual allocation procedure and in the light of budgetary constraints.

☒ The proposal/initiative does not require the use of human resources.
◻ The proposal/initiative requires the use of human resources, as explained below:

Estimate to be expressed in full time equivalent units

		Year 2019	Year 2020	Year 2021	Year 2022	Enter as many years as necessary to show the duration of the impact (see point 1.6)
• Establishment plan posts (officials and temporary staff)
XX 01 01 01 (Headquarters and Commission’s Representation Offices)
XX 01 01 02 (Delegations)
XX 01 05 01 (Indirect research)
10 01 05 01 (Direct research)
• External staff (in Full Time Equivalent unit: FTE) ¹⁰
XX 01 02 01 (AC, END, INT from the ‘global envelope’)
XX 01 02 02 (AC, AL, END, INT and JED in the delegations)
XX 01 04 yy ¹¹	- at Headquarters
	- in Delegations
XX 01 05 02 (AC, END, INT - Indirect research)
10 01 05 02 (AC, END, INT - Direct research)
Other budget lines (specify)
TOTAL

XX is the policy area or budget title concerned.

The human resources required will be met by staff from the DG who are already assigned to management of the action and/or have been redeployed within the DG, together if necessary with any additional allocation which may be granted to the managing DG under the annual allocation procedure and in the light of budgetary constraints.

Description of tasks to be carried out:

Officials and temporary staff
External staff

☒ The proposal/initiative is compatible the current multiannual financial framework.
◻ The proposal/initiative will entail reprogramming of the relevant heading in the multiannual financial framework.

◻ The proposal/initiative requires application of the flexibility instrument or revision of the multiannual financial framework.

The proposal/initiative does not provide for co-financing by third parties.
The proposal/initiative provides for the co-financing estimated below:

Appropriations in EUR million (to three decimal places)

	Year N	Year N+1	Year N+2	Year N+3	Enter as many years as necessary to show the duration of the impact (see point 1.6)	Total
Specify the co-financing body
TOTAL appropriations co-financed

☒ The proposal/initiative has no financial impact on revenue.
◻ The proposal/initiative has the following financial impact:
- ◻ on own resources
- ◻ on miscellaneous revenue

EUR million (to three decimal places)

Budget revenue line:	Appropriations available for the current financial year	Impact of the proposal/initiative ¹²
		Year N	Year N+1	Year N+2	Year N+3	Enter as many years as necessary to show the duration of the impact (see point 1.6)
Article ………….

For miscellaneous ‘assigned’ revenue, specify the budget expenditure line(s) affected.

Specify the method for calculating the impact on revenue.