Commission Implementing Regulation (EU) 2021/331 of 24 February 2021 on the reporting of abuses committed by commercial intermediaries providing application services for travel authorisation under Regulation (EU) 2018/1240 of the European Parliament and of the Council
Commission Implementing Regulation (EU) 2021/331of 24 February 2021on the reporting of abuses committed by commercial intermediaries providing application services for travel authorisation under Regulation (EU) 2018/1240 of the European Parliament and of the CouncilTHE EUROPEAN COMMISSION,Having regard to the Treaty on the Functioning of the European Union,Having regard to Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226OJ L 236, 19.9.2018, p. 1., and in particular Articles 15(5) and 16(10) thereof,Whereas:(1)Regulation (EU) 2018/1240 establishes the European Travel Information and Authorisation System ("ETIAS") for third-country nationals exempt from the requirement to be in the possession of a visa for the purposes of entering and staying in the territory of the Member States.(2)To obtain the travel authorisation, the application is to be submitted by the applicant directly, or by a third person or a commercial intermediary authorised by the applicant to submit the application on his or her behalf.(3)In the context of comparable travel authorisation systems, commercial intermediaries have been known to engage in abusive practices. Abuses may take many different forms including: attempting to mislead applicants into believing that their website is the dedicated official public website or application for mobile devices for submitting an application, thereby giving the false impression that the excess charged by the commercial intermediary is a mandatory part of the application process rather than consideration for the voluntary use of a commercial service; making fraudulent use of the personal or financial data provided by the applicant; charging an unreasonably high price for its service, or failing to request the application in the required time, format and quality on behalf of the applicant.(4)In order to detect abusive practices and to prevent their recurrence, an online form for the reporting of abuse by commercial intermediaries should be made accessible via the dedicated public website and the application for mobile devices. In order to promote awareness of the possibility to report abuse and to facilitate such reporting, information regarding the process to be followed should be displayed visibly on the public website and the application for mobile devices. The form should contain standardised fields and request users to enter details of the abusive conduct.(5)In order to ensure that applicants are adequately informed of the nature and purpose of the reporting facility, the form should clarify that the reporting system is for monitoring purposes, it shall not collect any personal data and does not constitute a channel for appealing decisions on applications, or as a substitute for the pursuit of remedies under administrative, civil or criminal law.(6)The ETIAS Central Unit should receive and assess such reports, taking into account the similarities and recurrences of the abuses reported. The ETIAS Central Unit should regularly report to the Commission, as necessary, on the abuses reported and the assessments made. Account should be taken of these assessments in the development by the Commission of information campaigns referred to in Article 72 of Regulation (EU) 2018/1240. On the basis of the assessments, the ETIAS Central Unit should modify, as appropriate, the information to the general public referred to in Article 71 of Regulation (EU) 2018/1240, and in particular to the applicants.(7)In accordance with Articles 1 and 2 of Protocol No 22 on the position of Denmark, annexed to the Treaty on European Union ("TEU") and to the Treaty on the Functioning of the European Union ("TFEU"), Denmark did not take part in the adoption of Regulation (EU) 2018/1240 and is not bound by it or subject to its application. However, given that Regulation (EU) 2018/1240 builds upon the Schengen acquis, Denmark notified on 21 December 2018, in accordance with Article 4 of that Protocol, its decision to implement Regulation (EU) 2018/1240 in its national law.(8)This Regulation constitutes a development of the provisions of the Schengen acquis in which Ireland does not take part, in accordance with Council Decision 2002/192/ECCouncil Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part in some of the provisions of the Schengen acquis (OJ L 64, 7.3.2002, p. 20).; Ireland is therefore not taking part in the adoption of this Regulation and is not bound by it or subject to its application.(9)As regards Iceland and Norway, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquisOJ L 176, 10.7.1999, p. 36., which fall within the area referred to in Article 1, point A of Council Decision 1999/437/ECCouncil Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis (OJ L 176, 10.7.1999, p. 31)..(10)As regards Switzerland, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquisOJ L 53, 27.2.2008, p. 52., which fall within the area referred to in Article 1, point A of Decision 1999/437/EC, read in conjunction with Article 3 of Council Decision 2008/146/ECCouncil Decision 2008/146/EC of 28 January 2008 on the conclusion, on behalf of the European Community, of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis (OJ L 53, 27.2.2008, p. 1)..(11)As regards Liechtenstein, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquisOJ L 160, 18.6.2011, p. 21. which fall within the area referred to in Article 1, point A of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2011/350/EUCouncil Decision 2011/350/EU of 7 March 2011 on the conclusion, on behalf of the European Union, of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis, relating to the abolition of checks at internal borders and movement of persons (OJ L 160, 18.6.2011, p. 19)..(12)As regards Cyprus, Bulgaria and Romania and Croatia, this Regulation constitutes an act building upon, or otherwise relating to, the Schengen acquis within, respectively, the meaning of Article 3(1) of the 2003 Act of Accession, Article 4(1) of the 2005 Act of Accession and Article 4(1) of the 2011 Act of Accession.(13)The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the CouncilRegulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39). and delivered an opinion on 4 September 2020.(14)The measures provided for in this Regulation are in accordance with the opinion of the Smart Borders Committee (ETIAS),HAS ADOPTED THIS REGULATION: