Article 48 - 51, Amendments to Regulation (EU) No 910/2014
Regulation (EU) No 910/2014 is amended as follows:
The following article is inserted in Chapter VI:
‘Article 48a, Reporting requirements
1. Member States shall ensure the collection of statistics in relation to the functioning of European Digital Identity Wallets and the qualified trust services provided on their territory.
2. The statistics collected in accordance with paragraph 1 shall include the following:
(a) the number of natural and legal persons having a valid European Digital Identity Wallet;
(b) the type and number of services accepting the use of the European Digital Identity Wallet;
(c) the number of user complaints and consumer protection or data protection incidents relating to relying parties and qualified trust services;
(d) a summary report including data on incidents preventing the use of the European Digital Identity Wallet;
(e) a summary of significant security incidents, data breaches and affected users of European Digital Identity Wallets or of qualified trust services.
3. The statistics referred to in paragraph 2 shall be made available to the public in an open and commonly used, machine-readable format.
4. By 31 March each year, Member States shall submit to the Commission a report on the statistics collected in accordance with paragraph 2.’;
Article 49 is replaced by the following:
‘Article 49, Review
1. The Commission shall review the application of this Regulation and shall, by 21 May 2026, submit a report to the European Parliament and to the Council. In that report, the Commission shall, in particular, evaluate whether it is appropriate to modify the scope of this Regulation or its specific provisions including, in particular, the provisions included in Article 5c(5), taking into account the experience gained in the application of this Regulation, as well as technological, market and legal developments. Where necessary, that report shall be accompanied by a proposal to amend this Regulation.
2. The report referred to in paragraph 1 shall include an assessment of the availability, security and usability of the notified electronic identification means and European Digital Identity Wallets that fall within the scope of this Regulation and assess whether all online private service providers relying on third-party electronic identification services for users authentication, shall be required to accept the use of notified electronic identification means and European Digital Identity Wallet.
3. By 21 May 2030 and every four years thereafter, the Commission shall submit a report to the European Parliament and the Council on progress made towards achieving the objectives of this Regulation.’;
Article 51 is replaced by the following:
‘Article 51, Transitional measures
1. Secure signature creation devices of which the conformity has been determined in accordance with Article 3(4) of Directive 1999/93/EC shall continue to be considered to be qualified electronic signature creation devices under this Regulation until 21 May 2027.
2. Qualified certificates issued to natural persons under Directive 1999/93/EC shall continue to be considered as qualified certificates for electronic signatures under this Regulation until 21 May 2026.
3. The management of remote qualified electronic signature and seal creation devices by qualified trust service providers other than qualified trust service providers providing qualified trust services for the management of remote qualified electronic signature and seal creation devices in accordance with Articles 29a and 39a may be carried out without the need to obtain the qualified status for the provision of these management services until 21 May 2026.
4. Qualified trust service providers that have been granted their qualified status under this Regulation before 20 May 2024 shall submit a conformity assessment report to the supervisory body proving compliance with Article 24(1), (1a) and (1b) as soon as possible and in any event by 21 May 2026.’;
Annexes I to IV are amended, respectively, in accordance with Annexes I to IV to this Regulation;
New Annexes V, VI and VII are added as set out in Annexes V, VI and VII to this Regulation.
Note: This is the final text of Regulation (EU) 2024/1183 of the European Parliament and of the Council of 11 April 2024, establishing the European Digital Identity Framework.