Commission proposes Digital Green Certificates

Today [17 March], the European Commission published a proposal for a regulation on a Digital Green Certificate.

This Green Certificate would encompass three types of certificates:

 -vaccination certificate,

-test certificate,

 -certificate of recovery.

The goal of the initiative is to facilitate the return to free movement within the EU -for instance for tourism purposes during the summer. However, the Commission underlines that this Digital Green Certificate should not be a pre-condition for the exercise of free movement, meaning that it is aiming at facilitating travel.

Please find below the link to the document and a summary of the proposal.

Main characteristics of the certificates

Member States will issue the certificates in a digital or paper-based format, or both. The certificates shall contain an interoperable barcode allowing for the verification of the authenticity, validity and integrity of the certificate.

Certificates will be issued free of charge.

Certificates need to be fully interoperable, secure and verifiable.

Trust framework

The Commission and the Member States shall set up and maintain a trust framework digital infrastructure allowing for the secure issuance and verification of the certificates. Interoperability at international level shall be ensured too, where possible.

Datasets for each type of certificate

The vaccination certificate shall contain the following categories of personal data:

(a) identification of the holder;

(b) information about the vaccine medicinal product administered;

(c) certificate metadata, such as the certificate issuer or a unique certificate identifier

The test certificate shall contain the following categories of personal data:

(a) identification of the holder;

(b) information about the test carried out;

(c) certificate metadata, such as the certificate issuer or a unique certificate identifier.

The certificate of recovery shall contain the following categories of personal data:

(a) identification of the holder;

(b) information about past SARS-CoV-2 infection;

(c) certificate metadata, such as the certificate issuer or a unique certificate identifier.

You will find more information on the datasets in the Annex (page 46).

Data protection

The Commission wishes to provide a very high level of data protection and refers to the data minimisation principle. This legislation does not create a legal basis for retaining personal data obtained from the certificate by the Member State of destination or by the cross-border passenger transport services operators.

Next steps:

The proposal will have to go through the ordinary legislative procedure. However, the Commission requests the Council and the European Parliament to fast track the procedure.

A technical framework will be defined at EU level, to be put in place by mid-June, to ensure security, interoperability, as well as data protection. It will also allow the possibility to extend to compatible certificates issued in third countries.

Delegated acts can amend the provisions of the regulation, in particular the Annex.

The Commission will also adopt implementing acts for the technical specifications, including on security.

If you have any questions on these issues, please contact Camille Dornier - Policy Manager: camille.dornier@eurosmart.com