The present guidelines and recommendations on the implementation of Regulation (EU) No 2019/788 on the European citizens’ initiative (hereafter: ‘the Regulation’) are intended for the Member States’ competent authorities (and have been prepared partly at their request). They cover various stages of the citizens’ initiative procedure, in particular those related to the transfer and to the verification of statements of support. As such, they will also prove on many points helpful for organisers.
To a large extent, these guidelines and recommendations clarify or update advice that the Commission has previously provided, either in non-papers, in written correspondence, or at meetings of the European citizens’ initiative Expert Group. They may need to be revised over time based on the experiences of the competent Member States’ authorities and the Commission with their implementation.
The Commission informs the Member States’ authorities via email of requests for the registration of proposed citizens’ initiatives that it has accepted or refused.
Start collection period:
Once the organisers have informed the Commission about the starting date of the collection period, the Commission informs the Member States’ authorities about that date. The Commission will also indicate the start and end date of the collection in the public register.
Verification of statements of support:
In case the organisers submit a verification request without using the Commission file exchange service, a Member State’s authority receiving that request should immediately inform the Commission, who will then share this information with the other Member States’ authorities. In case the organisers use transfer services (the file exchange service) provided by the Commission, the specific procedure including notification as defined under Section 5 below applies
Legal or administrative proceedings:
Member States inform without delay the Commission of any legal or administrative proceedings by organisers ongoing in their country as regards process or outcome of the verification of statements of support, implying the postponement of the destruction of the data in the central online collection system.
Communication between the Commission and the Member States’ authorities can take place by email by using the Commission functional mailbox: SG-ECI-EXPERT-GROUP@ec.europa.eu.
Certification of individual online collection systems
Under the new Regulation, the organisers can still opt for their own system for the online collection of statements of support. They have this option for initiatives that are registered until the end of 2022. For initiatives that are registered from 2023 onwards, organisers will have to use the Commission central online collection system.
This section applies to those situations, in which organisers have decided to use their own online collection system.
An online collection system must be certified only once, in the Member State on the territory of which the data will be stored. This certification can be requested by organisers only after their proposed initiative has been registered with the Commission. The competent national authority has one month to certify an online collection system.
Member States shall recognise the certificates issued by the competent authorities of other Member States for an online collection system of a given initiative. The fact that the competent authority of one Member State has refused to certify the online collection system of a given initiative cannot be used as a justification by the competent authority of another Member State for not assessing or for refusing to certify the online collection system of the same initiative.
The requirements that online collection systems must fulfil are set out in Regulation (EU) No 2019/1799 (hereafter: ‘the implementing Regulation’).
Prior to requesting the certification of their online collection system, organisers should contact the competent national authority concerned to ensure that both the group of organisers and the competent authority are well prepared. In particular, this will enable the national authority to advise organisers about the precise nature of the documentation the organisers must provide. If the authority has developed its own specific security rules and requirements for certification of online collection systems, it shall make such rules available to the organisers upon request. These specific rules shall be in line with the general technical requirements laid down in the implementing Regulation.
A request for certification is considered to have been made once organisers have submitted all of the documents required by the implementing Regulation, together with any specific forms required by the competent national authority in question. Given that the competent national authorities have one month to verify conformity with the implementing Regulation, this authority should quickly check that the documentation submitted is complete. If this is not the case, the organisers should be informed immediately and asked to provide any missing documentation without delay. In the absence of a suitably prompt response from the organisers, certification may be refused on the grounds that the national authority does not have sufficient time to properly assess the online collection system concerned. Alternatively, the national authority may decide that the one-month deadline only starts when the required documentation is complete.
It is for the Member State’s authority to decide, on the basis of the documentation, how to verify conformity with the requirements of the implementing Regulation. This verification may include vulnerability and/or penetration tests or, if deemed necessary, onsite verification.
The certification of an online collection system by a Member State’s authority should be more straightforward if this authority has already certified the service provider concerned for other initiatives registered under the Regulation and the organisers have indicated in their request that the system has not undergone modifications. In such cases, the Member State’s authority should in principle focus in its certification procedure on ensuring that the security measures previously certified continue to be implemented. The service provider should be understood here to cover not only the provider of hosting services but also the provider of software components.
The certificate is issued by the Member State’s authority if the system has the adequate security and technical features in place, as defined in Article 11(4) of the Regulation and in the implementing Regulation. The certificate is not limited in time and, as such, there can be no obligation on organisers to renew it. However, compliance with Article 11(4) of the Regulation and the implementing Regulation by the systems must be ensured throughout the collection period. If organisers modify their online collection system after it has been certified in a way that may impact the assessment underlying the certification (and beyond the necessary updates required to comply with the Regulations), the certificate does not apply to what should be considered as a new system. Organisers therefore shall notify without undue delay the authority of the changes made in the system (or supporting organisational measures), and seek its advice whether they need to request a new certification of their amended online collection system.
Statement of support forms
Organisers are free to use either the forms made available to them in their organiser account on the Commission website, or forms that they prepare themselves based on the models set out in the Regulation. The Member States’ authorities may also make such forms available to organisers, although their use cannot be mandatory.
In all cases, the forms used for the collection of statements of support, which can be in any of the official EU languages, must comply with the model in Annex III of the Regulation, include the data required for each respective Member State pursuant to Annex III (Part A or Part B), and provide the key information required on the initiative as published in the European citizens’ initiative register.
Although forms prepared by the organisers should be in full conformity with the model provided in Annex III, they could be amended to add a logo or image of the initiative.
The form should be on one sheet (it may be double-sided), as this would provide some assurance that signatories see the totality of the form and the information on it. Furthermore, it should be clear to signatories before they sign the form to which Member State it will be sent. It must be the Member State of their nationality or one of their nationalities.
In case of partial registration of the initiative by the Commission, the forms must reflect the scope of the initiative as registered. The forms made available to organisers in their account on the Commission website include the relevant information.
A Member State’s authority is not competent to ‘approve’ new forms designed by the organisers. In case of doubt concerning conformity with the model provided in Annex III, Member States’ authorities may, if necessary, contact the Commission.
The forms do not apply to support given through eID (see Article 9(2) last subparagraph of the Regulation).
According to Article 2 of the Regulation, signatories, who must be citizens of the Union, must be of the age to be entitled to vote in elections to the European Parliament or 16 years old depending on the decision of the Member State concerned. Having the right or being registered to vote in elections to the European Parliament cannot be a requirement to support a citizens’ initiative. Member States must only verify whether the signatory is old enough. Member States shall verify statements of support of the citizen of their nationality, regardless of their place of residence.
When a Member State decides to lower the minimum age for supporting a citizens’ initiative or if it decides to lower the minimum age to vote in the European elections (resulting in a lowering of the minimum age for supporting a citizens’ initiative), it shall notify this change to the Commission including its date of application. Such notification should preferably be made three months beforehand to allow the Commission and the organisers to introduce the change in the relevant forms.
More on data requirements.
Transfer of statements of support for verification
Organisers can submit to each competent Member State’s authority only one request for the verification of statements of support per initiative. They are only allowed to do so, when they have collected the minimum numbers of statements of support under the Regulation. At the same time, it is not necessary that they have reached a minimum threshold in a specific Member State for that Member State to carry out the verification.
The Commission publishes the end date of the collection period in the register (12 months from the date set by the organisers to start their collection). Although the collection period runs for 12 months, organisers may decide to close the collection earlier (Article 8(1)). Organisers must then submit their verification requests to the competent national authorities within three months of that date.
Statements of support collected in paper form, and those collected through an online collection system, must be submitted separately.
Statements of support collected online must be submitted in accordance with this electronic format.
Statements of support collected in paper form can be submitted in paper form or transformed in electronic format (e.g. scanned as PDF or JPEG).
Organisers are not required to attribute a number to each statement of support, but they may choose to do so.
Use of the Commission file exchange service (operated using s-CircaBC system)
Statements of support collected by the organisers through the central online collection system are submitted by the Commission to the MS authorities through the file exchange system.
Organisers may also choose to submit via the file exchange service their statements of support collected in paper form and scanned or collected online through an individual online collection system.
When organisers use the file exchange service, the 3-month deadline for submitting the verification request applies. Note that once the submission is initiated by the organisers, it can take up to five working days for the Commission to complete the transfer. The date of the request should be considered as the date when they asked the submission.
As soon as the Commission has completed the transfer and the files are available in s-CircaBC, Member States shall verify if the files are in a readable format and confirm to the organisers and the Commission that the files have been received in good order. An acknowledgement of receipt and any subsequent correspondence with organisers shall take place outside the file exchange service.
It cannot be excluded that organisers that make use of s-CircaBC for the submission of their paper statements and/or statements collected through an individual system, submit their files to the wrong MS folder in s-CircaBC. As the Commission does not have access to the data therein, it will not be able to check this. If the files are encrypted with the public key of the Member State to which the statements of support were deemed to be submitted, the Member State receiving those files by error will not be able to read them. Only if in addition the files are erroneously encrypted with the public key of this erroneously approached Member State, that Member State’s authority will be able to access the files. In both cases, the Member State’s authority shall notify as soon as possible the organisers and the Commission, and delete the files in agreement with the organisers.
For full details on how to handle the file exchange service, please see the specific documentation distributed to the expert group.
Member States’ competent authorities are reminded that:
- they need to have in place a key management for accessing the files on s-CircaBC (including assigning who is/are authorised to access and use the keys, version management) to ensure that all keys are protected from unauthorised access;
- they engage in the tests of the s-CircaBC procedures, to be organised by the Commission twice a year, including the tests on the validity of the keys (and their versions) to be used for accessing the files uploaded by the Commission or organisers;
- they will receive an automatic notification from s-CircaBC as soon as the files are made available for download. They shall then make sure they carry out the verification process within the timeline prescribed in the Regulation.
Verification of statements of support
The competent Member States’ authorities must, within a three-month period of receiving the statements of support, carry out appropriate checks, in accordance with national law and practice, to verify these (Article 12(4)). It is on this basis that they determine and certify the number of valid statements of support. The certificate must be issued free of charge.
Member States’ authorities must accept the statements of support in any of the official EU languages. However, the content of the initiative indicated on the form must correspond to the text published in the European citizens’ initiative register in the corresponding language.
Member States’ authorities are not required to check the authenticity of the signatures collected in paper form, but only the coherence of the personal data provided.
Given that the verification exercise has legal implications, which could be contested before the courts, it is important that certain safeguards are in place, in particular when random sampling is the method used:
Member States’ authorities should ensure that they choose a statistically valid random sample, i.e. a sample that is sufficiently large and representative and, where appropriate, takes account of different levels of risk (e.g. a higher risk among statements of support collected through a certain channel). In order to do so, they should opt for a margin error and a confidence level that ensure that the results will be sufficiently accurate. They should also assess whether there is a need to stratify the population, for example as regards possible ways of collecting, prior to sampling, particularly if there is a suspicion that certain batches of statements of support are less reliable.
Certain minor mistakes or changes should not invalidate the statements of support where there is no indication or suspicion of fraud (e.g. the signatory has made a genuine error or omitted minor information which does not cast doubt on the authenticity of the statement of support or prevent the authorities from identifying him/her), or the signatory has changed residence since signing the initiative. It is possible to account for such mistakes or changes by considering that a certain percentage of invalidated statements of support are in fact valid. If verification is automated, it may be necessary to double-check the rejected statements of support manually in order to detect such false errors.
Benefit of the doubt:
When extrapolating the results of the sample to the whole population, the Member States’ authorities should give the benefit of the doubt to the organisers in particular by choosing the lower threshold in the confidence level (i.e. the interval obtained by adding and subtracting the margin of error from the result).
In order to compensate for the probable outcome of the verification – namely that a certain number of statements of support will be invalidated – organisers should be strongly encouraged to collect significantly more statements of support than the 1 million required.
If multiple statements of support from the same signatory are detected, one of them should be considered as valid, rather than all of them being invalidated.
The Regulation only requires the Member States to check the coherence of the data provided by signatories and not the signatory’s will to support an initiative. This means that it should in general be sufficient for a citizen to fill in, on paper or electronically, a statement of support form, and that he or she should not be called upon to act a second time by, for example, replying to letters or emails. However, if a competent authority has reasonable doubts about possible fraud because of inconsistency in the data provided, that would invalidate statements of support, the authority can undertake additional checks, including sending of electronic messages or letters to the persons concerned, to verify whether the statements of support were actually submitted by the persons concerned or by an unauthorised third party. A positive reply in such case can ‘sanitise’ the otherwise invalid statement of support. A negative reply is a sufficient reason to invalidate the statement of support. If the signatory does not respond, the statement of support shall be invalidated, based on the original assessment of the data inconsistency.
Member States must follow the template in Annex VI. Any additional information (for example, reasons for the non-validation of some statements of support and available remedies) must be provided in a separate document.
Contact points at national level
Each Member State must establish one or more contact points to provide information and support to groups of organisers on the legal framework and the practicalities about the European citizens’ initiative, including:
- Information and guidance on certification and verification procedures;
- Providing information or referring to authorities that can provide information on the applicable national law, including on the creation of legal entities;
- Providing information or referring to authorities that can provide information on data protection.
Contact points are also expected to contribute to raising awareness about the European citizens’ initiative, in cooperation with the Commission and its representations. Contact points are invited to make use of the material made available by the Commission in all official EU languages on this site.
 For example, the signatory indicated a number corresponding to an identification document that is different to the one mentioned (e.g. passport number instead of ID number).
 For example, the street number or the postcode when the address is required.