Joint Industry Comments on the Database for Energy Labelling

All sectors are committed to work together with the Commission to have EPREL working with the necessary practicality and security level by the end of 2018.

The EU Product Database for Energy Labelling needs to meet the objectives stated in Regulation 2017/1369. It has to be set-up so that the burden for suppliers is minimised (Art 12.7a), data security is ensured (Art 12.9), terms and conditions - including the scope - are known in advance, and a fair and level playing field is safeguarded by identifying free-riders (Recital 6). In addition, it has to ensure that it is fit for purpose for all product groups and it takes into account their various characteristics.
The industries concerned by the product groups to be registered in the EPREL Database welcome the opportunity to comment on the documents published by the European Commission on 19 December. The comments below follow on from our joint position paper of November 2017.

1. Introduction and “executive” description of EPREL
The success of this ambitious project will entail both managerial and technical decisions. Thus, from technicians and engineers up to the executive level, communication is a must. While we appreciate the extent of the documentation, especially the disclosure of the Commission’s primary database documentation in “unified modelling language,” it is also needed to have additional summaries, glossaries and further explanations of technical terms.
We propose to separate (at least) the following key issues and recommend executive summaries for each of them:
- Project Management and Timeline
- Data Transfer and “services” for all key workflows: supplier registration, product registration and product lifecycle management
- Data security and encryption
- Data content model, with clear separation of confidential and public data
- Legal Aspects with respect to liability
Clearly the technical details need to be further elaborated and made readable also to a non-technical audience. Some are proposed in this joint industry paper. Sector specific technicalities, further comments, requests and questions will come directly from the sector associations.

2. Timeline
As we already mentioned in the Joint Industry Paper of November 2017, the deadline for the Database to be operational, while meeting its objectives of security and practicality, is short. We therefore emphasise the need to start as early as possible with pilot operations and functionality tests.
If a full pilot with complete functionalities cannot be developed and shared soon, we propose to break down pilots (or “sandboxes” as we understand COM services call them) in separate essential functionalities. Given the short timeline, they could and should be tested separately and where possible in parallel. The “final” pilot, including all functionalities necessary for full operation, needs to be available by September 2018 at the very latest, to be in time for the first “real” registration foreseen in November 2018. In that case, the pilots of the various functionalities should be available at an earlier stage.
The functionalities are:
Data Transfer from Supplier toward EPREL
The Commission offers 3 different interfaces:
- one is a web browser-based user interface;
- a file transfer (without specifying yet the transmission path);
- a “system-to-system” (S2S) upload.
For S2S, we propose to separate the data transfer from eDelivery (in the Commission Document Assumptions 2.6 this was interlinked). The key issue for this interface is the possibility to upload, in an automated way, the data for larger numbers of model. We propose concretely an XML interface on the current EPREL workspace, where test XML documents can be uploaded, to verify whether the current and future versions of the Exchange format can be met by industry. On the Commission’s side, this can be used to verify whether it can securely and correctly insert the “dummy” documents in their database.
Registration process of a supplier
This issue will be interlinked with security, but we propose to start with a registration process without a fixed interlink to eDelivery and AS4.Moreover, suppliers should be able to determine how they organise their presence in the Database, i.e.: who within the supplier structure has the privileges to write, read and modify their data.
Product Lifecycle Management and other “Service functionalities”
This functionality includes:
- Data Transfer of an agreed defined XML Model, once an XML model is agreed that fulfils the legal and practical requirements;
- The registration of (at least) one product;
- The data management (view, edit, change, delete) of registered products.
Secured Data transfer
eDelivery and its protocol AS4 as the proposed security measure is new to industry. Data Security has been one of the key concerns of industry, mainly with respect to confidential data. See below, a possible fallback solution that should be considered.
We ask for explicit milestones until the end of the year that cover the realisation of the above functionalities.

3. Some aspects of the current Data Exchange Model and its “services”
These issues have many sector specific aspects but there are some issues that are common for all sectors:
- It is industry’s understanding that, for a given model, changes on any if its data entries are possible after its registration and for the full life cycle (i.e. its availability on the EU market) of that model. It would be helpful if the Commission could confirm this? We also understand that these changes are logged. How would this logging be visible to the supplier? Currently there is no “service” like that described.
- We would like to reiterate a request that has been expressed at the respective consultation forum: The view access from market surveillance authorities (MSA) needs to be logged too, as this is important to understand possible clarifications or even allegations from an MSA towards suppliers.
- Proper data maintenance of product data entries need to be possible. In other words, it needs to be possible to edit data entries. Edits should be logged in the EPREL system. e.g. if the reference to harmonised standard has changed.
- We understand that suppliers have to enter the label in electronic format and the Database will also generate the label itself based on the data provided. We would ask for this as an alternative as it seems to be a duplication of effort.
- Regarding placing on-market end date, our understanding is that no end date is required at registration point and once a product is no longer placed on the market, manufacturers should update the Database accordingly. It would be helpful if the Commission could confirm this? According to Art 6 of 2017/1369 the supplier needs to ensure that the respective data of a model has to be in the Database for 15 years (or for a different time, if determined in the relevant delegated act (art. 16.3q)). Clearly that prohibits that the supplier erases that data before. However, the supplier cannot be held responsible in case the Database itself has a lost it. It would be helpful if the Commission could confirm this?
- In addition to the file upload of compliance data, alternative upload of parameterised information, similar to the public data, should be possible.

4. Data security
While the joint industry messages on confidentiality and security from November 2017 remain still valid and should be respected in the further development of the Database, we would like to add some more specific comments.
The current data model does not set a clear separation between confidential data and public data which creates a risk that confidential data might be mistakenly available in the public interface. For instance, currently the confidential field “equivalent models” ranges between the same group of fields as contact address. While this may be a mistake that will be corrected, we see value in expanding the data model e.g. by attributes or other means in a way where a clear differentiation is evident.
We understand that the processes of eDelivery and its associated protocol AS4 are in Europe only in pilot stage and AS4 is not used widely. We suggest that some other alternatives are also compared and investigated meeting necessary security and stability and needed resources.

5. Legal Aspects
Regulation 2017/1369 draws up responsibilities both on industry, as the data owner, as well as on the EU Commission as the Database owner. Clearly there is an overlap, particularly when it comes to data integrity. We therefore invite the Commission to draw up its liabilities with respect to the Database, ideally in the form of draft terms and conditions.

6. Conclusion
Industry would appreciate if these considerations are taken into account and if the respective open issues are clarified soon. All sectors are committed to work together with the Commission to have EPREL working with the necessary practicality and security level by the end of 2018. We would like to emphasise that close collaboration and open information exchange is a necessary precondition for to meet this objective.

Download the document from here.