Once-only principle

The once-only principle is an e-government concept that aims to ensure that citizens, institutions, and companies only have to provide certain standard information to the authorities and administrations once. By incorporating data protection regulations and the explicit consent of the users, the public administration is allowed to re-use and exchange the data with each other. The once-only principle is part of the European Union's (EU) plans to further develop the Digital Single Market by reducing the administrative burden on citizens and businesses.

Description
The application of the once-only principle to public administrations in all EU Member States aims to reduce administrative burdens. This objective was endorsed by EU ministers in the Ministerial Declaration on eGovernment in 2009. The EU-wide application of once-only is also one of the pillars of the strategy for the Digital Single Market and one of the basic principles of the EU eGovernment Action Plan 2016-2020.

The once-only principle is defined differently in the individual EU Member States. In some countries it refers to data storage, which means storing the collected data in a single database. In other countries, once-only refers to data collection and specifies that data may be transmitted only once to public administrations, but that multiple data repositories are possible. Other countries combine both approaches and require that the data must be collected only once and stored in a single database.

Government-Centric vs Citizen-Centric Once-Only
Critical to the discussion of Once-Only is WHO is doing the sharing and using which Identity? There are two opposing approaches; the Government-centric and the Citizen-centric - both of which technically implement Once-Only.

In the Government-centric model, the citizen use the same or easily linkable identifiers across applications, borders and databases. In this case, data control is centralized leading to systemic profiling and accumulation of risks. Proponents - mainly government bureaucracy - of this model claim it to be more efficient.

In the Citizen-centric model, the citizen do NOT use the same or linkable identifiers, but instead a variant of Privacy/Security by Design such as according to e.g. EU Digital Signature Regulation article 5.2 on pseudonymous signatures and Identity. Applying this principle the citizen can have non-linkable but fully functional and legal identities that are not linkable even within the same application in the same database in the same member state. In this model control is decentralized and the citizen act as data broker. Proponents – mainly citizen-rights experts and activists (e.g. EDRI), legal experts, security experts and economists – of this model claim it to be more effective and secure as it prevents classical Command & Control failures ensuring systems adapt to citizens choice and drastically reduce security risks.

In addition to the technical and economic issues, there is a real concern that Government-Centric model similar to Data Retention will prove incompatible with GDPR and Human Rights article 8 as it requires government profiling citizen in order to detect attempted requests for data already collected for another purpose. This problem would not arise in Privacy by Design based Citizen-Centric Once-Only models.

Citizen-centric models are under implementation in Denmark in a model named CitizenKey.

Benefits
The once-only principle can help to reduce administrative burdens in the EU Member States, as exchanging information that has already been collected is cheaper and less burdensome than collecting and storing it repeatedly. Furthermore, some experts believe that data protection concerns can be better taken into account.

Process optimization and potentially higher administrative efficiency are described as main advantages of once-only for public administrations. These include fewer calls to customer service centers, fewer paper-based applications, faster processing of administrative processes, time savings due to reduced data capture requirements and fewer data errors due to data reuse. This could save costs for public administrations and improve the quality of various public services.

Cross-border implementation of the principle could also help to ensure equal treatment for domestic and foreign persons and companies in the use of public services, for which they are obliged to provide information to public authorities. Better public value creation could, on the overall level, improve the legitimacy, transparency and accountability of public administrations.

Barriers
According to a study carried out on behalf of the European Commission, once-only encounters technical, organisational, semantic, and legal obstacles to implementation throughout the EU.

On the technical side, there is a lack of a comprehensive and secure data exchange solution, interoperable catalogs and IT systems as well as a lack of infrastructure for a secure and data protection-compliant exchange. In addition, other barriers are organisational in nature. The study includes the lack of clear political guidance, the high implementation costs and the lack of administrative willingness to cooperate and exchange data. As far as semantic aspects are concerned, the challenge lies in the lack of or over-distributed registers and the insufficient interoperability of existing registers and data. In addition, barriers exist due to different standards, taxonomies, data models and data quality. Legal obstacles include the heterogeneity of national legal frameworks, data protection and respect for privacy.

These aspects prevent a fast and far-reaching implementation of the once-only principle at European level.

Criticism and public reception
The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, welcomed the EU-initiative, but claimed additional clarity on important data protection principles. In particular, the proposal should not provide a legal basis for the exchange of information for purposes other than those mentioned therein. Furthermore, it should not restrict the principle of purpose limitation laid down in the General Data Protection Regulation. The EDPS also asks for clarification of a number of questions relating to the practical implementation of user control. The advocacy group European Digital Rights (EDRi) pointed out, that a once-only implementation needs to follow privacy by design and privacy by default, to be citizen-friendly and user-oriented.

A representative survey on e-government in Germany, Austria and Switzerland in 2017 showed that the majority of the population in each country is rather skeptical. A national once-only implementation received less than 50% support in all countries, a Europe-wide once-only implementation received less than 20%.

Implementation of the once-only principle (national)
By 2014, 25 European countries had begun to implement once-only to a certain extent and 13 countries had legislation supporting the implementation of the principle for businesses and individuals. However, implementation is still fragmented across the EU and once-only cross-border applications are still limited to a few services and cases. The most advanced once-only infrastructures exist in Belgium, Estonia and the Netherlands, which have national legislation and enforce its implementation.

Estonia
In Estonia, once-only is used in most administrative procedures. Several essential prerequisites, including legal, administrative and technical requirements, have been fulfilled. Since 2007, the Public Information Act prohibits the creation of separate databases for the collection of the same data. Also, the General Part of the Economic Activities Code Act states that economic administrative authorities are prohibited to require companies to provide information that is already entered in a public database. The prohibition also applies to information which can be obtained from the relevant register of another Contracting State.

In the health sector in Estonia, the once-only principle is already being used in the electronic health record. Since 2008, health data has been managed via a central database. Specialists can document analyses, diagnoses, test results and treatment procedures. After a transfer to a hospital, for example, the patient data can be retrieved from the database without the patient having to enter the data again. In emergency situations, an electronic first aid card can be generated in the ambulance after identification of the patient, which provides vital data to the first responders. Patients can access the database via a (mobile) ID card and manage their data independently and give their consent/rejection to the data exchange.

Netherlands
In the Netherlands, the once-only principle is applied in several areas. The Stelsel van Basisregistraties (Basic Registries System) was founded in 2003 and comprises 12 basic registries containing general information on companies and individuals, such as company names, personal addresses, cadastral information, income and registration information for motor vehicles. This enables businesses and citizens to provide this data only once. The system includes both open and closed registers where information is only accessible to those who need it for their work.

Regarding the once-only principle for private individuals, the Dutch tax office (Belastingdienst) introduced the prefilled tax returns in 2014 and made them standard in 2016. Because tax data from different databases is automatically merged and added to tax forms, users don't have to manually fill in tax forms. Once-only is also used in the Elektronisch Patiënten Dossier (EPD, Electronic Patient Dossier). It enables caregivers to ask other service providers for patient information via a national exchange office. Access to information is only possible if patients have given their prior consent. Patients can view their medical records online (authentication takes place via eID) and allow access to the care providers.

Critics in the Netherlands see the risk of abuse and invasion of privacy in the event of burglary of the system by crackers. In that case, very sensitive medical information can be exposed. Such information is highly sensitive to privacy and can cause major harm to victims.

Belgium
Belgium adopted its own law on once-only in 2014. The law requires the federal government's public administrations to retrieve all available data from official registers with a unique identification feature instead of asking citizens and companies to make this data available more than once. The implementation of the law is facilitated by the system of basic registers and the eID system, which provides each data holder with a unique identification feature. This will allow public administrations to exchange data and give individuals and businesses access to public electronic services. The system also enables citizens to know at any time which organisation has accessed their data.

In the area of business services, a number of common transactions (e. g. registration of company name and address, withholding tax and social security contributions from wages) can be carried out online using pre-entered forms. The administrative burden of setting up a business is also considered low due to the extensive re-use of data from public sector databases.

In the Belgium region Flanders, the once-only principle (known as the "vraag niet wat je al weet" principle) was adopted as part of the Flemish e-government decree of July 18, 2008. The decree requires that the Flemish public administrations retrieve the data required for their government processes from authentic data sources, when available, and gives citizens the possibility to complain if he or she is asked for data which is already available in such an authentic data source.

The MAGDA platform (Maximum Data Sharing between Agencies) is a once-only principle implementation supporting electronic delivery of public services, at the federal, regional, and local levels of the government. The platform enables the reuse and sharing of citizens’ and companies’ data between the Flemish government authorities (190 agencies and 13 departments). The platform allows citizens and businesses to enter or update their data only once, from a single point of access, to be used by all public authorities. The exchange and reuse of existing data between government agencies through the MAGDA platform is performed using the national eID; accordingly, the once-only data collection relies on the eID card as well. Different public services, especially the application for benefits, can be performed online, without providing personal information or performing any further paperwork. All required data is transferred automatically, since MAGDA retrieves the required data from the national registry of natural persons after the citizen has been identified through his or her eID card.

Austria
Austria has set itself the goal of advancing once-only integration in the field of eGovernment services in the coming years. In some cases, the principle has already been applied, e. g. in the case of the Austrian electronic health record (ELGA) or the Austrian FinanzOnline service.

A prominent example is the case of family allowances in Austria. After the birth of the child, the authorities will be asked whether a legal claim exists without a request. The competent registry office collects all relevant data on the child and the personal status data of the parents in the Central Register of Civil Statuses (CPR), operated by the Federal Ministry of the Interior. These data are transmitted by the Federal Ministry of the Interior to the tax authorities. The tax authorities are now examining whether all the conditions for granting family allowances are met. If this is the case, the parents are informed and the money is automatically transferred to the account. Up to six authorities had to be consulted by May 2015. As a rule, citizens no longer have to produce any evidence at all and receive support without submitting an application. In addition, the birth certificate and other documents can be requested in some hospitals (e. g. in Vienna) through a branch office of the registry office (so-called' baby points'). This avoids further visits to the authorities.

Portugal
Slowly, the national administration is adopting the once-only principle. For the moment (2018), the most visible effort is on the annual tax form for individuals, which is now mostly pre-filled for everybody, using data existent on several different national offices. In thousands of cases, the form is even defined as complete, without the need for those citizens to do anything else other than confirming it in the system. This allows a speedy processing of taxes, to the point of reimbursements being made in a matter of weeks.

Denmark
Denmark has for many years been pursuing the Government-centric Once-Only model with significant focus on central sharing and citizen profiling. Benefits of this model was mainly achieved in the 1980s and early 1990s.

Since then accumulating problems with trust, security and effectiveness of public sector models has led to search for New Digital Security Models addressing and solving these issues through extending or replacing models with Citizen-Centric Once-Only

These models would involve introducing a two-layer National Identity and Digital Signature Scheme implementing support for eIDAS article 5.2 as purpose-specific identity and data sharing which will be tested in Denmark preparing for an EU-wide roll-out.

Spain
In Spain, once-only is first mentioned in 1992. The Law 30/1992 of 26 November, on Public Administrations and the Common Administrative Procedure recognized the citizens’ right to non-provide documents already in hands of the acting Administration. Fifteen years later, the Law 11/2007 of 22 June, on Citizens’ Electronic Access to Public Services, extended this right to documents and data in hands of any Public Administration body. Then, the Law 39/2015 of October 1, of the Common Administrative Procedure of the Public Administrations complemented this right with a public administrations' obligation to verify and obtain data in hands of any public body with the citizen consent.

Along these years, the implementation of the once-only principle in Spain has been undertaken with sectorial and general domain initiatives. For instance, the Spanish Tax Agency started providing prefilled tax declarations to citizens in 2003, and the interoperable electronic prescription was launched in 2015 to allow buying medication in the whole country regardless of the administration that issued the prescription.

A general purpose implementation of the once-only is the national Data Intermediation Platform (DIP), as a result of a collaboration effort involving the whole Spanish public sector. The DIP was launched in 2007 by the Spanish Government to publish and consume services for electronic data interchange with the aim to grow and to be re-used by all Administrations. Using the DIP with the SCSP protocol, public bodies in charge of administrative procedures can automatically check the required information without document submission by the citizens. The SCSP protocol is aimed to substitute paper certificates by electronic data exchanges and it defines a common structure for the messages and a governance model that considers four roles as result of two dimensions: data consumer/provider and business/technical actor. The Citizen's Folder is an online site where a citizen can access and see her/his data exchanges though the DIP. Since 2007, the number of data enquiry and verification services provided by the DIP has been growing dramatically, reaching almost 81 million of data transmissions in 2018 with 1191 public bodies involved (65 national bodies, 47 regional bodies, 11 institutional agencies, 1045 municipalities and 22 universities).

e-SENS
The aim of the EU's large scale pilot e-SENS was to enable digital, cross-border management through generic and reusable technical components in the European Union. This project focused on technical solutions such as eID, e-documents and electronic signatures.

As part of the Citizen Lifecycle area of e-SENS, Sweden has been testing a new online service since 2016, providing third country students access to academic programmes at Stockholm University. The pilot project uses eID to identify and register, using a federal cross-border authentication tool supported by e-SENS, a large-scale EU initiative.

The pilot project, which is run by the University of Stockholm, enables foreign students to study Swedish courses at the same level as students on campus, including secure submission of signed assignments, individual teacher feedback online and participation in examinations. The system uses an extended version of the online learning platform Moodle.

Nordic Institute for Interoperability Solutions
Nordic Institute for Interoperability Solutions (NIIS) is a non-profit association founded by Estonia and Finland in June 2017. Iceland joined NIIS as a partner in September 2018. The mission of the institute is to develop e-governance solutions and its first product is X-Road data exchange layer. X-Road is used nationwide in the Suomi.fi Data Exchange Layer service (Suomi.fi-palveluväylä) in Finland and in the Estonian data exchange layer X-tee. Public sector organisations in both countries are legally obliged to use the national data exchange layer services. In addition, private companies are allowed to use the services in both countries. X-tee and Suomi.fi Data Exchange Layer are technically connected to one another which enables easy and secure cross-border data exchange between Estonia and Finland.

eManifest
The eManifest pilot project was launched in 2016 to test the implementation of the once-only principle for maritime data in cooperation between DG MOVE, DG TAXUD, the European Maritime Safety Agency (EMSA) and representatives of maritime and customs authorities from 13 EU Member States and industry associations. The aim of the project is to test procedures that would simplify reporting formalities for maritime transport and facilitate the implementation of Directive 2010/65/EC on reporting formalities. The pilot project aims to ensure that data elements transmitted by maritime operators can be reported once only through a single transmission to the national or EU-wide maritime Single Window. Subsequently, they will be distributed to the competent national authorities.

Business Registers Interconnection System
The BRIS (Business Registers Interconnection System) is an initiative at EU level that provides a cross-border cooperation platform for European business registers and acts as a single point of access for the European e-Justice portal. It provides a service through which citizens, businesses and public administrations can access information on companies and their branches established in other Member States in accordance with Directive 2017/17/EC. BRIS provides an interface/search function for accessing enterprise data at EU level. It is designed to reduce the administrative burden on businesses in meeting cross-border obligations and to increase the legal certainty and efficiency of procedures carried out by public administrations.

X-trans.eu
X-trans.eu was a cross-border pilot project between the Free State of Bavaria and Upper Austria with the aim of developing a faster procedure for the application and approval of cross-border large-capacity transports. Due to the different application forms and procedures for obtaining heavy goods transport permits in different countries, the aim of the pilot project was to create a central system that would save companies from submitting multiple applications for the same transport to different local authorities. The central approval portal x-trans.eu enabled the applicants to make their data available only once for the respective transport. The information collected was then forwarded to the appropriate authorities in each country, based on the application requirements in each country. The portal was based on a common data model that contained all the information required for approval. Rules could then be formulated to describe the information and application formats required in the individual countries. This made the system completely scalable for every European country. During the pilot phase, the data exchange between Austria and Germany was successfully tested.

The Once-Only Principle Project (TOOP)
The Once-Only Principle Project (TOOP) is a large-scale cross-border pilot initiative supported by the Horizon 2020 framework programme, which examines the feasibility of the once-only principle at cross-border level. TOOP takes a specific approach to the once-only principle by focusing on information about companies (i. e. without data on individual citizens) and the cross-border exchange of this information. The project aims to contribute to a future in which companies have to pass on certain standard information to a national or supranational public administration only once, and this information can be shared and reused by public authorities in compliance with legal requirements and constraints.

Stakeholder Community of the Once-Only Principle For Citizens (SCOOP4C)
Stakeholder Community of the Once-Only Principle For Citizens (SCOOP4C) is an EU coordination and support action supported by the Horizon 2020 Framework Programme. The aim of the initiative is to examine how better provision of public services to citizens can be achieved by applying the once-only principle. SCOOP4C was established to analyze implementation barriers, generate once-only research and identify and link relevant EU stakeholders. To this end, the initiative regularly organises EU-wide workshops and events on the subject and provides an online knowledge base, a community platform and a best practice database. This aims to bundle all current once-only initiatives and facilitates the exchange between experts.

Purpose-specific Citizen identity (eIDAS 5.2) and Citizen-centric Once-Only (CitizenKey)
A civil-society-driven project established in Denmark aiming to set up a self-owned non-profit foundation (Digital Identity & Security) to support and service eIDAS 5.2 identities and citizen-centric once-only data sharing across all of Denmark. The project emerged from numerous large-scale EU security and identity research projects such as SECURIST, HYDRA, and ABC4TRUST etc. aiming to implement full-service eIDAS 5.2 identities including legal signing, payments, data sharing, credentials validation and communication WITHOUT digital identification in the transaction. The project aims to implement two large-scale Privacy by Design pilots – one on one Identity, payments and tax compliance and one on Personal Medicine ensuring strong anonymity around genome-related SmallData research and treatment.