(DRAFT) MINUTES OF THE MEETING
Of the
TRANSPORT WORKING GROUP
Held at
Hotel Manos
Brussels, Belgium
On
Tuesday, 15th March 2016 in Brussels
List of Participants
1. Ivana Jakubkova, Chairlady Austin, CZ
2. Jean-Paul Reynaud Titanobel, F
3. Marion Lövgren Orica, SW
4. Lucie Holubova Explosia, CZ
5. Janusz Drzyzga Nitroerg, P
6. Matti Vähäpassi Forcit, FI
7. Thierry Rousse EPC, F
8. Maurice Delaloye SSE, CH
9. Rafael Loriente Maxam, E
In attendance: Hans H. Meyer FEEM, B
Apology
1. Jon Jones, Austin, UK
In attendance: Hans H. Meyer, FEEM, Belgium
1. Opening of the Meeting by the Chairperson
Ivana Jakubkova, the Working Group Chairlady, opened the meeting.
2. Competition Compliance
As an Association, FEEM operates in strict compliance with European competition laws. Respect for these laws is a core value applying to all FEEM activities. All members of this Working Group have been informed by the Secretary General about prohibited discussion topics which apply not only during meetings but also to social gatherings before and after meetings. By signing the participation form, the delegates declare their adherence to the Competition Compliance Programme and agree to comply with Competition Law. An up-dated CEFIC checklist of competition compliance regulations has previously been handed out to the working group delegates. In particular the delegates were reminded that they are not allowed to discuss or exchange information which is not in conformity with competition legislation, including e.g. on:
Prices
Production details
Transportation rates
Market procedures
3. Agenda for 15th March 2016 and Approval
1. Opening remarks by the Chairlady
2. Compliance with the European and National Competition Laws and Regulations
3. Agenda & Approval of the Agenda
4. Minutes of the Meeting in Budapest on 22nd September 2015
5. Subjects for discussion from the last meeting in Budapest
6. Secretary General’s Report with, in particular:
a) Security Of Sensitive Data In Cloud Storage Systems
b) ‘Track and Trace’ Directive Report on the Mapping of the implementation of the Directive (Survey)
c) DSB report concerning MEMU truck accident in Drevja, 2013 (follow-up).
d) SCEPYLT
a) Questionnaire
b) Presentation
7. Any other business, in particular:
1. Classification of dual use explosives, like RDX, PETN, HMX, HNS and similar (The Wassenaar Arrangement)
2. Incidents
1. Tianjin Blast
2. West Fertilizer Explosion and Fire on 17.04.2013
3. Explosives precursors
8. Date, place and time of next meeting
The above Agenda was approved.
4. Minutes of the Meeting in Budapest on 22nd September 2015 and Approval
The Minutes were approved.
5. SUBJECTS FOR DISCUSSION FROM THE LAST MEETING
– Survey of implementation with possible varying interpretations in the EU member states, e.g.
– Definition of end-users and their duties
– Magazines & inventories
– Explosives quantities
–
Redundancy with current National legislation, creating administrative cost and burden’s duplication,
- Proposal: Speed-up National legislative process to solve any duplication and administrative burden, and promote the implementation of e-administration instead paper Documents.
Some countries want to make XML-file mandatory!
For instance: According to national and European regulations undertakings in the Explosives sector have to record the receipt and inventory of every single explosive item. With the existing Track & Trace soft-wares companies have the possibility to use an electronic stock book instead of the traditional handwritten one. However, several national authorities still request to maintain the old manual explosives registers in book form (e.g. in Italy & other countries: manual plus electronic registers).
– Some countries are applying the T&T Directive only till the gate of the user’s site (e.g. Austria & Norway)
• Interpretation of the EC end users definition and Directive
• Creates distortions of the market and unfair competition between companies from the
different surrounding countries
Need of clarification!
6. Secretary General’s Report
The Secretary General up-dated the delegates and gave his presentation on the following topics:
a) SECURITY OF SENSITIVE DATA IN CLOUD STORAGE SYSTEMS
in connection with EU Directive 2008/43 of 04 April 2008 respectively Directive 2012/04 of 22 February 2012, the so-called „Track & Trace Directive“.
COMMISSION DIRECTIVE 2008/43/EC regulate in Article 13 the Data collection:
3. “Member States shall ensure that the data collected including the unique identifications is kept and maintained for a period of 10 years after the delivery or whenever known after the end of the life cycle of the explosive even if undertakings have ceased trading.“
Of course the Directive does not stipulate any method of how to store the data.
The only specifics are mentioned in:
(d) Keeping and maintaining the data collected including the unique identifications for the period specified in paragraph 3 of Article 13;
(e) Protecting the data collected against accidental or malicious damage or destruction;
Within the explosives’ supply chain XML files with consignment details, which are standardized according to the harmonized FEEM structure are usually transferred and are generally being stored by means of:
CDs
Emails with XML attachment
USB-Sticks
private FTP* / SFTP* Servers (* (Secure) file transfer protocol)
Web-Services
An increasing number of users, normally the larger companies have outsourced their specific T&T IT-Services to specialized IT-Providers, who offer web-solutions because of the following advantages:
· Common interface to all clients and suppliers, no individual adjustments
· Highest possible data security, safety, availability guarantied by certified Severs
· Transaction safe: 100% guaranty of correct data transmission
· ENCRYPTION and compression of data possible
· Formal correctness of all messages is checked, no unreadable data
· Secure deletion of all transmitted data, no hidden remains
(only technical message status information is stored in case a later proof of delivery is needed)
· Central provision of product master data to customers
· Adding additional information needed to operate electronic stock book by customers
At the last meeting of the Explosives Working Group in Brussels on 26.10.2015 a delegate from Italy raised concerns about the security of sensitive explosives data in such cloud storage systems. The data is often and especially in this case of great value and its irrecoverable loss or damage could be a total disaster for its owner and he would not be able to fulfil his legal requirements. On top these might be sensitive data which could be misused?
Of course Cloud storage services offer user-friendly, easily accessible and money-saving ways of storing and automatically backing up arbitrary data.
But are they also safe and secure?
Data Safety & Security
These concerns have been taken seriously and have been discussed in the past months with members and IT providers. Of course there are general rules, how to deal with security-related data. Most of the providers are storing their data in encrypted form.
In addition, the data never leave Europe! The T&T IT-providers use specially certified data centres in Europe, such as IBM in Frankfurt and Amsterdam. All accesses to the data require a login to the system. This ensures that only the confirmed owner of the data can view them. A subsequent change or losses of the data are excluded. The present solutions should meet all relevant European rules & regulations concerning save data.
In the end, however, the question remains how far are the T & T data at all relevant to security? Even if a cyber-attacker could read the data, he would only learn that quarry XY gets explosives from supplier Z. Since the conventional explosives are well known, the gain of knowledge of such an attack is likely to be limited. If someone wants to raid an explosives transport, he does not need XML file data and cloud information.
Thus, I am of the opinion that the economic value of the data is more worth to be protected. Anyway, as far as we can evaluate the situation, the T&T IT- providers have conducted considerable effort to save the data on the Internet safely. Experience also shows that many smaller companies have difficulties to implement reliable data storage and archiving concepts in their own offices. In this respect, the data are currently certainly better protected and conserved in a professional data centre, as on a domestic laptop.
b) ‘Track and Trace’ Directive Survey & Report
The European Aggregates Association (UEPG) together with EURACOAL, EUROGYPSUM, EUROMINES, IMA Europe (the Industrial Minerals Association), the EU-Commission & several FEEM Working Group delegates have organized a Task Force in order to facilitate the implementation of the Directive to the Supply Chain and they have initiated a ‘Track and Trace’ Directive Survey and Report on the Mapping of the implementation of the Directive.
MAIN ACTIONS OF THE TASK FORCE
1. Elaboration & dissemination of T&T Guidelines to the whole explosives supply chain including training documents for distributors and end-users in 9 languages
2. Recommendation for the general use of the FEEM code system, including FEEM Small Articles guidance document
3. Operational Procedures for marking and labelling
4. Safety and Legal requirements for Hardware and Software
5. Set up a Website: www.explosives-for-civil-uses.eu
6. Survey and report about status of implementation
The SURVEY
Between August to November 2015 a survey has been launched together with the explosives industry, distributors, specialized software-developers and end-users on the identification and mapping of the implementation process of the ‘Track and Trace’ Directive and latest challenges faced up by the whole supply chain for a good directive’s implementation in Europe and to evaluate the implementation of T&T Directives.
Replies
1. 22 EU – Memberstates (dark green)
2. 2 EFTA States (Norway & Switzerland)
3. 6 EU members not replying (Lithuania, Denmark, Netherlands, Luxemburg, Slovakia, Malta)
Ø End-User Companies – 17 replies
Ø Explosives manufacturers – 16 replies
Ø Distributors - 18 replies
Ø TTE (software company) – 7 replies
Should be fully implemented since the 5 April 2015
Ø Partially implemented (2 EU + 2 EFTA Countries – Norway, Switzerland, Austria, Hungary)
Ø Fully implemented (20 EU Countries)
Ø No information (6 Countries - (Lithuania, Denmark, Netherlands, Luxemburg, Slovakia, Malta)
Q: What are the latest challenges you are facing up in your country regarding the good implementation of the T&T Directive?
Answers, Complaints, Recommendations:
1. No official information from the Members States Authorities about T&T implementation and no or too little Administration Guidance
2. Delayed implementation and postponed decisions till the last minute in some countries (e.g. U.K., Italy, France) leading to some problems
3. Redundancies with previous national legislation creating administrative cost and burden’s duplication (e.g. Italy, Germany, Finland: manual + electronic registers)
4. Some MS don’t promote the implementation of e-administration instead paper documents
5. Unmarked explosive products. Could be old products or products where the label was lost due to handling operations
6. Small & medium sized end-users complain about resources’ barriers (e.g. financial, human, methodology)
7. Mistakes or differences between the XML content and the explosives received in the XML file, which leading one or several of the stakeholders of the supply chain to be responsible for an item that was not received.
1. Legal problem for the end user
2. Quality of information
8. Non readable explosives. Some labels on detonators, cartridges and other items are not always readable and difficult to scan. It is a question of ink, format of the items, quality of the labels and software.
9. Availability of hardware (hand held scanners)
10. Availability of software
11. Cost of devices and/or software
12. No or little support for the devices, e.g. scanners and software
13. Difficulties with the interoperability of companies (e.g. between the supply of data from one explosives provider to another)
14. XML files not compatible or used by company
15. Intermittent issues/connection with the software / hardware solution
16. Lack of training of workers on track & trace systems
17. Since there are normally 2 or more authorities involved at MS level (e.g. administration & police), sometimes it is not clear who is taking the leadership and / or who is controlling (e.g. Italy, Germany)
18. Some countries are applying the T&T Directive only till the gate of the user’s site (e.g. Austria & Norway) whilst others request to trace to individual persons
19. Differing interpretation of the EC end users definition creates distortions of the market and unfair competition between companies from the different surrounding countries
20. Not only different approaches at national level but also in some countries (Germany, Italy) the regional administrations have their own interpretation causing some confusion
21. A problem with the contact points - how to verify that the contact person asking for T&T information is from the Police or from the competent Authorities? No-one should give “blind” information.
22. Sometimes, the labels become unreadable due to different causes like: water, handling for blasting. What to do with them?
1. Proposal: The safest and most economical way would be to allow END-USERS to destroy them in the quarry according to the Swedish derogation: “Products without marking may not be assigned by manufacturers and importers. However, consumers / users are allowed to consume unlabelled products. So you are free to use and consume the unlabeled products when you are loading and blasting yourselves. “ Note: Distributors/blasting service companies/end-users (unlike manufacturers) are not entitled to re-label unmarked products.
The working group has realized that there are still some open questions and problems with T&T. Some are on a good way to be solved or have been solved by the Explosives Industry like the quality of labelling or XML-file harmonization. Others concerning differing interpretations of the Directive (e.g. end-user definition, handling of unmarked products) are under discussion with the Commission and the EU Memberstates.
Irish Proposal (J. Coates GIE Ireland)
to EU Commission of Dec. 2015 concerning Identification & Traceability Problems and
Solutions:
Main problems:
1. Unreadable Bar/Matrix Codes
2. Poor printing
3. Damaged, wrinkled or scratched labels
4. Non-standard bar-codes
5. Logistical information incomplete in code fields.
6. XML data file supplied by manufacturers/distributors incomplete or missing