Online Collection Software Requirements - Study

EC DIGIT

Requirements specification for online

collection of statements of support system software

Final version

Requirements specification for online collection of statements of support system software

2

Table of Contents

1. DOCUMENT INFORMATION ...........................................................................4

1.1 DOCUMENT HISTORY.............................................................................................4 1.2 RELATED DOCUMENTS...........................................................................................4

2. INTRODUCTION....................................................................................................5

2.1 CONTEXT ..................................................................................................................5 2.2 SCOPE .......................................................................................................................5 2.3 STAKEHOLDERS.......................................................................................................6 2.4 DOCUMENT STRUCTURE ........................................................................................7

3. GLOSSARY ...............................................................................................................8

4. GENERAL REQUIREMENTS ...........................................................................10

5. FUNCTIONAL REQUIREMENTS...................................................................12

5.1 IDENTIFICATION OF AN INITIATIVE WITHIN THE ONLINE COLLECTION SYSTEM – DETAILED REQUIREMENTS...........................................................................12 5.2 SIGNATORY’S LANGUAGE & COUNTRY SELECTION – DETAILED REQUIREMENTS .................................................................................................................14 5.3 IDENTIFICATION OF A CITIZEN – DETAILED REQUIREMENTS ....................14 5.4 SUBMISSION OF THE STATEMENT OF SUPPORT FORM – DETAILED REQUIREMENTS .................................................................................................................19 5.5 REPORTING – DETAILED REQUIREMENTS .......................................................21 5.6 DISPOSAL OF COLLECTED DATA – DETAILED REQUIREMENTS ....................22

6. DISPLAY REQUIREMENTS ............................................................................23

7. LANGUAGE SUPPORT REQUIREMENTS .................................................23

8. ACCESSIBILITY & USER FRIENDLINESS REQUIREMENTS........24

9. SCALABILITY AND PERFORMANCE REQUIREMENTS....................26

10. DATA VALIDATION REQUIREMENTS .....................................................26

11. DATA INTEGRITY REQUIREMENTS .........................................................27

12. LOGGING REQUIREMENTS ...........................................................................30

13. BACK-UP REQUIREMENTS ............................................................................30

APPENDIX A: BACKGROUND INFORMATION REGARDING THE SUBMISSION OF AN INITIATIVE AT THE EC ................................................32

APPENDIX B: LANGUAGES .......................................................................................34


3

APPENDIX C: SUBMISSION FORM.......................................................................34


4

1.DOCUMENT INFORMATION

1.1 Document History Version Description Date Reviewed By: 0.1 Initial Draft for Review 04 February 2011 ***

0.2 Updated Draft for

Technical Team Review 07 February 2011 ***

0.3 Draft for review by EC DIGIT

08 February 2011 ***

0.4 Draft review by SG 15 February 2011 *** 0.5 Final Draft based on

review by SG 1 March 2011 ***

0.6 Final Draft based on feedback *** (SG)

7 March 2011 ***

1.0 Final version 9 March 2011 *** 1.1 Final version amended

based on additional feedback *** (SG)

25 March 2011 ***

1.2 Related Documents

Title Version Author


5

2.INTRODUCTION

This document has been drafted by Deloitte to identify EU and Member State requirements concerning tooling for the online collection of statements of support for Citizens’ initiatives.

The requirements are derived from the related Regulation, from stakeholder interviews, a review of good practices and a review of sites with similar functionality.

2.1 Context

The Lisbon Treaty introduces the European citizens’ initiative, which enables one million citizens who are nationals of a significant number of Member States to call directly on the European Commission to bring forward an initiative of interest to them in an area of EU competence.

This document describes the requirements for the collection through an online collection system.

Organisers are citizens of the Union with the minimum age on which they are eligible to vote for the EU Parliamentary Elections (18 years in all Member States except Austria, 16 in Austria). They form a citizens’ committee in order to submit an initiative to the European Commission.

The Commissoin approves or rejects the proposed initiative. ANNEX A provides more details on review and acceptance of the initiative by the European Commission.

Next, the organisers will strive to collect at least one million statements of support from EU Member States. Every citizen of the Union should be able to submit a statement of support, either in paper format or electronically.

For the electronic statements, a number of requirements prevail. The online collection system should be usable in all Member States. It should be certified by a Member State and the certification must be made public on the organisers' website. In order to facilitate on the one hand compliance with these requirements by organisers of initiatives and on the other hand certification of online collection systems by the relevant Member State authorities, the Council has proposed that the Commission should develop an open source software for online collection, which would satisfy the requirements of the regulation and could be freely downloaded by anyone.

2.2 Scope

The scope is limited to the requirements of the online collection system itself:

• the online collection of statements of support in an intelligent, user friendly manner;


6

• the storage of the collected data for a limited time period in a secure manner;

• the export/reporting of data towards the relevant EU Member States.

The online collection system should not provide any functionality regarding

• the registration of the initiative by the organisers to the EC;

• the verification of the signatures by an EU Member State;

• electronic signing capabilities.

The organisers are responsible for the maintenance and availability of its website and the online collection system they present to gain support. Therefore, they should set their goals regarding availability as this is in their own interest as less availability means less opportunity to gain support. These availability requirements are not enforced by the online collection system. The certification of the online collection system by the Member States is out of the scope of the current requirements document.

2.3 Stakeholders

The online collection system itself will be used by the following parties:

• Organisers (to submit the information on the initiative and to report on the collected number of statement of support forms)

• Citizens (to complete and submit their online statement of support)

Reports out of the online collection system are destined to

• the competent authorities in the EU Member States (for verification purposes)

The European Commission facilitates the Citizens’ initiatives. Key stakeholders are:

• Secretariat General to determine requirements

• DIGIT to help define and provide the applications


7

2.4 Document structure

This document outlines the requirements for the online collection system. It contains an introduction and glossary.

Next the requirements are listed and structured as follows:

• General requirements

• Functional requirements

• Display requirements

• Language support requirements

• Accessibility & user friendliness requirements

• Scalability & performance requirements

• Data validation requirements

• Data integrity requirements

• Logging requirements

• Back-up requirements

Finally, the appendices provide (A) further background information, (B) the list of official languages and (C) the submission form.


8

3.GLOSSARY

Term Definition Captcha Abbreviation of: “Completely Automated Public Turing-test

to tell Computers and Humans Apart” A Captcha is a reaction test used in computing as an attempt to ensure that the response is not generated by a computer. E.g. asking a user to retype a picture that shows a word, which is legible for a human being but not legible for a computer.

Citizen of the Union A citizen is a person who holds the nationality of one of the 27 EU Member States.

Citizens’ committee A citizens’ committee is a group of at least 7 organisers who are residents in at least 7 different EU countries responsible for the preparation of a citizens’ initiative and the submission to the Commission.

Citizens’ initiative A citizens’ initiative is a proposal for a legal act of the Union by a citizens’ committee.

Commodity hardware Commodity hardware is hardware that is easily and affordably available. A device that is said to use "commodity hardware" is one that uses components that were previously available or designed and are thus not necessarily unique to that device.

Data controllers A data controller is a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

Encryption Encryption is the conversion of data into a form, called a ciphertext, using an algorithm, that cannot be easily understood by unauthorized people.

Identity stores An identity store is the location where user identification and authentication information is stored.

Input validation Input validation is the process of ensuring that a program collects clean, correct and useful data. Validation “rules” check the correctness, meaningfulness, and security of data entered in the system.

Local File Inclusion Local File Inclusion is the process of including files on a server through the web browser. This vulnerability occurs when a page is not properly sanitized, and allows directory traversal characters to be injected.

Online collection system An online collection system is a web based application designed to collect data over a network.

Open-source software (OSS)

Open-source software (OSS) is computer software that is available in source code form for which the source code and certain other rights normally reserved for copyright holders are provided under a software license that permits users to study, change, and improve the software.

Organisers Organisers are citizens of the Union forming a citizens’ committee responsible for the preparation of a citizens’ initiative and the submission to the Commission.

http://searchcio-midmarket.techtarget.com/sDefinition/0,,sid183_gci213853,00.html




9

Term Definition Portal Front-end site. Processing Processing of data is any process that uses a computer

program to enter data and summarise, analyse or otherwise convert data into usable information.

Register The register is an online register made available by the Commission to provide the information about the initiative, in particular on the subject-matter and objectives as well as on the sources of funding and support for the proposed citizens' initiative.

Reusable Software is reusable if a segment of source code can be used again to add new functionalities with slight or no modification.

Session A session is an interactive information exchange between communicating devices.

Signatory A signatory is a citizen of the European Union, who supports an initiative by completing a statement of support.

Site Visitor Any site visitor or “end user” of the front-end site/portal. Web application A web application is a software application that can be

accessed over a network or internet.


10

4.GENERAL REQUIREMENTS

The table below lists the general requirements of the online collection system. Mandatory

GEN 1.0 The online collection system should be written in a current programming language (e.g. PHP, Perl, Java, C++,…).

GEN 1.1 The online collection system should be made in open-source software and made available on a website, downloadable free of charge.

GEN 1.2 The online collection system should be a web-based system which is accessible via a link published on the organiser’s website.

GEN 1.3 The online collection system should be easy to install.

GEN 1.4 It should be possible to deploy the online collection system on multiple platforms.

GEN 1.5 The software must be able to run in virtualized environments.

GEN 1.6 The software must have reasonable hardware requirements (no exotic hardware should be required for running the software).

GEN 1.7 The online collection system should have a “password protected area” with authentication mechanisms, accessible to the organisers, as well as a “public area” for the citizens to submit their statements of support without any authentication mechanism.

Forgotten passwords should be automatically generated and sent to the organiser who is designated as administrator.

GEN 1.8 A parameter table should exist in the online collection system allowing to

• Define the languages that can be selected by the signatories

• Define and modify warning messages according to the needs of different Member States (e.g. language, difference in data field format, mandatory field not completed)

• Manage whether fields are optional or required in order to be able to react to future modifications

• Modify the data format of the fields in order to be able to react to future modifications

• Manage user access rights for the organisers


11

Such parameter table should only be accessible to the organisers.

GEN 1.9 The online collection system should allow to rollback choices previously made and/or answers previously given, up to the moment a statement of support form is submitted. Once the form is submitted, changes should not be possible anymore.

GEN 1.10 Data will be stored in a database (see further).The tool needs to be independent of the database; i.e. the organisers should be able to choose which kind of database they will implement (open-source or licensed). Nevertheless, a tool should be provided that offers a complete solution; i.e. the software together with the database. If the software has dependencies on a database, the database should be open-source and using a current technology as well (e.g. MySQL, PostgreSQL, …).

GEN 1.11 Each screen in the online collection system should have buttons to

• Return to the previous page

• End the process and return to the home page of the organiser’s website without saving or submitting the information.

GEN 1.12 Functional documentation and user documentation of the online collection system should be designed.

GEN 1.13 The online collection system should offer the possibility to contact the organisers via a web form to seek for additional information or assistance. The e-mail address of the contact persons needs to be maintained in a parameter table.

GEN 1.14 Hyperlinks to multimedia or embedded multimedia objects should not be presented in the tool as electronic forms should be equivalent with paper forms

Optional

GEN 2.0 The online collection system should contain help functionalities in the supported languages.


12

5. FUNCTIONAL REQUIREMENTS

5.1 Identification of an initiative within the online collection system – detailed requirements

In order to allow the online collection of statement of support forms, the information regarding the initiative has to be published in the online collection system together with a registration number out of the register of the Commission. Mandatory

IN1.0

The online collection system should foresee a form to be completed by the organisers. This form should allow following (mandatory) information on the initiative to be entered:

• Registration number (mandatory – maximum 10 numeric character)

• Date of registration (mandatory – format: dd/mm/yyyy)

• Web address of the proposed citizens' initiative on the Commission register (mandatory– maximum 150 alphanumeric characters)

• The title of the citizens’ initiative (mandatory - maximum 100 alphanumeric characters)

• The subject-matter (mandatory - maximum 200 alphanumeric characters)

• A clear description of the main objectives (mandatory - maximum 500 alphanumeric characters)

• The name of the organisers (mandatory - maximum 50 alphanumeric characters)

• The name of the contact persons (mandatory - maximum 50 alphanumeric characters)

• The e-mail address of the contact persons (mandatory - maximum 50 alphanumeric characters)

• The website of this proposed citizens’ initiative (mandatory– maximum 150 alphanumeric characters)

IN1.1 At completion, it is required to submit the above mentioned information in the online data collection system.

The ‘submit’ button should be preceded by the following message (in the language as chosen by the organiser): “By submitting this information I confirm that the provided information is identical to the content in the registered initiative.”


13

IN1.2 A selection of the (above mentioned) information regarding the initiative should be presented on every screen of the tool where input is possible:

• the title

• the subject-matter

• the objectives

IN1.3 The online collection system should allow to complete the above mentioned form in the 23 official languages of the European Union. A separate form should be completed for each language in which the organiser would like to collect statement of support forms.

It should be possible to submit maximum 23 forms (each in a different language) with the above mentioned information in the online collection system.

As from the second form which is submitted, the online collection system should give the following pop-up message at the start. “Please be aware that forms with information on the initiative can only be submitted in the languages that are included in the Commission’s register for your proposed citizens' initiative.”

IN1.4 The (above mentioned) information regarding the initiative should only be entered and edited by the administrator of the online collection system (i.e. the organisers).

A password protection mechanism should be foreseen in the online collection system to enforce this (see below).

IN1.5 The online collection system should allow to partially complete and save the forms providing the information regarding the initiative for completion at a later time. A distinction should hence be made between saving the information regarding an initiative and submitting this information as final.

IN1.6 Once submitted as final, the provided information regarding the initiative should not be alterable/editable anymore.

IN1.7 It should only be possible for citizens to complete statement of support forms as from the moment the form with information regarding the initiative is submitted as final by the organisers.

IN1.8 Organisers should have the possibility to delete saved forms with information regarding the initiative before any citizen has signed up to the initiative.


14

IN1.9 The tool should foresee the functionality to import XML-files provided by the EC with information regarding the initiative as stated in the register. The information provided this way should not be editable.

5.2 Signatory’s language & country selection – detailed requirements

A signatory can submit a statement of support form for a selected country based on

• Nationality

• Residence

• Specific documents linking him/her to anEU Member State

Mandatory

LC1.0 At the start of the process, a signatory should be able to choose a language out of the 23 official languages of the EU. 1 language used for completing the statement of support form needs to be selected in the online application system, either via a drop-down box or through other selection mechanisms.

The proposed language will be the default language of the website of the organisers where the link to the application has been published.

A signatory should also be able to change the language in which the information on the initiative is shown. The choice for these languages is limited to the languages in which the initiative has been registered on the EC website.

LC1.1 A signatory should have the possibility to change the language throughout the collection process.

LC1.2 A signatory should choose 1 country for which he/she will submit the statement of support form. The choice is mandatory as a signatory is only able to submit one statement of support form for each citizens’ initiative.

The tool should propose the set of countries via a map or through other visual selection mechanisms as well as through a textual selection mechanism (e.g. a table). It should be clear which documents the signatory should possess in order to support the country (cfr. Table 1).

At the end of this phase, the following data is stored in the database:

• Country for which the signatory will support the initiative

5.3 Identification of a citizen – detailed requirements


15

Depending on the selection of his/her country, a signatory has to provide personal data to complete the statement of support form. Mandatory

CI1.0 Based on the provided data in the previous step, the online collection system should require the personal data as listed in

Table 1. A distinction needs to be made between the mandatory fields, and the fields for which different possibilities exist, but where at least one of those possibilities needs to be completed in order to submit a valid statement of support form in the next phase. There are no optional fields as the system should only ask for the necessary data for the Member State chosen.

CI1.1 The fields to be completed by the signatories should support the following data formats.

Field name Data format First Name 50 alphanumeric characters Family Name 50 alphanumeric characters Name at birth 50 alphanumeric characters Father's name 50 alphanumeric characters Street 50 alphanumeric characters Number 8 alphanumeric characters Postal code Varying from country to country from 4 numeric to 7 (alpha)numeric characters City 25 alphanumeric characters Country 20 alphanumeric characters Date of birth Date format dd/mm/yyyy Place of birth 50 alphanumeric characters Nationality 15 alphanumeric characters Date of submission Date format dd/mm/yyyy. The system should impose the current system date (based on the server information). Issuing authority of documents 50 alphanumeric characters Passport 9 alphanumeric characters ID card 12 alphanumeric characters Residence permit (France) 9 numeric characters

Personal number (Bulgaria) (Lithuania) (Romania) 10 numeric characters 11 numeric characters 13 numeric characters

Personal ID N° (Latvia) (Lithuania 11 Numeric character (DDMMYY-XNNNC) 11 Numeric characters (GYYMMDDNNNC) Permanent residence N° Max. 6 Numeric characters Driving license N° (France) 12 numeric characters National ID number (Luxembourg) 10 numeric characters

Social Security ID N° (Poland) 11 numeric characters Registration certificate (Romanian) 7 numeric characters Citizens’ card (Portuguese) 8 digits + 4 alphanumeric characters


16

Personal N° in passport (Sweden) 10 numeric characters (NNNNNN-NNNN) Personal N° in ID card (Sweden) 10 numeric characters (NNNNNN-NNNN) other* 25 alphanumeric characters

Each data field for completion will be labelled with a field name. The different labels of specific country-dependent documents will be provided in a drop-down box for each country.

In case the information provided does not match the data field requirements, the following message should pop-up in the selected language: “Please enter ... information only”, where the data format requirements should be specified.

In case too many characters are entered, the following message should pop-up in the selected language: “Please note that this field is limited to ... characters” where the maximum number of characters should be displayed.

CI1.2 The online collection system should not allow a signatory to submit a statement of support form more than once. This requires the design of input controls based on the personal data provided by the signatory.

Input controls are required once the following information is provided by the signatory:

• Name of the signatory

• First name of the signatory

• Permanent residence information (street, number, city, postal code and country) – for those countries where it is a required entry

• Date of birth (for those countries where it is a required entry)

• Document ID number (depending on the field which is required per country, cfr

• Table 1)

• Other allowed information in case France was selected as the country for which a statement of support form will be submitted (cfr

• Table 1)

The online collection system should verify whether the combination of the above mentioned information is already stored in the database. In case identical information is retrieved in the database, the following message should pop-up in the selected language: “Please note that we already saved your statement of support form. You can only support this initiative once. Thanks for your support. You will be redirected to the home page of the organiser’s website.” The online collection system should erase the data entered in the current session and return to the home page of the organiser’s website.


17

CI1.3

The online collection system should compare the provided date of birth (in case the field is mandatory) with the actual system date. If the signatory is 16 or 17 years old, a warning message should pop-up in the selected language: “Please note that you need to be of the age to be entitled to vote in elections to the European Parliament (18 years old). Only Austrian citizens or residents are entitled to submit a statement of support for this initiative as of 16 years old.” The signatory can move on with the submission of its statement of support form, when clicking “OK” on the message. If the person is less than 16 years old, the online collection system should delete the provided information in the field ‘date of birth’ and allow the signatory to correct an error if applicable. In case the condition of minimum age is not fulfilled for the second time, the online collection system should erase the data entered so far and redirect the signatory to the website of the proposed citizens’ initiative.

CI1.4 For those countries where the date of birth is not required, the online collection system should show the following message at the moment the family name is entered: “Please be aware that you need to be of the age to be entitled to vote in elections to the European Parliament (18 years old in all Member States except Austria, where nationals and residents can vote as of the age of 16 in order to be allowed to support this initiative..”


18

Table 1: Identification of a citizen per country

Personal ID (document) numberAddress

x = mandatoryy = select 1o = optional

Firs

t Nam

eFa

mily

Nam

eN

ame

at b

irth

Fath

er's

nam

eSt

reet

Num

ber

Post

al c

ode

City

Coun

try

Stat

eDa

te o

f birt

hPl

ace

of b

irth

Nat

iona

lity

Date

of s

ubm

issi

onIs

suin

g au

thor

ity o

f doc

Pass

port

ID c

ard

Resi

denc

e pe

rmit

Pers

onal

num

ber

Pers

onal

ID N

°Pe

rman

ent r

esid

ence

N°

Driv

ing

licen

seN

atio

nal I

D nu

mbe

rSo

cial

Sec

urity

ID N

°Re

gist

ratio

n ce

rtifi

cate

Citiz

en's

card

Pers

onal

N° i

n pa

sspo

rt

Pers

onal

N° i

n ID

car

dot

her (

Fran

ce)*

Austria x x x x x x x x x x x y yBelgium x x x x x x x x x x xBulgaria x x x x x xCyprus x x x x y yCzech Republic x x x x y yDenmark x x x x x x x x x x xEstonia x x x x x x x x x x xFinland x x x x o x xFrance x x x x x x x x x x y y y y yGermany x x x x x x x x x x xGreece x x x x x x x y y yHungary x x x x y y yIreland x x x x x x x x x x xItaly x x x x x x x x x x x x y yLatvia x x x x x x x xLithuania x x x x xLuxembourg x x x x x xMalta x x x x x xNetherlands x x x x x x x x x x x xPoland x x x x x x x x x xPortugal x x x x x y y yRomania x x x x x x x x x x y y y y ySlovakia x x x x x x x x x x x xSlovenia x x x x x x y ySpain x x x x x x x x x y ySweden x x x x x x y yUnited Kingdom x x x x x x x x o x x

* For France, following documents are allowed:- carte d'identité de parlementaire avec photographie, délivré par le président d'une assemblée parlementaire- carte d'identité d'élu local avec photographie, délivrée par le représentant de l'Etat- carte du combattant de couleur chamois ou tricolore- carte d'invalidité civile ou militaire avec photographie- carte d'identité de fonctionnaire de l'Etat avec photographie- carte d'identité ou carte de circulation avec photographie, délivrée par les autorités militaires- Permis de chasser avec photographie, délivré par le représentant de l'Etat- Livret ou carnet de circulation, délivré par le préfet en application de la loi n°69-3 du 3 janvier 1969-Récépissé valant justification de l'identité, délivré en échange des pièces d'identitié en cas de contrôle judiciaire, en application du neuvième alinéa (7°) de l'article 138 du code de procédure pénale- Attestation de dépôt d'une demande de carte nationale d'identité ou de passeport, délivrée depuis moins de trois par une commune et comportant une photographie d'identité du demandeur authentifiée par un cachet de la commune


19

5.4 Submission of the statement of support form – detailed requirements

Once the signatory is identified, he/she should be requested to formally support the initiative by confirming the entered information. Mandatory

SF1.0

When all mandatory fields are completed by the signatory, the online collection system should show the information provided on the initiative (identical to the information entered by the organiser at the beginning of the process and the information provided by the signatory

• Commission registration number

• Date of registration

• Web address of the proposed citizens' initiative on the Commission register

• Title of this proposed citizens’ initiative

• Subject-matter Main objectives

• Names of the organisers

• Names and email addresses of contact persons

• Website of the proposed citizens' initiative

Information provided by the signatory

• All fields which have been completed by the signatory

• The date of submission which is automatically completed by the online collection system, based on the server date on which the statement of support form is completed.

SF1.1 When all mandatory fields are completed by the signatory, the online

collection system should request the user to submit the statement of support form. Prior to the submission, the following message should be shown in the selected language: "I hereby certify that the information that I have provided in this form is correct and that I have only supported this proposed citizens' initiative once." The privacy statement of the statements of support form should also be shown (it is in Annex III of the Regulation): Privacy statement: in accordance with Article 10 of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, the personal data provided on this form will only be made available to the competent authorities for the purpose of verification and certification of the number of valid statements of support


20

received for this proposed citizens' initiative (see Article 8 of Regulation (EU) No …/2011 of the European Parliament and of the Council of … on the citizens' initiative∗) and, if necessary, further processed for the purpose of administrative or legal proceedings relating to this proposed citizen's initiative (see Article 12 of Regulation (EU) No …/2011∗∗). The data may not be used for any other purpose. Data subjects are entitled to obtain access to their personal data. All statements of support will be destroyed at the latest 18 months after the date of registration of the proposed citizens' initiative, or, in the case of administrative or legal proceedings, at the latest one week after the date of conclusion of the said proceedings. The signatory should also complete a “Captcha” (in text or speech) in order to determine the human nature of the user. The above information (privacy statement and declaration that information provided is correct) should be confirmed by the signatory via a box which needs to be ticked off in order to submit his statement of support. Once the signatory submits the data, a confirmation message should appear stating that the statement of support form has been submitted successfully. Afterwards, the signatory should be redirected to:

• the website of the organisers

Optional

SF2.0 The online collection system could foresee a control which compares the actual date of submission to the date that the initiative was published in the register (information which is provided by the organisers). In case the period of 12 months is exceeded, the signatory should not be allowed to submit a statement of support form.

SF2.1 A template could be prepared per country to provide a printed statement of support form listing all required information. The online collection system could provide a printing option to the signatory prior to the submission of the statement of support form.

∗ Number and date of this Regulation out of the OJ. ∗∗ Number of this Regulation out of the OJ.


21

5.5 Reporting – detailed requirements In order to provide the information on the signatories to the European Member States for verification purposes, the online collection system should allow reporting and extraction functionalities. Mandatory

RE1.0 The online collection system should have the option to extract a report listing the initiative number and the number of signatories per Member State without any other personal data of the signatories.

This functionality should only be accessible to the organisers at whatever moment.

RE1.1 The online collection system should have the option to extract a report listing the initiative number and the total number of signatories collected via the online collection system without any other personal data of the signatories.

This functionality should only be accessible to the organisers at whatever moment.

RE1.2 The online collection system should provide the option to extract for each individual Member State a report listing the initiative and the personal data of the signatories subject to verification by a competent authority in the Member State.

This report should list all information which was provided by the signatories of the specified country (cfr

Table 1). The online collection system needs to foresee the extraction of data via the following media:

• Direct export to CD-ROM

• Direct printing in paper and electronic form (PDF) in the format of Annex C

• Electronic export of the file with strong password protection (using cryptographically strong hashes) or keys

This functionality should be accessible to the organisers at any time. Before extracting the data, the following message should be shown: “Please note that you can only extract the data once”.

RE1.3 When an organiser exports a list, the tool should retain the information and register the country for which the information was extracted

If an organiser tries to export a data list for a second time, a “warning” message should appear to inform the organisers that they already have extracted the list for that particular Member State.

It should not be possible anymore to extract the information a second time.


22

RE1.4 Before starting an extraction process in the online collection system, the organiser should acknowledge the following message: “I hereby confirm that personal data will be kept confidential, processed fairly and legally, and used only for specified, explicit and legitimate purposes.”

RE1.5 The organiser should be able to select the language in which the data will be exported. This language might differ per country.

5.6 Disposal of collected data – detailed requirements It should be possible to delete the collected data at all times if the organisers do not comply with the terms of conditions or initiated by the organisers in accordance with the regulation. The request for data deletion should be managed outside the online collection system. Mandatory

CD1.0 The online collection system should have the functionality of data deletion. When deleting the data, data should be immediately deleted. No copies should be kept. It should be possible to delete

• An individual record of a signatory

• The full set of records of all signatories

It should not be allowed to partially delete a record.

This functionality should only be accessible to the organisers and should always be preceded by a warning message: “Are you sure that you want to delete…?”

CD1.1 Data modification through the online collection system should not be allowed.


23

6.DISPLAY REQUIREMENTS

The online collection system needs to display its information and services in a range of circumstances, supporting a range of browsing technologies and screen resolutions in a manageable, future-proof manner. Browsers

DI1.0 The online collection system shall support Microsoft Internet Explorer 6 and higher.

DI1.1 The online collection system shall support Mozilla Firefox 3 and higher.

DI1.2 The online collection system shall support Apple’s Safari browser on Mac and on Windows.

Screen Resolution

DI1.3 The online collection shall minimally support a screen size of 1024 * 768 pixels.

DI1.4 The online collection system shall minimally be designed to have a fixed-width screen layout, such that the design of a page does not change dependent on the browser window size on screen resolutions higher than 1024 * 768.

DI1.5 Besides the above mentioned resolution, the online collection system might allow mobile equipment to make use of the application. Screen resolution requirements of mobile handhelds and phones might hence be taken into account.

Paper Sizes

DI1.6 Pages formatted to print should be designed to accommodate A4 sheets.

7.LANGUAGE SUPPORT REQUIREMENTS

The tool should be able to support multiple European languages. Mandatory


24

Mandatory

LS1.1 The online collection system should be able to support all official languages of the European Union. For an exhaustive list of all official languages of the European Union, we refer to APPENDIX B: Languages .

LS1.2 All alphanumeric characters used in the languages outlined in APPENDIX B: Languages should be supported by the online collection system.

LS1.3 The online collection system shall have a screen layout that can accommodate alphabetical languages who use more space than English, for example, German.

It is envisaged that if English is the language in which basic design is undertaken, this will entail the inclusion of at least 30% additional space in any design deliverables to accommodate appropriate translations.

8.ACCESSIBILITY & USER FRIENDLINESS REQUIREMENTS

The designed system should be user friendly in a way that the customer is guided through the different steps. Therefore the screens should be clear and action steps should be defined. The online collection system should take into account the following guidelines to address the needs of older persons and persons with disabilities. Mandatory

AC1.0 The online collection system should provide all input and output in at least one other alternative presentation or representation format, such as:

• Possibility of bigger text font

• Possibility of speech

• Possibility of Braille

AC1.1 The usage of flicker rates, or flashing, blinking or moving text or objects should be avoided. Moving objects should be able to be frozen.

AC1.2 Colour coding should not be used as the only way for conveying information (cfr. WCAG1 guidelines), indicating a response or distinguishing a visual element (cf. black and white version).

Be careful with colour and colour combinations (e.g. red/green is difficult to distinguish for colour blind people, yellow on black is more suitable).

1 WCAG: Web Content Accessibility Guidelines


25

Mandatory

AC1.3 All information should be available in text format wherever possible (not only by a pictogram or picture). However, non-text equivalents could be useful for people with visual disabilities (cfr. WCAG guidelines).

AC1.4 Instructions (in example help fields) should be clear and simple in plain text or in speech.

AC1.5 The online collection system should have a dynamic/intelligent layout.

This refers to the ability of the system to react upon previous answers provided by the signatory. We refer to the remainder of the document for specific requirements (e.g. based on the language selection, the statement of support form to be completed will be shown in the selected language).

AC1.6 A distinctive or familiar form can be helpful for those with respectively impaired visual or cognitive abilities (e.g. clearly distinguish boxes that need to be filled in).

AC1.7 The user interface should be intuitive allowing the citizen to use the online collection system in an efficient way.

AC1.8 Clear navigation and orientation mechanism should be implemented, used in a consistent way in order to help people with cognitive or visual disabilities understand complex pages

AC1.9 In- and output possibilities of the tool should be device independent. Users should be able to interact with the tool with a preferred input (or output) device (mouse, key board, speech,..)

AC1.10 The mark-up language should be appropriately used. Preferably, use style sheets instead of presentation elements or attributes.

Tables should be avoided for lay-out purposes. The distinction between content tables and layout tables should be clear due to the appropriate use of mark-up language.


26

9.SCALABILITY AND PERFORMANCE REQUIREMENTS

The online collection system should allow the following scalability and performance requirements. Mandatory

SP1.0 The database which supports the online collection system should allow to store at least 2 million records (containing the information as defined above).

SP1.1 The online collection system should be designed to allow efficient scrolling and browsing functionalities. System screens should be responsive within a few seconds.

SP1.2 The online collection system should be designed to ensure the performance of the software is in line with good practices (response times of a few seconds maximum for performing input controls, writing data in the database, ...).

SP1.3 The online collection system should be designed to allow about 100 simultaneous sessions.

SP1.4 The online collection system should allow the generation of reports (as defined in 0) in 5 minutes or less depending on the network bandwidth.

10.DATA VALIDATION REQUIREMENTS

The online collection system should perform specific input and data validation controls.

Mandatory

DV1.0 The online collection system should provide simple validation of e-mail addresses. This should be enforced by checking that

• There is only one "@" and

• at least one "." in the provided address after the “@”.

DV1.1 Data or characters that can be entered in the tool by the user are done


27

Mandatory

using pre-formatting data fields where possible (see 5.3).

DV1.2 The online collection system should only allow the following format of the registration number: maximum 10 numeric characters

A warning message with the following text should pop-up in case the data format rules were violated: “Please provide the official registration number as provided in the register of the EU Commission”.

DV1.3 The online collection system should only allow to submit information regarding an initiative or a statement of support form once all mandatory fields have been submitted.

In case of violation, a warning message with the following text in the selected language should pop-up: “Please complete the following fields: ...” The remainder of the message should contain all mandatory fields which were not submitted.

DV1.4 The text fields of the online collection system support Input Validation to secure it against malicious attacks (e.g. XSS, SQL injections,...). The input validation should be performed in the server-side logic (as opposed to client-side scripts which can be circumvented by attackers).

11.DATA INTEGRITY REQUIREMENTS

The online collection system should perform specific input and data validation controls.

Mandatory

DIN1.0 Some functionalities of the online collection system (listed in previous sections) should be restricted to organisers only. Access to these functionalities should be protected by username and password.

The user name should be equal to the full name of the organiser. The password can be chosen and should meet following complexity requirements:

• Minimum 14 characters

• A combination of letters and numbers (at least one letter and one number)

• At least one special character

DIN1.1 A limited number of identity stores (i.e. the location where user identification and authentication information is stored) should be maintained:


28

Mandatory

• These identity stores should take into account the necessary storage and cryptography requirements to implement a safe solution.

• Following items should be taken into account:

Secure storage of passwords (e.g. using cryptographically strong hashes);

Secure storage of keys, certificates and other confidential information (including setting the right file system permissions);

Avoidance of the use of weak algorithms or short keys

DIN1.2 Data should be protected on software (application and database) level.

• Signatories should only have access to the data submitted in the session they start to complete the statement of support form. Once the statement of support form is submitted the session should be closed and the submitted data should not be accessible anymore.

• Organisers should only have access to the submitted data for deletion and reporting purposes.

• The data in the database should only be accessible to the organisers (by the person who takes up the function of database administrator).

DIN1.3 Administrator access should be restricted

• Restrict the access by the “principle of least privileges” (e.g. administrators should be assigned the least privileges required).

DIN1.4 User sessions are managed via session ID’s to avoid session hijacking.

DIN1.5 When a session is aborted without submitting the information, the

information provided by the signatory should immediately be deleted and not be stored in memory.

DIN1.6 The online collection system should be protected from malicious attacks and the confidentiality and integrity during transmission should be guaranteed. The online collection system should allow that the following hardware and network requirements are enforced:

• All network hardware should be in secured zones (see physical access controls)

• All the hosts on a private network should be invisible from the


29

Mandatory

outside and protected to unauthorised logical access

• The web-servers should be in a demilitarized zone (e.g. a physical or logical sub-network that contains and exposes an organisation's external services to the Internet)

• A strong firewall and/or reverse proxy should be implemented to protect the system from outside attacks

• Secure processing over a network using encryption (HTTPS protocol securing a sufficient strong cipher)

DIN1.7 Malicious users cannot force the online collection system to leak information

about its internal state, system configuration or resources. This includes improper error handling and possible information leakage about the web server, operating system, port number and other modules installed.

DIN1.8 If a web application framework is used (such as PHP, ASP, etc.), the version used should have no outstanding security vulnerabilities known to the security community. This includes buffer and integer overflow vulnerabilities.

DIN1.9 The application does not contain insecure direct object references2, where references to internal implementation objects are exposed without authorization, as these can be used by an attacker to be manipulated and to gain sensitive information. This vulnerability includes Local File Inclusion vulnerabilities.

DIN1.10 Arrangements should be made to ensure that: • information cannot be overwritten accidentally (e.g. by write-

protecting key fields or files)

• the processing of information is validated (e.g. by record counts)

Optional DIN1.11 Procedures could be designed for testing the plausibility of the input data.

DIN1.12 Preferably, the default application install has undergone extensive testing,

such as penetration testing and fuzz testing to ensure that it does not contain vulnerabilities in the default installation that could have been avoided.

DIN1.13 Preferably, the application will be developed with secure coding guidelines in mind, ensuring that the application’s security is embodied in the architecture of the application.

2 http://www.owasp.org/index.php/Top_10_2010-A4-Insecure_Direct_Object_References

http://en.wikipedia.org/wiki/Subnetwork


30

12.LOGGING REQUIREMENTS

The online collection system could have the following logging functionalities.

Mandatory

LR1.0 Audit logs recording exceptions and other security-relevant events could be produced and kept for an agreed period to assist in future investigations and access control monitoring. Audit logs could also include:

• dates and times for log-on and log-off by organisers

• records of successful and rejected system access attempts

• records of successful and rejected data and other resource access attempts

• database errors

• database capacity

• performed backups

• all database administrator changes and updates

Logging functionalities on the underlying infrastructure and network level are out of scope of this requirement specification.

13.BACK-UP REQUIREMENTS

The online collection system and the underlying database should allow to backup the stored data.

Mandatory

BU1.0 The online collection system and its underlying database should allow the deployment of common back-up strategies.

BU1.1 It should be possible to take back-ups regularly. The back-ups should be given an appropriate level of physical and environmental protection.

BU1.2 It should be possible to take back-ups using a back-up management package to strengthen the security of backed-up information.

BU1.3 It should be possible to encrypt the backed-up data to protect the personal information (e.g. in the event back-up media is stolen or is lost in transit to an alternative location, such as an off-site storage facility) using a back-up management package to strengthen the security of backed-up information.


31

The back-up requirements at the infrastructure level are out of scope of this requirement specification.


32

APPENDIX A: BACKGROUND INFORMATION REGARDING THE SUBMISSION OF AN INITIATIVE AT THE EC

a) Acceptance criteria prior to the collection of support statements

• Initiatives are in accordance with the Commission's powers to submit a proposal and not contrary to the values of the Union

• Initiatives are not manifestly abusive, frivolous or vexations

• Initiatives are in one of the official languages of the Union

• At least seven natural persons and citizens of the Union, who are residents of at least seven different Member States, should form a citizens committee

• The commission decides on the validation of the citizens’ initiative within 2 months of the receipt of the initiative.

• If the initiative is rated a valid proposal, it should be made public on a website, especially designed for that purpose. Furthermore, the initiative should be inserted in” the register”3

• Collection of support statements is the responsibility of the organisers and is eligible to start, when the initiative is listed in the register

b) Acceptance criteria at expiry date (i.e. when the collection period is over)

• At least 1 million signatories should support the initiative before the expiry date

• In at least one quarter of Member States, the signatories should comprise at least a defined minimum number of citizens coming from each of these Member States . This number is digressively proportional. The minimum amount is calculated by multiplying the amount of members in the EU Parliament multiplied by 750. This number also is required to be adaptable in order to reflect changes in composition of the EU Parliament. (The pre-determined numbers are defined in Annex I of the Regulation of the European Parliament and of the Council on the citizens’ initiative)

• At the expiry date or before if the required number of statements of support has been collected, the indication of the number of statements that were collected should be reported by the tool. The organisers are also allowed to publish the total or grouped support numbers on their website at any given moment (e.g. paper and electronic).

• If the 1 million signatories have been reached within the 12 months, within a period of 3 months each EU Member State must reply to the request of certification and verification of the statement of support. This can be done by random sampling verification, whereas authentication of electronic signatures shall not be necessary.

• The signatory chooses the Member State through which he wants to support the citizens’ initiative, thereby electing the Member State whom will control his completed personal data. The signatory is only able to support the initiative, if he possesses the required information that is necessary, varying per Member State. In general 3 identification manners will be made available: nationality, residence and document ID

3 The register is a database linked to the Commission’s website, which lists all initiatives, accepted for support gathering


33

• The Commission should set out its legal and political conclusions within 3 months and set out its actions it envisages to take.

• Every 3 years, the Commission has to present a report on the proposed initiatives and implementation of this Regulation to the European parliament and the Council starting 3 years after the implementation of the Regulation


34

APPENDIX B: LANGUAGES

Official languages (23) Bulgarian Czech Danish Dutch English Estonian Finnish French German Greek Hungarian Irish

Italian Latvian Lithuanian Maltese Polish Portuguese Romanian Slovak Slovene Spanish Swedish

APPENDIX C: SUBMISSION FORM

Form for the submission of statements of support to the Member States’ competent authorities:

1. Full name, postal address and e-mail address of the contact persons:

2. Title of this proposed citizens’ initiative:

3. Commission registration number:

4. Date of registration:

5. Number of signatories coming from [name of the Member State]:

6. Annexes:

Include all statements of support from signatories to be verified by the relevant Member State

If applicable, include the relevant certificate(s) certifying the conformity of the online collection system with Regulation (EU° NO.../2011 of the European Parliament and the Council of ... on the citizens’ initiative)

7. Date and signature of the contact persons:

Online Collection Software Requirements - Study

Documents

Transcript of Online Collection Software Requirements - Study