(Studies in European Economic Law and Regulation 16) Peter Rott - Certification - Trust, Accountability, Liability-Springer International Publishing (2019) PDF

Studies in European Economic Law and Regulation 16
Peter Rott Editor
Certification –
Trust,
Accountability,
Liability
Studies in European Economic Law
and Regulation
Volume 16
Series editors
Kai Purnhagen
Law and Governance Group, Wageningen University
Wageningen, The Netherlands
Josephine van Zeben
Worcester College, University of Oxford
Oxford, United Kingdom
Editorial Board
Alberto Alemanno, HEC Paris, Paris, France
Mads Andenaes, University of Oslo, Oslo, Norway
Stefania Baroncelli, University of Bozen, Bozen, Italy
Franziska Boehm, Karlsruhe Institute of Technology, Karlsruhe, Germany
Anu Bradford, Columbia Law School, New York, USA
Jan Dalhuisen, King’s College London, London, UK
Michael Faure, Maastricht University, Maastricht, The Netherlands
Jens-Uwe Franck, Mannheim University, Mannheim, Germany
Geneviève Helleringer, University of Oxford, Oxford, UK
Christopher Hodges, University of Oxford, Oxford, UK
Lars Hornuf, University of Bremen, Bremen, Germany
Moritz Jesse, Leiden University, Leiden, The Netherlands
Marco Loos, University of Amsterdam, Amsterdam, The Netherlands
Petros Mavroidis, Columbia Law School, New York, USA
Hans Micklitz, European University Institute, Florence, Italy
Giorgio Monti, European University Institute, Florence, Italy
Florian Möslein, Philipps-University of Marburg, Marburg, Germany
Dennis Patterson, Rutgers University, Camden, USA
Wolf-Georg Ringe, University of Hamburg, Hamburg, Germany
Jules Stuyck, Katholieke Universiteit Leuven, Leuven, Belgium
Bart van Vooren, University of Copenhagen, Copenhagen, Denmark
This series is devoted to the analysis of European Economic Law. The series’ scope
covers a broad range of topics within economics law including, but not limited to,
the relationship between EU law and WTO law; free movement under EU law and
its impact on fundamental rights; antitrust law; trade law; unfair competition law;
financial market law; consumer law; food law; and health law. These subjects are
approached both from doctrinal and interdisciplinary perspectives.
The series accepts monographs focusing on a specific topic, as well as edited
collections of articles covering a specific theme or collections of articles. All
contributions are subject to rigorous double-blind peer-review.
More information about this series at http://www.springer.com/series/11710

Peter Rott
Editor
Certification – Trust,
Accountability, Liability
Editor
Peter Rott
University of Kassel
Kassel, Germany
ISSN 2214-2037 ISSN 2214-2045 (electronic)

Studies in European Economic Law and Regulation
ISBN 978-3-030-02498-7 ISBN 978-3-030-02499-4 (eBook)
https://doi.org/10.1007/978-3-030-02499-4
Library of Congress Control Number: 2019932706
© Springer Nature Switzerland AG 2019

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of
the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology
now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the
editors give a warranty, express or implied, with respect to the material contained herein or for any errors
or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims
in published maps and institutional affiliations.
This Springer imprint is published by the registered company Springer Nature Switzerland AG
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
Contents
Introduction �� 1
Peter Rott
Part I Foundations
Certification as Solution to the Asymmetric Information Problem?  �� 11
Georg von Wangenheim
Challenges for Responsible Certification in Institutional Context:
The Case of Competition Law Enforcement in Markets
with Certification �� 23
Victoria I. Daskalova and Michiel A. Heldeweg
The Use of Conformity Assessment of Construction Products by the
European Union and National Governments: Legitimacy, Effectiveness
and the Functioning of the Union Market �� 73
Richard Neerhof
Part II Success and Shortcomings of Certification Systems

Privacy Through Certification?: The New Certification Scheme of the
General Data Protection Regulation  �� 109
Gerrit Hornung and Stefan Bauer
Can Certification Enhance the Feasibility of Insurance?  �� 133
Miranda P. M. Meuwissen
Control in the Label: Self-Declared, Certified, Accredited? �� 143
Hanna Schebesta
Certification of the Sustainability of Biofuels in Global Supply Chains �� 163
Carola Glinski
v
vi Contents
Part III Liability for Negligent Certification

Certification of Medical Devices: Lessons from the PIP Scandal �� 189
Peter Rott
Public Function Liability of Classification Societies �� 213
Vibe Ulfbeck and Anders Møllmann
Liability of Rating Agencies Under German and European Law �� 231
Axel Halfmeier
Introduction
Peter Rott
1 The Theme of the Book
Certification means the confirmation of compliance with a pre-defined standard

relating to a business, a product, a service or a management system. That standard
can be a public law standard, a private standard or a hybrid.1
Certification has become a hot topic, in particular at the European level. It is a
popular instrument of private governance of public goods, promising greater effec-
tiveness than control by public authorities while at the same time taking the burden
away from the State and its budget. Being a private instrument, it had long been
attributed to the private sphere; which has changed drastically through recent deci-
sions of the Court of Justice of the European Union (CJEU) that take into consider-
ation the immense factual power of at least some private actors with regard to the
facilitation of trade or to creating obstacles to trade. In the case of Fra.bo,2 the
German privately organised Deutsche Vereinigung des Gas- und Wasserfaches eV
(DVGW) denied the certification of copper fittings for piping for water or gas, pro-
duced by the Italian producer Fra.bo. The Court held that Article 28 TFEU on the
free movement of goods must be interpreted as meaning that it applies to standardi-
sation and certification activities of a private-law body, where the national legisla-
tion considers the products certified by that body to be compliant with national law
and that has the effect of restricting the marketing of products which are not certified
1
For detailed account, see chapter 3 by VI Daskalova and MA Heldeweg. See also Schepel (2005),
p. 3 ff.
2
CJEU, 12/7/2012, Case C-171/11, Fra.bo SpA v Deutsche Vereinigung des Gas- und Wasserfaches
eV (DVGW) — Technisch-Wissenschaftlicher Verein, ECLI:EU:C:2012:453.
P. Rott (*)
Institute of Economic Law, Faculty of Economics and Management, University of Kassel,
Kassel, Germany
e-mail: rott@uni-kassel.de
© Springer Nature Switzerland AG 2019 1

P. Rott (ed.), Certification – Trust, Accountability, Liability, Studies in European
Economic Law and Regulation 16,
https://doi.org/10.1007/978-3-030-02499-4_1
2 P. Rott
by that body. The decision in the case of James Elliott3 complemented this line of
thinking. In this case, the CJEU found that it has jurisdiction to provide a prelimi-
nary ruling concerning the interpretation of a harmonised standard that was devel-
oped by a private body under the so-called ‘New Approach’ of EU product safety
law, thus treated that private standard as part of EU law. The two decisions have
triggered intense discussion relating to the constitutionalisation of standardisation
and certification by private actors, in particular in the context of the ‘New Approach’.4
In a parallel development, the relevance of certification and similar phenomena,
such as credit ratings, for the protection of the economic interests or the health and
safety of third parties has come to the fore. The breast implants scandal around the
French producer Poly Implants Prothèse (PIP) forms a prime example. PIP had
filled the breast implants with industrial silicone rather than medical silicone. Within
the system of EU medical devices law, TÜV Rheinland acted as notified body to
monitor the activities of PIP. TÜV Rheinland had certified compliance of the prod-
uct design of the PIP breast implants and of PIP’s quality management system with
the underlying standard. Since TÜV Rheinland had not noticed the fraudulent
change of production by PIP (and since PIP itself went bankrupt following the dis-
covery of the fraud), victims initiated litigation against TÜV Rheinland in German
and French courts. Out of the many cases, the case of Elisabeth Schmitt was referred
to the CJEU.5 Rating agencies, in turn, attracted the attention of policy-makers and
of investors likewise in the context of the financial crises, and in particular of the
collapse of Lehman Brothers whose financial products had been rated “AAA” by
Standard & Poor’s. Litigation has already been initiated in different countries
including Australia and Germany.6
The above-mentioned areas of medical devices, or product safety generally, and
of credit rating are only two examples for areas in which certification plays an
important role. Other areas are the certification of food standards, of social and/or
environmentally sound production or sourcing or of compliance with standards of
consumer law or data protection law.
The cases of PIP and Lehman Brothers trigger several questions. Who benefits
from certification? Standardisation benefits primarily the relevant industry whose
transactions costs are reduced through standardisation and through certification of
compliance with certain standards.7 At the same time, certification systems may
serve further purposes, such as the protection of users or other third parties, and the
certificates that are issued may be addressed to a diversity of actors. Thus, the main
addressee of certificates can be the customer of the producer or trader who or whose
3
CJEU. 27/10/2016, Case C-613/14 James Elliott Construction Limited v Irish Asphalt Limited,
ECLI:EU:C:2016:821.
4
See, for example, Schepel (2013), p. 530; van Leeuwen (2013), p. 406; Purnhagen (2017), p. 586;
Volpato (2017), p. 597; Colombo and Eliantonio (2017), p. 332.
5
CJEU, 16/2/2017, Case C-219/15 Elisabeth Schmitt v TÜV Rheinland LGA Products GmbH,
ECLI:EU:C:2017:128. See chapter 9 by P Rott and the references therein.
6
See chapter 11 by A Halfmeier and the references therein.
7
See, for example, DIN (2000) and Blind et al. (2011).
Introduction 3
products, services, or management are certified, as in the case of credit rating or of

the certification of social and/or environmentally sound production. Certificates
may, however, be also addressed to public bodies where certification is part of a
public law control system, for example of cars, aircrafts or medical devices. Or, they
may serve the purpose to assist other third parties such as insurers that may base
their risk calculation on certificates that confirm compliance with certain
standards.
Another set of questions concern the regulatory design. Which design fits a cer-
tification system best? Which incentive system, including sanctions, should be in
place to ensure compliance of certification bodies? This may depend on a variety of
factors, including the way in which the certification body is involved (solicited by
the actor that is to be certified or commissioned by an independent party) or the
geographical scope of the certification system (national, EU-wide or global). Within
that context, (private law) liability may play an important role not only in providing
compensation to victims but also as a regulatory instrument to ensure compliance.
The book at hand unfolds the merits and perils of certification, employing the
perspectives of different disciplines and using examples from different areas of life
and law. There is an increasing amount of literature available on individual certifica-
tion systems as well as on the relevance of standardisation and certification for
(cross-border) trade, not least triggered by the above-mentioned recent case law of
the CJEU. This book takes research from various areas up and presents certification
as a cross-cutting issue. It invites lawyers and regulators from different branches, in
which certification plays a role, to learn from the experience of other branches,
rather than re-inventing the wheel time and again for each specific area. Indeed, it is
one aim of the book to discover commonalities between certification systems but
also to find differences that call for differential treatment.
2 The Structure of the Book
The book is structured in three parts. Part 1, consisting of three chapters by Georg
von Wangenheim, Michiel Heldeweg and Victoria Daskalova, and Richard Neerhof,
focuses on the fundamentals of certification: its economic background, the manifold
shapes and forms certification can take, and its relevance for competition and free
trade.
The chapters of Part 2 deal with the conditions for the success of certification in
creating trust as well as incentives for compliance with private standards, and in
monitoring compliance with standards, using examples from various sectors. Gerrit
Hornung and Stefan Bauer introduce and discuss the new data protection seal as
envisaged by the General Data Protection Regulation. Miranda Meuwissen presents
empirical studies that show how certification gains relevance for insurance by facili-
tating risk classification and management. In a more skeptical approach, Hanna
Schebesta looks at problematic (voluntary) certification practices in the food sector
and presents the new certification marks of the EU Trademark Regulation of 2015
4 P. Rott
as a potential solution. Carola Glinski describes the certification of biofuels under

EU renewable energies law and its shortcomings that are, among others, caused by
long supply chains that often begin in the developing countries of the Global South.
Parts 3 takes the perspective of third party liability for negligent or fraudulent
certification as a regulatory instrument that may be necessary to complement public
law control of certification bodies but also discusses impediments to third party
liability stemming from the rules on jurisdiction, private international law or con-
tract and tort law doctrine that do not sufficiently accommodate harm caused to
more or less remote third parties. This perspective is elaborated with regard to spe-
cific certification systems and their particularities. Peter Rott discusses the sector of
medical devices and the PIP scandal, Vibe Ulfbeck and Anders Møllmann analyse,
in a comparative manner, the liability of classification societies that certify the
safety of vessels, and Axel Halfmeier explores the liability of rating agencies for
losses of investors that trust in their ratings.
3 The Individual Chapters
3.1 Part 1: Foundations
In his chapter on ‘Certification as solution to the asymmetric information prob-

lem?’, Georg von Wangenheim introduces certification as a communication instru-
ment that is meant to help the customer to make an informed choice. Economic
theory sees certification as a solution to the informational problems of experience
and credence goods. The problem is that certification in itself is an experience or
credence good; which may entice opportunistic behaviour of certifiers. Von
Wangenheim discusses possible solutions to that problem but also identifies open
questions to the design of a good legal framework for the certification market, from
an economic point of view.
Michiel Heldeweg and Victoria Daskalova look at certification from a legal gov-
ernance perspective within particular institutional contexts. In their chapter on
‘Legal Design of a Meta-Regulatory Regime for Responsible Certification’, they
distinguish the contexts of competitive/unregulated markets, public hierarchies and
civil society and discuss the legal requirements that follow from these contexts as
regards a responsible use of certification. The first part of this chapter discusses the
main functionality and relevance of certification as a regulatory instrument—
whether in a market setting or in the context of public hierarchy. In its second dis-
tinct part, the chapter focuses on competitive markets and on the risks for market
access that may stem from certification systems, and how competition law doctrine
can be used to set limits to such negative externalities. This is discussed in the con-
text of an unregulated market as well as in the context of public hierarchy where
certification acts as a substitute of granting public permission or is conditional to the
Introduction 5
grant of such a permission, or where certification is part of public enforcement or a

substitute thereof.
Richard Neerhof, in his chapter on ‘The Use of Conformity Assessment of
Construction Products by the European Union and the Dutch Government: Issues of
Legitimacy, Effectiveness and Functioning of the Union Market’, uses the example
of the certification of construction products under two different certification regimes,
stemming from EU law and from Dutch national law, to discuss the broader issues
of legitimacy and effectiveness of certification within product safety law. The chap-
ter first explains the basic concept of how certification (and standardisation) is inte-
grated into the so-called ‘New Approach’ to product safety law and then discusses
in great detail the risks that the system poses with regard to the inclusion of all rel-
evant interests, to equal market access, and finally the quality of regulation and
control, an issue that is taken up in other contributions in relation to specific
markets.
3.2 Part 2: Success and Shortcomings of Certification Systems
Part 2 starts with Gerrit Hornung’s and Stefan Bauer’s chapter on ‘The new
European Data Protection Seal – data protection through market’ that discusses the
increasing prominence of certification in the sector of data protection. Under the
new General Data Protection Regulation (GDPR), audit and certification mecha-
nisms are means of co-regulation and aimed at creating market incentives. This
optional enforcement layer is meant to enhance the standard of privacy protection.
At the same time, the authors show that the new rules offer the opportunity to create
transparency through a system of harmonised standards with regard to privacy seals
and marks; instruments that have been used in the market before but with limited
informative value, due to the lack of common standards.
That certification is indeed suitable to build trust is shown by Miranda Meuwissen
in her chapter ‘Can certification enhance the feasibility of insurance?’. The feasibil-
ity of insurance heavily depends on the behaviour of the insured. Certification can
be a tool to facilitate risk classification and monitoring. The author presents findings
from empirical studies on liability insurance in the animal feed industry, epidemic
disease insurance for farmers, and liability insurance in the horse business, that
illustrate that certification schemes have the potential to enhance feasibility of insur-
ance schemes, among others as a tool to cope with adverse selection.
In contrast, Hanna Schebesta rather deals with ‘bad’ certification practices, using
the food sector as an example. In her contribution ‘Control in the label - self-
declared, certified, accredited? - On-pack consumer communication about compli-
ance control in voluntary food schemes from a legal perspective’, she identifies
problematic certification practices in the domain and explores the potential of the
current regulatory framework of unfair commercial practices law to effectively
combat these practices. Moreover, she discusses a new legal development that might
provide for more stringent solutions than food information law in the narrow sense:
6 P. Rott
EU certification marks that were introduced with the new EU Trademark Regulation
of 2015 and that are meant to inform end-consumers of product qualities related to
the largely opaque steps of the process leading to the product to which they are
affixed.
The last chapter of Part 2, by Carola Glinski on ‘Certification of the sustainabil-
ity of biofuels in global supply chains’, deals with an area where public law control
of the production chain is not possible, due to public international law limitations,
but where simple exclusion of foreign actors or products is not feasible either, due
to the requirements of international trade law. The promotion of biofuels in the EU
aims at the substitution of fossil fuels and the reduction of carbon emissions. In
order to make sure that the production of biomass does not result in negative impacts
on greenhouse gas stocks or on biodiversity, the promotion of biofuels is accompa-
nied by sustainability requirements. As the majority of biomass for biofuels is pro-
duced in the ‘Global South’ with often low regulatory and enforcement capacities,
compliance with the sustainability requirements is safeguarded through a highly
complex certification set-up based on private certification systems and private certi-
fication bodies which thereby replace, to a certain extent, the regulatory and admin-
istrative role of the State. The author analyses that system of control and its potential
weaknesses to ensure sustainable production of biofuels.
3.3 Part 3: Liability for Negligent Certification
Peter Rott picks up the topic of the effectiveness of private certification in product
safety law and the role of tort law liability for the compensation of victims of negli-
gent certification and as a regulatory instrument to incentivise certification bodies to
live up to their duties. In his contribution ‘Certification of medical devices: Lessons
from the PIP scandal’, he describes the development of certification and accredita-
tion in medical devices law. Having started with a fairly general framework, proven
failures in the system, and in particular the breast implant scandal around the French
producer Poly Implant Prothèse (PIP) and the German certification organisation
TÜV Rheinland, medical devices law has seen ever more intense regulation of the
control chain, culminating in the new Medical Devices Regulation of 2017. The
narrative of the legislative history and the reasons for the various legislative changes
illustrate the risks that come with the privatisation of health and safety regulation
and control and trigger the question as to whether private law liability of certifica-
tion organisations towards victims of unsafe medical devices is a necessary ingredi-
ent to make the system work.
Liability for insufficient control by certification organisations is also at the heart
of the contribution by Vibe Ulfbeck and Anders Møllmann on ‘Public function lia-
bility of classification societies’, dealing with the certification of vessels. Among
others, flag states commonly delegate it to classification societies to perform sur-
veys and inspections pursuant to various international conventions and to issue cer-
tificates under these conventions on behalf of the flag state (statutory certification).
Introduction 7
If a ship that has been so certified is involved in an incident causing damage to a

third party, the question arises whether that third party can hold the classification
society liable in damages. The authors show how the public function of such certi-
fication adds an extra layer of complications if the activity of the classification soci-
ety is attributed to the flag state itself, potentially triggering procedural and/or
substantive immunity in different legal systems, and how the limited liability for
statutory certification has recently even spilled over to commercial certification of
classification societies.
Rating of financial products, finally, is another system that is meant to build trust
between issuers of financial products and investors but that has gained a dubious
reputation through the 2008 financial crisis, where rating agencies were identified
as actors that contributed to the crisis. Axel Halfmeier describes in his chapter on
‘Liability of Rating Agencies under German and European Law’, how in various
legal proceedings—some of which are still pending until today—the question of the
liability of rating agencies vis-à-vis investors was raised. The author analyses such
claims with regard to jurisdiction and applicable law, and discusses substantive
German law as well as first case law on this question. In addition, the recent
European legislation on rating agencies’ liability and its relation to Member States’
private laws is covered.
4 A Word of Thanks
‘Certification Bodies – Trust, Accountability, Liability’ was the title of a bilateral

international workshop to support the initiation of international collaboration
between the Universities of Kassel and Wageningen. It was organised by Peter Rott
and Martina Deckert at the University of Kassel, with Kai Purnhagen from the
University of Wageningen as co-operation partner. The workshop was funded by the
Deutsche Forschungsgemeinschaft (DFG), for which the editor wishes to express
his gratitude.
References
Blind, K., Jungmittag, A., & Mangelsdorf, A. (2011). Der gesamtwirtschaftliche Nutzen der
Normung. DIN.
Colombo, C., & Eliantonio, M. (2017). Harmonized technical standards as part of EU law:
Juridification with a number of unresolved legitimacy concerns? Case C-613/14 James
Elliot Construction Limited v. Irish Asphalt Limited, EU:C:2016:821. Maastricht Journal of
European and Comparative Law, 24, 332.
DIN. (2000). Gesamtwirtschaftlicher Nutzen der Normung - Unternehmerischer Nutzen. DIN.
Purnhagen, K. (2017). Voluntary “New Approach” technical standards are subject to judicial scru-
tiny by the CJEU! – The remarkable CJEU judgment “Elliott” on private standards. European
Journal of Risk Regulation, 8, 586.
8 P. Rott
Schepel, H. (2005). The constitution of private governance – Product standards in the regulation
of integrating markets. Oxford, England: Hart.
Schepel, H. (2013). The new approach to the new approach: The juridification of harmonized stan-
dards in EU law. Maastricht Journal of European and Comparative Law, 20, 530.
van Leeuwen, B. (2013). From status to impact, and the role of national legislation: The applica-
tion of article 34 TFEU to a private certification organisation in Fra.bo. European Journal of
Risk Regulation, 4, 406.
Volpato, A. (2017). The harmonized standards before the ECJ: James Elliott Construction.
Common Market Law Review, 57, 597.
Part I
Foundations
Certification as Solution to the Asymmetric
Information Problem?
Georg von Wangenheim
1 Introduction
Certification of products, services and even certification agencies aims at various

objectives. If certification is a prerequisite for bringing a product or service to the
market, it is not much different from quality regulation organized as a general pro-
hibition of the product with individual permission as the exception. If it is a private
agency that provides certification under these circumstances, certification is tanta-
mount to out-sourcing of genuine government activity. This form of certification is
not topic of this contribution. Certification may also aim at solving or alleviating a
problem of asymmetric information. A certificate is then similar to a signal of a sup-
plier on the quality of his products. Obviously, producers may also refrain from
sending the signal, that is, they may supply their product without certificate. The
economic literature has discussed certification in this voluntary sense in several
perspectives. The objective of this chapter is to review this literature and thereby to
lay the grounds for the ensuing legal analysis in this book.
I will first remind the reader of the distinction between search goods on the one
hand and experience and credence goods on the other hand (Sect. 2). This will allow
me to recapitulate the basic model of certification due to Viscusi1 in Sect. 3. I will
proceed with a number of variations of this model. In Sect. 4, I will report how some
of the literature allows for opportunism of certification agencies, either by withhold-
ing information or by exerting less than socially optimal effort on collecting infor-
mation about the goods to be certified. Hardly surprising, this also includes collusion
Viscusi (1978), p. 277.

1
G. von Wangenheim (*)

Kassel, Germany
e-mail: g.wangenheim@uni-kassel.de

https://doi.org/10.1007/978-3-030-02499-4_2
12 G. von Wangenheim
between producers and certifiers. Section 5 studies certification of reaching

minimum standards including decisions on how such standards become determined.
I then (Sect. 6) collect a number of variations to the basic Viscusi model which sug-
gest themselves as fields of further investigation but which so far have not or hardly
been discussed in the literature. Section 7 concludes. Throughout the chapter, I will
use the term ‘producers’ to describe the supply side of a market in which certifica-
tion occurs and the term ‘consumers’ for the demand side.
2 M
arkets for Search Goods, Experience Goods
and Credence Goods
Since the seminal papers of Nelson2 and Darby and Karni,3 it is common to distin-
guish the three types of goods mentioned in the title of this section. Search goods
are what economists have in mind when they present the simple model of a competi-
tive market or even a monopoly market. All parties to a contract can easily observe
all properties of search goods which the contract covers before it is concluded.
Hence, there are no information asymmetries. Any care the seller of such a good
takes increases the quality of the good as the buyer observes it. Consequently, addi-
tional care increases the buyer’s valuation of the good and thus his willingness to
pay too. The seller of the product has thus incentives to increase care and thus the
quality of the product as long as the additional costs of care and quality are lower
than the additional valuation of the buyer for the good measured in his willingness
to pay. There is thus no need for any further incentives for the seller to take care and
provide high quality. No regulation is needed, not even liability is required as an
incentive to achieve economic efficiency.
Rarely the argument convinces for all properties of a specific good. It is therefore
more precise to speak of search properties of a good—and experience properties
and credence properties accordingly. However, most of the arguments are more eas-
ily presented if one assumes that all goods can easily be allocated to one of the three
groups without differentiation with respect to their specific properties. We therefore
follow this simplification, which is standard in the literature.
If the buyer cannot observe the qualities of a good before the contract, it is called
an experience good or a credence good, depending on whether the buyer can observe
properties after having entered into the contract or not even then. In both cases, the
argument in favour of economic efficiency of the market is flawed: while additional
care does still increase quality (and costs of production), the buyer’s valuation of the
product and his willingness to pay are not affected any more. Therefore, taking care
and increasing quality cease to be worthwhile to the seller. As Akerlof has shown,
Nelson (1970), p. 311.

2
Darby and Karni (1973), p. 67; an often-cited formalization and extension of the argument is
3
Emons (1997), p. 107.

Certification as Solution to the Asymmetric Information Problem? 13
also in 1970,4 any variance of quality in the market tends to break down and so
possibly does the entire market due to the problem of adverse selection. Of course,
there are ways to overcome these problems, ranging from guarantees given by the
seller in order to signal his high quality, reputation, regulation and, not the least, the
topic of this chapter: certification as a means to reduce asymmetries of information.
All these remedies may substitute each other to some degree, but certification may
be the most efficient remedy under certain circumstances. It is therefore helpful to
better understand how certification works in detail.
3 The Basic Viscusi Model
Nearly 40 years ago, Kip Viscusi introduced a first model of purely market-based
certification as a means to signal high quality of a producer.5 The argument is based
on standard signalling theory: High-quality producers of goods approach a (private)
certification agency.6 This certifier investigates the quality of the product at some
costs, which he charges to the producer demanding certification.7 His investigation
technology is rather simple: if he incurs the costs (of a given amount), he receives
perfect and complete information on the quality of the product. He then correctly
certifies this quality in a way that consumers of the good can fully understand. As a
consequence, consumers can and do decide according to their preferences which of
the certified products they buy and at which price. Obviously, it is not worthwhile
for low quality producers to purchase certification because such certification would
not provide any information to consumers that is valuable to the producer. In equi-
librium, only and all producers whose products are of a sufficiently high quality will
purchase certification, where ‘sufficiently high’ means that the quality induces con-
sumers to be willing to pay more than their average valuation of non-certified prod-
ucts plus the certification costs. From the consumers’ perspective, such certification
elucidates the individual quality of all high quality products and the average quality
of uncertified low-quality products.
4
Akerlof (1970), p. 488.
5
Viscusi (1978).
6
Stahl and Strausz (2017), p. 1842, discuss the assumption that it is the producers who pay the
certifier and not the consumer—an assumption prevailing in nearly all publications on certifica-
tion. They show that in general, certification purchased by producers is (1) more informative due
to the information contained in the decision to certify, which is partly observable and (2) superior
from a welfare point of view. The result is reinforced by the argument that certification purchased
by consumers may be obstructed by low-quality producers. The only exception to this result is
subsidized certification: Stahl and Strausz show their central results hinge on the price for certifica-
tion being at or above marginal costs of certification.
7
Faulhaber and Yao (1989), p. 65, consider a different type of information producing agents:
‘reviewers’ who are paid by consumers rather than by producers, which turns the model from a
signaling to a screening approach. As ‘reviewing’ is empirically much less relevant than certifica-
tion, this paper concentrates on the latter.
Obviously, Viscusi’s model was a first step towards understanding certification,

but most problems require more complex approaches to be appropriately dealt with.
In particular, certifiers may be able to decide on providing correct information on
the producers’ quality or not, certification may refer to only a threshold being met,
consumers’ preferences may be heterogeneous, multiple certifiers may certify dif-
ferent aspects of goods, and both producers and consumers may exert costly effort
to deliberately disguise or discover the true quality of products. The following sec-
tions will tackle these problems, many of which the literature has already discussed
while others still await careful scrutiny.
4 Opportunistic Certifying Agencies
The simple-most way to allow for opportunistic certifying agencies is to assume

that the agency not simply finds and discloses the true quality of the producer’s
good, but chooses between three alternative actions after the producer has solicited
its services. It may either exert honest effort and thus produce true information on
the quality of the good or simply guess the quality without exerting effort or certify
the highest-possible quality, again without exerting any effort.8 Depending on how
costly it is to verify the certifier’s quality assertion, certification itself becomes an
experience good or even a credence good. All problems of asymmetric information,
which were at the very basis of any need for certification, re-occur.
Re-occurring problems suggest re-occurring and standard solutions: guarantees
or other forms of liability, reputation, regulation and certification. Certification of
certifying agencies obviously runs the risk of an infinite regress. To avoid it, one has
to argue that there is a tier of certification on which the asymmetric-information
problem is solved. Thus, only the other three standard approaches may overcome
asymmetric information as a source of fraudulent or negligent certification.
Two reasons exclude that guarantees and other forms of liability work for certi-
fiers. First, it is hard to imagine that guarantees or liability of certifiers can provide
reliable information to consumers when guarantees and liability of producers can-
not. Second, unless honest certifiers never err on the quality they certify, a guarantee
or liability, from which all consumers would have to benefit, would entail tremen-
dous expected costs for the certifier and therefore make certification too expensive
a signal.9 One should be aware that this argument holds true for negligence liability
as much as it does for strict liability unless one adopts the hardly realistic assump-
tion of perfect information on the standard of care required for certifiers.
Among others, Roland Strausz10 has dealt with reputation of certifiers. An impor-
tant property of reputation in general is that it relies on the comparison of one-time
8
Biglaiser (1993), p. 212, was the first to mention these possibilities.
9
Biglaiser (1993) circumvents this problem by assuming that certification only refers to a single
unit of the good and each and every unit is certified individually.
10
Strausz (2005), p. 45.
gains and long run losses from reneging on one’s quality promise. In a dynamic
setting, reputation therefore exhibits substantial economies of scale and economies
of scope: the larger a firm and the more products benefit from the same reputation,
the more there is to lose from defecting on reputation and thus the more credible a
promise to provide high quality becomes. As certifiers specialise in reputation for
credibility, their business is most susceptible to the consequences of economies of
scale and scope: monopolization of the market, or at least oligopolisation. As
Strausz shows, this may raise prices in the certification market even beyond the
static monopoly price.
However, the economic literature is far from completely understanding reputa-
tion in certification markets as the solution to the asymmetric-information problem.
The existing models11 suffer from multiple equilibria, only some of which stabilise
reputation and honest certification. Most publications in the field concentrate on
these desirable equilibria but fail to give good reasons for this abstraction, nor do
they explain how reputation for honest certification grows in the first place.12 Again,
the aforementioned economies of scale and scope exacerbate the problem—reputa-
tion only becomes stable when it promises future gains for many and frequent cases.
To propose government regulation of certification agencies as an alternative
solution to asymmetric information raises questions of the same kind as in other
markets. If government wanted to regulate the output of certifiers, it would be hard
to imagine why the regulator does not use the information required for such regula-
tion of the certifiers to regulate the certified industry directly. Regulation by liability
would suffer from the same problems as discussed before for guarantees. Given the
limited information available to evaluate the care that certification agencies take,
both a negligence and a strict liability regime would expose the certification agen-
cies to a risk of high-stake liabilities that would very quickly destroy any supply on
the market for certification.
Only input regulation, i.e. qualification requirements for the certifiers and
requirements of observable signals of high effort that agencies exert to prepare their
certification decision, can be administered without essentially suppressing any sup-
ply of certification services. Obliging certifiers to employ qualified personnel or
proving their competence in some way or other reduces their opportunity costs of
handing down high-quality certification decisions.13 Obviously, such input regulation
11
Apart from Strausz (2005) see, e.g. Peyrache and Quesada (2011), p. 1099.
12
Peyrache and Quesada (2011) construct a model, in which the certifiers do not switch immedi-
ately from honesty to complete corruption when their time preference becomes too strong, but
gradually increase the range of true qualities for which they accept bribes for exaggerating the
quality in their report, when the relative value they attach to future profits declines.
13
See Shapiro (1986), p. 843, for a first model studying the effects of input regulation in markets
with reputation for output quality. Shapiro considers input regulation in two forms: licensing, i.e.
abolition of supply by producers without a minimum education, and certification, i.e. truthful
information of consumers about whether a producer has passed the minimum education or not.
Note that Shapiro uses the term ‘certification’ for information on input qualification while in this
paper I use it for information on output quality, in line with most of the economic certification
literature.
is far from guaranteeing high quality certification, not the least because it also
reduces competition between certifiers.14
In addition to the simple model of shirking and collusion with only two or three
alternative actions of the certification agency discussed so far in this section, one
could explicitly model the probability of the certifier to determine the quality cor-
rectly as a function of his effort to avoid such errors. On first sight, this endogeneity
of error probabilities does not change much of the argument presented so far.
Producers with high quality will still be the ones who request certification and the
problems of collusion between producer and certifier remain vivid. However, strate-
gies to overcome incentive problems of certification agencies cannot be as simple as
before. As error probabilities cannot be zero with finite effort, optimal strategies of
both producers and consumers must be forgiving and somewhat tolerant with
respect to misreported quality.15 In such a world, market incentives for producers to
produce high quality and for certifiers to exert effort and not to collude with produc-
ers necessarily are incomplete. Although to the best of my knowledge no such
model of certification exists in the literature, I conjecture that no Nash equilibrium
with a socially optimal level of the certifier’s effort or absence of collusion exists,
because that would require observation of effort or full internalization of the conse-
quences of errors. Certification therefore will not be a perfect solution to the quality
problem. Any lawyer-economist might again be tempted to rely on liability to close
the gap between market equilibrium and the social optimum. However, the same
obstacles as discussed before will prevent this approach from being successful.
Strict liability would entail complete insurance of consumers by certifiers for which
hardly any consumer would be willing to pay. Perhaps to a lesser degree but still so,
the same would be true for negligence liability due to unobservability of the certi-
fier’s effort and a thus necessarily uncertain standard of care.
5 Certification of Minimum Quality
Leaving aside the aforementioned problems of incomplete information of the certi-

fier, several authors study the causes and effects of minimum quality certification.
In these models certificates only refer to whether a good’s quality meets (or sur-
passes) a certain minimum standard.
Buehler and Schuett follow Viscusi’s original assumption that certificates are
truthful information on quality. Minimum standard certification then becomes very
similar to public quality regulation. The crucial difference is, of course, that with
certification producers may still decide to produce a quality below the minimum
standard and that it is the market and not the regulator who decides on whether there
14
Kleiner (2000), p. 189, stresses this problem for occupational licensing in general.
15
See Green and Porter (1984), p. 87, for an early model of enforcement of cooperation with uncer-
tainty in a completely different field (cooperation in a cartel). Ganuza et al. (2016), p. 213, apply
the model to quality reputation but not to certification.
is demand for low quality products or not. Buehler and Schuett16 study the effects of
such certification in a duopoly market with some but not all consumers uninformed
about quality. They show that minimum quality certification is superior to minimum
quality regulation when the number of uninformed consumers is large because the
latter tends to deter firms from entering into the market. Van der Schaar and Zhang17
show that the existing results do not depend on the crude simplifications of the pre-
vious literature but extend to a situation where information of some consumers is
not exogenously given, but evolves from reputation over time by Bayesian updating
based on stochastically distorted quality observations.
Lizzeri18 endogenises the disclosure strategy of the intermediary in his model. In
particular, he assumes that the certifier perfectly observes the quality of a good, but
truthfully discloses information on this quality only according to a previously
announced rule, which may, for example, be disclosure of the exact quality or only
information on whether a certain threshold has been passed. One should note that
this assumption also excludes collusion between the producer and the certifier. It
turns out that certifiers with market power will restrict the information they
disclose.
In the extreme case of a monopolist certifier and quality being a merely stochas-
tic outcome of production costs equal across all producers, information will be
restricted to whether quality meets or passes one certain threshold, where this
threshold guarantees that socially valuable qualities, i.e. those which consumers
value higher than the costs of production, are certified while the others are not. The
central argument for this being an equilibrium is that it allows the certifier to maxi-
mise his profits. In less extreme cases, disclosed information will be more detailed
for high qualities, but there will be no differentiation between the low quality
products.
The insights of Lizzeri indicate that certifiers’ policies to only inform about
whether quality meets a threshold is not only a tribute to restrictions of consumers’
limited abilities to process detailed information but also originates from certifiers’
profit maximisation.19 Farhi et al.20 and Lerner and Tirole21 have extended the argu-
ment to incorporate multiple certifiers with only one threshold for each certifier but
different thresholds across them. None of them is interested in revealing the identi-
ties of producers who applied for their certificate but failed to meet the standard.
Such tiered certification systems also add more costs, and delay, to the provision of
information, as producers tend to start high and apply with lower tier certifiers only
after having failed to get high-level certification.
16
Buehler and Schuett (2014), p. 493.
17
van der Schaar and Zhang (2015), p. 509.
18
Lizzeri (1999), p. 214.
19
For an overview of further results supporting this claim, see Pollrich and Wagner (2016), pp. 345
and 346.
20
Farhi et al. (2013), p. 610.
21
Lerner and Tirole (2006), p. 109.
The consequences of minimum quality certification on producers’ incentives to

exert costly effort for improving quality are quite obvious. If information of certifi-
ers is perfect, producers have no incentive to increase quality unless they are able to
surpass the next threshold. If there is only one threshold, only two qualities will
remain in the market. If certification is stochastic but higher quality increases the
probability to be certified, producers of course also have incentives to improve qual-
ity if they are in the vicinity of a threshold. As certification agencies capture some
of the additional profits a producer gets from selling certified high quality, voluntary
certification cannot induce as strong incentives to produce high quality as perfect
information of consumers would.22
6 Open Questions
Despite many steps forward in economic research on certification during the last
two decades, understanding of the full complexity of certification in real world mar-
kets is still incomplete. Three major open questions are the effects (1) of heteroge-
neous consumer preferences, (2) of bounded rationality, and (3) of producers’
choice between quality improvement and active concealment of low quality.
Heterogeneity of consumers’ preferences is likely to be covered with minor
changes of the existing models when only one quality dimension exists and con-
sumers vary in their willingness to pay for such quality. However, adding more
dimensions adds more strategic choices for certifiers as well as for producers.
Imagine, for example, a market for a good produced from resources harvested in
less developed countries and consumed in industrialized countries. Consumers may,
and casual experience shows that they do, care for ecological aspects of resource
growing in LDC and of production in the industrialized country, for social circum-
stances of resource growing and production (e.g. child labour), and for the effects of
the final product on consumers’ health. And consumers will care for these aspects to
different degrees. Das23 provides a first attempt to analyse certification in a market
in which consumers care for more than one quality dimension. Although he models
certification only for one dimension, the addition of a second preference dimension
seems to alter results dramatically and provide additional insights: non-profit certi-
fication becomes superior to for-profit certification if the second dimension of pref-
erences has weak effects on consumers’ choices.24
Such heterogeneity is likely to bring about separate certification agencies, each
being responsible for one or very few quality dimensions. Even within one general
22
Albano and Lizzeri (2001), p. 267; Hvide (2009), Article 5.
23
Das (2016), p. 251.
24
The intuition for this surprising result is that non-certification and thus production of low quality
may be a means to separate markets and thus collect monopoly rents on both markets. If differen-
tiation by the second quality dimension is large enough, certification is not needed to differentiate
products.
quality aspect with asymmetric information, several certifiers may emerge despite
the aforementioned concentration tendencies. Closely competing certification agen-
cies will of course compete on prices they charge to producers but also on the appro-
priateness of their standards of certification for consumers’ preferences. Given
bounded rationality of consumers, even certificates for completely useless or other-
wise irrelevant properties, like e.g. ‘produced without labour of white elephants’,
may emerge and remain in the market for some time. Economic analysis of such
distracting certificates is as much open to further research as the selection of rele-
vant quality dimensions by certifiers.
Surprisingly, nearly all existent economic models of certification completely rely
on asymmetric information in a world where consumers are perfectly rational.25 It is
well known that bounded rationality is not as easily described in a general model as
perfect rationality. Nevertheless, as certification has developed as one major way to
reduce information asymmetries it seems to be straight-forward to also include it in
models with boundedly rational consumers as an instrument to reduce complexity
of information and thus improve decisions of these boundedly rational consumers.
Pu and Zhang26 are the only authors so far, who explicitly include bounded rational-
ity in a model of voluntary certification. However, they reduce bounded rationality
to the inability of consumers to recognise fraudulent certification in a model of one
quality dimension and a given proportion of consumers who are rational and thus
identify the quality of the good directly. Problems of bounded rationality related to
the multiplicity of quality dimensions remain uncovered in the theory-based litera-
ture. Our economic understanding of these problems is still scant.
Finally, a third open field in microeconomic theory in general and the economic
discussion of voluntary certification in particular deserves mention here: the aggra-
vation of information asymmetries by producers, and certifiers, of goods. Suppliers
in any market may be tempted to spend resources on misleading consumers of their
products, be they goods or information, in their perception of quality. The weakest
form, still close to the standard approach in asymmetric-information theory, is
spending resources on hiding information, which may be described theoretically as
the mirror image of not spending resources on disclosing information in a reliable
way.27
There are stronger forms of costly misinformation, though. For example, suppli-
ers may, and some do, actively spread information on exaggerated qualities of their
products or on qualities they do not have at all. Doing so is of course costly. Bischoff
25
Combining the search words “certification” and “bounded rationality” returns zero entries in
EconLit and one for a law journal contribution in SSRN (Becher 2009, p. 747). scholar.google
returns more entries, but none on the first pages really combines the two approaches. ISI Web of
Science returns one case study (Pelaez et al. 2010, p. 27) and the only theory-based paper by Pu
and Zhang (2016), Article No 953.
26
Pu and Zhang (2016).
27
Stahl and Strausz (2017) refer to this problem when comparing producer-purchased and con-
sumer-purchased certification, but their model excludes nearly all other problems discussed in the
current paper.
and Blaeschke28 published one of the few papers in which this social waste of
resources is studied explicitly. However, they do not apply their model to general
markets for experience or credence goods nor to certification, but refer to costly
‘window dressing’ of local politicians striving for funds from a central government.
Applying their approach of using resources either to improve quality itself or to
improve merely its presentation and describing the ensuing perception of quality by
a function of the two uses of resources to the case of producers would be straight
forward and provide a useful starting point for investigating certification in an envi-
ronment where such information-blurring activities exist. Nevertheless, existing
approaches to certification markets until now lack active deception of consumers as
a constitutive element. Understanding certification without accepting the existence
of this problem seems to neglect a major part of the problem.
7 Conclusions
This chapter has reviewed the literature on voluntary certification provided by pri-
vate agencies. Starting from the seminal model presented by Viscusi, the focus was
first on opportunistic behaviour of certifiers. Both collusion with the producer to be
certified and moral hazard of certifiers with respect to their error-reducing effort
have been discussed. It turns out that reputation of certifying agencies and govern-
ment regulation of inputs of certifiers are the only viable approaches to overcome
these problems—despite their imperfections due to economies of scale and scope in
reputation and the risk of abuse of regulation for restricting entry to the certification
market. From the theoretical perspective, reputation of certifiers is disappointing as
a solution to the problems insofar as high quality certification is but one equilibrium
among several others in most modelling approaches.
Besides problems of opportunism, much of the literature on certification explains
the causes and effects of minimum quality certification, which conceals much of the
information certifiers acquire when investigating the products to be certified. It turns
out that this form of certification is a result of profit maximization of certifiers being
contracted by producers. However, this need not be to the disadvantage of consum-
ers as the latter also derive information from the very fact that the producers decide
to apply for a certification, or that they do not. In addition, (boundedly rational)
consumers tend to understand information contained in minimum quality certifica-
tion more easily than full quality information.
Economic literature on certification provides many useful results, but it is far
from giving all answers one would desire for designing a good legal framework for
the certification market. Open questions that the last section of this chapter has
stressed are the discussion of preference heterogeneity of consumers with respect
to more than one quality dimension, the problems of bounded rationality and the
28
Bischoff and Blaeschke (2016), p. 344.
effects of active distortion of information by producers and certifiers, for example

in the form of costly window dressing, which may replace true quality
improvements.
References
Akerlof, G. A. (1970). The market for “Lemons”: Quality uncertainty and the market mechanism.
The Quarterly Journal of Economics, 84, 488.
Albano, G. L., & Lizzeri, A. (2001). Strategic certification and provision of quality. International
Economic Review, 42, 267.
Becher, S. I. (2009). A ‘Fair Contracts’ approval mechanism: Reconciling consumer contracts and
conventional contract law. University of Michigan Journal of Law Reform, 42, 747.
Biglaiser, G. (1993). Middlemen as experts. The RAND Journal of Economics, 24, 212.
Bischoff, I., & Blaeschke, F. (2016). Performance budgeting: Incentives and social waste from
window dressing. Journal of Public Administration Research and Theory, 26, 344.
Buehler, B., & Schuett, F. (2014). Certification and minimum quality standards when some con-
sumers are uninformed. European Economic Review, 70, 493.
Darby, M. R., & Karni, E. (1973). Free competition and the optimal amount of fraud. The Journal
of Law & Economics, 16, 67.
Das, S. (2016). Certification under oligopolistic competition. Environmental Resource Economics,
65, 251.
Emons, W. (1997). Credence goods and fraudulent experts. The RAND Journal of Economics, 28,
107.
Farhi, E., Lerner, J., & Tirole, J. (2013). Fear of rejection? Tiered certification and transparency.
The RAND Journal of Economics, 44, 610.
Faulhaber, G. R., & Yao, D. A. (1989). “Fly-by-Night” firms and the market for product reviews.
The Journal of Industrial Economics, 38, 65.
Ganuza, J. J., Gomez, F., & Robles, M. (2016). Product liability versus reputation. The Journal of
Law, Economics, and Organization, 32, 213.
Green, E. J., & Porter, R. H. (1984). Noncooperative collusion under imperfect price information.
Econometrica, 52, 87.
Hvide, H. K. (2009). Oligopolistic certification. The B.E. Journal of Theoretical Economics, 9(1),
Article id 5.
Kleiner, M. M. (2000). Occupational licensing. Journal of Economic Perspectives, 14, 189.
Lerner, J., & Tirole, J. (2006). A model of forum shopping. The American Economic Review, 96,
1091.
Lizzeri, A. (1999). Information revelation and certification intermediaries. The RAND Journal of
Economics, 30, 214.
Nelson, P. (1970). Information and consumer behavior. Journal of Political Economy, 78, 311.
Pelaez, V., Aquino, D., Hofmann, R., & Melo, M. (2010). Implementation of a traceability and
certification system for non-genetically modified soybeans: The experience of Imcopa Co. in
Brazil. International Food and Agribusiness Management Review, 13(1), 27.
Peyrache, E., & Quesada, L. (2011). Intermediaries, credibility and incentives to collude. Journal
of Economics & Management Strategy, 20, 1099.
Pollrich, N., & Wagner, L. (2016). Imprecise information disclosure and truthful certification.
European Economic Review, 89, 345.
Pu, X., & Zhang, H. (2016). Voluntary certification of agricultural products in competitive mar-
kets: The consideration of boundedly rational consumers. Sustainability, 8(9), Article id 953.
Shapiro, C. (1986). Investment, moral hazard, and occupational licensing. Review of Economic
Studies, 53, 843.
Stahl, K., & Strausz, R. (2017). Certification and market transparency. Review of Economic
Studies, 84, 1842.
Strausz, R. (2005). Honest certification and the threat of capture. International Journal of Industrial
Organization, 23, 45.
Van Der Schaar, M., & Zhang, S. (2015). A dynamic model of certification and reputation.
Economic Theory, 58, 509.
Viscusi, K. W. (1978). A note on “Lemons” markets with quality certification. The Bell Journal of
Economics, 9, 277.
Challenges for Responsible Certification
in Institutional Context: The Case
of Competition Law Enforcement
in Markets with Certification
Victoria I. Daskalova and Michiel A. Heldeweg
1 Certification as Regulation
How does certification relate to legally prescribed patterns of behaviour of states,

markets and civil society and how can a responsible contribution to the workings of
these patterns of behaviour be secured? Assuming that certification, at its core, refers
to a statement that a certain state of affairs meets a predefined norm, does certification
only add (legal) certainty to further legal relations, or does it impact on the nature and
pattern of these relations? We believe that because certification is regulation, its
mechanisms of standard-setting, monitoring and enforcement1 can and often do have
an immediate and profound bearing on basic rules and principles of modes of legal
governance, for example on competition law in market context, on the legality prin-
ciple in a public hierarchy context, and on relationships based on trust in a civil soci-
ety context. This contextual relevance of certification, as a significant regulatory
factor impacting on (basic rules and principles of) modes of legal governance, begs
the question what makes for responsible certification. This would be certification that,
upon its truth-value, is informative and capable of enhancing the functioning of these
modes of governance, such as by remedying knowledge gaps experienced by govern-
ment regulators and by market actors. However, in reality certification may exacer-
bate knowledge gaps and lead to additional distortions, thus leading to either
government failure or market failure. This contribution aims to demonstrate the
1
Black (2002). According to Black, regulation is ‘a focused and sustained attempt to alter the
behaviour of others according to defined standards or purposes with the intention of producing a
broadly identified outcome or outcomes, which may involve, as control, mechanisms of standard-
setting, information-gathering and behaviour-modification’.
V. I. Daskalova (*) · M. A. Heldeweg

Department of Governance and Technology for Sustainability, Faculty of Behavioral and
Management Science, University of Twente, Enschede, The Netherlands
e-mail: v.i.daskalova@utwente.nl; m.a.heldeweg@utwente.nl

https://doi.org/10.1007/978-3-030-02499-4_3
24 V. I. Daskalova and M. A. Heldeweg
significant impact of certification as regulation on the institutional fabric of legal gov-

ernance contexts, and hence the importance of securing ‘responsible certification’.
Section 2 presents an analytical perspective on certification as regulation and the
governance context in which certification functions, with a finishing focus on certi-
fication as an instrument of governance. Against this backdrop, Sect. 3 provides an
in-depth analysis of certification in the context of the competitive market, particu-
larly the context of competition law. In the final, fourth part of this contribution,
conclusions will be drawn as to how context determines the requirements of respon-
sible certification.
2 Certification as Responsible Regulation in Context
This section offers an analytical approach to certification, in order to clarify and

refine some of the conceptual elements from the above. First (Sect. 2.1) we will look
into certification as a declarative-assertive statement and its possible legal meaning.
Next (Sect. 2.2) we discuss the significance of labelling certification as an instru-
ment and an object of regulation. As a next step (Sect. 2.3) we place certification in
the context of legal governance. Finally we identify the key elements that make for
responsible certification.
2.1 Certification as a Statement
Our starting point, that certification is (about) a statement that a certain state of
affairs (or ‘object’) meets a predefined norm, needs refining. The findings are sum-
marized in Table 1.
2.1.1 Certification as a Declarative-Assertive Act
The statement nature of certification is that of a speech act, the content of which is
documented in a certificate (as a document or record). The certificate expresses the
certificating body’s purpose by issuing the certificate: to state conformity of an
Table 1 Different legal meanings and consequences of certification

Act of
certification Certificate Effect of certification
Factual act Mere fact Perceived significance
Legal fact (mere assertive) Applicability of legal rule of conduct
Legal act Legal fact Change in law in rule of power or rule of
(declarative-assertive) conduct
Challenges for Responsible Certification in Institutional Context 25
object of certification with a predefined norm. As such a statement, the act of certi-
fication holds a hybrid purpose, combining an assertive speech act (to describe a
brute fact) with a declarative speech act (of stating a new institutional fact): qualify-
ing and thus presenting a brute fact in terms of an institutional fact.2,3 The truth-
value of certification follows from a conformity assessment undertaken according to
a predefined procedure, whereby it is determined whether a given factual state of
affairs meets a pre-established norm or set of norms.4
2.1.2 Certification Upon Assessment
The underlying assessment leading to certification may take various performative

forms, such as (laboratory) tests, inspections, exams, and audits, the choice of which
depends, first and foremost, on both the object (i.e. the state of affairs) and on the
(set of) norm(s) against which the object is held. The object of certification may be
many things: persons, organisations, constructions, products, services, and pro-
cesses. The norm (or set of norms) will state or scale a quality of the particular
category or type of objects, in qualitative or quantitative terms, allowing for
instances of such objects to be tested or measured against. Thus the assessment
produces an outcome of this test or measurement by which the object is institution-
ally qualified. Depending on the outcome a certificate may (or may not) be issued,
either with or without specification of the underlying assessment outcome.5
Furthermore, the certificate may express the object’s conformity with a norm at a
given point in time, but it may also raise an expectation of continuous conformity
beyond the moment of testing. A certificate from 2001 saying that someone has
achieved a ‘B2’ level of Spanish proficiency according to the Common European
Framework of Reference for Languages makes a statement about this person’s abili-
ties in Spanish at that given moment; it does not necessarily reflect his or her Spanish
language skills in 2017. The certificate may nonetheless be seen as relevant in 2017
as it may support the expectation that the person involved is capable of still perform-
ing at B2 level, as with driver’s licenses, or being able to again achieve that level.
With some certificates the declarative-assertive statement expresses an explicit
forward-looking conformity, implicating a continuous effort to ascertain compliance
2
Austin (1962).
3
Ruiter (2002). See particularly the Supplement to this volume, which presents major distinctions
between types of legal acts. Other types of speech acts are: commissive acts (e.g. a promise), direc-
tive acts (e.g. an order) and expressive acts (e.g. an emotional outcry).
4
Only if the act of certification would be completely informal, without any procedure for the quali-
fication of facts in terms of some norm (such as in saying: it is raining), would it be merely asser-
tive (but even to say ‘it is raining’ seems to involve some measure of humidity or wetness against
which to measure following some procedure).
5
Compare a driver’s license certificate that merely asserts a person’s fitness (as competence) to
drive (safely), but without inclusion of a score at the driver test, to a school or university diploma,
as a certificate that may not only come accompanied by a report card but may also hold a judicium
(e.g. cum laude).
with norms. In these cases, the presence of a certification mark implies that that the
compliance with norms will extend into the future and is subject to regular assess-
ments, such as by monitoring and inspection. Thus, a customer purchasing bananas
which bear the ‘Rainforest alliance’ seal expects that the certificate reflects not only
the state of affairs at the time of testing but a continuous process of quality monitor-
ing and assessment.
2.1.3 Significance of Certification
The significance of certification as a declarative-assertive act—both as regards its

purpose but also as regards its effects on those to whom it is expressed—depends on
its intrinsic and extrinsic characteristics. Intrinsic characteristics are about the accu-
racy of the assessment, as determined by the use of proper methodology, techniques,
and the competence and trustworthiness of the assessor, and the proper handling of
and conclusion upon the assessment by the certificating body.6 Extrinsic character-
istics pertain to the normative underpinning and context of certification. What are
the norms to which the certificate pertains and how relevant are they to those
informed by the certificate? Are their factual expectations influenced, for example
because the certificate expresses a relevant quality of the certified product to the
buyer, or are there legal consequences that are attached to the certification act?7
2.1.4 Certification as a Factual or Legal Act
As follows from the examples, the significance of certification as declarative-

assertive act may be merely factual, depending on its perceived authority and rele-
vance, also as regards the underlying norm, or it may be legal, depending on the
status of the certificate following applicable legal rules. Legal significance may
exist as the presence of a certificate may be a legal fact relevant as condition to the
applicability of a legal rule and the legal effects it prescribes, for example where
certification implies permission (such as admission of a product onto the market), or
when getting a separate permit is conditional upon having a certificate (such as a
building permit upon a safety certificate). When certification is conditionally linked
to some legal effect, such as permission, the underlying rule is a rule of conduct,
determining permissions, dispensations, prohibitions and commands. When, upon
certification, permission takes a separate legal act, the presence of a certificate can
be the conditional legal fact to the relevant rule of power.
The act of issuing a certificate may as such be a legal act, if and when it is
capable of and intended to have legal effects—as in introducing, changing or
6
For example a statement of conformity by an assessor that has an interest in the certificate being
issued does not add to intrinsic credibility.
7
For instance by a rule about ipso jure permission or permission by a subsequent act, such as a
building license that can only be granted upon having obtained a construction safety certificate.
terminating legal positions. This will require that there exists a legal rule of
power, whether by private or public law, that expresses a norm subject (i.e. the
authority to grant a certificate; the power holder/certificating body), possible con-
ditions to the applicability of the power (i.e. an assessment having been made that
may be considered proof of conformity to a norm), a performance (i.e. the legal
act; e.g. a document of certification) and the legal effect of that performance (i.e.
the change in the law it brings about). Being a legal act emphasizes the declara-
tive-assertive nature of certification, as it brings a change in the institutional legal
setting following institutionally validated legal rules of power. Certification as
legal act is a legally valid statement that signifies a change in the landscape of
existing legal relations and rights and obligations involved in them.
However, certification is not necessarily a legal act. When performed in an infor-
mal way, e.g. with the intent of making consumers believe that a product has a
specific quality, even though its procedural underpinning would make it a declarative-
assertive act, legally it might amount to being no more than a mere fact, the instance
of which would be without legal consequence. Only if and when the fact of certifi-
cation has relevance to a rule of conduct or a rule of power does it become a legal
fact and when the act of certification itself brings an intended change in legal
positions.8
The foregoing analysis applies regardless of whether the relevant rules are of a
public or of a private law nature. It is possible that the activity of certification
(including assessment) follows from a private law (say contractual) arrangement, to
then have public law legal effects, and vice versa.9 It is also regardless of whether
certification is voluntarily sought, such as by a manufacturer, supplier, retailer or
service provider to gain competitive advantage, or follows from a legal obligation,
such as to get a license, or as a contractual requirement.10
2.2 Certification as Regulation
Above, the statement was made that certification is regulation. This is not a claim to
an inherent property, but certainly a claim to this often being the characteristic aim
behind certification. At this we apply Black’s definition of regulation as being ‘a
focused and sustained attempt to alter the behaviour of others according to defined
standards or purposes with the intention of producing a broadly identified outcome
8
Such as when a university grants a PhD diploma grants the holder of the diploma the right to
supervise PhD researchers, then this act counts as legal act.
9
We will not elaborate on the legal act of certification as regards its scope, of relevance only inter
partes, as is generally the case in private law, or erga omnes, which is more likely in public law,
also as this requires further analysis of specific contextual rules.
10
One may argue that the latter is basically voluntary, although contracts may not be as consensual
as typically assumed—such as when in the supermarket retail market there is buyer power that
requires suppliers of food stuffs to have their products certified.
or outcomes, which may involve, as control, mechanisms of standard-setting,

information-gathering and behaviour-modification.’ Certification may be regulation
in that it is a focused and sustained attempt to regulate the behaviour of the party
that voluntarily or upon obligation seeks certification, the ‘subjects’ of certification.
This party may be incentivized to change its behaviour to (better) comply with the
predefined norm, such as the above-mentioned fair trade label. Alternatively or
indeed simultaneously, certification may be about regulation towards altering the
behaviour of third parties, as these may want to or be required to change their
behaviour vis-à-vis a person, organisation, product, service etc. depending on this
being certified, such as to influence willingness to contract or trade or ability to be
licensed.
2.2.1 Certification Linking Behaviour to Outcomes
This tells us that the relation between the regulatory instrument of certification
according to certain standards, and the desired outcomes, may operate via the alter-
ation of different types of behaviour involving different categories of certification
regulatees: subjects of certification and third parties. Desired outcomes may vary
considerably as the declarative-assertive statement that certification brings can
either be regarded as an ‘intrinsic end in itself’ or as ‘an extrinsic means to an end’.
The ‘intrinsic end in itself’ outcome relates to certification upon the primary regula-
tory objective to provide authoritative/trustworthy information about the object of
certification where this is lacking in respect of its compliance to a particular norm,
without prejudice to that norm.
Thus, certification can serve a general interest as it broadly adds to existing infor-
mation, knowledge and perhaps to (perceived) trust and (legal) certainty in the role
and functioning of the objects concerned. This in itself, aside from whether there is
broad and positive appreciation of the underlying norm or standard, may serve the
objective of lowering transaction costs or of eradicating misunderstandings that
would otherwise be an impediment to certain processes, mechanisms and relations
and institutional patterns of behaviour, such as of sales, internet services, markets
and governments. Thus certification is an ‘intrinsic end in itself’ as it is neutral or
colourless when it comes to the desirability of compliance to the underlying
standard(s). As an ‘extrinsic means to an end’, certification is ‘taking sides’ as it
seeks to support compliance with a particular standard because the standard itself
represents the desired outcomes. Those outcomes as ends may, as said, be of a very
different nature, ranging from securing or improving on effective and efficient
(supply-chain) management, logistics, and other business operations, to safeguard-
ing and enhancing social values such as safety, security, health, environment, trans-
parency, gender equality and labour conditions. In all of these cases certification
encompasses the element of providing an authoritative statement, but will be posi-
tioned in a way that provides an incentive to (potential) subjects of certification to
adjust their behaviour so they can get a certificate, and/or an incentive to third par-
ties to prefer certified objects above others.
2.2.2 Regulatory Strategies Behind Certification
Given that these incentives may leave discretion to certification subjects and to third
parties to voluntarily decide on the use of and responsiveness to certificates, or alter-
natively, may involve obligations of use and response, strategies towards outcome
achievement need not necessarily be driven by law or legal nature and form. Broadly
speaking, certification may follow three different regulatory strategies11: hierarchy-
based (when certification is obligatory), competition-based (when certification is
seen to provide competitive advantage), and community-based (when certification
is seen to express adherence to shared/social values).12 Certification may follow dif-
ferent strategies at the same time, such as when certification is hierarchically pre-
scribed, but allowing different, perhaps competing, certification schemes, allowing
different standards (for assessment), with the requirement of NGO involvement in
their setting.13 In any case, while hierarchy-based certification is likely to come with
an obligating legal form, a legal form may be totally absent in competition-based
certification when certification is merely a retailer’s or manufacturer’s ploy to attract
consumer interest or to silence NGO objections. When certification is linked to
subsidies or taxes, a legal form will be at play, but rather in terms of the claims and
duties that apply to the scheme, defining the pros and cons of (not) certifying.
Similarly, community-based certification may be non-legal and merely informa-
tional, but may also come with or follow upon (quasi-)legal covenants, contracts or
private standards.
2.2.3 Regulatory Relations Behind (Strategies Behind) Certification
Regardless of the legal nature, different patterns of regulatory relationships may

apply within strategies of certification.14 Regulatory relations may be ‘first party’
relations in which the regulatee is also the regulator. A party may voluntarily self-
regulate to be certified or choose to use only certified goods, services etc. This type
is typical of a community-based certification strategy. In ‘second party’ relations
the positions of regulator and regulatee are separate; a regulator prescribes that the
regulatee has to certify or is allowed only to use certified goods, services etc. This
description clearly fits a hierarchy-based approach, but if prescription takes the
form of a condition to a subsidy or tax, it also fits a competition-based certification
scheme. In ‘third party’ relations we find that between the regulator and (the)
regulatee(s) there is a specialized intermediary regulatory agent. While the regula-
tor may prescribe certification (as requirement or as option with economic conse-
quences), the implementation of the certification scheme is left to a designated
11
Murray and Scott (2002), pp. 491–516, esp. at 502.
12
We do not rule out that certification could also fit an architecture-based (or code) regulatory
strategy, but could not conceive of an example.
13
Heldeweg (2013), pp. 107–139.
14
Levi-Faur (2011), pp. 7–9.
(type of) agent. The regulatees will primarily interact with this regulatory agent and
can fit all kinds of regulatory strategies, even community-based as the designated
type of certification (body) may be specified as leaning toward specific social values
and (social) stakeholder involvement.
2.2.4 Certification Bodies and Regulatory Relations
Given the possibility of such diverse regulatory patterns, which mix regulatory
strategies and relations of certification, we find that regulators, regulatory agents
and regulatees, as well as certification bodies may differ considerably with respect to
their ‘interest nature’. One ideal type distinction in ‘interest nature’ of organisations
is the trichotomy of governments (guided by public interest), firms (guided by pri-
vate interest/for profit) and NGOs (guided by community interest/not-for-profit). In
certification, all types of regulators, regulatory agents and regulatees may be of each
of these ‘persuasions’,15 leading to a possibility of certification being at play in
thirty-nine types of first, second and third party regulatory relations.16
When we take the three possible first party forms of self-regulation, in which a
government, a firm or an NGO voluntarily commits to certification, this is not to say
that they are self-certifying to the extent that they also take the role of a certifying
body. As said, this role, which is not specified in our earlier definition of certifica-
tion, may also be played by organisations of the three aforementioned types.
Certification by a public office may be up to one office in a given jurisdiction, or
several, with or without public authority to give their legal act of certification an
erga omnes legal effect. On the other hand, in the context of a competitive market,
firms may find certification an interesting commercial undertaking; as a result, con-
tracts to certify may ensue. Finally, in a civil society context, NGOs might find that
certification is an attractive way of providing a service to the public at large about
the quality of certain products, services etc.
One could consider it likely that public certification bodies would focus on cer-
tifying compliance with standards of public interest, such as avoidance of pollution,
that firms would focus on standards with commercial relevance, such as product
safety, and that NGOs would focus on standards of social value, such as on gender
equality. However, hybridity is also possible. Firms may compete with NGOs for
certification on social values (e.g. safety in the workplace) or with public authorities
on values related to public interests (e.g. public safety of cars)17; on the other hand,
NGOs might provide certification related to public or commercial interests (e.g. on
human rights performance of states and on fair trade respectively).
15
Ibid., 6–8.
16
We cannot elaborate: three 1st party relations, nine 2nd party relations, and twenty-seven 3rd
party relations. Levi-Faur (2011) and Heldeweg (2013).
17
As by periodical safety certification of cars.
Table 2 Certification as regulation: types of certification and regulatory relations

Second party
Regulation First party (specialized Third party (agency
certification (self-regulation) regulation) regulation)
First party Voluntary Regulated Agency orchestrated
(self-certification) self-certification self-certification self-certification
Second party Voluntary associated Regulated associated Agency orchestrated
(associated certification certification associated certification
certification)
Third party Voluntary Regulated Agency orchestrated
(independent independent independent independent certification
certification) certification certification
2.2.5 Certification in Three Kinds
While the foregoing tells us that in each of the thirty-nine possible regulatory con-
figurations concerning certification, the involved certification body may (also) be of
three different persuasions (yielding a variety of one hundred and seventeen
configurations),18 it ignores a possible variation in the relationship between the cer-
tification subject, as regulatee, and the certification body, as regulator. Similar to the
regulatory relations terminology there are three types of how certification may be
undertaken19: ‘first party’ certification (i.e. certification where the conformity
assessment is performed by a certification subject, ‘providing the object of certifica-
tion’; in short, self-assessment), ‘second party’ certification (i.e. certification based
upon assessment by an associated party, with an interest in the object, such as by an
employer, or a branch organisation) and ‘third party’ certification (i.e. certification
based upon an assessment by an independent party, such as an accredited private
company or public authority). When we combine party-categorisations of regula-
tion and of certification we yield the overview in Table 2.
Under this scheme it is indeed possible that self-regulation comes with self-
certification—as demonstrated in the top left box in the overview of nine party-type
combinations of regulation and certification. In this chapter, however, we choose to
focus on independent third party certification. Consequently our attention goes out
only to the variety at the bottom row of this overview; each of these types, varied
along the kind of underlying regulatory relationship, is of interest to our analysis.
Effectively we are joining the ISO (International Organization for Standardization)
in saying that certification is: ‘[t]he provision by an independent body of written
assurance (a certificate) that the product, service or system in question meets spe-
cific requirements.’20
18
Less if we assume that it is not legally proper to have a public certification body concern itself
with certification of standards that are not about upholding public interests—unless to uphold such
commercial or social values is a public interest concern following the public interest in the proper
functioning of (patterns of) legal relations that depend on compliance in these standards.
19
In defining we build, inter alia, on the ISO/IEC 17000 Conformity Assessment terminology. See:
https://www.iso.org/standard/29316.html—this is not an open source.
20
See: https://www.iso.org/certification.html.
2.2.6 Certification as a Process
We have to make explicit note that in the categorisation of types of certification a

variety is possible that categorises not on the relationship between the certification
subject (providing the object) and the certification body, but on the relation-
ship between the certification subject and the assessor—assuming that the certifica-
tion body can, by definition, be none other than an independent party. This note also
draws our attention to the fact that certification is not merely a single act, but a
process leading up to that act and possibly following upon that act. At its core, cer-
tification is a two-step process of two consecutive performances: an assessment and
an act of certification. The process may, however, be extended, firstly by including
standard-setting as an upfront activity to settle the predefined norm—whether by
settling which existing norm to apply, by tailoring such a norm to a particular object
of certification or its functionality, or by setting a new standard. Secondly, we may
include later steps, upon certification having taken place, such as: review (upon a
complaint against refusal to provide the desired certificate), monitoring (to check on
continued adherence to standards), enforcement (to secure compliance through
warnings and sanctions), and termination (to officialise non-compliance by with-
drawal or non-extension of a certificate). All of these steps may be centralized in the
hands of the certifying body, but they may also be separated across several bodies,
more or less independent of each other. An example of the latter is when a certifica-
tion body hires a commercial assessor/auditing company to perform the assessment,
and when it adopts a given standard. It may be possible, with or without a separation
of roles, that a body wanting to be involved in the performance of these roles
requires a certificate to become involved—such as on its organisational manage-
ment, on skills of employers, or on its ability to perform tests. Furthermore, the
certification body, of other actors within the certification process, such as auditors
and assessors, and indeed of the certification process may themselves become sub-
ject of accreditation.21
2.2.7 Certification: An Instrument and Object of Regulation
So we see that certification as an instrument of regulation is likely to be an object of

regulation. A first concern of regulation would be to safeguard the intrinsic signifi-
cance of certification, ensuring that its truth-value is secured through proper proce-
dure. The requirement of the aforementioned accreditation may be part of this
regulation, but also of review procedures—whether in public or private law arrange-
ments. Closely connected may be the need to regulate for the purpose of remedying
the consequences of failing certification, such as on liability, sanctions and termina-
tion. A second concern which might lead to regulating certification relates to the
Defined by ISO as: the formal recognition by an independent body, generally known as an
21
accreditation body, that a certification body operates according to international standards.’ See:
https://www.iso.org/certification.html.
extrinsic significance of certification, as determined by how the context of certifica-

tion influences behavioural incentives through factual expectations and legal conse-
quences of certification. Not only does the context influence such incentives, and so
the success of certification as a regulatory instrument, but the context itself may be
influenced by certification. Certification, regardless of the specific type, may affect
competition within markets, impede innovations, lead to private interest capturing
public interests, or deny stakeholder influence on local community affairs.
Consequences that may be desirable and indeed intended outcomes of certifica-
tion include: to remedy failures resulting from lack of trust and uncertainty or fail-
ures in business management operations, technical functionalities, the pace of
innovation, and the service to social values. Alternatively, however, undesirable and
unintended consequences may follow from ill-suited certification, thus requiring
regulatory intervention in the workings of certification, such as by requiring accred-
itation and by introducing public-private co- and (third-party) meta-regulation,
securing proper choice, tailoring or development of standards, proper procedures,
checks and balances, legal protection etc.22
2.2.8 Certification as a Legal Institution
With some sophistication, to secure proper working and desired outcomes, regula-
tion of certification can amount to establishing legal institutions. Such an institution
purports a valid pattern of behaviour, prescribed as a ‘distinct legal system govern-
ing specific forms of social conduct within the overall legal system’, instantiations
of which ‘can be dealt with as independent social phenomena’,23 such as property,
contracts, and legal personhood. Certification could be seen as a sub-category of
legal institutions that ascribe a legal quality to a (legal) person, such as upon having
received a personal skills related certificate, or one for an organisation’s overall
management performance, but also of a legal status to a (legal) object, such as the
certification of a financial asset.24
Each type of institution builds upon a conjunction of four types of rules: consti-
tutive rules (about what certification is/means), institutive rules (about how to per-
form the act of certification), consequential rules (about what rules apply to a
certificate, once issued), and terminative rules (about how to end an instance of
certification). What this set of rules brings is the possibility of repeated instantiation
of certificates of a similar kind but with variations tailored to each case of instantia-
tion, depending on the specifics of the given object—as in each university diploma
presenting specifics on the subject, the program that was completed successfully,
etc. In the case of institutive rules, certification will concern application, possibly
standard selection, tailoring or formulation, assessment procedure, decision upon
22
Levi-Faur (2011) and Heldeweg (2013).
23
Ruiter (2002), Chapter 4.
24
Ruiter (1993), p. 357.
assessment and form and procedure concerning the act of certification, and possibly
review. Consequential rules will concern rights and obligations, such as the right to
publicly show that the certificate was awarded, and the obligation of continued com-
pliance and allowing inspection. If certification is related to further changes in the
law, such as particular permissions, consequential rules will include rules on privi-
leges and claims that follow from them. Terminative rules may specify an expiry
date or acts and events that may give cause to withdrawal of the certificate.
2.3 Responsible Certification in Governance Context
As said, the functional relevance of a certificate may differ upon the regulatory con-
text. This context will in turn build upon basic rules and principles of different
modes of (legal) governance, which may in one way or another relate to regulation
by certification and the regulation of certification.
2.3.1 Modes of Governance
Three modes of governance are of particular interest to our subject:

(1) in the context of public hierarchy, featuring interactions between the govern-
ment and citizens, primarily driven by public interest and operating upon gov-
ernment’s power to take unilateral decisions, such as upon the obligation to
certify or the public law legal act of certification;
(2) the context of competitive markets, featuring business-to-consumer and

business-to-business interactions, primarily driven by private interest and oper-
ating on the involved parties consensual exchange decisions, such as to contract
to certify or to contract only upon some object being certified, and to create
competitive advantage by certification;
(3) the context of civil society, featuring interactions between members of a not-
for-profit community or civil network, primarily driven by community/social
interest and operating upon members power to associate and cooperate, such as
in setting up or joining a certification scheme that expresses underlying com-
munity/social values, and advocating compliance with it.
These three modes are of an ideal type nature; there may be many in-between
hybrids, which we will not discuss here.25
25
Regulated markets, between public hierarchy and competitive market (e.g. ‘semi-public ser-
vices’); Networked markets, between competitive markets and civil society (e.g. ‘socio-industrial
networks’); Regulated networks, between civil society and public hierarchy (e.g. ‘social enter-
prises’); Tripartite platforms, between all three ideal type modes (e.g. ‘societal platforms’).
2.3.2 Modes of Legal Governance
Our key concern is that modes of governance appear as empirically observable pat-
terns of behaviour, but are likely to also have characteristic normative dimension
due to the basic prescriptive rules that determine their coordinating modes and
incentives towards interaction: modes of order (command and control), modes
of exchange (supply and demand), and modes of cooperation (community and shar-
ing); orientations of public interest, private interest, and social interest. Typically,
these normative dimensions come with their own basic legal rules. In liberal public
hierarchy these are: constitutional government, separation of powers, rule of law,
democracy, human rights and the legality principle. In competitive markets these
are: competition and consumer law, against the backdrop of company, property and
contract law. In civil society, the area that in general is the least formalized, these
are: human rights on private autonomy and the freedom of association and expres-
sion, against the backdrop of contract law and the law on legal personality. Together
these basic rules—or rule sets or legal regimes—form the jurisdictionally embed-
ded, positive-normative fabric of the modes of legal governance landscapes. Such as
there are of public hierarchy by states and municipalities, of competitive markets for
food stuffs and recreational commodities, or regulated markets for energy and
health care, and of civil networks of NGO’s in welfare, culture, and sustainability
awareness, or regulated networks, such as of public housing—while some of these
legal governance landscapes may indeed be instantiated as legal institutions.26
Basically, a public hierarchy certification can serve to provide information about
conformity with prescribed public interest norms, such as on car safety and energy
efficiency. The related legal effect of being certified could be a government permis-
sion to operate, the grant of a subsidy or a tax reduction, or a lowered intensity of
public inspection. In competitive markets certification can serve to mitigate infor-
mation asymmetries, leading to market failure. The related legal effect of certifica-
tion might be gaining access to the market. Certification in the context of civil
society is in service of settling and securing shared community values, and inform-
ing the community about compliance with them. A related legal effect could be
access to membership and co-operative initiatives. In practice certification may
also, and will often, bridge relations across different modes of governance. An
example of such hybrid certification are the fair trade certification schemes that may
originate in civil society but address commercial practice in competitive markets,
and may become schemes with a broader foundation, involving, next to NGOs,
commercial parties in the standard-setting, assessment and certification phases—
much along the hybridity of roles as discussed in the above.27
26
Assuming there is a general, conceptualizing legal arrangement as a format that holds rules on
their instantiation etc.
27
See Mohan (2010), pp. 24–33. The author provides a summary of the history of fair trade certi-
fication—from its roots in ‘alternative trading movement’ based on ‘solidarity economy’ propelled
by NGOs and charities (Oxfam, Traidcraft as well as faith-based groups such as Christian Aid), to
a more mainstream marketing initiative in which multinational companies cooperate. See also
2.3.3 Normative Alignment
As pointed out above, certification is not a neutral instrument to the extent that it
merely adds to existing rules and regulations, as potentially it could infringe on
these rules and regulations; even and with particularly disruptive sensitivity when it
comes to clashes with basic rules of different modes of legal governance. What to
think, particularly of the legality principle, if a state legislator decides to outsource
permitting to a private certification scheme?28 Or how about a certification scheme
that builds upon standards that effectively shut out new entrants to the market and
thus supports anticompetitive practices? And what to think of certification schemes
that do not allow participation of potential certification subjects when they operate
as not-for-profit civil networks? These questions make clear that there is an issue of
normative alignment: of alignment between regulation by certification and the basic
rules of the legal governance mode in which such regulation is applied. Regulation
of certification is crucial should it be that certification does not align, as suggested
in the aforementioned examples. Normative alignment can be achieved by regulat-
ing certification to the extent that it functions as ‘responsible certification’: certifica-
tion that, upon its truth-value, is informative and capable of enhancing the
functioning of these modes of governance.
2.4 Responsible Certification
The success of efforts towards achieving (such) responsible certification, ultimately

enhancing the functioning of modes of governance, will depend on multiple factors,
of a legal but also of a non-legal nature.
2.4.1 Four Maxims
From a legal governance perspective, various characteristics of a certification

scheme are relevant: its effectiveness (i.e. producing statements with truth value and
with actual service to desired regulatory outcome), its efficiency (i.e. of the certifi-
cation process itself, as compared to alternative instruments, but also in achieving
regulatory outcomes and of being neutral or positive to the efficiency of operations
within the given governance context, such as by lowering transaction costs involved
Wilson and Mutersbaugh (2015), p. 281. A prominent example is the Max Havelaar fair trade label
which started out as a civil society initiative. Drawing the line between pure civil society and ‘mar-
ket’ initiatives may be difficult since, especially with respect to eco-labels, producers may sponsor
NGO certification or establish their own eco-label certification scheme. Kim (2014–2015), pp. 181,
185 f.
28
The legality principle may almost be regarded a container principle, in that many meanings and
functions have been attributed to it. We refer here to the principle that the competent authority is
intrinsically involved in the decisions it takes and may hence be held responsible for them.
in market transactions), its legitimacy (i.e. the certificating body being accepted not
only for its capacity to produce effectiveness and efficiency, but also for its suitabil-
ity to regulate with possible impact on behaviour of others and on the right of these
others to have a ‘voice’ in such regulation),29 and its justice (i.e. in fairness of the
process of certification and in the consequence of certification, following applicable
standards of distributive or commutative justice).
The set of basic (legal) rules characteristic of each mode of governance has a
different take on and strikes a distinctive general balance between these public gov-
ernance maxims of effectiveness, efficiency, legitimacy and justice. Consumer and
competition law, for example, together promote effective and efficient transactions
in the market, but also ensure legitimacy and justice in them, from the perspective
of private interest exchanges. This is distinct from the perspective of public interest
obligations that would determine how all four of these maxims are understood and
balanced in public hierarchy following unilateral decision-making.30 Basic rules of
modes of governance aim to, in general, attribute a particular meaning to these max-
ims and a particular balance in their functioning, characteristic of that particular
mode. We name such basic rules ‘institutional (legal) rules’, or will refer to them as
the ‘institutional (legal) regime’, expressing the normative dimension of the gover-
nance mode as institutional setting.
2.4.2 Institutional and Collective Choice Rules
Our position is that regulation by certification should not be in conflict with institu-
tional rules of modes of governance. Regulation of certification may be needed to
secure the necessary normative alignment with such basic rules. The institutional
rules are the enabling and constraining rules upon and within which further rules,
‘collective choice rules’, are introduced (and changed and terminated), such as the
setting up of legal persons, in contracting and permitting, and in establishing and
transferring property; rules that are either made by more than one (legal) person or
have consequences for more than one (legal) person.31 Rules and regimes on safety
of consumer products in competitive markets, or on restrictions and permits regard-
ing pollution in public hierarchy, or on the creation of societal enterprises of civil
society, are examples of such collective choice rules. Together with the underlying
institutional rules, the collective choice rules and regimes make the legal space
available to the operations that individual (legal) persons are able and allowed to
29
Aside representation, eligibility may be underpinned by notions of fairness, independency and/
or impartiality, wisdom, charisma etc.
30
The term ‘exit’ is often used in respect of legitimacy, to emphasize the consensual aspect of
exchange and the opportunity of the buyer to contract with a competitive offeror. In public hierar-
chy, the term ‘voice’ is often used to express the legitimacy of government in to command &
control, as long as this is democratically underpinned. Hirschman (1970).
31
Contracting takes at least two to achieve success; permitting may take only one, but has effect
inter partes (mostly in private law) or possibly even erga omnes (mostly in public law), property
is about a right in rem, and legal personality is about a legal form of collective action.
engage in.32 Rules regarding regulation by certification are also of the type of col-
lective choice rules, and as such need to align with institutional rules.
2.4.3 On the Origin of Rules
Institutional and collective choice can have an endogenous origin, of an evolution-

ary nature, emerging in response to possible failures or (threat of) suboptimal
behaviour within a given mode of governance. Take, for example, institutive rules
of contract and of tort law that may emerge from on-going market transactions to
gradually extend their functionality to curb anticompetitive behaviour. Case-law,
private standards and contracting by itself may incrementally change boundaries
that limit the allowed trade practices with respect to their competitive relevance.33
When such rules do not endogenously evolve or do not bring an effective, effi-
cient, legitimate or just solution to the problem, an exogenous regulatory interven-
tion may follow, from another governance mode, that of public hierarchy through
public law competition rules.34 Of course, such an intervention makes sense only if
and when it may be said that this attempt at ‘intelligent design’ of such an outside
intervention does allow for a coherent framework of institutional rules: the public
competition law rules may curb existing lawful but undesirable competitive p ractices
in the competitive market, but should do so in a way that does not infringe on the
basic institutional logic of private interest exchanges in a basically competitive
context.
Similarly, the introduction of collective choice rules on, for example, standard-
setting for and certification of a particular product range could follow from an exog-
enous or an endogenous rule-making path.35 They could be organised from within
the market, following upon a network of contracts, with certification perhaps
expanded with private accreditation. At the same time, an exogenous initiative could
follow upon the failure of forces within the competitive market to bring about such
certification despite serious complaints about e.g. information asymmetry. The pub-
lic law certification requirement could be extended with a public law accreditation
32
We freely take these labels (‘collective choice’; ‘operational’) from Ostrom without suggesting
that we import her IAD-framework. See Ostrom (2005). Note that ‘operational’ is about the use/
relevance of Hohfeldian subjective rights, such as claims, duties, privileges, powers, liabilities and
immunities. Hohfeld (1964).
33
van Maanen (1986).
34
A, probably soft law, regulatory response from civil society actors, such as through standards,
certificates and boycotts, is surely a relevant alternative.
35
It could be argued that regulation of a certification (and accreditation) scheme with a general
purpose, non-specific of any type of service or good, would in fact be an addition to institutional
rules (endogenously or exogenously), as it would be in service of (any private interest in; and in
that sense ‘neutral’ or ‘colourless’) the proper working of the market, similar to, exogenously, how
the introduction of a public consumer protection authority, would have such a broader, more insti-
tutional meaning. Collective choice rules are generally more ‘regulatory’ and more related to func-
tional areas of law.
requirement. Again, it would be important that these exogenous collective choice

rules would align well with the underlying institutional rules of the relevant com-
petitive market.
2.4.4 Again: In Modes of Regulation
Cross-governance mode regulation, as from public hierarchy to impact the work-

ings of or within a competitive market, may take different forms. It is of particular
relevance to our subject to distinguish certification obligations introduced by second
party regulation, co regulation or by meta-regulation.
The term meta-regulation was coined by Christine Parker and by John Braithwaite
in reference to a specific form of regulating regulation. In meta-regulation a
(government)regulator provides a framework that defines basic interests and/or
principles, and boundaries, as a matter of being invitational and supporting to self-
regulation.36 Meta-regulation functions at a level just above private first-party/self-
regulation. When a regulator, say from the government, finds that spontaneous
self-regulation fails, it may decide not to fully take matters in its own hands, as by
hierarchy-based, command and control second party regulatory interventions), nor
to engage in co-regulation as a shared public-private effort to regulate; a hybrid of
first and second party regulation. Instead it may facilitate and foster self-regulatory
activity. This meta-regulatory technique, a species of third-party regulation (as men-
tioned in Sect. 2.2.5), is especially relevant in contexts with high societal and/or
technological dynamics, with considerable uncertainty and contestation about
effects and chances of certain threats and/or opportunities occurring. Under such
conditions meta-regulation can provide a platform for establishing responsible
self-regulation which is more effective (than government that does not possess state
of the art knowledge), more efficient (to quickly act upon new knowledge and infor-
mation), more legitimate (as it involves ‘thick stakeholder involvement’) and more
just (in as much as opportunities and threats to given legal positions are properly
identified and addressed—also with a view to externalities).
Clearly, all of these benefits may apply to certification following meta-regulatory
approach—much in keeping with the rationale of ‘the new approach’ to standardisa-
tion.37 Such would entail an obligation to certify, while leaving certification to pri-
vate certifiers, perhaps with the constraint that these would need to operate
competitively and/or would need to be accredited by a private or public accreditation
body. Alternative to a hierarchy-based regulatory strategy obligating to certify, meta-
regulation of certification could operate through a competition-based regulatory
strategy that comes with the promise of public law benefits to being privately certi-
fied, such as public law permissions, relief of public supervisory activities and/
or grant of subsidies or tax-reductions. Meanwhile such a meta-regulatory scheme
Parker (2007) and Braithwaite (2008).

36
The so-called ‘new approach directives’ are a point in case. See: European Commission,
37
Completing the Internal Market [1985] COM (85) 310 final.

may overlap with co-regulation when meta-regulation (gradually) moves beyond

procedural rules of certification. This would be the case when the government regu-
latory arrangements would reach beyond the above public law obligations or benefits
of certification, to engage substantively, together with the interested private parties,
such as branch organisations, in standard-setting and in the design of the certification
process, such as on who should fulfil which roles and how.
Meta-regulation may be said to provide an interesting type of cross-governance
mode of regulation: from its origins in public hierarchy, across to either competitive
markets or civil society networks. To be effective, efficient, legitimate and just within
these exogenous contexts, there would have to be proper normative alignment with
the institutional rules of these modes of governance contexts, to ensure that it adds
to the functioning of these modes, such as by mitigating or even removing informa-
tion asymmetry in competitive markets, while retaining full-competition.
As said, a third party meta-regulatory certification scheme may allow for many
(mostly, but not only, commercial) certification bodies to offer their services, and so
effectively it might create a market for a particular certificate, or tap into an existing
market—while also setting boundaries for the particular market, such as by an
accreditation requirement. This would be in keeping with what is named ‘regulatory
capitalism’ in which standard-setting and certification bodies are competing for ‘cli-
ents’, private and public, that seek guidance and (legal) certainty through private
standards and certificates.38 Aside from (endogenous or exogenous) institutional
regulation by general trade and competition law regimes in competitive markets,
public hierarchy meta-regulation can be an instrument, when applied more broadly
to certification in markets, to improve the market for certificates. Aside from per-
haps being helpful to avoid anti-competitive behaviour, meta-regulation could, by
prescribing accreditation, be helpful to uphold the intrinsic function of certification
(i.e. its claim to truth-value). This would support consumer confidence and avoid a
situation in which those seeking certification would be confused about which
scheme to choose, or at risk of choosing the wrong scheme, or facing serious trans-
action costs in searching and deciding.39 Aside from such an exogenous intrin-
sic functionality towards improving institutional rules, meta-regulation of
certification could have the objective of securing implementation and enforcement
of public interests which are extrinsic to certification public. Thus, it would, in a
setting of collective choice rules, concern compliance with rules in matters of public
safety and security,40 environment, transport, health care, food safety, and others.41
38
Braithwaite (2008).
39
Consider that in the EU there actually exists a regulatory regime for accreditation with public
authority: Regulation (EC) No 765/2008 of the European Parliament of 9 July 2008, setting out the
requirements for accreditation and market surveillance relating to the marketing of products, OJ L
218/30.
40
Also financial security—think of the role of credit rating agencies.
41
See Sect. 2.2.1 to sense the fit between the distinction between ‘intrinsic end in itself’ and
‘extrinsic means to an end’ regulatory objectives, and the distinction we make here between meta-
regulation addressing institutional rules or collective choice rules.
2.5 C
ertification as Regulation of Public Interests,
Endogenous or Exogenous to Public Hierarchy?
The above brief discussion about meta-regulation as a tool of the government to

regulate, particularly, the workings of the market—either at the level of institutional
or of collective choice rules—is only one of various ways in which public hierarchy
can exercise cross-governance influence.42 Actors in competitive markets and in
civil society can also attempt to regulate exogenously, even addressing government
as a regulatee. This, however would more likely be through competition- and
community-based regulatory strategies, such as do the same, such as by their private
or community standard-setting or certification schemes. The use of hierarchy-based
regulation is less likely available to them.43 Therein lies the strength of government:
to regulate markets and civil society unilaterally, and to do so by more coercive and
prescriptive means than meta-regulation. Unlike competitive markets and civil soci-
ety governments, which within the liberal state-doctrine are assumed to have an
autonomous origin and operate through equal freedom of their private actors,44 gov-
ernment will require proper procedural and substantive justification (or input and
output legitimacy) to cross-governance mode regulatory interference—as follows
from the institutional rules of public hierarchy.45
Above, we discussed the option of certification by governmental meta-regulation.
Clearly, there is scope for the more coercive and prescriptive option of obligating
certification through hybrid co-regulation or by mere second-party government
regulation. The latter would amount to a public law arrangement of certification
resulting in certification as mere facts, of a mere informative nature, but mostly as
legal acts relevant to permission (such as to import a type of car into a country or to
drive an individual car on the public road, or to be allowed to use a particular aca-
demic title) or other public benefits (such as regarding subsidies or taxes or expedi-
ence of bureaucratic procedures).
42
As alluded to earlier, actors in competitive markets and civil society can do the same, as by their
standard setting or certification, but rather through competition- and community-based regulatory
strategies.
43
Hierarchy-based private regulation is an option on the basis of access to/use of private property
rights. There may be scope (even) for code-based regulation in that firms in competitive markets
may take decisions, following demand, that lead to exclusion of certain technologies that govern-
ment in public hierarchy favours—such as in changes in ICT-services.
44
Freedom being defined as the absence, in principle, of (legal) obligations.
45
Also see our references above (in Sects. 2.3.2–2.3.3) to the legality principle and more in the
below. The liberal state doctrine and legality principle basically hold that government/public law
(unilateral) regulation is only allowed by exception (not as a general power such as in contracting),
when necessary (because of specific private law failure on a point of public interest) and if propor-
tionate (not publicizing more than necessary). With government regulation, one should always
(keep) ask(ing) which private ailment it aims to remedy, and whether that facility is indeed still
remedial.
2.5.1 Public Law Certification and Public Hierarchy Institutional Rules
If certification is strictly a government public law arrangement, legislation will demand

that one or more public bodies appoint certification bodies and bear responsibility for
their actions. Thus, a Dutch university issuing a PhD certificate complies with legal
requirements regarding the nature of achievements necessary for the conferral of a
doctorate degree. The norm-setting phase—passing of law and adoption of related
administrative guidelines—is subject to institutional public law constraints and good
governance safeguards. As such the decision to (not) certify can be subject to judicial
review.46 Beyond the norm-setting phase, legal acts—such as decisions implementing
these norms or further regulations on the basis of delegated competences concerning
assessments and certification are constrained by principles of administrative law, such
as the right to be heard when a negative outcome is foreseen and can also be subject to
judicial review. Finally, factual acts, such as withholding goods in customs due to lack
of an appropriate certificate, can also be subject to judicial review. In addition to these
hard law remedies, there is a ‘soft’ aspect of good governance guarantees for public
actors—complaints can be submitted to a national ombudsman. Thus, should a dispute
arise about what a certification process entails, who carries out implementation and
how, and whether the certification activities and the entities carrying them out reflect
the desired public interest goals, procedures for contestation, monitoring and correc-
tion are applicable. Of course, aside from their fit to institutive rules, public law certi-
fication schemes should ideally also align with related collective choice rules, such as
on the establishment and workings of universities (in case of the PhD certification) or
those concerning imports and exports of goods, in the case of customs certification.
2.5.2 Public Law Use and Consequences of Private Certification Schemes
As said, it is well possible that government legislators and regulators, mostly due to
a desire to deregulate or to outsource public regulation, opt for government collec-
tive choice regulation, such as regulation of telecommunication, (private and public)
education, energy provision and construction safety,47 to by meta-regulation intro-
duce or in second party regulation make use of existing private certification schemes
in competitive markets or civil society networks. This implies that the declarative-
assertive certification act of a private certifier may count as a legal act or even a legal
fact in the public law context, which may raise questions as regards compliance
with/normative alignment of such private certification authority with the institu-
tional rules of public hierarchy that underpin the public law collective choice
arrangement to outsource certification. Consider, for example, a regime in which
construction safety as a public interest is regulated by government through rules that
require a private certificate for construction safety.
46
Most countries allow for judicial review of legislation for compatibility with the constitution. A
notable exception in this respect is the Netherlands, where constitutional review of legislation is
precluded by Art 120 of the Dutch constitution.
47
And many others, such as those named in fine of Sect. 2.4.4.
As Eijlander et al have explained, from the public law perspective there are basi-
cally four types of private certification schemes)48:
1. certificates as full permission/benefits—if with private certificate then ipso iure
public permission or other benefits are granted;
2. certificates as conditional to permissions/benefits—only if with private certifi-
cate, possibly public permission/benefits will be granted. Generally public
assessment is more marginal (private certificate as presumptive evidence);
3. certificates as indicative of compliance—if with private certificate then related
private auditing can substitute public oversight or lead to minimizing oversight
or even applying meta-oversight only (i.e. to check if there is proper private
auditing and compliance control)
4. certificates as market-making devices—if with private certificate, this expresses
a distinct quality that makes for a market niche, without specific public law
relevance.49
From types 1 to 3, certification comes with decreasing public law relevance with
respect to the possibility that the private quality of certification may not adequately
‘cover’ a legally prescribed public quality, as regards the relevant collective choice
public hierarchy/law regime that refers to private certification, which may build
upon application of the precautionary principle in matters of public and private risk,
or even as regards underlying public hierarchy/law institutional rules. As regards the
latter, compliance is at stake with requirements of procedural justice/input legiti-
macy (e.g. democratic accountability, public/stakeholder participation; complaints
procedures/judicial review), and of substantive or distributive justice/output legiti-
macy (e.g. proper protection of and respect for human rights, especially as regards
positive obligations following Articles 2 and 8 of the ECHR,50 and, more generally,
public safety, security, heath, and environmental protection, and legal principles
such as legal certainty and equal treatment.51
2.5.3 Public Hierarchy Certification Regulation
To safeguard compliance with relevant public collective choice rules and underpin-
ning interests, as well as general institutional rules of public hierarchy, public hier-
archy legislators or regulators may, in applying private certification for public
interest, use different regulatory approaches.52
48
Eijlander et al. (2003), pp. 50–57.
49
Eijlander et al. (2003) only look at the public/state v. private/market dichotomy. One could add
to 4. civil society certificates that are only relevant to community-building.
50
Art 2 ECHR—right to life; Art 8 ECHR—respect for private and family life.
51
We could add that there is a public interest in maintaining basic autonomy through equal freedom
in markets and in civil society, but will assume that this will be safeguarded by institutional rules
of those governance modes as they apply to the private certification schemes in question—should
these rules (and practices) fail, then this becomes another matter.
52
Which we name only briefly—also considering other contributions to this volume.
Public meta-regulation of private certification may be concerned only with safe-

guarding the intrinsic quality of the private certificate. This would apply particularly
when the public interest is not specified beyond the need for proper truth-value of
certification in the general interest of proper information that may support proper
functioning of public hierarchy—such as in a meta-regulatory scheme on ICT cer-
tification of public information services.
Public meta-regulation of private certification may be concerned with a public
collective choice interest, whereby private certification is regulated with require-
ments that are distinctly relevant to the particular public interest sector (health,
transport etc.). These requirements would relate specifically to issues such as the
standards that are applied (e.g. including a precautionary stance to risks), the legal
status of the certificate (e.g. forward-looking) and the certification process (e.g.
broad stakeholder involvement). Notification of (standard setting and of) certificat-
ing bodies is a typical example whereby more institutional public law requirements
may be translated in eligibility of private organisations to become a certifier under
the public meta-regulatory scheme. In such meta-regulation use can also be made of
private standards, such as ISO-IEC 17020/17024/17025/170265 standards for con-
formity assessments, with specifications as regards certification of persons, of prod-
ucts, processes and services, and as regards testing and calibration. At the EU level
we find, for example, requirements for notification of conformity assessment bodies
following from the Annex of Decision 768/2008/EC,53 which relates inter alia
(under R14) to recognition by national accreditation authorities, and to specific
demands (in R17), such as being established under a Member state’s national law,
having legal personality, adequate technical competence, being transparent, apply-
ing reproducible procedures, being confidential when necessary, and being insured
against liability, while further rules address proper procedures for certification,
regarding the possibility of reservations, suspension, and withdrawal (R22-26), and
obligations to provide information to other certification bodies (R28). Within the
EU, at the Member State level, more specific rules may apply for private certifica-
tion under specific public law acts, either following implementation of EU direc-
tives or as autonomous national legislation. In the Netherlands, the provisions on
certification in the Commodities Act54 are an example of the former and those in
the Construction Law55—one of the latter. Again, we see general requirements, such
as on legal personality, independence, impartiality, expertise, registration, com-
plaints, insurance, and, more specifically, on contracts with specific standard setting
bodies or managers of certificate specific guidelines, and other provisions regarding
(thick) stakeholder representation.
53
Decision (EC) No 768/2008 of the European Parliament and of the Council of 9 July 2008 on a
common framework for the marketing of products, and repealing Council Decision 93/465/EEC
[2008] OJ/L 218.
54
Act of 12 November 2009, Stb 2009, 503 (Dienstenwet), implementing EU directive 2006/123/
EC of the European Parliament and of the Council of 12 December 2006 on services in the internal
market [2006] OJ L 376/36.
55
See the contribution by R Neerhof in this volume.
Co-regulation of private certification becomes a relevant option when meta-

regulation is not expected to yield the desired private law follow-up or when it is feared
that it will fail at public interest safeguards. Private certification, by a private certifier,
becomes a public-private undertaking as the relevant public authority also takes sub-
stantive responsibility for the certification process and its outcomes. As we assume
that the certification body remains a private legal person, public hierarchy influence
could exist through involvement of the relevant public authority in the selection of
relevant standards, public authority representatives being involved in the relevant
underlying standardisation committees, or relevant public authority observers being
involved in the activities of certification body. Co-regulation is relevant especially
when public responsibility for certification follows from the almost binding character
of certification (as in the types 1 and 2 above), and/or when certification concerns key
public interests, such as on public safety, security, health and environment.
Semi-publicisation of the private certification may take the form of a private law
certification body performing its certification activities fully according to public law
provisions on the standards to test against and the procedures to be followed, such
as in MOT testing, as a QUANGO with quasi-public authority; just shy from becom-
ing a fully-fledged public law body with public authority.56 This regulatory type is
relevant to certification types 1 (certification with the authority of public permis-
sion/claim to benefits), or 2 (certification conditional to or indicative of subsequent
public permission/benefits) when only one certification body is (exclusively) com-
petent. When there is competition, regulatory options a-c apply. The attractiveness
of a quasi-public authority (QUANGO) lies in retaining some characteristics of
a private legal person (efficiency; demand-driven quality), and placing the certifica-
tion body outside political control (impartial/independent), while applying public
law rules and principles (also to avoid the perverse incentives of a ‘race-to-the-
bottom’, and to secure openness and transparency).
2.6 P
ublic Hierarchy and Responsible Certification:
Intermediate Conclusions
Above, we have performed a five-step analysis. First, we looked at the core charac-

teristics of certification, such as its declarative-assertive nature, following a confor-
mity assessment against a norm, having intrinsic and extrinsic characteristics, while
being legal or non-legal in form. Next, we discussed certification from a regulatory
perspective, with outcomes as intrinsic ends in themselves or extrinsic means to an
end, following regulatory strategy, structured by types of regulatory relations, with
actors from various persuasions, performing certification of various types,
56
A Quango (quasi-autonomous non-governmental organisation) is a hybrid organisation in that it
is not a public body (and so does not fall within the normal scope of government hierarchy under
democratic control) but it does exercise public authority. It often concerns expert agencies such as
fair competition regulators.
following a process of certification, being not only an instrument but also an object
of regulation, possibly regulated as a legal institution. Thirdly, we discussed the
relevance of modes of governance as relevant contexts of certification, and the need
for normative alignment. This lead us to consider the meaning of ‘responsible certi-
fication’, the art of balancing four maxims, and relating certification to institutional
and collective choice rules and how they are used as instruments of exogenous and
endogenous regulation of certification (within and across modes of governance),
such as by meta- and co-regulation. Upon those latter distinctions we finally took a
brief look at certification of public interests, from the public hierarchy perspective,
demonstrating especially how institutional public law rules constrain the use of pri-
vate certification.
The latter analysis sets the scene for a more in-depth analysis of the institutional
context of competitive markets. The following sections will explore the challenges
of preserving the value of competition on markets in which certification plays an
important role. The focus is on the role of competition law as an instrument of regu-
lating certification activities for the purpose of safeguarding competition on the
market. To what extent competition law can achieve this goal and what unique chal-
lenges are faced by enforcers will be discussed in the sections below.
3 C
ertification in the Institutional Context of Competitive
Markets
Certification can take part in a private context and be shaped by the rules of the
market but it is not always easy to distinguish a ‘private’ context from a ‘public’
one. A public body may appoint or authorize a certain private body to carry out
certification activities required by law. For example, customs agents carrying out
inspections may in fact be self-employed professionals or businesses performing
car inspections can be privately owned. The service provided may be for-profit and
subject to private law (e.g. contract law). On the other hand, there is a public hierar-
chy aspect to such a scenario. The government might be involved in the selection of
certifiers—e.g. by directly appointing specific certifiers, by issuing licenses itself or
by setting regulatory requirements about certification bodies. In this case, although
the actors may be private, the certification context is to a large extent determined by
public authorities.
For this reason, it might be helpful to draw the distinction according to the nature
of relations in the context in which certification takes place (hierarchy, competition,
collaboration), while realizing there may still be hybrid situations. The focus for this
section is on certification taking place in the context of a ‘competitive market’. In
this context, certification services are not only provided for compensation, but pro-
viders of certification service are in competition with each other for customers.57 In
There may not be much competition on this market but the distinctive feature is that the actors
57
are in competition with each other.

this context, certification obeys the rules of the market—of supply and demand—as
opposed to being required by hierarchy, or by being agreed upon in the context of
cooperation, sharing, and consensus-based networks.
In a competitive context, certification is a service provided against compensa-
tion. The service in question is an assurance—for the customers or business partners
of a given organisation—that a given product58 complies with pre-established nor-
mative requirements. Thus, a certifier supplies certification services to companies
looking for certification; in doing so it produces information which others—retail-
ers, consumers or lenders—use in making business decisions. A certification body
thus brokers information between two different groups of actors.
Certification in a competitive market context does not imply that only for-profit
activities are covered. Certifiers might differ with respect to their economic motiva-
tions—a certifier of online shops is motivated by the desire to turn a profit, whereas
an organisation such as the Rainforest Alliance is motivated by the desire to achieve
sustainability goals. What is key is that from the point of view of the customers
there is a choice between different certification schemes. This market is character-
ized by competition even if some actors on this market (e.g. the Rainforest Alliances)
might see competition as contrary to their objectives. The key distinguishing ele-
ment of this institutional context is thus not so much the formal legal form or the
(non-)economic aspirations of the entity carrying out certification but the fact that
certifiers are in competition with each other and that the number of certifiers form
‘a market’ on which companies ‘shop around’ for a certificate. In this context, the
choice of certifier is neither determined by public hierarchy nor established in a col-
laborative way in the context of civil society.
3.1 C
ompetition Law: Meta-regulation for (Certification)
Markets
Markets are institutions which enable exchanges of goods and services. There is
much debate regarding the extent to which markets should be regulated. From a
public interest perspective, regulation related to consumer protection, environmen-
tal protection and labour protection seem necessary. However, the point of departure
for this contribution is that markets need rules not only because of the public interest
in achieving specific outcomes related to workers, consumers, or the environment;
markets need rules that enable their functioning to the self-interest of market partici-
pants. Such rules correct for market failures and enable markets to efficiently per-
form their function as institutions facilitating trade in the long-run.
Competition law is the area of law which, apart from any public interest goals
that it may strive to achieve, provides rules needed to ensure the long-run viability
of markets as institutions facilitating trade. The basic goal of competition law is thus
58
The object of certification may be a product, service, business process or the business itself.
the preservation of competition on the market which implies safeguarding opportu-

nity for all to participate in the market and to ‘compete on the merits’.59 It should be
noted that in recent years, competition law is often presented in terms of outcomes
(efficiency and consumer protection), the emphasis being on what the competitive
process delivers to consumers in terms of low prices, quality, and choice.60 Despite
this trend, there is an underlying understanding that the competitive process is a
goal which is at least equally important. This calls for a basic standard of justice
with respect to the market aspect. This standard is reminiscent of Rawls’ veil of
ignorance and it requires asking the question: if market parties would have to agree
on a normative framework without knowing their role on the market (e.g. owner of
a dominant multinational corporation or a struggling start-up, an innovator or
an imitator), they would choose for a normative framework which favours opportu-
nity—market access. If they do not know in advance whether in a given transaction
they will be on demand side or on the supply side, they would choose for a system
which safeguards a fair distribution of the surplus generated by a transaction. Thus,
a young Bill Gates would benefit from a system which allows market access for a
small entrepreneur; a powerful Microsoft would prefer a system which is more pro-
prietary and oriented towards market domination. The basic principle of preserving
the competitive process requires that competition law does not pick the ‘winners’ or
‘losers’ but that it provides rules that keep markets sufficiently open so that they can
continue to function as spaces of opportunity and exchange. Competition law is thus
a form of meta-regulation which enables markets to come into existence and which
safeguards their ability to function optimally in the long-run. Along with property
rights and contract law, we can thus view the competition provisions as legal institu-
tions essential for the functioning of a market.
This section explores the competition concerns that might arise in markets with
certification. The starting point is the assumption that with more competition among
certification schemes, higher quality certification will be provided—thus, more
truthful information about products and services will be available in the market.
What this contribution reveals is that certification—just like other services offered
59
The idea of ‘competition on the merits’ is linked to the understanding that competition law
ensures that the best companies have a chance on the market. However, the actual interpretation of
the term and the best type of analysis needed to achieve a merit-based competition regime are
contested. On the one hand, promoting competition on the merits requires protecting opportunities
for market access. On the other hand, it implies that the best (cheapest, most efficient) companies
should be allowed to succeed. See OECD Roundtable, Competition on the Merits (2005) DAF/
COMP(2005)27. There is much debate on whether the emphasis of competition law and policy
should be on preserving ‘opportunities’ or ‘outcomes’. For an illuminating comparison of the dif-
ferent approaches to competition law and policy, see Fox (2003), p. 149.
60
This formulation appears in a number of hard and soft law instruments but also in statements by
commission officials. In a 2015 speech, Commissioner for Competition Margrethe Vestager
explained that the Commission’s ‘first goal is preserving good competitive conditions in the mar-
kets, which translates into lower prices, better quality and wider choice for consumers.’ See
Vestager, ‘The values of competition policy’ (Keynote speech at CEPS Corporate breakfast ‘one
year in office’, Brussels 13.10.2015). For an extensive discussion of the interpretation of the ‘con-
sumer welfare’ concept, see Daskalova (2015), p. 133.
on markets—may fall victim to anticompetitive strategies. The result is a ‘rigged’

certification process which results in sub-par value for customers, which excludes
more rigorous competitors or harms consumers of certification, thereby undermin-
ing the legitimacy of the market for certification as a whole. A rigged certification
market can have detrimental effects—such as limitation of innovation, quality, con-
sumer choice or consumer surplus—on the markets for the products and services
which are being certified.
The competition law and economics literature can be a useful source of theory
about the types of anticompetitive strategies that certification schemes can fall vic-
tim to. Doctrine coupled with the experience of courts and regulators can supply a
number of scenarios which reveal the challenges to responsible certification in a
market context. This contribution reaches the conclusion that although certification
may perform a valuable regulatory function, private regulatory processes in the
institutional context of a competitive market can fall victim to conflicts of interest
and tempt private parties to conspire not only against the public interest, but also
against the interest of other market participants.
3.2 C
ertification Markets: Markets for Information,
Assurances and Trust
Certification markets are essentially markets for information. Certifiers produce the
information about the products or services being certified. The users of this informa-
tion include the customers, lenders, shareholders or other types of business partners
of the certified company who rely on this information when making decisions—e.g.
decisions to buy the certified company’s products, to lend money to the company or
to engage in other business transactions with the company in question (e.g. investing
in the company and more generally contracting with the company). Information plays
a key role in markets. Lack of trusted information about products or suppliers might
lead to a situation in which market transactions never take place—as in Akerlof’s
famous example of the ‘market for lemons’ in which the market fails to clear.61
Certification may play a facilitative role but in some cases its role is even consti-
tutive—as when certain types of market transactions (i.e. by high-quality sellers in
Akerlof’s example) are unlikely to take place in the absence of certification. Thus,
in the absence of a webshop certification, a consumer may forego online shopping
altogether. A different role that certification can play is to help products achieve dif-
ferentiation and thus attract new customers or command a higher market price.62 In
Akerlof’s example of a market for lemons, possession of a certificate can serve as a
signalling device for quality which attracts customers. Today, a consumer faced
with a choice between unlabelled bananas and ‘Rainforest Alliance’ certified
61
Akerlof (1970), pp. 488–500.
62
Viscusi (1978), p. 278.
bananas may be willing to pay a premium price for the certified bananas. Thus,
certifiers can play an important role in the commercial performance of a company’s
product or service. Quality information from a trustworthy source can also improve
market performance by allowing for better matching between sellers and buyers.63
Seeing certification as a signalling device, however, fails to convey the regulatory
characteristics of certification. Seeing certification as a mere signalling device
implies that it is a voluntary activity undertaken by high quality sellers in order to
achieve differentiation. In some cases, however, certification is so important that it
becomes a de facto, even if not de jure, prerequisite for market access.64 Certification
is unlike other signalling devices which companies can employ in order to provide
information. Surely, trademarks, warranties, and private guarantees included in
a contract are all tools within the reach of individual companies; they can send pow-
erful signals about the characteristics and quality of a product. However, unlike these
other devices, certification is special in that it is not linked to a specific company or
product. Rather, it is open to a number of companies within an industry, it is usually
performed by an independent third party and may be related to characteristics which
apply to a variety of goods or services within a product or service category.65
Regarding the normative nature of certification activities, the link with standardi-
sation should be clarified. Certification often goes hand-in-hand with standardisa-
tion activities and may be carried out by the same body. However, this need not be
the case. Certification may be a separate activity from standard-setting. Standard
setting bodies lay down the norms that a given standard requires; however, to what
extent compliance with the norms is achieved is ascertained by a special body in
charge of the process which leads to awarding a ‘label’ or a certificate. This process
includes the setting of evidence requirements, scheduling of inspection appoint-
ments and monitoring of activities. The European Commission acknowledges that
certification can constitute a separate market distinct from the market for standardi-
sation, and markets for testing products.66
Finally, from a competition perspective, a distinction between the market for
certification and the market for the goods or services affected by certification should
63
Ibid, 277–279. Unlike Akerlof’s example, the good-quality providers in this market do not exit
the marketplace; rather, they seek to differentiate themselves in order to be able to price
discriminate.
64
The OECD Competition Assessment Tool views certification as a market barrier. See OECD
(2016), p. 24.
65
A fair-trade label or an eco-label may apply to products that do not necessarily compete on the
same markets—e.g. dishwashers and washing machines are on separate relevant markets but use
the same label; fair trade bananas and fair trade cocoa compete on separate relevant markets but
use the same label.
66
Communication from the Commission, Guidelines on the applicability of Article 101 of the
Treaty on the Functioning of the European Union to horizontal co-operation agreements [2011] OJ
C 11/1 (hereinafter: Horizontal Cooperation Guidelines 2011), para 310. According to the
Commission, ‘Dissemination of a standard can be enhanced by marks or logos certifying compli-
ance thereby providing certainty to customers. Agreements for testing and certification go beyond
the primary objective of defining the standard and would normally constitute a distinct agreement
and market.’
be made. Certification can surely have an impact on these related markets. In prac-
tice, however, little is known about market definition in cases related to certification.
The 2011 Guidelines on Horizontal Cooperation Agreements by the European
Commission mention certification markets but few competition law decisions and
cases related to certification as such exist. The dearth of examples is problematic for
an additional reason. For most certification schemes there will be network effects
between the two distinct groups of users—the more valued a certificate is by con-
sumers, the more valuable the certificate will be for the companies seeking certifica-
tion. Some certification markets may exhibit characteristics of two-sided markets,
as is argued with respect to credit rating agencies.67 The presence of a two-sided
market would imply different techniques for market definition than the usually
accepted ones.68
4 C
ompetition Concerns: Exclusion and Exploitation
in the Context of Collaboration
Competition concerns can usually be summed up under two headings: exploitation

and exclusion. Exploitation refers to the use of market strength (be it in the context
of unilateral action or cooperative agreement) for the purpose of extracting welfare
from business partners (be they customers or suppliers). Limitations of price com-
petition, innovation or quality are examples of such practices which seek to enrich
one party at the expense of others. Exploitative practices harm business partners
directly.
Exclusionary practices, on the other hand, harm consumers indirectly—by elimi-
nating competitors. These concerns are present in the case of standardisation activi-
ties but also in the case of certification activities. In the Guidelines on Horizontal
cooperation, the Commission explains with respect to standardisation:
[Restrictive effects on competition] can occur through three main channels, namely reduc-
tion in price competition, foreclosure of innovative technologies and exclusion of, or dis-
crimination against, certain companies by prevention of effective access to the standard.69
Both exclusionary and exploitative practices can lead to market failures, in par-
ticular market power and its abuse. Market failures undermine the effective func-
tioning of markets and result in sub-optimal performance, e.g. insufficient quantities
of goods provided, presence of externalities. Although some types of market fail-
ures such as the presence of market power may further the private interests of some
market participants by enabling privately profitable practices such as monopolistic
pricing, these failures are against the shared interest of all producers and users, who
67
Fasten and Hofmann (2010). In the case of credit rating agencies, there may be a two-sided mar-
ket when agencies sell ratings both to sellers and to buyers of securities.
68
Filistrucchi et al. (2014), p. 293.
69
Horizontal cooperation guidelines (2011), para 264.
collectively prefer a well-functioning, open market to a closed, monopolized

market.
The market failure can arise as a result of collaboration between companies or
because of unilateral action by companies—which is reflected in the separate provi-
sions on ‘agreements’ and ‘unilateral conduct’—respectively, Articles 101 and 102
TFEU in EU competition law or Section 1 and Section 2 of the Sherman Act in the
case of US antitrust law. Provisions on merger control in the US and the EU also
distinguish between ‘unilateral’ and ‘coordinated’ effects, thus mirroring the dis-
tinction between ‘agreements’ and ‘unilateral conduct’ in the antitrust provisions.
The following sub-sections will explore how anticompetitive concerns may arise
in certification activities and what legal tools are available to address these con-
cerns. Firstly, it will discuss exploitation and exclusion concerns in the context of
‘collaborative agreements’ between competitors. For this part, the contribution will
build on the framework of Professors Lande and Marvel: ‘fixing prices, rivals, and
rules’. The next section will discuss exploitative and exclusionary concerns in the
context of single-firm conduct.
4.1 A
Theoretical Framework for Anticompetitive Private
Regulation
In an article seeking to explain the different types of what may broadly be called
‘collusive schemes’, Professors Lande and Marvel distinguish three types of collu-
sion, namely: ‘fixing prices’, ‘fixing rivals’, and ‘fixing rules’.70 The advantage of
the framework is that it moves beyond mere ‘price fixing’ to explain why collabora-
tive initiatives in the private sector, even those involving companies which are not
direct or even potential competitors,71 can be harmful to competition. The frame-
work may also give an insight into single firm conduct with respect to regulatory
activities which is not explained by short-term profit goals.
The framework unpacks the popular term ‘collusion’ into three types. The first
and most obvious type is price collusion. The example that most often comes to
mind is the classic cartel—a group of companies producing competing goods. These
companies fix price or output or divide the market with the goal of increasing their
profits. With a joint increase in prices, consumers have no choice but to pay the price
the cartelists ask for; with an orchestrated decrease in output, a similar outcome is
achieved—companies economize on production costs while enjoying the higher
price that scarcity provokes. Finally, when companies decide to divide the market—
agreeing not to sell to each other’s customers, or assigning specific territories to
members of the cartel, consumers are prevented from shopping around and lower
prices are established. Cooperation of this type helps companies jointly achieve the
outcome that monopoly power makes possible—lower output and higher profits.
Lande and Marvel (2000), p. 941.

70
In order to be considered direct competitors, companies need to compete on the same product
71
market and on the same geographical market.

However, as Professors Lande and Marvel observe, collusion aimed to replicate

the outcomes of a monopoly does not exhaust the types of anticompetitive agree-
ments that courts and agencies have encountered in the past. A number of other
types of collaboration can also limit competition in a detrimental way without, on
the face of it, directly aiming to increase prices or split markets. Rather, some types
of collaboration target the rules of the market or the rules governing a certain indus-
try or certain types of transactions. In these cases, companies may use private regu-
latory activities (such as standardisation or accreditation) in order to alter the
meta-regulation of the market—a goal rather different from a cartel’s objective to
influence the outcome in the context of a set of transactions.
For example, non-direct competitors may come together to establish rules which
make it more difficult for foreign producers to access the market. They may also
establish rules which raise consumer’s search costs or otherwise alter the regulatory
framework to tip the balance in favour of one group vis-à-vis another. Thus, produc-
ers may seek to disadvantage consumers by seeking to alter the regulation of con-
sumer contracts; alternatively, in the case of collaborations among purchasers, the
outcome might be to set norms and industry practices that tip the scales in favour of
purchasers (of a given input) vis-à-vis producers.
The unfortunate consequence of these types of collaborations is the effectiveness
and legitimacy of the market mechanism is undermined. Certification can be a tool
for achieving a number of the practices enumerated. These will be discussed, with
examples primarily from the EU competition law doctrine, in the following
sub-sections.
4.2 Fixing ‘Prices’
This is the most obvious category of anticompetitive behaviour in the context of

competitor collaboration. The term ‘price’ is broadly defined to capture various
aspects of competition, including: output, quality, and range of choices for consum-
ers. There are two ways in which certification bodies can help companies achieve
the anticompetitive goals of collusion on the price: providing a forum for collu-
sion (collusion in parallel) or providing the means for implementation of the collu-
sive agreements (collusion inherent in certification).
4.2.1 Collusion in Parallel with Certification
Firstly, certification bodies can serve as active facilitators between cartelists. In this
sense, a certification body is no different from a common trading partner who acts
as a ‘hub’ for exchange of commercially sensitive information. In this case the cer-
tification body acts as a conduit of information—e.g. by organising or facilitating
exchanges of information between competing companies, or by serving as a ‘cover’
for anticompetitive agreements.
An example of this scenario is the Belasco case. It concerned the conduct of a

cooperative association (Belasco) of a number of Belgian roofing felt manufactur-
ers. The association’s primary goal was to assist in the establishment of standards
for IBN (Belgian Standards Institution).72 In addition to standard-setting, Belasco
also developed a trading mark—a label for members of the association.73 The label
was meant to signal higher quality to consumers.
In parallel to these purportedly beneficial activities, a number of parallel anti-
competitive agreements were made. These included: setting a common price list and
minimum prices for Belasco roof felt products and for ancillary products; provi-
sions to respect each other’s markets (preserve the ‘stability of clientele’) and allo-
cation of quotas for the Belgian market; prohibitions of gifts to clients and sales at
a loss; rules on discounts; provisions on monitoring and on compensation for
infringement of these rules, e.g. by means of establishing security deposits in a
guarantee fund.74
Additionally, Belasco’s standardisation and joint advertising activities sought to
restrict the range of products, limit the differentiation (or rather customer perception
of the differentiation) of the members’ products and to prevent the development of
new products which would compete with Belasco products.75 Finally, Belasco’s
members also took measures to exclude competitors by boycotting novel products
and by agreeing on buyouts of failing competitors.76 These measures were not in any
way justified on the basis of superior performance.
It should be noted that even when certification is carried out by a third party, and
communication between parties is limited, antitrust concerns with respect to the
exchange of information may arise. A fundamental principle in antitrust law is that
parties should conduct themselves independently on the market.77 This principle
requires that they do not exchange information or coordinate their current or planned
commercial activities. Exchange of information or dissemination of information
which limits uncertainty among competitors as to their commercial conduct is thus
viewed with suspicion.
72
Case C-246/86 SC Belasco and others v Commission of the European Communities (Belasco and
Others v Commission), ECLI:EU:C:1989:301 at ECR 2120.
73
The mark was not officially registered as a trademark.
74
Case C-246/86 SC Belasco and others v Commission of the European Communities (Belasco and
Others v Commission), ECLI:EU:C:1989:301.
75
Ibid., para 30.
76
Ibid., para 4. According to the background information, “[t]he agreement also provided for the
adoption of defensive measures against competition from foreign undertakings or competition
resulting from the establishment of new undertakings or the discovery of products to replace roof-
ing felt. The members of Belasco also undertook to contribute to the purchase of any plant for the
manufacture of the products concerned in the event of a company’s insolvency or the sale of an
undertaking consequent on the exercise of rights by a third party and not to sell or hire out any
plant for the manufacture of such products.”
77
See e.g. ECJ, Joined Cases 40-48, 50, 54-56, 111 and 113-114/73 Suiker Unie,
ECLI:EU:C:1975:174.
If a number of companies use the same certification body (organised via an

industry association or independent third party), information related to prices, mar-
kets and volumes78 of rival companies might flow through this body. Competition
law is aware of the dangers of such information flows. Similar issues arise when
companies make use of the same consultancy company or make agreements in the
context of industry associations, so the case law on this issue can be informative.
For instance, the European Court of Justice has held that information exchanges via
a consultancy can lead to anticompetitive effects. In AC Treuhand, the European
Court of Justice found that a company which is not itself active on the market on
which collusion takes place—the market for sale of goods and services, as opposed
to the market for certification—can fall within the scope of the antitrust prohibitions
when it acts as a ‘facilitator’ of a cartel.79 This means that even an independent ‘third
party’, a certification body can be held liable for misusing the information shared
with it in the course of a certification procedure. The rationale is clear: when a cer-
tification body does not take care of the information shared through it, the certifica-
tion process may be distorted into a collusive activity with negative effects on the
derived markets for products and services.
4.2.2 Collusion Inherent in Certification
Secondly, the certification process itself may be collusion in disguise. Where certi-
fication schemes enable competitors to agree on prices or to agree not to decrease
prices, or when it enables them to limit the number and type of promotions per year,
the anticompetitive harm is clear. However, more subtle changes with respect to the
product specifications relevant for certification can achieve the same effect. The
ground is fertile for collusion when the certification scheme is controlled by mem-
bers of the industry, for example when set up in the context of an industry associa-
tion. In this case, parties can use the pretext of collaboration to make normative
choices which result in higher prices for consumers, or limit competition on quality
or innovation.
An instance of how certification can lead to collusion on ‘prices’ is when a cer-
tification body provides a norm-setting opportunity for competitors. Setting norms
related to product characteristics (including inputs), production processes or terms
of contract is often at the core of what certification is about. At the same time, the
norm-setting process may be rigged with the consequence that the norms set harm
other market participants. In this regard, certification and standardisation activities
raise similar competition issues since the norms set in the context of such coopera-
tion between competitors can amount to a conspiracy to transfer welfare from busi-
ness partners (customers or suppliers) to the parties setting the standard or
establishing the certification criteria.
78
Equally important is other information which would allow companies to derive insights about the
pricing, volumes, discounts, promotion, market expansion or secret innovation plans of rivals.
79
Case C-194/14 P AC-Treuhand v Commission, ECLI:EU:C:2015:717.
When companies make agreements with respect to the level of quality or nature
of product characteristics, they deny consumers the opportunity for more choice and
higher quality products. Thus, companies may jointly decide not to further improve
the quality of an item, or they may choose an inefficiently high (supra-optimal)
quality level, thus forcing consumers to pay for features or levels of service they do
not require. Companies may also jointly decide to limit the choice available to con-
sumers by limiting product lines, discontinuing products or restricting product vari-
ety with the goal of diverting traffic to products which are more profitable. Finally,
with respect to innovation, companies may decide to limit research and develop-
ment in certain respects or they may commit not to implement desirable innovations
in order to prevent disruption or cannibalisation of sales of existing products. The
European Commission acknowledges these issues in the Horizontal Cooperation
Guidelines.80
Such concerns have been raised with respect to ‘green’ initiatives which turn out
to be ‘green-washing’ cartels.81 However, examples can be found also with respect
to simple ‘standard-setting’ such as the industry-accepted recipe for ‘pasta’.
Examples of anticompetitive norm-setting can be drawn from both sides of the
Atlantic.
In the US, anticompetitive quality specifications set by purchasers were the sub-
ject of dispute in the National Macaroni case.82 Notably, in this example, it was one
side of the industry—the input purchasers—which set the specifications for the pro-
ducers. The body in question was the US national association of macaroni produc-
ers. The members were faced with increasing prices for durum wheat due to a
combination of high demand from abroad and crop failures. To protect themselves
from the rising input prices, the manufacturers jointly agreed to alter the recipe for
macaroni: instead of using 100% durum wheat in the pasta products, they decided
to use 50% durum and 50% farina. This orchestrated decrease in quality left con-
sumers without the choice of a high quality pasta product (which, admittedly, would
have been more expensive). In this case, collaboration in norm-setting aimed to
mimic the outcome of monopsonistic purchasing.83 Norm-setting by one side of the
industry (e.g. the demand side) is a continued concern in the food industry. The fear
is that standardisation and certification requirements imposed by large buyers can
80
European Commission, Horizontal Guidelines (2011), paras 264–268.
81
In a case of 2011, the European Commission fined major detergent producers for using an envi-
ronmental initiative launched in the context of their trade associations in order to coordinate pric-
ing strategy. The environmental initiative in question aimed to improve the performance of
detergents. See Press Release IP/11/473, ‘Antitrust: Commission fines producers of washing pow-
der € 315.2 million in cartel settlement case’ (Brussels, 13.04.2011) and Case COMP/39579
Consumer Detergents, decision of 13 April 2011, [2011] OJ C 193/14.
82
National Macaroni Manufacturers Association v Federal Trade Commission 345 F.2d 421 (7th
Cir. 1965).
83
For a US perspective, see Blair and Harrison (2010), p. 117; for a EU perspective on buyer stan-
dardisation and non-economic goals, see Daskalova (2016), Chapter 5. On the exercise of buyer
power in the context of standard-setting see: Lundqvist (2014), pp. 208–211.
lead to exclusion of small suppliers from the market due to the high costs of the
certification required by buyers.84
In the EU, an important case on the joint setting of norms related to an energy
label was the European Commission’s decision in CECED.85 In CECED, the lead-
ing suppliers of washing machines in the EU set a minimum energy efficiency stan-
dard. The standard essentially required parties to discontinue the production or
importation of the lowest grades of the energy label for washing machines, thus
preventing them from competing across the complete range of energy categories.
The Commission examined the competitive impact of the decision and found that
although it was expected to lead to increased prices, consumers would be compen-
sated by the energy savings generated and that society as a whole would benefit
from the significant environmental benefits brought about by the agreement.
Subsequently, two more agreements by CECED—on dishwashers and water
heaters—were also exempt by the Commission.86
4.3 ‘Fixing Rivals’
The anticompetitive collaboration discussed above relates to rather recognizable types

of collusion—namely, agreements meant to exploit customers (or suppliers) directly
by transferring wealth. But what if such collaboration is too risky and likely to be dis-
covered? Another option for competitors is to limit the type of rivals allowed on the
market. Thus, while no direct agreement on the prices is reached, at least competition
is limited. This ‘type 2’ collusion covers agreements which seek to exclude or other-
wise disadvantage actual or potential rivals—for instance, by raising their costs or cut-
ting their access to customers.87 The rivals in question could, for instance, be foreign
producers or could be producers employing a novel technology, process or business
model that threatens to erode profits or decrease the market share of the incumbents.
Examples of tactics whereby these goals can be achieved include: boycotts, predatory
pricing, or introducing requirements that aim to increase rivals’ costs.88 This type of
anticompetitive collaboration, while falling short of a cartel, nonetheless harms com-
petition on the market and puts in question the legitimacy of market outcomes.89
84
On the impact of retailer-driven standards on small-scale farmers, see Purnhagen et al. (2013).
85
Commission decision in Case IV.F.1/36.718 – CECED [2000] OJ L 187/47.
86
Commission decision in Case COMP.F.1/37.894 CECED Dishwashers [2001] OJ C 250/2 and
Commission decision in Case COMP.F.1/37.893 CECED Water Heaters [2001] OJ C 250/4.
87
88
Ibid., 947 f. In the case of raising rival’s costs, there may be two goals: (1) to foreclose the com-
petitors from the market or (2) to establish a price umbrella, enabling incumbents to charge higher
prices while retaining a more ‘competitive’ position vis-à-vis the rivals in question. See also
Krattenmaker and Salop (1986), p. 209.
89
Often this type of collusion will be accompanied by ‘type I’ collusion because, without some
way to limit competition among themselves, collaborators will not be able to retain the gains from
excluding competitors. See Lande and Marvel (2000), p. 985.
4.3.1 Who Sits on the Board?
Several cases from the EU and the US exemplify how certification procedures can
be used for the purpose of excluding competitors. Especially relevant in this respect
is the process of adopting norms, the membership criteria, and transparency of the
organisation. The process of articulating and adopting norms in the context of stan-
dardisation or certification bodies could be misused for the purpose of excluding a
novel or technologically superior product. An example from the US is the Allied
Tube & Conduit Corp v. Indian Head Inc.90 case.91 In this case, a manufacturer of
electric conduit made from plastic sought to have its product approved by the
National Fire Protection Association. This association was in charge of adopting
standards related to fire protection; it was responsible for publishing the National
Electrical Code in which it sets requirements, inter alia, for electrical wiring sys-
tems. The Code itself is included into the laws of state and local governments and
also used by private bodies such as certification laboratories, insurers, inspectors,
contractors and distributors. For a product to succeed on the market it had to be
certified by means of a listing in the code. Given that until then electric conduit was
primarily made from steel, incumbent producers with stakes in conduits manufac-
tured from steel felt under threat. They conspired to ‘pack’ the annual meeting of
the association with new members solely so that these members could vote against
extending code approval to plastic conduits.92 The procedures allowed for a simple
majority to prevail and thus enabled the incumbent producers to foreclose an inno-
vative product from the market.
A similar matter was analysed by the European Commission in the context of the
EMC complaint.93 In EMC an innovative cement producer complained that the stan-
dard setting procedure for the CEN standard of Portland cement was biased in
favour of the industry incumbents. The complainant had developed a new type of
cement known as ‘Energetically Modified Cement’ which promised improved per-
formance, lower costs, and greater environmental benefits (less pollution and less
waste). EMC argued that the association of existing cement producers had con-
spired with the standard-setting body so as to exclude alternative products from the
standard for cement. It argued that the standard precluded competitors by being
prescriptive rather than performance-based. The Commission found that the appli-
cant had not provided enough evidence to support its claims. In particular, it noted
that there were alternative methods to obtain an EC mark in addition to complying
with the CEN standard and that the standard-setting procedures which led to the
90
486 U.S. 492 (1988).
91
The case is discussed in Lande and Marvel (2000), p. 987. Lande and Marvel identify it as a
‘Type II’ collusion.
92
486 U.S. 492 (1988) Syllabus.
93
European Commission Case COMP/F-2/38.401—EN 197-1 Standard—EMC/European Cement
Producers [2005].
adoption of the standard in question were open, voluntary and non-discriminatory.

Importantly, in EMC, the Commission did not examine the substance of EMC’s
claim nor did it verify whether EMC’s product was genuinely better.94 Still, it is
worth considering the applicant’s counter-claims, notably that the alternative proce-
dures for obtaining the CE mark were expensive and lengthy and that many procure-
ment tenders are specifically tailored to the CEN standard, not necessarily the CE
mark.
Although the Commission dismissed EMC’s complaint, we should note that the
applicant’s theory remains plausible—that where obtaining a certification (in this
case, the EC mark) is essential for access to the market, the rules related to setting
the standard are essential. In cases where a novel product implies the disruption of
sales for incumbents, it is to be expected that incumbents will use their powers to
protect the older technology.95 It is evident how certification in this case could be
used to erect a barrier to entry for competitors. Unnecessarily strict certification
requirements, high fees, or difficult access to a certification body (e.g. due to geo-
graphical location, language or other barriers) or to an affordable alternative can
make it impossible for a producer to access a market. Of course, this will be the case
when certification is considered important in a given market—to the extent that
access to the market is seriously prejudiced in the absence of (one of the accepted
types of) certification. This issue is also recognized in the OECD Guidelines on
Competition Assessment.96
4.3.2 Fixing Rivals and Fixing Prices: A Recipe for Watertight Control
It is possible that type 1 and type 2 collusions go together. Type 2 measures help
fence out the market from competitors, whereas type 1 measures ensure that exploi-
tation can take place. A type 2 measure eliminates one of the main threats to cartel
stability—namely, entry by competitors on a market with supra-competitive prices.
An example of the reinforcing effect of type 1 and type 2 measures is the Dutch
Cranes case, which, according to the Commission, resulted in a ‘watertight system’.
In this case a Dutch trade organisation for companies hiring out mobile cranes
(FNK) set up a certification body (SCK) with its own certification scheme. We
should note that this private certification system existed in parallel to the existing
94
Similar concerns are expressed in Lundqvist (2014), pp. 201–205.
95
It is remarkable that the Commission dismissed EMC’s complaint about close links between the
standard-setting body CEN and the trade organisation of cement-producers, Cembureau, as ‘nor-
mal lobbying activity’. Certainly, in the context of public regulation, lobbying activity itself is also
regulated. See European Commission Case COMP/F-2/38.401—EN 197-1 Standard—EMC/
European Cement Producers [2005], para 102.
96
See OECD (2016), p. 17, where it is noted that “[…] self-regulatory mechanisms, which allow
firms to collaborate in certain areas, may also lead to firms coordinating their activities and engag-
ing in cartel-like behaviour (e.g., price-fixing) and creating barriers to entry for new firms. This
concern calls for greater alertness on the part of the regulatory officials and governments and even
the need for some carefully crafted checks and balances to minimize the potential adverse effects.”
statutory (public law) certification system for inspection and testing of crane equip-
ment.97 Even though the scheme was recognized by the Certification Council of the
Netherlands as independent and received some subsidies from the Dutch state, it
remained closely linked to the trade association. The Commission discovered that
the trade association (FNK) had certain problematic rules in their general conditions
which were meant to soften competition on prices and other terms of trade among
competitors. However, the SCK played a complementary role in enforcing these
competition-softening clauses by linking them to the conditions for certification.
For instance, the SCK required that certified firms would have to apply the general
conditions of FNK; it also made the process of obtaining certification more difficult
for foreign applicants.98 Certified firms were not allowed to sub-contract cranes
from non-affiliated companies. Non-compliance with these terms could lead to
withdrawal of the certificate. Essentially, SCK was meant to be a certification sys-
tem open only for the members of FNK. Even though it opened up to other compa-
nies over time, it remained de facto more difficult for non-FNK members to obtain
certification.
The Dutch Cranes case is an example of how a seemingly independent, third-
party certification scheme may be a puppet in the hands of incumbent industry inter-
ests and play a role in enforcing collusive agreements. It warns against the damaging
effect that unrestrained freedom in private regulatory activities, in this case—indus-
try certification—can lead to. A critical mass of companies can set up a scheme
which simultaneously ensures higher income for the participants and prevents chal-
lenges by competitors. Importantly, such scheme may be a ‘sham’. In the Dutch
Cranes case, the Commission noted that the SCK certification system did not add
any benefit to the existing statutory measures—it merely replicated the statutory
requirements.99 Such a ‘fake’ certification system, when discovered, can erode con-
fidence in the consumers and in the private regulatory process.
The concerns raised by ‘type 2 collusion’ were recognized by the Commission.
In its decision, the Commission identified the conditions for assessing decisions or
agreements in the context of certification. The Commission found four relevant cri-
teria in assessing a certification scheme:
Whether a ban can be regarded as preventing, restricting or distorting competition within
the meaning of Article 85(1) must be judged in the legal and economic context. If such a
ban is associated with a certification system which is completely open, independent and
transparent and provides for the acceptance of equivalent guarantees from other systems, it
97
The various requirements related to the necessary characteristics of cranes were set out in several
decrees. A governmentally-appointed foundation was in charge of carrying out inspections and
approving cranes.
98
For instance, it required that applicants show their registration with the Dutch Chamber of
Commerce—something which would not have been applicable for Belgian or German applicants.
99
Commission Decision in Cases IV/34.179, 34.202, 216—Stichting Certificatie
Kraanverhuurbederijf and the Federatie van Nederlandse Kraanverhuurbedrijven (Dutch Cranes)
[1995] OJ L 312/79, para 37.
may be argued that it has no restrictive effects on competition but is simply aimed at fully
guaranteeing the quality of the certified goods or services.100
Given the nature of the contested measure, the Commission focused its assessment
only on two of the criteria—openness and acceptance of equivalent measures; these
were accepted by the Court.101 Thus, it is not clear that the four criteria are cumula-
tive. Importantly, the Court held that the measures taken by the certification body in
question need not be the focus of assessment. The certification system as a whole
could be found incompatible with Art. 101 (1) TFEU if it did not meet the relevant
criteria:
The prohibition on hiring which reinforced the non-open nature of the certification system
and had the effect of raising a substantial obstacle to access by third parties to the
Netherlands market, and in particular firms established in another Member State, in fact
constitutes a restriction of competition within the meaning of Article 85(1) of the Treaty.
That conclusion would be no different if the applicants could show that the clause is neces-
sary in order to preserve the coherence of SCK’s certification system. The fact that the
system is not open and equivalent guarantees offered by other systems are not accepted
means that the system itself is incompatible with Article 85(1) even if it were proved, as the
applicants claim, that it gave added value compared with the Netherlands legislation. A
specific clause in such a system, such as the clause prohibiting hiring from uncertified firms,
does not become compatible with Article 85(1) because it is needed to preserve the coher-
ence of that system, since the latter is by definition incompatible with Article 85(1).102
The implications are far-reaching: the nature of the measure does not depend on
the type of certification system since a certification system failing to meet the
requirements is itself considered in breach of the antitrust provisions. Thus, it is not
only the decisions of private certification organisations that could be contested
under Art. 101 (1) TFEU, the certification scheme itself could be declared incompat-
ible with that article if it is set up in a closed way and sets rigid requirements which
cannot be satisfied by applicants by other means.
These organisational criteria and governance requirements are a way for the
competition authorities to limit the anticompetitive exercise of private power under
the pretext of self-regulation. Similar criteria hold for the exemption assessment of
standard-setting agreements from the antitrust prohibitions on the presence and
compliance of certain governance criteria which include: openness, transparency,
reasonable pricing, and non-discrimination.103 In its decision in CECED, the
100
Dutch Cranes decision para 23.
101
See Art 3 of the Dutch Cranes decision. In its assessment, the Court did not deny that the other
criteria could be useful but given that only two criteria were used, it ruled on whether these two
criteria are pertinent. Joined Cases T-213/95 and T-18/96 Stichting Certificatie Kraanverhuurbedrijf
(SCK), Federatie van Nederlandse Kraanverhuurbedrijven (FNK) v Commission of the European
Communities (hereinafter: SCK and FNK v Commission) [1997] ECLI:EU:T:1997:157, paras
133–135.
102
Ibid., para 149.
103
See Horizontal Cooperation guidelines [2011], paras 280–286. The requirements are summed
up in para 280: ‘Where participation in standard-setting is unrestricted and the procedure for
adopting the standard in question is transparent, standardisation agreements which contain no
obligation to comply (3) with the standard and provide access to the standard on fair, reasonable
Commission emphasized the fact that the agreement was technologically neutral.104
The use of such ‘governance criteria’ for the assessment of the compatibility of a
scheme is an interesting approach of assessing private regulatory schemes. It is
quite different from the ‘more economic approach’ which would require showing of
anticompetitive effect in terms of raised prices or limited output. Although the
approach has yet to be fine-tuned to take into account the distinct types of organisa-
tions and types of conduct that can be problematic, it is an important safe-
guard against type 2 collusion.
4.4 ‘Fixing Rules’
The third category of collusion refers to activities which may not involve actual
competitors and which take place in markets where classic cartel-type collusion
would not be possible or would easily be discovered.105 According to Professors
Lande and Marvel, it is an ‘imperfect substitute for type 1 collusion, a way of mak-
ing an industry better for cartel members, but not imitating a monopoly as perfectly
as classic collusion.’106 While it falls short of a direct agreement on price or quality,
this type of collusion aims to enforce rules which improve the position of the indus-
try as a whole vis-à-vis consumers. It can be effective in markets where type 1 col-
lusion is difficult to achieve due to, for example, discretionary pricing or tailor-made
products or services.107 Hence the emphasis on rules, not outcomes.
This type of anticompetitive collaboration refers to manipulating the rules under
which competition takes place. Lande and Marvel give examples in which competi-
tors ‘jointly manipulated the rules of competition to ensure that the equilibriums in
these markets, despite not being determined cooperatively, yielded supra-competitive
prices and profits.’108 The goal of such collective action by industry is to extract wel-
fare by e.g. increasing consumer’s search costs, or tipping the market in favour of the
producers rather than the consumers. Examples include: industry association rules
on prohibition of certain types of advertising (e.g. price advertising),109 industry
and non-discriminatory terms will normally not restrict competition within the meaning of Article
101(1).’
104
Commission Decision Case IV.F.1/36.718. - CECED [2000] OJ L187/47, para 65.
105
106
Ibid., 985.
107
According to Lande and Marvel (2000), p. 985 additional circumstances include difficulties in
monitoring transactions and difficulties in punishing cartel cheaters.
108
Ibid., 949.
109
An example is the California Dental Association discussed in Lande and Marvel (2000), p. 960
f. An example of a more nuanced attempt is in the National Society for Professional Engineers
case; the society’s rules prohibited comparison price advertising with no distinction about the type
of project (simple or complex). The result was that customers would have to incur search costs
with an engineer before finding out what the price is and choosing to move on to a competing
supplier.
action against products or services diminishing consumer search costs,110 agree-

ments to limit opening hours,111 agreements against new business-models,112 agree-
ments not to poach customers,113 and agreements aiming to prevent customers from
engaging in arbitrage, thus preserving opportunities for price discrimination in the
sector.114 Certification can play the role of a type 3 collusion when it influences rules
in such a way so that there is a shift of welfare from one side of the market to the
other—e.g. from consumers to industry, or from suppliers to purchasers.115
An example of how certification can provide the means of implementing a type
3 collusion is the NAVEWA/ANSEAU case in the EU.116 In this case, the rules for
granting a conformity label were misused in order to prevent parallel imports from
other EU Member States. NAVEWA, the association of water supply companies in
Belgium, made an agreement with societies representing manufacturers and import-
ers of dishwashers and washing machines. The purported goal of the agreement
was to set up a quality assurance system whereby the quality of drinking water
could be safeguarded.117 Since carrying out individual checks for each machine
purchased by individual consumers was not deemed practical by NAVEWA, a new
system was set up. Manufacturers of equipment were to be responsible for ensuring
that machines meet the NAVEWA requirements. The way to achieve this was by
means of a certification system set up by the industry; certified machines would
110
Lande and Marvel (2000), p. 961, use as example the case of Fastline Publications 1998 FTC
LEXIS 55 (FTC May 11, 1998). In this case farm equipment dealers boycotted the publisher of a
circular containing price information on the equipment in question. By agreeing to withdraw
advertising monies from the publisher, the dealers put pressure to change the type of information
presented to the customer. Similarly, in Santa Clara Car Dealers, a local dealers association with-
drew advertising from a newspaper in order to punish the paper for running an article aimed to
teach customers how to better search for and negotiate for cars. In Dillon Co. (102 FTC 1299
(1983) grocery stores conspired to prevent the data collection for a program broadcasting price
differences among grocers.
111
Detroit Auto Dealers Association, 111 FTC 417 (1989), discussed in Lande and Marvel (2000),
pp. 964–966.
112
See e.g. ES Development Inc. v. RWM Enterprises Inc, 939 F2d 547 (8th Cir. 1991). In this case
car dealers agreed to exercise objection rights they had under franchise agreements in order to
prevent the opening of a one-stop shop car mall. The case is discussed in Lande and Marvel (2000),
pp. 968–970. Another example is the Toys R Us case in which, a vertical cartel agreement organ-
ised by leading toy retailer in order to prevent the successful entry of the ‘warehouse or club’
model in the discount toy retail market. See Toys “R” Us Inc. v Federal Trade Commission,
Decision of 1 August 2000 by the Seventh Circuit Court of Appeals, Docket No. 98-4107.
113
114
Ibid., 977–984.
115
This could be the case when costly certification is required by powerful retailers. If the retailers
can extract the benefit from certification (e.g. by owning the certification bodies), the certification
requirement implies a transfer of wealth.
116
Commission Decision in Case IV/29.995—NAVEWA-ANSEAU [1981] OJ L 167/39, affirmed in
Joined Cases 96 to 102, 104, 105, 108 and 110/82 NV IAZ International Belgium and Others v
Commission of the European Communities (IAZ v Commission), ECLI:EU:C:1983:310.
117
Equipment such as dishwashers and washing machines could lead to contamination of the water
supply if certain criteria are not met.
display a conformity label. The industry association was responsible for distribut-
ing the conformity labels against a charge. The water supply companies associa-
tion, NAVEWA, would carry out random checks to ensure that the machines bearing
a conformity label satisfy the technical requirements. The consequences of not
obtaining a certificate were significant. Only certified machines could have access
to the water-supply system. Machines not bearing the certificate mark would have
to use an alternative, much more costly and intrusive way of showing compliance
with the norms.
To make the certification scheme workable, the industry association decided that
it would only issue certificates to manufacturers or officially appointed importers.
This meant that ‘parallel importers’118 would be denied certification. Although the
scheme did not limit competition among the different brands, it limited competition
among the distributors of those brands. The system was meant to and had the effect
of restricting ‘unauthorized imports’ thereby preserving the possibility for manu-
facturers to partition the common market and to sustain price discrimination. While
there was no direct fixing of prices or rivals, the market players essentially pre-
served a market set-up in which they limited the welfare of consumers.119
We should note that the governance criteria of openness, transparency, indepen-
dence and acceptance of equivalent guarantees which are helpful in a type 2 collu-
sion are not necessarily sufficient in a type 3 collusion case. Type 3 collusion tends
to draw on the support of the whole industry so ensuring openness to rivals does not
solve the problem and indeed, it might aggravate it since the goal of these agree-
ments is to leverage the position of the industry vis-a-vis consumers, suppliers or
third parties (e.g. lenders, insurers). In this case, what might be helpful is broader
stakeholder involvement—e.g. of consumer organisations, unions or government
officials, not just competitors, in order to keep the industry ‘honest’ and prevent it
from ‘fooling’ third parties such as consumers, workers, donors or the broader pub-
lic. Inspiration can be taken from the various procedural and substantive safeguards
embedded in the EU Regulation on Standardisation.120
118
Parallel importation refers to the practice of independent dealers purchasing machines directly
abroad and importing them. Such traders are to be distinguished from the ‘official dealers’
appointed by manufacturers for each country.
119
Interestingly, in Fra.bo, another case concerning certification by private body of products used
in the drinking water supply sector, a national trade association cancelled the certificate of a pro-
ducer for failure to provide evidence that it meets the requirements set by DVGW. The affected
producer, Fra.bo, challenged the decision by DVGW by relying on EU free movement of goods
law (Art. 34 TFEU) and on EU competition law (Art. 101 TFEU). The Court, however, did not
discuss the applicability of the competition provisions. However, there is no indication that the
certifying process was misused with the purpose of limiting competition or harming consumers.
Case C-171/11 Fra.bo SpA v Deutsche Vereinigung des Gas- und Wasserfaches eV (DVGW),
ECLI:EU:C:2012:453.
120
Reg (EU) No 1025/2012 on European standardisation [2012] OJ L 316/12. The regulation pro-
vides for stakeholder representation (SMEs, labour representatives, consumer protection organisa-
tions, environmental and ‘social interest’ groups).
4.5 Suspect Cooperation
There is ongoing debate on both sides of the Atlantic as to what role competition
law enforcement should play with respect to private regulatory initiatives. The chal-
lenge is how to balance the pros and cons of private cooperation in the name of
public interest goals (be they interoperability goals in the case of standard-setting
agreements or environmental protection goals in the case of eco-labels) carried out
by competitors.121 On the one hand, cooperation between competitors can solve a
deadlock problem and bring companies further in achieving socially desirable goals
such as interoperability or higher level of environmental protection. At the same
time, cooperation among rivals can lead to companies ‘ganging up’ to exploit their
business partners and consumers by choosing sub-optimal or supra-optimal tech-
nologies, inflating prices, limiting quality, choosing an inefficiently high quality
standard, or limiting choice and innovation.
The issue is not unique to antitrust: concerns about misusing the norm-setting
aspect of certification also arise in the context of environmental certification, as in
cases of ‘green lemons’—when eco-label initiatives are set up for goals other than
the professed environmental benefits.122 Such certification is not only fraudulent and
deceptive, but it can also be anticompetitive. It is easy to see that where certification
is used to increase the search costs of consumers, consumers cannot make the best
choices. Arguably, this is precisely the goal of industry-led eco certification schemes
which mimic established eco-labels (in terms of name, organisation form and logos)
but which adopt lower environmental standards thus adding ‘noise’ and confusing
consumers.123 The proliferation of a variety of certificates can confuse consumers.
As a result, consumers may give up comparing products on the basis of the presence
of a certificate and make their decisions on the basis of other characteristics
instead—an outcome which jeopardizes the desirable function of information sup-
ply played by certification in ecological issues.124 This issue, however, is not easily
addressed with the tools of competition law. While the outcome of poor quality of
information might be softened competition, this does not mean that the competition
rules apply. An interesting question to reflect upon is whether deliberative action to
distort the information provided to consumers for the purpose of softening competi-
tion would be considered an anticompetitive infringement. The answer to this ques-
tion would in part depend on whether enforcers have opted for ‘a more economic
approach’ which would require proof of actual harm suffered by consumers in
terms of higher prices. This is one important aspect in which jurisdictions will
differ.
121
Scott (2016), p. 97; Kim (2014–2015); For a EU perspective: Vedder (2009), p. 51; Maher
(2011), p. 119. For an economic perspective, see e.g. Schinkel and Toth (2016).
122
See Kim (2014–2015), p. 193 f; see also Kuhn (1999), p. 1.
123
Kim (2014–2015), pp. 199–208 and 214.
124
Ibid., 183.
Given that competition law cannot solve all the potential misuses of certification
schemes occurring in a competitive market context, complementary regulation
might be necessary. In these cases, some minimum standards set by regulators—
such as the ones about what constitutes an ‘organic’, ‘biological’ or ‘ecological’
product might help to level the playing field so that competition can take place ‘on
the merit’ of the quality of the information provided or the match between the nor-
mative content of certification schemes and the preferences of the users of
certification.
5 C
ertification as Unilateral Activity: Anticompetitive
Concerns
Exploitative and exclusionary tactics can also be engaged in by individual firms in

charge of supplying certification, not just by collaborations which establish certifi-
cation schemes. Especially important in this respect are situations in which one
company controls the certification process for other market actors (competitors but
also business partners). When a company holds the power to grant or reject certifi-
cates which are a prerequisite for market access, it has the power to act as a gate-
keeper. This power may then be misused to extract additional profit for the company
in charge of certification, to thwart competing developments or competing business
models, and, more generally, to exclude rivals.
Examples of unilateral misuse of certification powers from the EU are the
General Motors and British Leyland cases. The cases have an almost identical set-
up: both concern the abuse of the power to issue certificates of conformity by auto-
mobile manufacturers for the purpose of preventing parallel imports. Both cases are
known as ‘excessive pricing’ cases because the companies in question charged
exorbitant prices for the certification service; however, both should be read as cases
in which the price of the certificate was used to dissuade consumers from purchas-
ing cars abroad, thus preserving a policy of market partitioning and price discrimi-
nation on the common market.
In General Motors, the sole authorized agent of General Motors in Belgium was
responsible for carrying out the inspections and issuing certificates of conformity
for new or second hand General Motors vehicles imported from other Member
States. The company charged very high fees for the inspections without objectively
justifiable reason for doing so. In its decision, the Commission stressed that the
prices were ‘excessive in relation to the economic value of the service provided’,
and that they had the effect of ‘neutralizing the possibly more favourable level of
prices applying in other sales area in the Community’.125
Case 26/75 General Motors Continental NV v Commission of the European Communities [1975]
125
ECLI:EU:C:1975:150, para 12. The Court rejected the Commission decision on ground that the
company had changed its policy upon complaints by customers and had agreed to reimburse the
difference in fees.
Similar to the General Motors case is the British Leyland case which also con-
cerned unreasonable charges for a certificate of conformity for imported vehicles of
the same brand. The difference was that British Leyland was pressured by its dealers
in the UK to charge such prices that would dissuade parallel imports. The
Commission adopted a decision prohibiting the excessive pricing.126 The decision
was upheld on appeal by the Court.127 The Court, referring to its judgment in General
Motors, explained:
[…] an undertaking abuses its dominant position where it has an administrative monopoly
and charges for its services fees which are disproportionate to the economic value of the
service provided.128
Thus, private undertakings in possession of ‘an administrative monopoly’ should

not misuse those powers in order to enrich themselves or to harm competition. But
what about certification not linked to the exercise of public function? If obtaining a
certificate is so costly that it de facto precludes market access of SMEs, can a domi-
nant company be found in breach of the competition rules?
The answer could be yes but the approach remains controversial from a doctrinal
perspective. Judging by its approach to the so-called ‘FRAND’ disputes129 in the
context of standard-setting,130 the Commission is at least in principle prepared to
intervene in cases where the setting of royalty fees for Standard Essential Patents is
excessive, for instance when the excessive royalty charges are related to ‘patent
ambush’ tactics.131 However, excessive pricing remains a controversial topic in anti-
trust and is an area that antitrust authorities do not thread easily, one of the main
reasons being uncertainty with respect to what constitutes a ‘fair price’ for a patent
license.132
We may distinguish two approaches to this question depending on whether cer-
tification is the core activity of the company in question or whether certification is
126
Commission Decision IV/30.615—British Leyland [1984] OJ L 207/11.
127
Case 226/84 British Leyland Public Limited Company v Commission of the European
Communities, ECLI:EU:C:1986:421.
128
Ibid., para 27.
129
FRAND stands for ‘fair, reasonable and non-discriminatory’. The so-called ‘FRAND’ disputes
relate to disputes related to the licensing terms for patents embedded in standards, in particular
those patents essential for compliance with the standard (standard essential patents).
130
For an overview of the issues related to the application of competition law to FRAND disputes,
see Pentheroudakis and Baron (2017) and Petit (2017).
131
In the Rambus case, the Commission examined claims that Rambus deliberately did not inform
the standard-setting organisation about the fact that it owned patents essential for compliance with
the standard (standard essential patents). The Commission adopted a commitment decision with
Rambus agreeing on a worldwide price cap for its royalties on the patents in question. See Press
Release ’Antitrust: Commission accepts commitments from Rambus lowering memory chip roy-
alty rates’, IP/09/1897 (Brussels, 9.12.2009).
132
It should be noted there is no doctrine of excessive pricing under US antitrust law. On the diffi-
culties of applying the excessive pricing doctrine, see: Konkurrensverket (Swedish Competition
Authority), The Pros and Cons of High Prices (Conference Proceedings 2007) and the contribu-
tions therein.
an ancillary activity (e.g. performed in the context of public service obligations).

Where the core business of the certification entity is to sell certification services—as
would be the case in web-shop certification or credit-rating agencies—the difficul-
ties are similar with FRAND cases for standard essential patents in which patent-
asserting-entities’ core business is the production of patents. However, in cases
where, as in General Motors and British Leyland, certification is not a core activity
of the entity in question, but rather an ancillary activity, the application of competi-
tion law is less controversial. In such cases, looking at the cost of providing the
service—as the Commission and the Courts did—could be an objective way to
check whether the certification procedure is misused to the detriment of consumers
or competitors.
6 C
ompetition Issues in Certification Markets: Private
Regulation Needs Public Interest Safeguards?
Within a market context, the certification process may be determined by means of

collaboration between market participants or by means of unilateral action.
Certification schemes established in the context of consortia or collaborations of
stakeholders can be an attractive regulatory option which promises greater effi-
ciency and greater legitimacy than command-and-control type regulation in the con-
text of public hierarchy. However, in order for certification to be trusted by those
who use the information it provides (e.g. consumers, lenders, shareholders), the
certification process must not be rigged and competition among certification bodies
must be ‘on the merits’. This section has shown that certification may become dis-
credited in the context of industry collaboration where it provides possibilities for
exploiting consumers or other business partners in the sense of fixing prices, quality,
choice or innovation, or industry norms. It can be equally damaging where it results
in excluding competitors by ‘fixing rivals’. The outcome includes: a sub-optimal
certification service and detrimental side-effects on the related markets for services
and goods. Last but not least, misuse of certification may erode consumers’ trust in
the industry, in the good aims pursued by certification schemes (e.g. fair trade, sus-
tainability, worker protection), and in private regulatory schemes in general.
The question thus remains—what kind of safeguards are necessary to provide
facilities for responsible certification in the institutional context of a competitive
market? Competition law is one of the areas of law which need to be considered.
However, as this contribution has shown, the competition law doctrine is still evolv-
ing in this respect. The good governance requirements in the European Commission’s
horizontal cooperation guidelines and the decisions on FRAND cases are a start in
this direction; however, the approach may need more fine-tuning to reflect the diver-
sity and complexity of certification schemes, and, more generally, private regulatory
schemes. In particular, the question arises: when is competition as such at all
desirable?
We have no nuanced answer to this question for the case of certification schemes,
but we can draw some inspiration from the literature on standardisation. For
instance, Björn Lundqvist argues that the approach of competition enforcers should
differ depending on the function of the regulatory (standard-setting) process in
question.133 Lundqvist distinguishes four types of standards:
(a) standards for basic or infrastructure technologies—i.e. standards which set the
basic rules governing an infrastructure necessary to ‘create markets’, an exam-
ple being the standards enabling the world-wide web;
(b) interface and interoperability or network technology standards; an example
being standards enabling interoperability with computer operating systems;
(c) standards related to patent-thicket plagued products or technologies aimed to
enable efficient licensing and jointly address a patent thicket problem;
(d) design standards which fix the characteristics of a certain product.
He argues that competition is not desirable in certain types of standards and that
the competition rules and enforcement approaches should reflect that. For instance,
he argues that competition is not desirable in type ‘a’ and many type ‘b’ standards
because setting the underlying architecture of a given essential infrastructure (e.g.
the world wide web or telecommunications or energy networks) is of interest to
many parties in the sector. Thus, the authorities should make sure that the standard-
setting bodies are inclusive, the process of adoption—fair and transparent, and the
outcome of the process—accessible on FRAND (fair, reasonable and non-
discriminatory) terms. On the other hand, Lundqvist argues, antitrust authorities
should be more suspicious with respect to type ‘c’ or type ‘d’ standards which are
closely linked to specific products and aim to fix those for the whole industry.
Especially design standards such as those in question in the cases Allied Tube, EMC,
NAVEWA-ANSEA and Fra.bo134 should be subject to stricter requirements than the
meeting of procedural requirements. Lundqvist’s analysis is limited to standardisa-
tion, but it offers interesting insights for the construction of a certification typology
which would enable us to judge the desirability of competition depending on the
type of scheme and the market conditions.
In an amusing speech for the American Bar Association, former Federal Trade
Commission chairman Jon Leibowitz noted that industry self-regulation can be like
‘the good, the bad, and the ugly’ in the Clint Eastwood movie by the same title:
delivering one clearly good thing (the desirable regulatory outcome), one clearly
bad thing (collusion), and one thing we are undecided about (e.g. decisions to adopt
certain rules instead of others).135 The challenge is to create a legal regime for com-
petition in certification markets which creates the right incentives for quality infor-
mation to be produced, while minimizing detrimental side effects such as exploitation
and exclusion, and, more generally, erosion of trust in the market mechanism. Such
133
This paragraph and the following one are based on Lundqvist (2014), pp. 224–228.
134
Case C-171/11 Fra.bo SpA v Deutsche Vereinigung des Gas- und Wasserfaches eV (DVGW),
[2012] ECLI:EU:C:2012:453.
135
Leibowitz (2005).
a regime will include rules which facilitate the ‘good thing’, rules that guard against
the ‘bad’, and rules which steer the ‘ugly’ towards the ‘beautiful’.
References
Akerlof, G. A. (1970). The market for “Lemons”: Quality uncertainty and the market mechanism.
The Quarterly Journal of Economics, 84(3), 488.
Austin, J. L. (1962). How to do things with words. The William James lectures delivered at Harvard
University in 1955. Oxford, England: The Clarendon Press.
Black, J. (2002). Critical reflections on regulation. London: Centre for the Analysis of Risk and
Regulation, London School of Economics and Political Science.
Blair, R., & Harrison, J. (2010). Monopsony in law and economics. Cambridge, England:
Cambridge University Press.
Braithwaite, J. (2008). Regulatory capitalism. How it works, ideas for making it work better.
Cheltenham, England: Edward Elgar.
Daskalova, V. (2015). Consumer welfare in EU competition law: What is it (not) about?
Competition Law Review, 11(1), 133.
Daskalova, V. (2016). The monopsony paradox: Buyer power and the EU antitrust provisions. PhD
thesis, University of Tilburg, Tilburg, The Netherlands.
Eijlander, P., Evers, G., & van Gestel, R. (2003). De inkadering van certificering en accreditatie
in beleid en wetgeving. Een onderzoek in opdracht van het Ministerie van Economische Zaken.
Tilburg, The Netherlands: Universiteit van Tilburg.
Fasten, E. R., & Hofmann, D. (2010). Two-sided certification: The market for rating agencies
(SFB 649 Discussion Paper 2010-007).
Filistrucchi, L., Geradin, D., van Damme, E., & Affeldt, P. (2014). Market definition in two-sided
markets: Theory and practice. Journal of Competition Law & Economics, 10(2), 293.
Fox, E. M. (2003). We protect competition, you protect competitors. World Competition, 26(2),
149.
Heldeweg, M. A. (2013). Hybrid regulation as a legal design challenge. In A. L. B. Colombi
Ciacchi, M. A. Heldeweg, B. M. J. van der Meulen, & A. R. Neerhof (Eds.), Law & gover-
nance – Beyond the public-private law divide?: Vol. 9 (9). Governance & Recht (p. 107). The
Hague, The Netherlands: Eleven International Publishing.
Hirschman, A. O. (1970). Exit, voice, and loyalty: Responses to decline in firms, organisations,
and states. Cambridge, MA: Harvard University Press.
Hohfeld, W. N. (1964). Fundamental legal conceptions as applied to juridical reasoning. Westport,
CT: Yale University Press.
ISO, The facts about certification (n.d.). Retrieved August 25, 2017, from https://www.iso.org/
certification.html
ISO/IEC 17000:2004, Conformity assessment – Vocabulary and general principles. Retrieved
August 21, 2017, from https://www.iso.org/standard/29316.html
Kim, H. (2014–2015). Eco-labels and competition: Eco-certification effects on the market for envi-
ronmental quality provision. New York University Environmental Law Journal, 22, 181.
Konkurrensverket (Swedish Competition Authority). (2007). The pros and cons of high prices.
Conference Proceedings.
Krattenmaker, T. G., & Salop, S. C. (1986). Anticompetitive exclusion: Raising rivals’ costs to
achieve power over price. Yale Law Journal, 96, 209.
Kuhn, M. (1999). Green lemons – Environmental labels and entry into an environmentally dif-
ferentiated market under asymmetric information. Thünen-Series of Applied Economic Theory,
20, 1.
Lande, R. H., & Marvel, H. P. (2000). The three types of collusion: Fixing prices, rivals and rules.
Wisconsin Law Review, 941.
Leibowitz, J. (2005, 30 March). The good, the bad and the ugly: Trade associations and antitrust.
Speech delivered for the American Bar Association, Antitrust Spring Meeting, Washington,
DC.
Levi-Faur, D. (2011). Handbook on the politics of regulation. Cheltenham, England: Edward Elgar.
Lundqvist, B. (2014). Standardization under EU competition rules and US antitrust laws: The rise
and limits of self-regulation. Cheltenham, England: Edward Elgar.
Maher, I. (2011). Competition law and transnational private regulatory regimes: Marking the cartel
boundary. Journal of Law and Society, 38(1), 119.
Mohan, S. (2010). Fair trade without the froth: A dispassionate economic analysis of ‘fair trade’.
London: Institute of Economic Affairs.
Murray, A., & Scott, C. (2002). Controlling the new media: Hybrid responses to new forms of
power. The Mod Law Review, 65(4), 491.
OECD. (2016). Competition assessment toolkit: Guidance: volume II (version 3.0).
OECD Roundtable. (2005). Competition on the merits. DAF/COMP(2005)27.
Ostrom, E. (2005). Understanding institutional diversity. Princeton, NJ: Princeton University
Press.
Parker, C. (2007). Meta-regulation: Legal accountability for corporate social responsibility. In
D. McBarnet et al. (Eds.), The new corporate accountability: Corporate social responsibility
and the law. Cambridge, England: Cambridge University Press.
Pentheroudakis, C., & Baron, J. A. (2017). Licensing terms of standard essential patents: A com-
prehensive analysis of cases (Joint Research Centre Science for Policy Report).
Petit, N. (2017). EU competition law analysis of FRAND disputes. In J. L. Contreras (Ed.), The
Cambridge handbook of technical standardization law. Cambridge, England: Cambridge
University Press.
Purnhagen, K., Bramley, C., van der Meulen, B., & Bremmers, H. (2013). Preventing exclusion
of small-scale-farmers through private standards in the global food supply chain – A research
agenda (Wageningen Working Papers in Law and Governance 2013/02).
Ruiter, D. W. P. (1993). A basic classification of legal institutions. Ratio Juris, 10(4), 357.
Ruiter, D. W. P. (2002). Legal institutions. Deventer, The Netherlands: Kluwer.
Schinkel, M. P., & Toth, L. (2016). Balancing the public interest-defense in cartel offenses
(Amsterdam Center for Law & Economics Working Paper No. 2016-01).
Scott, I. (2016). Antitrust and socially responsible collaboration: A chilling combination? American
Business Law Review, 53(1), 97.
van Maanen, G. E. (1986). Onrechtmatige daad. Aspekten van de ontwikkeling en struktuur van
een omstreden leerstuk. PhD thesis, University of Groningen, Groningen, The Netherlands.
Vedder, H. (2009). Of jurisdiction and justification: Why competition is good for non-economic
goals, but may need to be restricted. Competition Law Review, 6(1), 51.
Vestager, M. (2015, 13 October). The values of competition policy (Keynote speech at CEPS
Corporate breakfast ‘one year in office’, Brussels 13.10.2015).
Viscusi, W. K. (1978). A note on “Lemons” markets with quality certification. The Bell Journal of
Economics, 9(1), 278.
Wilson, B. W., & Mutersbaugh, T. (2015). Fair trade certification, performance and practice. In
L. T. Raynolds & E. A. Bennett (Eds.), Handbook of research on fair trade. Cheltenham,
England: Edward Elgar.
The Use of Conformity Assessment
of Construction Products by the European
Union and National Governments:
Legitimacy, Effectiveness and
the Functioning of the Union Market
Richard Neerhof
1 Introduction
For over two decades, there has been a clear interest in standardisation and confor-
mity assessment as instruments for regulation and supervision in addition to exclu-
sive government action in the European Union and in many of its Member States. In
Western European countries, these instruments have proven to be valuable for some
time already. While markets are dynamic, legislation is often static and difficult to
maintain. Member States have investigated whether forms of self-regulation, such
as standardisation and certification, could be a viable alternative.1 Although certifi-
cation and standardisation were originally private initiatives, Member States began
to use these for market regulation and even for decision-making and law enforce-
ment by administrative authorities. In the European Union, these instruments have
been actively used by the Council and Commission since the mid-1980s to elimi-
nate barriers and to realise the free movement of goods in the internal market.
Conformity assessment and standardisation play an important role in the market-
ing of construction products in the EU, and these processes are often subjected to
European and governmental supervision. It is therefore important to analyse whether
the conformity assessment of construction products, which is used by the European
Union and by certain national governments, meets criteria relating to legitimacy;
whether it contributes in an effective way to the realisation of public interests such
as construction safety, fire safety, the protection of the environment and s ustainability;
Many thanks to Cecile Wijnen and Francis Gilligan.
Kamerstukken II (Dutch Parliamentary Papers) 1994/95, 24,036, no 1, 2–4.

1
R. Neerhof (*)
Centre for Public Contract Law & Governance, Faculty of Law, Vrije University Amsterdam,
Amsterdam, The Netherlands
e-mail: a.r.neerhof@rechten.vu.nl

https://doi.org/10.1007/978-3-030-02499-4_4
74 R. Neerhof
and whether it avoids creating obstacles with regard to the proper functioning of the
internal market. In this contribution I discuss the use of conformity assessment of
construction products by the Dutch government as an example of national govern-
ments using this instrument. Experiences from the Netherlands may be relevant for
other countries in which systems of voluntary certification of construction products
are in place. In Sect. 2 of this contribution, I first describe what conformity assess-
ment is. Secondly, I discuss the functioning of conformity assessment in the con-
struction industry and the way in which the Council and the European Commission
of the European Union and the Dutch government use conformity assessment to
pursue public interests (Sects. 3 and 4). Thirdly, some important topics concerning
the use of conformity assessment in construction law by the European Union and
national governments are discussed. The legitimacy and effectiveness of the use of
this instrument in construction law is addressed in Sect. 5. After this, I review three
important legal topics that relate to the compatibility of Dutch certification of con-
struction products with the single market, in particular the compatibility with the
Construction Products Regulation (CPR), with the free movement of goods (Articles
30 and 34 TFEU) and with European competition law (Articles 101–106 TFEU)
(Sect. 6). Finally, I draw some conclusions on whether the use of conformity assess-
ment by the European Union and the Dutch government can be seen as models of
successfully leaving regulation to private parties, from the perspectives of legiti-
macy, effectiveness and the functioning of the single market.
2 Conformity Assessment
Conformity assessment is the process of demonstrating whether specified require-

ments relating to a product, process, service, system, person or body have been
fulfilled. These specified requirements can be technical standards established by
international (ISO), European (CEN/CENELEC and ETSI) and/or national stan-
dardisation bodies and/or certification schemes (assessment directives) established
by committees of experts.2 Technical standards are agreed upon by private parties in
the industry for aligning products and production processes according to current
demand.3 In certification schemes, requirements applying to a product or process
are elaborated in objectively measurable criteria. They also impose requirements on
the internal quality control of the holder of a declaration of conformity (certificate),
in order to ensure that the products/process continuously meet the stated require-
ments. In addition, requirements are imposed on conformity assessment bodies. A
certification scheme determines any follow-up action if criteria are not met.4
Certification schemes may refer to technical standards, as is often the case.
2
Certification is a type of conformity assessment: the declaration of conformity is valid for a cer-
tain period of time.
3
van Ommeren (2008), p. 82.
4
Evers (2002), p. 102.
The Use of Conformity Assessment of Construction Products 75
Conformity assessment is private regulation and customarily used to provide guar-

antees in business-to-business-relations, but is also used in regulatory and administra-
tive practice. The European Union relies on third party conformity assessment bodies
to establish the internal market (‘New Approach’ since 1985). Conformity assess-
ment is used by national governments as an instrument for enforcing legislation.
In order to demonstrate that they comply with certain standards, third party con-
formity assessment bodies often call upon accreditation bodies. Accreditation is an
attestation by a national accreditation body that a conformity assessment body meets
the requirements set by harmonised standards and any additional requirements
(including those set out in relevant sectoral schemes) to carry out a specific confor-
mity assessment activity. These requirements relate to independence, impartiality
and technical competence. When requested by a conformity assessment body, the
national accreditation body evaluates whether that body is competent to carry out a
specific conformity assessment activity (Article 5(1) of Regulation (EC) No 2018/765
setting out the requirements for accreditation and market surveillance).5 Article 4(1)
of this Regulation states that each Member State must appoint a single national
accreditation body. This regulation applies to accreditation, used on a compulsory or
voluntary basis, relating to conformity assessment, whether compulsory or not.
Accreditation may be legally obliged to carry out certain third-party tasks. In the
European Union, the designation and notification of conformity assessment bodies,
which carry out conformity assessment in respect of a particular product that is
required by Community harmonisation legislation, is a task of notifying authorities
designated by Member States (Article R14, section 1 of Decision No 768/2008/EC
on a common framework for the marketing of products6). According to Article R14,
section 1 of this decision, Member States may decide that this assessment and moni-
toring is to be carried out by a national accreditation body in accordance with
Regulation (EC) No. 765/2008. Under Dutch law, assessment bodies attesting that
construction law conditions are met and issuing quality certificates for construction
products and processes requirements must be accredited themselves.
3 C
onformity Assessment Under Union Harmonisation
Legislation
3.1 From New Approach to New Legislative Framework
Before the 1980s, the removal of barriers to trade resulting from (national) technical
standards belonged to the political agenda of harmonisation via European direc-
tives. The promulgation of directives was often seriously delayed because of
5
Reg (EC) No 765/2008 setting out the requirements for accreditation and market surveillance
relating to the marketing of products [2008] OJ L 218/30.
6
Dec No 768/2008/EC on a common framework for the marketing of products [2008] OJ L 218/82.
76 R. Neerhof
disagreement between Member States on technical issues. At the beginning of the

1980s, outsourcing standard setting to private rule-makers proved to be a way of
promoting deregulation and self-regulation. Europe has been the main driver in the
area of standardisation in the post-war period. In 1985, the ‘New Approach’ was
introduced. Instead of the incorporation of detailed technical rules in directives, the
EU promoted the development of ‘framework directives’ which lay down legally
binding ‘basic requirements’. Basic requirements are mechanical resistance and sta-
bility, safety in case of fire, sustainable use of natural resources, etc. These require-
ments are then concretised via technical standards, developed preferably by CEN/
CENELEC or ETSI.7
The New Approach is applied in many areas of enterprise and industry including
the construction industry. Manufacturers are required to draw up EC declarations of
conformity for products—or declarations of performance in case of construction
products—and affix CE marking to these products when they are covered by har-
monised standards.
The New Approach was updated and reviewed in the 2000s, driven by want of
overall coherence and consistency concerning: notification of third party confor-
mity assessment bodies; accreditation; conformity assessment procedures (mod-
ules); CE marking and market surveillance.8 Regulation (EC) No 765/2008 and
Decision (EC) No 768/2008 brought together, in the New Legislative Framework
(NLF), all necessary elements in order for a comprehensive regulatory framework
to operate effectively for the safety and compliance of industrial products; including
protective requirements for public interests and the proper functioning of the single
market.9
7
This historical description relies, to a large extent, on van Gestel and Micklitz (2013), p. 154.
8
European Commission, Commission Notice The ‘Blue Guide’ on the implementation of EU
products rules 2016 (‘Blue Guide’) [2016] OJ C 272/9.
9
Reg (EC) No 765/2008 established the legal basis for accreditation and market surveillance and
consolidated the meaning of the CE marking. Dec (EC) No 768/2008 updated, harmonised and
consolidated the various technical instruments already used in existing Union harmonisation leg-
islation (not only in New Approach directives): definitions, criteria for the designation and notifica-
tion of conformity assessment bodies, rules for the notification process, the conformity assessment
procedures (modules) and the rules for their use, the safeguard mechanisms, the responsibilities of
the economic operators and traceability requirements. See Blue Guide (n 8) at 10. The NLF also
includes Reg (EC) No 764/2008 laying down procedures relating to the application of certain
national technical rules to products lawfully marketed in another Member State [2008] OJ L
218/21, the so-called Mutual Recognition Regulation. It applies to administrative decisions
addressed to economic operators, on the basis of a technical rule, in respect of any non-harmonised
product lawfully marketed in another Member State (recital 3 and Art 2(1) and (2)). A non-har-
monised product is a product which is not subject to Union harmonisation legislation (recital 3).
3.2 C
E Marking and Conformity Assessment
Under the Construction Products Regulation
The Construction Products Directive (CPD),10 in force until 1 July 2013, and its
successor, the Construction Products Regulation (CPR),11 in force from 1 July 2013,
require products to be fitted with CE marking if there are harmonised standards for
these products covering these characteristics. Harmonised standards for assessing
performances related to essential characteristics have been established by European
standardisation bodies on the basis of ‘mandates’ issued by the Commission (Article
17(1) CPR).12
Apparently, harmonised standards cover about 75% of all construction products
marketed in Europe.13 The CPR uses the term ‘mandates’ instead of ‘requests’ (of
the Commission); because the harmonised standards are mandatory. The CPR men-
tions harmonised standards as merely one way of expressing the performance of
construction products in relation to their essential characteristics (Article 6(1) CPR).
In this respect, the CPR differs from ‘classical’ New Approach directives whose
standards are ‘non-binding’ and compliance is no more than a presumption of con-
formity with the mandatory basic legal requirements spelt out in the New Approach
type directives.14 Another difference between harmonised standards under the CPR
and harmonised standards under other New Approach directives is that they pre-
scribe how to express performance of products in relation to essential characteristics
and not in relation to basic requirements. The CPR does not entail construction
product requirements but rather the way economic operators should properly assess
performance of construction products. Construction products are semi-finished
products processed in construction works. European standards referred to in the
CPR (and the CPD) include testing, calculation and other means for assessing per-
formance of construction products. These standards are binding, but the CPR ‘does
not affect the right of Member States to specify the requirements they deem neces-
sary to ensure the protection of health, the environment and workers when using
10
Dir 89/106/EEC on the approximation of laws, regulations and administrative provisions of the
Member States relating to construction products [1989] OJ L 40/12 (Construction Products
Directive, CPD).
11
Reg (EU) No 305/2011 laying down harmonised conditions for the marketing of construction
products [2011] OJ L 88/5 (Construction Products Regulation; CPR).
12
CEN (Comité Européen de la Normalisation) and CENELEC (Comité Européen de la
Normalisation Electronique) are European standardisation organisations listed in Annex I of Reg
(EU) No 1025/2012 on European standardization [2012] OJ L 316/12 (Standardisation Regulation).
13
The source of this figure cannot be traced back but in any case this percentage is not
contradicted.
14
Standards referred to in New Approach directives mostly determine how products should be
manufactured to be in conformity with the essential requirements spelt out in the New Approach
type directives. These standards are not legally binding. They may be implemented in the national
jurisdictions of the Member States, but the references have voluntary character.
78 R. Neerhof
construction products.’15 The rules of the Member States require ‘that construction
works be designed and executed so as not to endanger the safety of persons, domes-
tic animals or property nor damage the environment.’16 The CPR requires (legally
binding) standards for the purposes of assessing the performance of construction
products on request of the Commission, because this is the only way the removal of
technical barriers in the field of construction may be achieved.17
Manufacturers are obliged to draw up EC declarations of performance for prod-
ucts and affix CE marking to construction products when they are covered by har-
monised standards (Articles 4, 6 and 8 CPR). The declaration of performance must
express the performance of construction products to characteristics of these prod-
ucts, which relate to basic requirements for construction works in accordance with
the relevant harmonised standards (Article 6(1) CPR).
Harmonisation legislation of the EU frequently obliges conformity assessment
of products to be carried out by an independent third party with an accreditation
certificate (or equivalent documentary evidence) and designated by a (national)
notifying authority. Based on EU-legislation, the Commission establishes which
system or systems of conformity assessment are applicable to certain products.
According to Article 28 CPR, assessment and verification of constancy of perfor-
mance (AVCP) of construction products in relation to their essential characteristics
must be carried out in accordance with one of the systems set out in Annex V CPR.18
The Commission decides in a delegated act which system or systems are applicable
to a given construction product or family of construction products or a given essen-
tial characteristic. In doing so, the Commission is obliged to take into account in
particular the effect on the health and safety of people and the environment and the
documented experiences forwarded by national authorities with regard to market
surveillance (Article 28(2) and Article 60 CPR). The systems differ in the degree of
involvement of third parties in assessing conformity of the product according to the
relevant technical specification(s).
The tasks which the manufacturer or a third party have to fulfil are
• Factory production control (fpc) on the basis of documented, permanent and
internal control of production in a factory, in accordance with the relevant har-
monised technical specifications.
• Initial inspection of the manufacturing plant and of fpc.
• Continuous surveillance, assessment and evaluation of fpc.
15
Recital (3) of the CPR.
16
17
18
Annex V to Reg (EU) No 305/2011 was amended by Commission Delegated Reg (EU) No
568/2014 amending Annex V to Regulation (EU) No 305/2011 of the European Parliament and of
the Council as regards the assessment and verification of constancy of performance of construction
products [2014] OJ L157/78, in order to respond to technological progress, to make provision for
the specific case of products for which European Technical Assessments have been issued, as well
as to enhance the clarity, accuracy and consistency to the descriptions and terms used therein, see
its recital (2).
• An assessment of the performance of the construction product on the basis of

testing (including sampling), calculation, tabulated values or descriptive docu-
mentation of that product
• Testing of samples taken at the manufacturing plant or at the manufacturer’s stor-
age facilities.
In the five systems of AVCP, notified bodies differ as follows in their level of
involvement:
• System 1+: product certification comprising the issuing of a certificate of con-
stancy of performance with: an assessment of the performance of the construc-
tion product as referred to above (i), initial inspection of the manufacturing plant
and of fpc (ii), continuous surveillance, assessment and evaluation of the fpc (iii)
and testing of samples as referred to above (iv)
• System 1: product certification comprising the issuing of a certificate of con-
stancy of performance with: an assessment of the performance of the construction
product as referred to above (i), initial inspection, of the manufacturing plant and
of fpc (ii), and continuous surveillance, assessment and evaluation of the fpc (iii)
• System 2+: factory production control certification with initial inspection of the
manufacturing plant and of fpc (i) and continuing surveillance, assessment and
evaluation of fpc (ii)
• System 3: assessment of the performance of the construction product as referred
to above
• System 4: manufacturer’s tasks only
In the five systems, tasks of manufacturers differ as follows:
• System 1+ and system 1: factory production control (i) and further testing of
samples in accordance with the prescribed test plan (ii)
• System 2+: assessment of the performance of the construction product as referred
to above (i), factory production control (ii) and testing of samples as referred to
above (iii)
• System 3: factory production control
• System 4: assessment of the performance of the construction product as referred
to above (i) and factory production control (ii)19
A harmonised standard includes technical details necessary for the implementa-
tion of the system of AVCP (Article 17(4) CPR).
According to information from the Commission, 407 of the 453 harmonised
standards for construction products demand that one or more notified bodies play a
role in the assessment of specific characteristics of the products and/or the production
control system of the manufacturer (i.e. demand an AVCP system other than 4).20
19
Compare Guidance Note on the Construction Products Regulation, https://www.bsigroup.com/
LocalFiles/en-GB/industries-and-sectors/construction/BSI-Construction-Products-Regulation-
guidance-UK-EN.pdf.
20
See http://ec.europa.eu/growth/tools-databases/nando/index.cfm?fuseaction=cp.hs&cpr=Y#hs.
For each standard, the applicable system of Assessment Verification of Constancy Performance can
be found under ‘more info’.
80 R. Neerhof
For the purpose of notification, a third party conformity assessment body—a

‘notified body’—should meet, among others, the following requirements (Article
43 CPR):
• being established under national law and having legal personality,
• independence,
• impartiality,
• confidentiality,
• objectivity,
• professional integrity,
• accountability (have a liability insurance unless liability is assumed by the
Member State) and
• technical competence.
Notifying authorities, designated by Member States (Article 40 CPR), may
notify only bodies which have satisfied these requirements (Article 48 CPR).
Evidence of compliance with these requirements can be provided by an accredita-
tion certificate or in another equivalent way (Article 47 CPR).21 Article 50 CPR sets
out a procedure to challenge the competence of notified bodies. Where the
Commission ascertains that a notified body does not meet, or no longer meets, the
requirements for its notification, it must inform the notifying Member State accord-
ingly and request it to take the necessary corrective measures, including withdrawal
of notification, if necessary.
Article 52 CPR concerns operational obligations for notified bodies:
–– Proportionality. The assessments should be carried out in a proportionate man-
ner. Economic operators should not bear an unnecessary burden. In the perfor-
mance of their activities, the notified bodies must take due account of the size of
the undertaking, the sector in which the undertaking operates, its structure, the
degree of complexity of the product technology in question and the mass or serial
nature of the production process. Nevertheless, they shall respect the degree of
rigour required for the product by this Regulation and the part played by the
product for the fulfilment of all basic requirements for construction works
(Article 52(2) CPR).
–– Resolute action. Where, in the course of the initial inspection of the manufactur-
ing plant and of factory production control, a notified body finds that the manu-
facturer has not ensured the constancy of performance of the manufactured
product, it shall require the manufacturer to take appropriate corrective measures
and shall not issue a certificate (Article 52(3) CPR). Where, in the course of the
monitoring activity aiming at the verification of the constancy of performance of
the manufactured product, a notified body finds that a construction product no
longer has the same performance to that of the product-type, it must require the
manufacturer to take appropriate corrective measures and should suspend or
Compare the notifying requirements in Art 43 CPR and the requirements for accreditation in Art
21
5(1) of Reg (EC) No 765/2008.

withdraw its certificate if necessary (Article 52(4) CPR). Where corrective mea-
sures are not taken or do not have the required effect, the notified body must
restrict, suspend, or withdraw any certificate, as appropriate (Article 52(5) CPR).
Article 53 CPR concerns obligations for notified bodies to inform the notifying
authority and other bodies notified under this CPR carrying out similar third party
tasks.
An important element is information from an economic operator about the per-
formance of essential characteristics of the construction product (in the declaration
of performance), relevant for the declared intended use or uses. This should enable
market authorities in member states to decide if certain requirements for construc-
tion works are met where a product is processed in a construction work. Whether
this is always the case, will be discussed infra (Sect. 5).
In case a notified body must fulfil tasks because the Commission has so decided
in a delegated act as meant in Article 28(2) CPR, the question can be asked what the
legal consequences are of a decision of a notified body to issue a certificate for a
certain product as meant in Article 28 and annex V CPR. If the Commission decides
the manufacturer is required to submit the product to a third party (usually a notified
body) to carry out conformity assessment according to one of the systems 1, 1+, 2+
or 3 as determined in annex V; it is then prohibited to place that product on the mar-
ket or make it available on the market without a certificate issued by the notified
body. In this regard, it would appear these certificates have legal consequences.
However, under the CPR the manufacturer has ultimate responsibility for the con-
formity of that product with its declared performance.22 In this way, third party
involvement has no influence whatsoever on the manufacturer’s responsibility but is
intended to reassure users and authorities that everything is in order.23 From a legal
perspective, it does not provide any additional proof of conformity of performance
of a product with its declared performances.
4 V
oluntary Certification of Construction Products
and Processes Under National Legislation: The Dutch
Building Decree as an Example
In the Netherlands, national building legislation gives legal effect under certain con-
ditions to voluntary certification of construction products and building processes.
Article 1.8 Dutch Building Decree deals with situations in which a construction
product has to comply with a certain level of performance not covered by a harmon-
ised standard (as intended in the CPR) or a construction process has to comply with
certain performances so the building to which it is applied complies with a
22
Recital (31) of the CPR. Not conformity with requirements, as is the case with declarations of
conformity under other harmonised legislation of the Union, see Blue Guide (n 8), at 29.
23
Evers (2002), p. 154.
82 R. Neerhof
requirement imposed by or under the Building Decree.24 The Decree provides that
such a requirement is met if the construction product or construction process has
been applied in accordance with a quality certificate tailored to that requirement.
According to Article 1.11 Building Decree, quality certificates must be issued on
the basis of a system of quality certificates recognised by the Minister (for Internal
Affairs). Article 1.8 Building Decree states that the issuing conditions as defined in
Article 1.11 of the Building Decree, surrounding quality certificates, must be laid
down in an agreement between the parties involved in the system meant in that pro-
vision. The Minister must announce this agreement in the Government Gazette.
This agreement has indeed been made and is the so-called tripartite agreement (tri-
partiete overeenkomst) between the Dutch Accreditation Council, the Foundation
Construction Quality (Stichting Bouwkwaliteit; hereinafter SBK) and the minister
concerned.25 According to this agreement, certification should be done by accred-
ited bodies. Article 1.9 Building Decree states that the Minister must appoint a body
that will coordinate the system meant in Article 1.11 of the Building Decree and
ensure the announcement of the quality certificates meant in that article. In the tri-
partite agreement, SBK is appointed as the body that coordinates the system of
quality certificates recognised by the minister. Schemes that are used by conformity
assessment bodies have to be approved by SBK (procedural and substantive test).
Only quality certificates based on schemes approved by the SBK can be used as
evidence that certain requirements in the Building Decree are met (as intended in
Article 1.8 Building Decree).
5 U
se of Conformity Assessment of Construction Products
by the European Union and National Governments:
Legitimacy and Effectiveness
Above, I have described how the European Union and Dutch government use third
party conformity assessment of construction products to pursue public interests.
Awarding a role to third party conformity assessment and underlying standardisa-
tion in the realisation of public interests, such as safety and health, in the field of
construction products is significant. It means that the European Union and the Dutch
government bear the burden of legitimacy.26 By ‘legitimacy’ I mean that decisions
that affect citizens are only justifiable when taken by authorities having a mandate
from their citizens; demonstrating that they take citizens’ concerns into account in
their decisions. Democratic legitimacy means that decisions affecting citizens are
made by politically elected or at least publicly accountable officials. Nevertheless,
24
I abundantly notice that many provisions in the Building Decree, which lay down requirements
for construction work, refer to standards.
25
Staatscourant 2006, 132. Reviewed in March 24, 2015, Staatscourant 2015 no. 8987.
26
Van Gestel and Micklitz (2013), p. 157.
that is only a formal, external criterion. On a broader view of legitimacy used here,
the deliberative quality of decision-making processes and representation of interests
seem to be very important.27 In Sects. 5.1 and 5.2, I discuss the question of the legiti-
mation of the use of third party conformity assessment and underlying standardisa-
tion by the European Union and the Dutch government.
Another question concerns the effectiveness of the instrument of third party con-
formity assessment. Under the CPR and Dutch construction law, conformity assess-
ment bodies function in an open market. In principle, any conformity assessment
body can qualify for recognition or designation.28 An open market provides incen-
tives for the institution to work efficiently, which could lead to lower prices. In an
open market, however, there are also risks. In Sect. 5.1 and 5.3, I discuss such risks.
5.1 Legitimacy and Effectiveness: General Aspects
The use of conformity assessment by legislators and governments has many advan-
tages. Much of the expertise needed to regulate the risk society is located exactly
where the risks are ‘manufactured’.29 Besides, conformity assessment based on har-
monised standards as intended by EU harmonisation legislation contributes to the
removal of barriers to trade in the European Union.
Nevertheless, there are also threats and challenges. Conformity assessment as
meant in the CPR or the Building Decree is based on standards and/or schemes.
This results in a burden of legitimacy in the field of conformity assessment of con-
struction products.
Conformity assessment (and underlying standardisation) has at least one vulner-
ability in terms of legitimation and effectiveness: there are risks of excessive con-
centration of power in certain market actors. The solution to these risks is, according
to Scott, to organise certain ‘modes of control and accountability’.30 In electoral
politics, politicians are dependent on re-election by the people. Scott wonders
whether there is an equivalent pull in the competitive processes of markets. This
question is relevant in the context of conformity assessment by notified bodies
under EU harmonisation legislation. This is a commercial activity. In the context of
conformity assessment (by private bodies)—definitely when used by public authori-
ties—an important ‘constitutional’ issue may be whether reputation ‘exerts an
upwards pull counterbalancing the competitive pressures to reduce costs and
27
Compare Neerhof (2013a), pp. 144–149, including references.
28
The fact that conformity assessment bodies are required to be notified by a public authority under
EU law is of no consequence. The requirement under Dutch construction law that certification
schemes are to be approved by a foundation acting on behalf of the minister is of no consequence
either.
29
Schepel (2005), p. 24.
30
Scott (2010), pp. 7 f.
84 R. Neerhof
quality.’31 What mechanisms exist to hold conformity assessment bodies account-

able for mistakes? How transparent are such mistakes and how does the knowledge
of such mistakes feed back into the system to improve it?32
As far as the legitimacy of standards underlying conformity assessment and cer-
tification schemes is concerned, a deliberative quality of decision-making processes
and representation of interests is important. Deliberation asks for autonomous par-
ticipants. All stakeholders—those who are affected by the decisions—should be
represented in the decision-making process.33
5.2 L
egitimacy of Conformity Assessment of Construction
Products
5.2.1 Conformity Assessment Under the CPR
As discussed in this section, legitimacy of conformity assessment of construction

products under the CPR is affected by the legitimacy of underlying harmonised
standards and of the procedure of notification of third party conformity assessment
bodies.
Legitimacy of Underlying Harmonised Standards
For the legitimacy of conformity assessment, the legitimacy of harmonised stan-

dards which the notified bodies apply are relevant. Harmonised standards under
Union harmonisation legislation provide a technical basis to assess the performance
of construction products, including conformity assessment by notified bodies
(supra, Sect. 3.2). For the legitimacy of this conformity assessment, it is important
that all relevant stakeholders are adequately represented in the standardisation pro-
cess. How does one prevent underlying standardisation from exclusion? Previously
conducted research indicates that larger companies are better represented in the
various technical bodies of European standardisation than small/medium enter-
prises (SME’s). For the latter, the costs of participation are too high. Moreover,
technical standards reach beyond the field of detail and enter areas of public policy,
such as health, safety, and environmental protection. That is why not only SMEs but
also societal stakeholders who represent these wider groups (e.g. consumers, trade
unions and environmental organisations) must be involved in the standardisation
process. The legitimacy of the decision-making process in standardisation bodies
31
Ibid., p. 11.
32
Ibid., pp. 11 f.; and Schepel (2005), p. 409.
33
Schiek (2007), pp. 446–449.
deals with the participation of consumers and environmental or labour organisa-

tions.34 In this respect, improvements are possible and necessary.35
The legal framework of standardisation in the European Union has been recently
revised through the EU Standardisation Regulation.36 This regulation provides some
new requirements with regard to the involvement of stakeholders. Article 5(1) of
this Regulation calls upon European standardisation organisations to ‘encourage
and facilitate an appropriate representation and effective participation of all relevant
stakeholders, including SMEs, consumer organisations and environmental and
social stakeholders in their standardisation activities’, especially by encouraging
and facilitating such representation and participation through the European stake-
holder organisations receiving Union financing in accordance with the Regulation
at the policy development level and at the following stages of the development of
European standards or European standardisation deliverables.
Moreover Article 17(2) CPR requires the European standardisation bodies to
ensure that the various categories of stakeholders are in all instances represented in
a fair and equitable manner where stakeholders are involved in the process of devel-
oping harmonised standards on the basis of requests from the Commission. Pressure
to obey obligations like these may be exercised in the decision-making about
requests to draft a European standard; about awards of grants for drafting a European
standard; and about financing of standardisation organisations in general (Article
10, 15 and 17 Standardisation Regulation). Still, the Regulation seems to provide
‘rather soft requirements with respect to stakeholder involvement.’37
In terms of the legitimacy of assessment and verification of constancy of perfor-
mance (AVCP) of construction products under the CPR, it is also relevant that the
Court has jurisdiction to give a preliminary ruling concerning the interpretation of
underlying harmonised standards. In the case of James Elliott, the Court of Justice
decided that Article 267(1) TFEU must be interpreted as meaning the Court has
jurisdiction to give a preliminary ruling concerning the interpretation of a harmon-
ised standard within the meaning of Article 4(1) CPD.38 A harmonised standard
adopted on the basis of the CPD (the predecessor of the CPR), and the references to
which have been published in the Official Journal of the European Union, forms
part of EU law, since it is by reference to the provisions of such a standard that it is
34
European Commission, Communication ‘A strategic vision for European standards: Moving for-
ward to enhance and accelerate the sustainable growth of the European economy by 2020’,
COM(2011) 311 final; van Gestel and Micklitz (2013), p. 179; van Gestel (2012), p. 250.
35
Stuurman (1995), pp. 90–94, 168–171 and 175; Evers (2002), pp. 19 and 211. For critique of the
legitimacy of European standards see van Gestel and Micklitz (2013), p. 179. They clarified that
access to the documents prepared in the European standards bodies restricted to public interest
groups ‘does not comply with constitutional standards where the law making process should be
public.’
36
See n 12.
37
van Gestel and Micklitz (2013), p. 179.
38
ECJ, judgment of 27/10/2016, Case C-613/14 James Elliott Construction Limited v Irish Asphalt
Limited, ECLI:EU:C:2016:821, para 47; on which see Purnhagen (2017), p. 586.
86 R. Neerhof
established whether or not the presumption of conformity applies to a given

product.39
According to established case-law, the Court has jurisdiction to interpret acts
which, while indeed adopted by bodies which cannot be described as ‘institutions,
bodies, offices or agencies of the Union’, are, by their nature, measures implement-
ing or applying an act of EU law.40 This is, according to the Court, justified by the
very objective of Article 267 TFEU, which is to ensure the uniform application,
throughout the European Union, of all provisions forming part of the European
Union legal system and to ensure that the interpretation thereof does not vary
according to the interpretation accorded to them by the various Member States.41
While the development of a harmonised standard as meant in the CPD is indeed
entrusted to an organisation governed by private law, it is nevertheless a necessary
implementation measure. Such a measure is strictly governed by the essential
requirements defined by that Directive, initiated, managed and monitored by the
Commission, and its legal effects are subject to prior publication by the Commission
of its references in the ‘C’ series of the Official Journal of the European Union.42
Moreover, the Commission ensures, by means of actions for failure to fulfil obliga-
tions provided for in Article 258 TFEU, that harmonised standards are fully
effective.43
It can be assumed that this judgment of the Courts implies that the Court can also
judge the validity of the harmonised standards or their compatibility with higher EU
law and not only its interpretation. Article 267 TFEU does not distinguish between
the jurisdiction of the Court regarding the interpretation and concerning the validity
39
Ibid., para 40. Schepel (2013), p. 530, pointed out that now Art 10(6) and 11 Standardisation Reg
make it clear that the Commission has to take a decision to publish references, based on a prior
assessment whether a harmonised standard satisfies the requirements which it aims to cover and
which are set out in the relevant Union harmonisation legislation.
40
Ibid., para 34. The Court refers to its judgments of 20/9/1990, Case C-192/89, S. Z. Sevince v
Staatssecretaris van Justitie, ECLI:EU:C:1990:322, para 10, and of 21/1/1993, Case C-188/91,
Deutsche Shell AG v Hauptzollamt Hamburg-Harburg, ECLI:EU:C:1993:24, para 17.
41
Ibid., para 38. The Court refers to its judgement in Sevince (n 40), para 11. Moreover, referring
to its judgment in Deutsche Shell (n 40), para 18, the Court held that the fact that a measure of EU
law has no binding effect does not preclude the Court from ruling on its interpretation in proceed-
ings for a preliminary ruling under Art 267 TFEU. See ECJ – Elliott (n 38), para 35. Although
evidence of compliance of a construction product with the essential requirements contained in the
CPD may be provided by means other than proof of compliance with harmonised standards, that
cannot call into question the existence of the legal effects of a harmonised standard, according to
the Court, see ibid, paras 36–42. It may be doubted that it is correct that these standards are not
mandatory. In any case, harmonised standards under the CPR have binding effect. Therefore, the
Court will consider a fortiori that it has jurisdiction concerning harmonised standards as referred
to in Art 17 CPR.
42
Para 43. This is further substantiated in paras 44 f. See AG Campos Sanchez-Bordona, 28/1/2016,
Case C-613/14 James Elliott Construction Limited v Irish Asphalt Limited, ECLI:EU:C:2016:63,
paras 35–62.
43
The Court notes that this is illustrated by its judgment of 16/10/2014, Case C-100/13 Commission
v Germany, ECLI:EU:C:2014:2293.
of the actions of the EU institutions.44 It remains to be seen what will be the concrete
extent of the substantive review by the Court of these standards. Colombo and
Eliantonio point out that ‘the settled law establishing deference on substance and
strict assessment of procedural irregularities acts as judicial benchmark’ in this con-
text, because the elaboration of harmonised standards ‘required the evaluation of
complex scientific and technical facts’. This means ‘that the CJEU would not engage
with the technical merits of the standard in issue. Rather it would restrict itself to
parameters such as the adequacy of the information base, the assistance of experts
promoting a ‘deliberative’ style of decision-making, and the composition and
knowledge of the panel of experts.’45 It is indeed less likely that the Court will assess
the content of technical standards. However, it might be possible to carry out a test
compliance of standards with Article 5 of the Standardisation Regulation concern-
ing representation and effective participation of all relevant stakeholders.46
Legitimacy of the Procedure of Notification of Third Party Conformity

Assessment Bodies
Finally, for legitimacy of third party conformity assessment under the CPR, an
important issue is the procedure of notification of a third party conformity assess-
ment body—a ‘notified body’—(as discussed supra, in Sect. 3.2). According to an
analysis of the implementation of the CPR of 2015, commissioned by the European
Commission 2015, the strict requirements for notified bodies in Article 43 CPR and
the notification procedure according to Articles 47 and 48 CPR have had a positive
effect: in terms of increasing the credibility of the CPR, increasing legal certainty
and transparency regarding the rules and ensuring that notified bodies have the nec-
essary competence for carrying out their task and are impartial. Issues relating to
conflicts of interests would be addressed.47
5.2.2 C
onformity Assessment Under National Legislation: The Dutch
Building Decree as an Example
Legitimacy of voluntary conformity assessment of construction products, for exam-

ple under the Dutch Building Decree, is affected by legitimacy of underlying stan-
dards and certification schemes. It is furthermore affected by the way in which the
‘watchdogs’ fulfil their tasks. Under the Building Decree these watchdogs are the
44
See for another view of the possibility to contest the validity of a harmonized standard via a refer-
ence for a preliminary ruling: Colombo and Eliantonio (2017), p. 332. Not discussed here is the
possibility for judicial review within the context of Art 263 TFEU.
45
Colombo and Eliantonio (2017), p. 333, with further references; Verbruggen and van Leeuwen
(2018), pp. 405 f; Cuccuru (2018), pp. 23 f, with further references.
46
Compare Volpato (2017), pp. 597 f.
47
Nwaogu et al. (2015), pp. iv–v.
88 R. Neerhof
RvA—a Dutch accreditation body—and SBK—the aforementioned Foundation

Construction Quality.
Legitimacy of Underlying Standards
In conformity assessment as meant in Article 1.8 Building Decree, conformity

assessment bodies use standards, especially NEN-standards (national) and NEN-
EN-standards (European). They use standards contained within the Building Decree,
but they also use other standards. In this context it is relevant that Article 5 of the
Standardisation Regulation concerns representation and participation in European
harmonisation; and that Article 6(1) of this Regulation states that national stan-
dardisation bodies ‘shall encourage and facilitate the access of SMEs to standards
and standards development processes in order to reach a higher level of participa-
tion in the standardisation system […].’ This is a fairly vague requirement. Moreover,
the regulation does not provide for any enforcement tools.
Legitimacy of Certification Schemes
For the legitimacy of conformity assessment as referred to in the Building Decree,

the mode of establishment of certification schemes that form the direct basis of
conformity assessment of construction products (under Dutch law) is also impor-
tant.48 Earlier research in the Netherlands has shown that committees of experts are
vulnerable in terms of their composition. The question is if these committees are at
all well balanced. Are stakeholders represented? Furthermore, the procedures used
by the committees of experts are generally unknown as opposed to the procedures
used by standardisation bodies. General rules regarding composition seem to be
absent. This poses a threat to a balanced equilibrium of interests.49 This research
however was not specific or not related at all to construction law.
With regard to the support of the system of quality certification, based on an evalu-
ation of this system in 2011, it can be said that parties involved (civil servants, suppli-
ers, construction companies and installers) know little of this system. The motivation
to make use of certificates seems to be more extrinsic—‘the customer wants it’—than
intrinsic. As mentioned before, schemes that are used by conformity assessment bod-
ies have to be approved by SBK (procedural and substantive test) (Sect. 4).50
One of the committees of SBK, the Harmonisation Commission Construction,
has an important role to play in monitoring whether procedures are properly fol-
lowed in the establishment of certification schemes and whether no foreclosure
takes place.51 According to Article 5 para. 2 of the Tripartite Agreement, this
48
See also supra, Sect. 2.
49
Evers (2002), pp. 104, 105, and 211–213; Peeters et al. (2009), pp. 69 f and 73.
50
Neerhof (2013b), pp. 109 f and 210; Andersson Elffers Felix (2011), pp. 22 f.
51
Neerhof (2013b), p. 110; Andersson Elffers Felix (2011), pp. 24 f.
c ommittee consists of representatives of all interested parties. We do not know to

what extent it contributes to the support for the certification schemes. Administrative
authorities tend to withdraw from participation in committees of experts. This may
adversely affect the monitoring of quality and support of certification schemes.
In a report on the system of quality certification, the researchers note that there is
an appearance of conflict of interests in these systems because members of different
boards, committees or councils wear several hats at the same time, especially when
also acting as a construction industry representative.52
Accreditation of Conformity Assessment Bodies and Legitimacy of Conformity

Assessment
As mentioned earlier, according to the Tripartite agreement, certification in the

terms of the Building Decree should be done by accredited bodies (Sect. 4). Article
3 para. 1, of this Agreement states that accredited conformity assessment bodies
provide quality certificates. In the Netherlands, the RvA, an accreditation body in
the terms of Articles 4 and 5 of Regulation (EC) No. 765/2008, accredits conformity
assessment bodies against harmonised accreditation standards. This means that con-
formity assessment bodies that want to issue quality certificates within the ambit of
the Building Decree must meet the accreditation requirements relating to indepen-
dence, impartiality, and technical competence (Article 5(1) Regulation (EC) No.
765/2008).
The RvA reviews certification schemes in the case of a request from a body for
accreditation to carry out a conformity assessment activity based on these schemes.
This review includes the composition of the college of experts establishing these
schemes.53 In addition, SBK tests support for these schemes by examining how
criticism is processed, and judges the composition of the committee of experts.
Only further investigation could show to what extent the composition of the com-
mittees of experts that decide on certification schemes (which are in line with public
law building rules) still has vulnerabilities and how these schemes are developed.54
5.3 Effectiveness
There are also some specific topics concerning the effectiveness of conformity
assessment under European law and Dutch law.
52
Neerhof (2013b), p. 110.
53
The testing is based on T33.
54
The composition of the committees of experts should not only be well-regulated, but it should
also be possible for everyone to know it. About support for and legitimacy of conformity certifica-
tion schemes in construction law in the Netherlands, see Neerhof (2013b), pp. 109 f.
90 R. Neerhof
5.3.1 A
ssessment and Verification of Constancy of Performance
Under CPR
In Sect. 5.2.1, I argued that, according to an analysis of the implementation of the

CPR, the strict requirements for notified bodies in Article 43 CPR and the notifica-
tion procedure according to Articles 47 and 48 CPR seem to have had a positive
effect in terms of ensuring the impartiality of notified bodies and addressing issues
relating to conflicts of interests. The establishment of notifying authorities is likely
to have had a positive effect in terms of enhancing the credibility of the CPR.55 This
may also be important for their effectiveness and the realisation of the objectives of
the CPR.
Stakeholders have identified, however, that in accordance with the analysis men-
tioned above, the accreditation process for notified bodies could be improved.56
Furthermore, there is a perception amongst stakeholders that practices of notified
bodies can vary greatly, in part because Article 46 CPR (facilities outside the testing
laboratory of the notified body) and Article 52(2) CPR (operational obligations for
notified bodies) are not sufficiently precise in their wording. Stakeholders further
identified that the process for challenging the competence of a notified body, as set
out in Article 50 CPR, should become faster and more efficient to ensure that the
credibility of the CPR is not jeopardised. Concerns have been raised with respect to
Article 53 CPR (information obligations for notified bodies). It is impossible to
implement this provision and to maintain confidentiality.57
However, it may be that only further research will show how effective the noti-
fied bodies are. Economic operators can go to ‘forum shopping’ to obtain the best
possible rating at the lowest possible cost. Independency and impartiality of a noti-
fied body (in relation to its client) may be under pressure, which could adversely
affect the reliability of conformity certificates. Competition does not necessarily
have to be at the expense of quality. At this moment, we do not exactly know what
effects market forces have on the impartiality of notified bodies.58
Effectiveness of assessment and verification of constancy of performance in
terms of achieving the objectives of the CPR is not only determined by competence
of notified bodies. This effectiveness is also determined by what they are required to
do and to explain under the CPR. Notified bodies must assess the performance of
the construction products in relation to their essential characteristics in accordance
with a harmonised standard (Article 17(3) and (4) CPR). According to some experts
in the Netherlands, an important problem is that in practice there is no direct relation
between harmonised technical specifications for assessing the performance of con-
struction products and basic requirements for construction works. Basic require-
ments for construction works are mechanical resistance and stability, fire safety,
55
Nwaogu et al. (2015), pp. iv–v.
56
Ibid., p. v.
57
Ibid., pp. iv–v.
58
Compare Neerhof (2013b), pp. 110 f.
sustainable use of natural resources, etc.59 Construction products are not construc-
tion works, but semi-finished products that are processed in construction works.
Performance of construction products is not the same as performance of construc-
tion works.
To put this into perspective, it has to be recognised that according to Article 6(3)
(c) CPR, the declaration of performance of a manufacturer must contain the perfor-
mance of at least one of the essential characteristics of the construction product,
relevant for the declared intended use or uses. According to Article 17(3) CPR, a
harmonised standard has to refer to an intended use of products to be covered by it,
when provided for in the relevant mandate. This also has consequences for the con-
formity assessment by notified bodies under the CPR. The intended use in a con-
struction work should be included in this conformity assessment. Still, there seem
to be problems. The processing of construction products in a particular construction
work (end-use) is not guaranteed by the declaration of performance and CE mark-
ing. The intended use of construction products differs. Performances of construc-
tion works are often created in an interplay of performances of different construction
products used in the same building. The requirements imposed by Member States
on construction works differ considerably due to geographical differences and his-
torically developed conditions. Moreover, Article 6(3)(c) CPR only demands parties
to declare at least one of the essential characteristics of the construction product. In
this context, the manufacturer and the notified body may take into account the
requirements in a particular Member State. But the declaration of performance and
the conformity certificate of a notified bodies have their limitations. The extent to
which the outlined problem actually occurs can only be explained by empirical
research.
5.3.2 T
hird Party Conformity Assessment Under National Legislation:
The Dutch Building Decree as an Example
From the perspective of effectiveness of conformity assessment by third parties,

there are also questions about the usefulness of quality certificates as referred to in
art. Article 1.8 of the Building Decree. Based on research conducted some years
ago, the usefulness of the information provided for market actors is probably lim-
ited but this may also be related to insufficient knowledge. The connection between
certification schemes, which concern conformity assessment of construction prod-
ucts, and processes and requirements to be met by construction works in the Building
Decree is not always clear. The contribution of quality certificates to the overall
quality of construction works seems insufficient to justify the additional costs,
efforts or long lead times. However, the market value of the certificates may be
large, partly due to the mark used. Research conducted seems to be stuck at the
level of impressions, but does not allow us to draw concrete conclusions. In particu-
lar, any added value (in particular charge relief) of quality certificates could possibly
59
Andersson Elffers Felix (2011), p. 27; compare Neerhof (2013b), pp. 29 f.
92 R. Neerhof
be realised by declaring about the performance of a construction as a whole or at

least parts of such a construction.60
Foreclosure may affect the effectiveness of conformity assessment under the
Building Decree. Foreclosure may arise because owners of certification schemes are
often conformity assessment bodies with a strong market position. For the use of
these certification schemes, other conformity assessment bodies have to pay a con-
siderable amount of money, which enables the owner of the scheme to further
strengthen his position on the market vis-à-vis these bodies. If, in the process of the
establishment of certification schemes, strong market actors are disproportionately
represented, this may cause an obstacle for sound and effective conformity assess-
ment. Further investigation could show whether the way in which SBK fulfils its
task sufficiently guarantees the quality of certification schemes.61
In 2011, the Dutch Inspectorate for Housing, Spatial Planning and the Environment
reported possible irregularities in certification. Under pressure from the market, con-
formity assessment bodies issued certificates, which, considering the relevant certi-
fication schemes (accepted by SBK), should not have been issued. Certification
schemes for new products or applications might not have sufficient quality.62
Research on the system of quality certification under the Building Decree by a
research institute in 2011 revealed that a majority of officials of building and hous-
ing inspections of municipalities had little faith in the market of quality certificates
recognised by SBK. Furthermore, the corrective function of SBK in the system of
quality certificates may not have a high enough profile, due to insufficient
opportunities for intervention, for example, in the case of fraud. There is some con-
cern that SBK is not sufficiently prepared to take action if certification schemes do
not ensure the necessary quality of construction products. The knowledge about the
functioning of the system remains incomplete and fragmentary.63
6 V
oluntary Certification of Construction Products: Three
Legal Issues
In this section, I discuss three legal issues, which arise in relation to voluntary quality
certificates for construction products in the European Union: conflicts of current cer-
tificates with Article 8(3) CPR; potential conflicts with Articles 30 and 34 TFEU (free
movement of goods); and potential conflicts with Articles 101–106 TFEU (EU com-
petition law). I will focus on voluntary certification of construction products in the
Netherlands, but the questions mentioned may arise in other Member-States as well.
60
Neerhof (2013b), pp. 117–119; Andersson Elffers Felix (2011), pp. 18, 20, 22–25, and 30–31;
Vermande (2010), pp. 15, 17 f, 21 f, 25 f, and 28; VROM-Inspectie (2011), pp. 20 f.
61
Neerhof (2013b), p. 110.
62
Ibid., pp. 112 and 210–211; VROM-Inspectie (2011), pp. 18, 19, and 21. However, see for criti-
cal methodological remarks about this report from this inspectorate Neerhof (2013b), pp. 113 f.
63
Neerhof (2013b), pp. 210 f; Andersson Elffers Felix (2011), pp. 18 and 22.
6.1 Article 8(3) CPR
Some Member States seem to tolerate the voluntary use of quality marks that over-
lap with CE marking.64 This is the case, for example, in the Netherlands. The main
problem in the field of certification of construction products in the Netherlands has
to do with Articles 8(3) and 4(2) CPR. The text of Article 8(3) CPR provides that for
any construction product covered by a harmonised standard, CE marking is the only
marking which attests conformity of the construction product with the declared
quality standard. Moreover, Article 4(2) CPR states that information in any form
about the performance of a standardised construction product in relation to essential
characteristics, as defined in the applicable harmonised technical specification, may
only be provided if included and specified in the declaration of performance. Article
8(3) CPR also provides that Member States should not introduce any references and
must withdraw any references in national measures to a mark attesting conformity
with the declared performance in relation to the essential characteristics covered by
a harmonised standard other than the CE marking. What does this mean for the
certification of construction products in Member States which overlap with the
information required in the declaration and in the CE marking?
Where a matter has been the subject of exhaustive harmonisation at Union level
any national measure relating to that matter must be assessed in the light of the
provisions of the harmonising measure and not those of the Treaty, according to the
Court.65 Therefore, in line with the decision of the Court in the case of A.G.M.-COS.
MET, it must be determined whether the harmonisation effected by the CPR pre-
cludes the legal relevance of considering the compatibility of the conduct at issue—
certification of construction products in the Netherlands—with Article 34 TFEU.66
According to the Commission, the harmonised system created in or by means of the
CPR is considered exhaustive.67 Considering the preamble of the CPR, this seems to
be correct.68 This means that under the CPR national ex ante processes or verifica-
tions covering the harmonised area are not allowed. According to the Commission,
this is also the case for voluntary marks without any national connotation, as they
unduly prevent the free movement of CE-marked construction products, for exam-
ple when linked to a more demanding system of assessment and verification of
64
Nwaogu et al. (2015), p. 29.
65
See, inter alia, ECJ, judgment of 13.12.2001, Case C-324/99 DaimlerChrysler,
ECLI:EU:C:2001:682, para 32.
66
ECJ, judgment of 17-04-2007, Case C-470/03 A.G.M.-COS.MET, ECLI:EU:C:2007:213, par.
50–54. About this topic: Reich (2008), pp. 88 f.
67
Report from the Commission on the implementation of Reg (EU) No 305/2011 laying down
harmonised conditions for the marketing of construction products, COM(2016) 445 final, 3.
68
According to recital 10 of the CPR, the removal of technical barriers in the field of construction
may only be achieved by the establishment of harmonised technical specifications for the purposes
of assessing the performance of construction products. According to recital 24 the placing on the
market of a construction product which is covered by such specifications should be accompanied
by a declaration of performance in accordance with these specifications.
94 R. Neerhof
constancy of performance (AVCP) imposed by building inspections or insurance

companies or when linked to financial incentives.69 It means that national marks
declaring performance of a construction product in relation to the essential charac-
teristics covered by that harmonised standard are forbidden. It means it is prohibited
to refer in national measures to marks and certificates ‘in the harmonised zone.’
That is the reason why Article 1.8 Building Decree only assigns evidence to a qual-
ity certificate about performances of a construction product not covered by a har-
monised standard.
Under the CPD, the predecessor of the CPR, the Court of Justice decided that the
Federal Republic of Germany had failed to fulfil its obligations under this Directive.
The failure lay in adding additional requirements for effective market access and the
use of construction products in the building regulations of the German Länder,
while these products are covered by the harmonised standards and bear the CE
marking.70 The case was about a legal requirement for certification conflicting with
the CPD, not about voluntary certification.
In the above analysis of the CPR implementation, the researchers found overall
that mandatory CE marking has not enhanced the free movement of construction
products. This is most likely because CE marking was previously undertaken in all
but four Member States under the CPD, and quality marks are still in use.71 In a
report on the implementation of the CPR of 7 July 2016, the Commission found that
the use of national marks (marks or, more generally, procedures creating ex ante
requirements for manufacturers with a national connotation) ‘continues in several
Member States against the principles of the CPR.’72
In the Netherlands, certificates of construction products are in use—in conflict
with the CPR—because they make declarations about quality which is covered by
harmonised standards. KOMO and Kiwa manage voluntary marks that overlap with
CE marking. This means that economic operators still use quality certificates (with
or without a quality mark) which attest conformity of the construction product with
a declared performance covered by a harmonised standard and CE marking. KOMO,
manager of a quality mark for construction products, and some of the certification
bodies (and economic operators) seem to think that Article 8 CPR only addresses
governments but not economic operators. This would mean that governments are
prohibited to refer in national measures to a mark attesting conformity with the
declared performance covered by a harmonised standard, whereas economic opera-
tors are still allowed to use such a mark.
The Dutch Administrative Jurisdiction Division of the Council of State, the
country’s highest general administrative court, has not yet taken a decision about the
69
COM(2016) 445 final, 5.
70
ECJ, judgment of 6/10/2014, Case C-100/13 Commission v Germany (Ü-Mark),
ECLI:EU:C:2014:2293.
71
Nwaogu et al. (2015), pp. ii and 28–29.
72
COM(2016) 445 final, 5; cf. European Commission, Guidance document—The application of
the Mutual Recognition Regulation to non-CE-marked construction products, http://ec.europa.eu/
DocsRoom/documents/5881, para 4.1.
effects of Article 8 CPR on Dutch certification of construction products.73 It is clear

what judgment the Council of State will give about a refusal of the Minister for
Internal Relations to take enforcement action against an economic operator as
referred to in the CPR that use such a voluntary mark of KOMO or Kiwa in conflict
with the CPR. The CPR is directly applicable. The provisions of the CPR are
addressed to Member States and economic operators. Under the CPR, economic
operators are not allowed to use private ex ante certification and marking in the field
of mandatory CE marking when they place a construction product on the market or
make this product available on the market (Article 8(3) CPR). The operators referred
to in the CPR are manufacturers, agents of manufacturers, distributors and import-
ers (Article 2 no. 8 CPR). Article 16(1) of Regulation (EC) No. 765/2008 states that
Member States must organise and carry out market surveillance which ensures that
products covered by harmonisation legislation of the European Union which do not
conform to applicable requirements set out in the legislation are withdrawn or their
market availability is prohibited or restricted (and that the public, the Commission
and the other Member States are informed accordingly).74 In the Netherlands, the
Minister for Interior Relations is the market surveillance authority in relation to the
CPR.75 Since 1998, the Council of State has placed a duty on administrative authori-
ties to enforce the law by means of administrative coercion or a cease and desist
letter in case of a violation. This duty cannot be disregarded even though the power
to impose a sanction is discretionary. In 2016, the Minister for Housing announced
that the time of tolerance was over. Quality certificates recognised by SBK as evi-
dence that certain requirements in the Building Decree have been met (Article 1.8
Building Decree 2012) but are in violation of the CPR do no longer apply as evi-
dence as meant in the Building Decree. The Minister announced that the
Environmental and Transport Inspectorate’s response to any maladministration
would entail more than a warning.76 However, no concrete enforcement actions have
yet been taken.
73
Contrary to the belief of KOMO, the Council of State did not decide in the Desmepol case (Dutch
Administrative Jurisdiction Division of the Council of State, 8/6/2016, ECLI:NL:RVS:2016:1613)
that the CPR had not been violated. Moreover, contrary to the belief of the Dutch Environmental
and Transport Inspectorate, the Dutch Council of State did not decide that this inspectorate is
allowed to continue to monitor manufacturers, importers and distributors of construction products
for use of private marks in the zone of the mandatory European CE marking under the CPR. The
CPR was not yet in force at the time when the Dutch Minister for Housing took the decision which
was challenged in the Council of State. This decision entailed a refusal to take enforcement action
against KOMO and Kiwa, who manage voluntary marks that overlap with CE marking. Art 8(3)
CPR addresses governments and economic operators, not managers of quality marks such as
KOMO or Kiwa or conformity assessment bodies.
74
According to Art 17(1) of this Regulation, Member States shall inform the Commission of their
market surveillance authorities and their areas of competence.
75
According to Art 1.10 Building Decree 2012, actions in violation of the obligations arising from
the CPR are prohibited. Under Art 120 and Art 120b of the Dutch Housing Act, the Minister for
Interior Relations may impose on the offender an order subject to a penalty or an administrative
fine.
76
Blok: ‘KOMO moet zich aan de wet houden’, Cobouw 26 April 2016; Kamerstukken II 2015/16,
32,757, no. 132, 20; Kamerstukken II 2015/16, 32,757, no. 134, 2. Cf. Kamerstukken II 2015/16,
96 R. Neerhof
6.2 Article 34 TFEU
Where performances of a construction product are not covered by a harmonised

specification as meant in the CPR, they are not subject to exhaustive harmonisation
at Union level. This means that Article 34 TFEU applies to voluntary certification
that relates to these performances. Therefore, the second legal issue concerning
quality certificates for construction products has to do with Article 34 TFEU.
Article 34 TFEU states that quantitative restrictions on imports and all measures
having equivalent effect are prohibited between Member States. According to
Article 36 TFEU, the provisions of Article 34 (and Article 35) shall not preclude
prohibitions or restrictions on imports, exports or goods in transit justified on
grounds of public morality, public policy or public security; the protection of health
and life of humans, animals or plants; the protection of national treasures possessing
artistic, historic or archaeological value; or the protection of industrial and com-
mercial property. Such prohibitions or restrictions must not, however, constitute a
means of arbitrary discrimination or a disguised restriction on trade between
Member States.77
In Belgium, products bearing the Benor mark, a registered trademark owned by
the Belgian Institute for Standardisation NBI, were presumed to comply with speci-
fications included in the Belgium regulations on construction products. Therefore,
traders were actually required to obtain Belgian conformity marks for the trading of
those products in Belgium. In March 2008, the Court of Justice decided that Belgium
had failed to fulfil its obligations under Article 28 EC (now Article 34 TFEU) and
Article 30 EC (now Article 36 TFEU) by encouraging traders wishing to market in
Belgium construction products legally manufactured and/or marketed in another
Member State to obtain Belgian conformity marks in Belgium.78
In Fra.bo,79 the Court had to decide whether Article 34 TFEU applied to private
conformity assessment bodies. The case was about a conflict between a German
standardisation and conformity assessment body—the Deutsche Vereinigung des
32,757, no. 117, 1–2; Aanhangsel Handelingen II 2014/15, 825; ‘Einde strijdige en discutabele
certificaten in het erkende stelsel’, www.bouwkwaliteit.nl; Kamerstukken II 2015/16, 32,757, no.
121, 1–2; Cobouw 26 April 2016; Kamerstukken II 2015/16, 32,757, no. 132, 20.
77
The principle of mutual recognition is one of the means of ensuring the free movement of goods
within the internal market. The Mutual Recognition Regulation (n 9) establishes procedures to
minimise the possibility of technical rules creating unlawful obstacles to the free movement of
goods between Member States (recital (4) of the regulation). Only those construction products to
which the CE marking has not been affixed are non-harmonised and fall within the scope of this
Regulation. CE-marked construction products are to be dealt with in accordance with the provi-
sions of the CPR. Guidance document Mutual Recognition Regulation to non-CE-marked con-
struction products (n 72), Sect. 3. I don’t discuss mutual recognition any further in this
contribution.
78
ECJ, 13/3/2008, Case C-227/06 Commission v Belgium, ECLI:EU:C:2008:160.
79
ECJ, 12/7/2012, Case C-171/11, Fra.bo SpA v Deutsche Vereinigung des Gas- und Wasserfaches
eV (DVGW) — Technisch-Wissenschaftlicher Verein, ECLI:EU:C:2012:453.
Gas- und Wasserfaches e.V. (DVGW)80—and an Italian company (Fra.bo), an under-

taking established in Italy, which manufactures and sells copper fittings: connec-
tions between two pieces of piping for water or gas.81 Fra.bo was confronted with
the need to adapt its products to German standards, developed and certified by the
DVGW. In 2005, this German body cancelled Fra.bo’s certificate for copper fittings
and rejected an application for extension of the certificate. Fra.bo did not subject its
copper fittings to a certain test prescribed in an amended technical standard as
adopted and applied by the DVGW. The DVGW refused to take a certificate of an
Italian accredited laboratory into account.82
Fra.bo brought an action against the DVGW before the Landgericht Köln
(Regional Court of Cologne) arguing that the cancellation and/or the refusal to
extend the certificate was contrary to European Union law. The Regulation on
General Conditions for Water Supply in Germany (Verordnung über Allgemeine
Bedingungen für die Versorgung mit Wasser; AVBWasserV) lays down the general
sales conditions for water supply undertakings and their customers, from which the
parties are free to depart. § 12 para. 4 AVBWasserV stated that only products and
devices supplied in accordance with the recognised rules of technology may be
used. Compliance with this condition should be assumed if they have specific CE
marking for drinking water use. Where such CE marking was not stipulated, com-
pliance should also be assumed if the product or device bears the mark of an accred-
ited certifying body for the industry, in particular the DIN-DVGW or DVGW mark.
For copper fittings, there were no harmonized specifications as referred to in the
CPD, the predecessor of the CPR.83 Because CE marking therefore was not stipu-
lated, compliance should be assumed if the product or device bears the mark of an
accredited certifying body for the industry, in particular the DIN-DVGW or DVGW
mark. Products and devices, which were lawfully manufactured in another Member
State of the European Union and did not meet the technical specifications for the
DIN-DVGW or DVGW mark, should be treated as equivalent if the same level of
protection as required in Germany is thereby permanently ensured.84 Due to the
presumption of compliance conferred on products certified by the DVGW under §
12 para. 4 AVBWasserV, it would be virtually impossible for Fra.bo to distribute its
products in Germany without that certificate. The required test would have no objective
80
The DVGW is a non-profit body governed by private law, the object of which is to promote the
gas and water sector. The DVGW is recognised in Germany as a ‘public benefit’ body, see ECJ,
Fra.bo (n 79), para 7.
81
Ibid., para 6.
82
The certificate was cancelled because Fra.bo had not submitted a positive test report on the 3000-
hour test. This test consists in exposing the copper fitting’s elastomeric waterproof joint to a tem-
perature of 110 °C in boiling water for 3000 hours. Ibid., paras 10–12.
83
As a result, the CPD did not preclude the compatibility of the conduct at issue—certification of
copper fittings—with Art 34 TFEU from being legally relevant. See n 65 and n 66.
84
Ibid., para 5. The copper fittings at issue in the main proceedings are ‘construction products’
within the meaning of the CPD which are not subject to a harmonised standard, European technical
approval or a national technical specification recognised at European Union level, as referred to the
CPD. See ibid., para 18.
98 R. Neerhof
justification and the DVGW would not be entitled to reject outright test reports from
laboratories, which are accredited by the competent authorities in Member States
other than the Federal Republic of Germany, but not by the DGVW. In Fra.bo’s
submission, the DVGW was bound by the provisions governing the free movement
of goods (Article 28 EC), and the cancellation and refusal to extend the certificate
both considerably restricted its access to the German market.85 Therefore, the case
was about a breach of the German private standardisation body of the rules on the
free movement of goods. Notably, the Federal Republic of Germany does not
finance and has no decisive influence over the activities of DVGW.86
The Landgericht Köln dismissed Fra.bo’s action. Fra.bo appealed against that
decision before the Oberlandesgericht (OLG) Düsseldorf in order to have, on the
same grounds, the DVGW ordered to extend the compliance certificate for the fit-
tings in question.87 The OLG Düsseldorf decided to stay the proceedings and to
refer questions to the Court for a preliminary ruling. One of the two questions the
Court had to answer was whether Article 28 EC must be interpreted as meaning that
it applies to standardisation and certification activities of a private-law body, where
the national legislature expressly regards the products in respect of which certifi-
cates have been issued as lawful, thus making it at least considerably more difficult
in practice to distribute products in respect of which certificates have not been
issued.88
It was not disputed by the parties to the main proceedings that the DVGW is the
only body able to certify the copper fittings at issue for the purposes of § 12 para. 4
ABVWasserV. The DVGW offers the only possibility for obtaining a compliance
certificate for such products.89 The DVGW and the German government referred to
a procedure other than certification by the DVGW, which consists in entrusting an
expert with the task of verifying a product’s compliance with the recognised rules
of technology within the meaning of § 12 para. 4 AVBWasserV. According to the
Court, it was however apparent, that this alternative procedure was of little or no
practical use. This was because of the administrative difficulties associated with the
absence of specific rules of procedure governing the work of the relevant experts,
combined with the additional costs incurred by having an individual expert report
drawn up.90
The referring court took the view that, in practice, the lack of certification by the
DVGW placed a considerable restriction on the marketing of the products con-
cerned in the German market. Although the AVBWasserV merely lays down the
general sales conditions as between water supply undertakings and their customers,
from which the parties are free to depart, it was apparent from the case-file that, in
practice, almost all German consumers purchase copper fittings certified by the
85
Ibid., para 13.
86
Ibid., para 24.
87
Ibid., para 15.
88
Ibid., paras 16, 17, 21. See also van Gestel and Micklitz (2013), p. 159.
89
Ibid., para 27–28.
90
Ibid., para 29.
DVGW.91 The Court concluded that in such circumstances, it is clear that a body
such as the DVGW in reality holds the power to regulate the entry into the German
market of products such as the copper fittings at issue, by virtue of its authority to
certify the products.92
Accordingly, the answer to the question was that Article 28 EC must be inter-
preted as meaning that it applies to standardisation and certification activities of a
private-law body, where the national legislation considers the products certified by
that body to be compliant with national law and that has the effect of restricting the
marketing of products which are not certified by that body.93
At first sight, the judgment does not seem to have an impact on certificates that
are not mandatory, such as quality certificates under Article 1.8 Building Decree.94
It is possible though that in the future, the Court will adopt a wider approach in rela-
tion to the applicability of provisions on the free movement of goods by private
institutions, including voluntary conformity assessment.95 As far as the applicability
of these provisions to certificates such as quality certification under the Building
Decree is concerned, the Court may argue that, although not mandatory, they are in
principle sufficient proof that the requirements of the Building Decree have been
met. However, the added value will probably also have to be proven in other ways.
6.3 Articles 101 and 102 TFEU
The third legal issue in relation to Dutch quality certificates for construction prod-
ucts has to do with Articles 101–106 TFEU. According to Article 101(1) TFEU, all
agreements between undertakings, decisions by associations of undertakings and
concerted practices, must be prohibited as incompatible with the internal market;
where they may affect trade between Member States and have as their object or
effect the prevention, restriction or distortion of competition within the internal
market,.
Third party conformity assessment is an economic activity, which in principle
may be engaged in by a private undertaking and with the view to a profit. According
to settled case law, any activity consisting of offering goods and services on a given
market is an economic activity.96 The concept of an undertaking encompasses every
91
Ibid., para 30.
92
Ibid., para 31.
93
ECJ – Fra.bo (n 79).
94
Compare ECJ, 6/6/2002, Case C-159/00 Sapod Audic v Eco-Emballages SA, ECLI:EU:C:2002:343.
95
Compare Steyger (2012), pp. 2115 f and 2121; van Leeuwen (2013), p. 406 f.
96
ECJ, 19/2/2002, Case C-309/99, ECLI:EU:C:2002:98 J. C. J. Wouters, J. W. Savelbergh and
Price Waterhouse Belastingadviseurs BV v Algemene Raad van de Nederlandse Orde van
Advocaten, para 47, with further references.
100 R. Neerhof
entity engaged in an economic activity, regardless of the legal status of the entity
and the way in which it is financed.97
A body governed by private law, which sets up a certification system for certain
products or companies to which affiliation is optional, establishes independently the
criteria which the certified products or companies must satisfy and issues a certifi-
cate only on payment of a subscription, is engaged in an economic activity and
therefore must be regarded as an undertaking within the meaning of Article 101
TFEU.98
Article 101 TFEU requires certification systems to be ‘open’. Agreements
between undertakings and concerted practices that prohibit the purchases of uncerti-
fied goods or services or goods and services of uncertified firms cannot be objec-
tively justified by an interest in maintaining the quality of the products and services
ensured by the certification system. On the contrary, the failure to accept equivalent
guarantees offered by other systems protects certified undertakings from competi-
tion from uncertified undertakings.99
According to Article 101(3) TFEU, the provisions of Article 101(1) TFEU, may
be declared inapplicable in the case of agreements, decisions and concerted prac-
tices, which contribute to improving the production or distribution of goods or to
promoting technical or economic progress, while allowing consumers a fair share of
the resulting benefit, and which do not:
(a) impose on the undertakings concerned, restrictions which are not indispensable
to the attainment of these objectives;
(b) afford such undertakings the possibility of eliminating competition in respect of
a substantial part of the products in question.
For third party conformity assessment systems, recourse to Article 101(3) TFEU
would be possible if there was added value in terms of improvement of production
or technical or economic progress. Restrictions on competition caught by Article
101(1) TFEU cannot be justified under this section just because the certification
scheme is (far) more effective than the public scheme of monitoring. An exception
to that rule may be allowed where public authorities have, of their own will, decided
to entrust the monitoring of compliance with statutory requirements to a private
body.100 The added value of a certification system does not derive merely from the
97
ECJ, 23/4/1991, Case C-41/90 Klaus Höfner and Fritz Elser v Macrotron GmbH,
ECLI:EU:C:1991:161, para 21.
98
See Court of First Instance, 22/10/1997, Joined Cases T-213/95 and T-18/96 Stichting Certificatie
Kraanverhuurbedrijf (SCK) and Federatie van Nederlandse Kraanbedrijven (FNK) v Commission,
paras 120–122; Schepel (2005), pp. 291 f.
99
CFI – SCK and FNK/Commission (n 98), paras 136 f. Well considered, this partly deprives the
power of conformity assessment by third parties. See also Schepel (2005), p. 292: ‘If certification
bodies are obliged to accept ‘equivalent guaranteed’ their profitability will hurt in the short run by
losing clients and in the long run by losing credibility and visibility. Certification will thus loose
its value as a powerful marketing instrument and firms will halve less of an incentive to seek it.’
Besides, even if a system provides for the acceptance of equivalent guarantees from other systems
violation of Article 101 TFEU is possible.
100
CFI – SCK and FNK/Commission (n 98), para 194.
fact that it imposes obligations not laid down by law. The certification system must
have real added value. This means that the conditions imposed by it should be
appropriate for the purpose of attaining the objective pursued.101
Article 102 TFEU prohibits abuse by one or more undertakings of a dominant
position within the internal market or in a substantial part of it as incompatible with
the internal market insofar as it may affect trade between Member States. Thus it
prohibits any abuse of a position of economic strength enjoyed by an undertaking
which enables it to hinder the maintenance of effective competition on the relevant
market by allowing it to behave to an appreciable extent independently of its com-
petitors and customers and ultimately of consumers.102
Undertakings could abuse a dominant position with the internal market and com-
mit an infringement of Article 102 TFEU where they, without any objective neces-
sity, use certification schemes and certification to reserve to themselves an activity,
which might be carried out by another undertaking on the same market, with the
possibility of eliminating all competition from such undertaking.103 Nor should
conformity assessment have unintended inhibiting effects on price competition or
production, markets, innovation or technical development.104
Insofar as a procedure for establishing certification schemes does not appear to
be open to all, these is an indication of a breach of competition law. This certainly
applies if there is actually little freedom to develop products that do not comply with
the certification scheme and are not eligible for the certificate. If these schemes
obstruct or disable competition from other market actors without any objective
need, conformity assessment bodies applying them will be guilty of violating Article
102 TFEU. Participation of all stakeholders in certification schemes, their access to
documents and ‘modes of control and accountability’ are important conditions for
decision-making by conformity assessment bodies; in order to ensure compliance
with competition rules.105 This also applies to standards, which the conformity
assessment is based upon.106
101
Ibid., paras 202 f; Schepel (2005), pp. 291 f.
102
ECJ, 9/11/1981, Case C-322/81 NV Nederlandsche Banden Industrie Michelin v Commission,
ECLI:EU:C:1983:313, para 30.
103
See ECJ, 3/10/1985, Case 311/84 Centre belge d’études de marché – Télémarketing (CBEM) v
SA Compagnie luxembourgeoise de télédiffusion (CLT) and Information publicité Benelux (IPB),
ECLI:EU:C:1985:394, para 27; ECJ, 13/12/2001, C-18/88 Régie des télégraphes et des téléphones
v GB-Inno-BM SA, ECLI:EU:C:1991:474, paras 14–19. The cases are not about conformity
assessment.
104
See: Kamerstukken II 1994/95, 21,670, no. 7 and no. 8, 33.
105
van der Ham (2010), pp. 115–117. See also ECJ – RTT (n. 103), paras 14–19; ECJ – Centre
belge d’études de marché – Télémarketing (n 103), para 27.
106
I will not discuss this further. See Communication from the Commission, Guidelines on the
applicability of Art. 101 of the Treaty on the Functioning of the European Union to horizontal co-
operation agreements, [2011] OJ C 11/59, 60. ‘Where participation in standard-setting is unre-
stricted and the procedure for adopting the standard in question is transparent, standardisation
agreements which contain no obligation to comply with the standard and provide access to the
standard on fair, reasonable and non-discriminatory terms will normally not restrict competition
within the meaning of Art. 101(1)’.
102 R. Neerhof
Articles 101 and 102 TFEU also apply to Member States. The Treaty requires
Member States not to take or maintain in force, measures which could destroy the
effectiveness of that provision. It seems likely therefore that governments have a
responsibility to ensure compliance with competition rules by conformity assess-
ment bodies; especially when the legislator has given probative value to their certifi-
cates and/or a minister has been given the power in national legislation to designate
these bodies.107
Further research should show whether and to what extent there are competition
law risks associated with the functioning of the system of quality certificates under
national legislation, for example the Dutch Building Decree. In this decree the leg-
islator has given probative value to recognised quality certificates but they are not
legally required and it is not a minister who decides which bodies are competent to
issue these declarations. However, there are competition law risks when these qual-
ity certificates are actually mandatory as a result of the behaviour of market parties
or competent authorities.
7 Main Findings
1. For over two decades, there has been a clear interest in conformity assessment as
an instrument for regulation and supervision in addition to exclusive government
action in the European Union and its Member States. One of the areas in which
this is the case is the construction industry.
2. According to the Construction Products Regulation (CPR), manufacturers must
draw up EC declarations of performance for products and affix CE marking to
construction products when they are covered by harmonised standards. These
standards are established by European standardisation bodies on the basis of
‘mandates’ issued by the European Commission. Based on the CPR, the
Commission establishes which system or systems of conformity assessment are
applicable to certain construction products. The Commission may require con-
formity assessment of products to be carried out by an independent third party.
This means conformity assessment must be carried out by a body, designated by
a member state, which meets requirements of independence, impartiality and
technical competence, which are enshrined in the CPR.
In the Netherlands, voluntary certification of construction products and build-
ing processes have, under certain conditions, legal effect pursuant to the national
building legislation. According to Dutch legislation and an executive agreement
between SBK (a Dutch private foundation for construction quality), the RvA (the
ECJ, 16/11/1977, Case 13/77 SA G.B.-INNO-B.M. v Association des détaillants en tabac

107
(ATAB), ECLI:EU:C:1977:185, paras 31 f; ECJ – Höfner v Elser (n 98), paras 26 f, 32 f; ECJ,

18/6/1991, Case C-260/89 Elliniki Radiophonia Tiléorassi AE and Panellinia Omospondia
Syllogon Prossopikou v Dimotiki Etairia Pliroforissis and Sotirios Kouvelas and Nicolaos Avdellas
and others, ECLI:EU:C:1991:254, para 35.
Dutch accreditation body), the Minister for Housing and the Minister of
Infrastructure and Environment, certification schemes have to be approved by
SBK. Conformity assessment must be done by accredited bodies.
3. Third party conformity assessment within the framework of the CPR or national
legislation, e.g. the Dutch Building Decree, involves certain risks. There are
some specific topics concerning the legitimacy of conformity assessment of con-
struction products under European law and under Dutch law. Regarding legiti-
macy of this conformity assessment, the following findings are important.
Harmonised European standards are established by committees, in which larger
companies are better represented than small and medium enterprises.
The EU Standardisation Regulation calls upon European standardisation bod-
ies to encourage and facilitate an appropriate representation and effective partici-
pation of all relevant stakeholders, but the regulation seems to provide rather soft
requirements with respect to stakeholder involvement. It is a favourable develop-
ment that the Court of Justice recently ruled in the case of James Elliott that it
has jurisdiction to give a preliminary ruling concerning the interpretation of har-
monised standards under EU harmonisation legislation. It can be assumed that
this judgment of the Court implies that the Court can also adjudicate on the
validity of the harmonised standards or their compatibility with higher EU law.
According to an analysis of the implementation of the CPR, commissioned by
the European Commission in 2015, the strict requirements for notified bodies
and the notification procedure according to the CPR have had a positive effect in
terms of increasing the credibility of the CPR, legal certainty, and transparency
with regard to ensuring that notified bodies are competent and impartial.
In conformity assessment within the Dutch Building Decree, conformity
assessment bodies use the standards provided in this Decree but they also use
other standards. According to the aforementioned EU Standardisation Regulation,
national standardisation bodies must encourage and facilitate the access of small
and medium enterprises to standards and standards development processes, but
this is a soft requirement and the regulation does not provide any enforcement
tools.
Regarding the legitimacy of certification schemes, only further investigation
could show to what extent the composition of the committees of experts deciding
upon these schemes (which are in line with public law building rules) still has
vulnerabilities in terms of commitment and support from all parties involved,
despite the watchful eye of the RvA and SBK.
4. There are also some specific topics concerning the effectiveness of conformity
assessment under European law and national law. According to the aforemen-
tioned analysis of the implementation of the CPR, stakeholders have identified
that the accreditation process for notified bodies under the CPR could be
improved. Practices of notified bodies can vary greatly. We do not know exactly
what effects market forces have on the impartiality of notified bodies. Another
problem may be that in practice there is no direct relation between harmonised
technical specifications for assessing the performance of construction products
and basic requirements for construction works.
104 R. Neerhof
The information provided by voluntary quality certificates under the Dutch

Building Decree for market actors is probably limited. It is not always clear what
the connections are between certification schemes concerning construction prod-
ucts and processes and requirements to be met by construction works. However,
the market value of the declarations may be large. Foreclosure could affect the
effectiveness of conformity assessment under the Building Decree. In 2011, a
Dutch Inspectorate reported about possible irregularities in certification under
this decree. Research in 2011 showed that a majority of officials of building and
housing inspections of municipalities had little faith in the market for recognised
quality certificates.
5. Member States seem to tolerate voluntary use of quality marks that overlap with
CE marking. In the Netherlands there are quality certificates in use, which are in
conflict with the CPR because they deal with performances that are covered by a
harmonised standard. So far, the highest general administrative court in the
Netherlands has not taken any decision about the effects of the CPR on Dutch
certification of construction products and the consequences it should have for
law enforcement by the Minister of Interior Relations. However it is clear that
Article 8(3) CPR prohibits voluntary marks that overlap with CE marking.
Where performances of a construction product are not covered by a harmonised
specification as meant by the CPR, they are not subject to exhaustive harmonisation
at Union level. This means Article 34 TFEU applies to voluntary certification that
relates to these performances. In the Fra.bo case, the Court of Justice decided that
Article 28 EC (now Article 34 TFEU) must be interpreted as meaning that it applies
to standardisation and certification activities of a private-law body where the
national legislation considers the products certified by that body to be compliant
with national law and that has the effect of restricting the marketing of products
which are not certified by that body. This may have implications for voluntary qual-
ity decisions, even if they are not legally enforced.
There may be competition law risks associated with the functioning of a system
of quality certificates. Third party conformity assessment on payment of a subscrip-
tion by a private body qualifies as an economic activity by a private undertaking.
Articles 101–106 TFEU apply to conformity assessment of construction products.
Article 101 TFEU stipulates that certification systems should be ‘open’. Agreements
and concerted practices that prohibit the purchase of uncertified goods cannot be
objectively justified by an interest in maintaining the quality of the products and
services ensured by the certification system. In principle, restrictions on competi-
tion caught by Article 101(1) TFEU cannot be justified by Article 101(3) TFEU just
because the certification scheme is (far) more effective than a public scheme of
monitoring. The added value of a certification system does not derive merely from
the fact that it imposes obligations not laid down by law. The conditions imposed by
a certification system should be appropriate for the purpose of attaining the pursued
objective.
Article 102 TFEU prohibits any abuse by undertakings of a dominant position

within the internal market in so far as it may affect trade between Member States.
Undertakings could infringe Article 102 TFEU where they, without any objective
necessity, use certification to reserve to themselves an activity, which might be car-
ried out by another undertaking on the same market, with the possibility of eliminat-
ing all competition from such undertaking. Insofar as a procedure for establishing
certification schemes does not appear to be open to all, this is an indication of a
breach of competition law.
Articles 101 and 102 TFEU also apply to the Member States. Governments
therefore have a responsibility to comply with competition rules by conformity
assessment bodies, especially when the legislator has given probative value to their
certificates and they have been given the power to designate these bodies in national
legislation. Under the Dutch Building Decree quality certificates for construction
products are not legally required and it is not a minister who decides which bodies
are competent. It is the legislator who has given probative value to recognised qual-
ity certificates and these quality certificates could actually be mandatory, as a result
of the behaviour of market parties or competent authorities. Further research will
have to determine whether and to what extent there are competition law risks associ-
ated with the functioning of such a system.
I finish with a few concluding remarks. The strict requirements for notified bod-
ies and notification procedure according to the CPR are likely to have had a positive
effect in terms of ensuring the impartiality of notified bodies and addressing issues
relating to conflicts of interests. The accreditation process for notified bodies could,
however, probably still be improved. Practices of notified bodies can vary greatly.
At this moment, we do not know enough about what effects market forces have on
the impartiality of such bodies. Legitimacy of underlying standards might pose a
problem, because larger companies are better represented in the various technical
bodies of European standardisation than other organisations.
The system of recognised (voluntary) quality certificates of construction prod-
ucts under the Dutch Building Decree can be criticised since its effectiveness is
limited. Some Member States seem to tolerate the voluntary use of quality marks
that overlap with CE marking. This is also the case in the Netherlands. There are
Dutch quality certificates in use that conflict with the CPR.
References
Andersson Elffers Felix. (2011). Evaluatie Tripartiete Stelsel. Utrecht.

Colombo, C., & Eliantonio, M. (2017). Harmonized technical standards as part of EU law:
Juridification with a number of unresolved legitimacy concerns? Case C-613/14 James
Elliot Construction Limited v. Irish Asphalt Limited, EU:C:2016:821. Maastricht Journal of
European and Comparative Law, 332.
Cuccuru, P. (2018). European judiciary and harmonised standards, which intersection? (Sant’Anna
Legal Studies, STALS Research Paper 2, 23).
106 R. Neerhof
Evers, G. J. M. (2002). Blind vertrouwen? Een onderzoek naar de toepassing van certificatie ten
dienste van handhaving van wettelijke voorschriften. Den Haag, The Netherlands: BJu.
Neerhof, A. R. (2013a). Standardization in construction law: An example of successful decentring
of regulatory governance? In A. L. B. Colombi Ciacchi, M. A. Heldeweg, B. M. J. van der
Meulen, & A. R. Neerhof (Eds.), Law & governance – Beyond the public-private law divide?
(p. 144). Den Haag, The Netherlands: Eleven.
Neerhof, A. R. (2013b). Certificering en normalisatie in het publieke bouwrecht. Den Haag, The
Netherlands: IBR.
Nwaogu, T., Upson, S., Marshall, S., Le Crom, Y., & Vermande, H. (2015). Analysis of the imple-
mentation of the construction products regulation. Final report (RPA Risk and Policy Analysis).
Peeters, M. G. W. M., Neerhof, A. R., & de Boer, J. (2009). De rol van conformiteitsbeoordelingen
bij de handhaving van het milieurecht. STEM publicatie 2008/2, Arnhem.
Purnhagen, K. (2017). Voluntary “New Approach” technical standards are subject to judicial scru-
tiny by the CJEU! – The remarkable CJEU judgment “Elliott” on private standards. European
Journal of Risk Regulation, 586.
Reich, N. (2008). AGM-COS.MET or: Who is protected by EC safety regulation? European Law
Review, 88.
Schepel, H. (2005). The constitution of private governance. Product standards in the regulation of
integrating markets. Oxford, England: Hart.
Schepel, H. (2013). The new approach to the new approach: The juridification of harmonized stan-
dards in EU law. Maastricht Journal of European and Comparative Law, 530.
Schiek, D. (2007). Private rule-making and European governance – Issues of legitimacy. European
Law Review, 446.
Scott, C. (2010). Regulatory governance and the challenge of constitutionalism (EUI Working
papers No 7). Florence, Italy: Robert Schuman Centre for Advanced Studies.
Steyger, E. (2012). Vrij verkeer en mededinging. Toenadering van privaat- en publiekrecht.
Nederlands Juristenblad, 30:2115.
Stuurman, C. (1995). Technische normen en het recht: beschouwingen over de interactie tussen het
recht en technische normalisatie op het terrein van informatietechnologie en telecommunicatie.
Deventer, The Netherlands: Kluwer.
van der Ham, M. (2010). Standaardisering onder het Europees mededingingsrecht: water en vuur
of brothers in arms? Actualiteiten Mededingingsrecht, 5:115.
van Gestel, R. (2012). Hoge Raad is duur. RegelMaat, 250.
van Gestel, R., & Micklitz, H.-W. (2013). European integration through standardization: How
judicial review is breaking down the club house of private standardization bodies. Common
Market Law Review, 154.
van Leeuwen, B. (2013). From status to impact, and the role of national legislation: The applica-
tion of Article 34 TFEU to a private certification organisation in Fra.bo. European Journal of
Risk Regulation, 406.
van Ommeren, F. J. (2008). Bestuurswetgeving en haar alternatieven: een verkenning van
beleidsregels, algemene voorwaarden van de overheid en normalisatienormen als prototypen.
RegelMaat, 82.
Verbruggen, P., & van Leeuwen, B. (2018). The liability of notified bodies under the EU’s new
approach: The implications of the PIP breast implants case. European Law Review, 405.
Vermande, H. M. (2010). Marktonderzoek productinformatie door middel van CE-markering en
kwaliteitsverklaring. Bodegraven, The Netherlands: PRC.
Volpato, A. (2017). The harmonized standards before the ECJ: James Elliott Construction.
Common Market Law Review, 597.
VROM-Inspectie. (2011). Private kwaliteitsborging in de bouwregelgeving, no. VI-2010-40.
VROM-Inspectie, Ministerie van Infrastructuur en Milieu, Den Haag, pp 20 f.
Part II
Success and Shortcomings of Certification
Systems
Privacy Through Certification?: The New
Certification Scheme of the General Data
Protection Regulation
Gerrit Hornung and Stefan Bauer
1 Introduction
The General Data Protection Regulation (GDPR)1 replaced the Data Protection
Directive 95/46/EC on 25 May 2018, and the Police and Criminal Justice Data
Protection Directive2 replaced the 2008 Data Protection Framework Decision.3 It is
no exaggeration that the GDPR is an important milestone in the evolution of the
European data protection system. On the one hand, the regulation will—to some
extent—force national legislators to adapt significant parts of their respective data
protection regime to the provisions of the GDPR, since the regulation leaves numer-
ous areas via an extensive use of opening clauses to the discretion of Member
States.4 On the other hand, many aspects that the GDPR regulates are directly appli-
cable. As a result, very little personal data will remain unaffected by the GDPR so
individuals and enterprises, inside and outside of the EU, need to become acquainted
with the relevant provisions.
1
Reg (EU) 2016/679 on the protection of natural persons with regard to the processing of personal
data and on the free movement of such data, [2016] OJ L 119/1.
2
Dir (EU) 2016/680 on the protection of natural persons with regard to processing of personal data
by competent authorities for the purposes of the prevention, investigation, detection or prosecution
of criminal offences or the execution of criminal penalties, and on the free movement of such data,
[2016] OJ L 119/89.
3
Framework Decision 2008/977/JHA on the protection of personal data processed in the frame-
work of police and judicial cooperation in criminal matters, [2008] OJ L 350/60.
4
Kühling and Martini (2016), pp. 448, 449.
G. Hornung (*) · S. Bauer

Kassel, Germany
e-mail: gerrit.hornung@uni-kassel.de

https://doi.org/10.1007/978-3-030-02499-4_5
110 G. Hornung and S. Bauer
When dealing with the enforcement of data protection, national legislators are
confronted with a myriad of problems. Today, some provisions remain unenforced
because there are no legal consequences if data controllers or processors do not fol-
low binding rules. In addition, there is a great deal of intransparency for the control-
ler and sometimes even for supervisory authorities.
The challenges twenty-first-century-data protection is facing cannot be ade-
quately met by the means which the traditional data protection system has to offer.
The focus on defence mechanisms and manageable data processing acts cannot
adequately deal with application scenarios such as ubiquitous computing.5 Modern
data protection can only be adequately enforced if data protection policies and the
corresponding organizational strategies form an integral part of the technology.6
Hence, there is a need for market-based incentives7 which can enhance privacy-
friendly actions. This type of data protection should be implemented in cooperation
with the controller, not without or against him.
Audit and certification mechanisms are means of co-regulation and aimed at
reaching the above-mentioned incentives, adding an optional enforcement layer,
delegated to (often) private certification bodies.8 Following up on studies in the
early 1990s,9 two German Länder, namely Schleswig-Holstein and Bremen, decided
to adopt the corresponding legal framework.10 In addition, the independent data
protection centre for Schleswig-Holstein (ULD, the respective supervisory author-
ity) transferred this concept to Europe by means of a European joint research proj-
ect, called EuroPriSe. There are also examples in other countries, most notably
France, where the data protection supervisory authority (Commission Nationale de
l’Informatique et des Libertés, CNIL) started to issue certificates after the amend-
ments of its internal regulation in 2011.11 Privacy seals also exist in Northern
America and Asia.12 Furthermore, in particular in the online world, there are numer-
ous and very heterogeneous privacy and IT security seals. These seals are often
unheard-of and lack general standards, validity and usability, which hardly incentiv-
ises their use.13 These and other efforts lead to the adoption of Articles 42 and 43 of
the GDPR. For the first time, there is a normative basis for audit and certification
5
Kühling (2007), p. 153; concerning the legal problems: Roßnagel (2007).
6
See Hornung (2011), p. 51; this is now addressed by Art 25 GDPR (“data protection by design
and by default”).
7
On the economic perspective on privacy seals cf. Waelbroeck (2018), p. 133.
8
Bock (2016), p. 335.
9
With regard to the concept and examples in other countries see Roßnagel (2000); Roßnagel
(1997), p. 505.
10
See with regard to positive experiences Bäumler (2002), p. 325; Bäumler (2004), p. 80; Schläger
(2004), p. 459; Bock (2016), p. 335 ff.; Hansen (2018), p. 35.
11
Carvais-Palut (2018), p. 49 ff.; on other countries (e.g. the UK and Switzerland) cf. Schwartmann
and Weiß (2016), pp. 68, 69.
12
Cavoukian and Chibba (2018), p. 59 ff.
13
For an inventory see ENISA (2013); ENISA (2017), p. 16 ff.; with regard to the existing market
see Feik and von Lewinski (2014), p. 59; see also the comparative analysis of Balboni and Dragan
(2018), p. 99 ff.
The New Certification Scheme of the General Data Protection Regulation 111
mechanisms at a European level. Some authors already maintain that the certification
process defined in the GDPR cannot be successful,14 although this assessment
appears rather hastily.
Against this background, it is of great importance to clarify the general concept
of data protection certification and in particular the specific rules adopted in the
GDPR. The legal effects of the new framework include specific standards, which
however pose many problems, as they are drafted rather vague and not completely
consistent. Together with the still missing standards of the European Data Protection
Board, this could put the instrument of certification at risk. In the following first
section, this chapter gives an overview of the German and European data protection
law. The most prominent impacts of the GDPR are highlighted in the second sec-
tion. The last section of this chapter addresses questions related to data protection
certification and audit mechanisms, in particular Articles 42 and 43 GDPR.
2 German Data Protection Law
The fundamental right to informational self-determination, which is the legal anchor

for data protection in the German constitution, was first “invented” by the German
Federal Constitutional Court (Bundesverfassungsgericht) in its population census
decision in 1983.15 With this decision, the Court laid the foundations of both consti-
tutional and sub-constitutional German data protection law.16 The German concept
of informational self-determination is very disparate from the idea of privacy as a
“right to be let alone”. Rather, informational self-determination and data protection
have two corresponding effects: The individual is shielded from interferences in
personal matters, thus creating a sphere in which he or she can feel safe from any
interference. At the same time, data protection is also a precondition for citizens’
unbiased participation in the political processes of the democratic constitutional
state. The Bundesverfassungsgericht adopted a number of principles of data protec-
tion which can now be considered the key principles of data protection in all of
Europe, since they were all fixed in the Data Protection Directive 95/46/EC.17 This
also includes, together with the data minimisation principle, obligations of the data
controller and rights of the data subject,18 as well as the principles of purpose
14
Lachaud (2016), p. 814.
15
Bundesverfassungsgericht (BVerfG), 15.12.1983, 65 Entscheidungen des Bundesver
fassungsgerichts 1; on this “fundamental rights innovation” cf. Hornung (2015), p. 266 ff.
16
Germany already had a Federal Data Protection Act before the population census decision. It was
enacted in 1977, but had to be completely revised after the population census decision. The new
Data Protection Act entered into force in 1990. After the Data Protection Directive 95/46/EC had
been enacted in 1995, it took the German federal legislator 6 years to transpose this directive into
a new Data Protection Act.
17
This is not to say that the Bundesverfassungsgericht invented all those principles, since it could
resort to the works of scholars, but it made those principles mandatory even for the legislator.
18
Arts 10, 11, 12, 14, 18 of Dir 95/46/EC.
specification19 and proportionality.20 Based on the ideas of purpose specification and

proportionality, the Bundesverfassungsgericht developed an extensive prohibition
of data retention.21
The cornerstones of this democratic communication order are still valid and form
the basis for the most recent decisions. Although these decisions deal with highly
advanced technologies, such as the online searching of computers, automatic num-
ber plate recognition and the retention of telecommunication data, the underlying
considerations of these decisions were already part of the population census case.
Even where the Bundesverfassungsgericht saw the necessity to create a new funda-
mental right to “confidentiality and integrity of information technology systems” in
2008, it did so by referring to the “gap-closing function of the general personality
right” which was already causative for the invention of the right to informational
self-determination in 1983.22
3 General Data Protection Regulation
The GDPR aims to reach a harmonised, consistent and high level of data protection
and remove the obstacles to flows of personal data within the Union.23
The basic principles for the processing of personal data are stipulated in Article
5 GDPR, which include lawfulness, fairness, transparency, accuracy, integrity and
confidentiality of data processing, purpose limitation, data minimisation and stor-
age limitation as well as the concept of accountability. Processing of personal data
is only permitted, if at least one of the justifications mentioned in Article 6 GDPR
applies (e.g. consent by the data subject, necessity for the performance of a contract,
compliance with legal obligations to which the controller is subject, and the highly
disputed case of “legitimate interests” of the controller or a third party).
By enhancing individual rights (such as the right to erasure provided by Article
17 GDPR and the right to data portability in Article 18 GDPR) and the possibility
of access to administrative and judicial processes, certain delivery gaps in the imple-
mentation of data protection law are intended to be reduced.
The regulation includes new or heavily revised instruments like the data breach
notification (Article 32 GDPR), the privacy impact assessment (Article 35 GDPR),
the data protection officer (Articles 37–39 GDPR), codes of conduct (Articles 40,
41 GDPR) and certification mechanisms (Articles 42, 43 GDPR) and the concepts
of privacy by design and by default (Article 25 GDPR). These are meant to enhance
compliance with the regulation, in some cases imposing heightened requirements
19
Art 6(1)(b) of Dir 95/46/EC.
20
Art 6(1)(c) of Dir 95/46/EC.
21
BVerfG (n 15) 46 f.
22
Hornung and Schnabel (2009), pp. 84, 88.
23
Recital 10 GDPR; for a more specific overview with further references see Schantz (2016),
p. 1841; Kühling and Martini (2016).
on controllers that engage in “high-risk” activities (so-called risk-based approach).

In cases of non-compliance, supervisory authorities are empowered to impose sig-
nificant administrative fines (up to 4% of worldwide turnover, Article 83(5) GDPR)
on both data controllers and data processors, which is also meant to “encourage”
controllers to implement data protection and compliance.24
According to Article 3(2) GDPR, the regulation will apply to all organisations
which have EU establishments, where personal data are processed in the context of
the activities of such an establishment. Non-EU established organisations will be
subject to the GDPR where they process personal data about EU data subjects in
connection with the “offering of goods or services” or “monitoring” their behaviour
within the EU. Thus, the territorial scope of EU data protection is extended.
In order to ensure more coherence in the application of data protection legisla-
tion throughout the EU, Article 56 GDPR introduces a one-stop-shop supervisory
and cooperation mechanism. A business with multiple establishments in the EU will
have a single (national) supervisory authority as its “lead authority”, based on the
location of its “main establishment” (i.e., the place where the main processing activ-
ities take place). The lead authority will act as a “one-stop shop” to supervise all the
processing activities of that business throughout the EU (Articles 46–55 GDPR).
However, supervisory authorities in other Member States where that controller is
established, or where data subjects are significantly affected, or authorities to whom
a complaint has been made, can be involved in cases, and the lead authority must
co-operate with them.25 The European Data Protection Board (Article 68 GDPR)
will coordinate the Supervisory Authorities.
The transfer of personal data to recipients in “third countries” (i.e. outside of the
European Economic Area) continues to be restricted in certain circumstances,
Article 46 GDPR. If an “adequate level” of protection is not provided and/or there
is no decision by the European Commission, standard contractual clauses (either
adopted by the Commission or adopted by a supervisory authority and approved by
the Commission) will remain an option to transfer personal data to third countries.
Other instruments include binding corporate rules, codes of conduct and certifica-
tion mechanisms.
Even though the GDPR is a legal instrument with direct effect, there are numer-
ous opening clauses, limiting the direct applicability of the Regulation in certain
areas of data protection law (e.g. Article 88 GDPR with regard to the processing of
data in the context of employment).26 It remains to be seen how Member States are
going to use this flexibility when adapting their (remaining) national data protection
legislation.27
24
Bird & Bird (2016), p. 54.
25
Bird & Bird (2016), p. 47.
26
Kühling and Martini (2016), p. 448; Kühling et al. (2016).
27
In Germany, the respective national laws were enacted very quickly. § 26 of the new Federal Data
Protection Act (Bundesdatenschutzgesetz) makes use of the opening clause of Art 88 GDPR.
4 Data Protection Certification Mechanisms
This section first examines the concept of audit and certification mechanisms. Then
we deal with the status quo and the GDPR with regard to these instruments of co-
regulation before concluding.28
4.1 Concept
The terms data protection audit and data protection certification are used to describe
an examination based on data protection criteria, although they are two different
processes. This examination can be executed internally or externally and can refer
to products, services, systems, organizations or results of data processing. Data pro-
tection audit and data protection certification fall under the generic term “examina-
tion”. Audits refer to a process, used by an organization or organizational unit,
which focuses on the evaluation of data privacy management systems and aims to
confirm that these systems enhance data protection.29 Certification on the other hand
focuses on IT products or services.30
All audit and certification approaches are creating market incentives. Once an
examination is successful, the controller has the right to use the audit mark, quality
seal or the like for advertising purposes. Thus, market mechanisms are supposed to
lead to more competition and continuously enhance data protection. The regulatory
approach of privacy law is thereby complemented by elements of competition and
self-regulation.
The controllers’ awareness of self-responsibility is strengthened, once a certifi-
cate demonstrates the properties of his product or an audit has forced the controller
to introduce an effective data management system. Examinations lead to more
transparency31 and thus facilitate internal and external data protection supervision,
in particular with regard to data protection officers. Transparency may further
reduce information asymmetries, thereby tackling the problem of negative exter-
nalities.32 Learning processes are also induced when everyone involved in the orga-
nizational hierarchy is aware of the extent of data handling and its effects. Audits
and certification thereby primarily aim at enhancing the implementation of data
protection.33
28
Some of the ideas mentioned in this section are based on Hornung and Hartl (2014), p. 219.
29
Roßnagel (2000), p. 65 ff.
30
With regard to § 9a FDPA, the term “product audit” is also used, see Scholz (2014), margin note
24.
31
ENISA (2017), p. 13.
32
See the economic analysis by Waelbroeck (2018), pp. 135 ff., 141 ff.
33
Hornung and Hartl (2014), p. 220.
4.1.1 Scope and Mode of Examination
Differentiating between certification (of IT products) and audit (of a controller’s

processes) is not just a terminological issue. It also affects the mode of
examination.
Certification
Certification has a static and object-oriented character34 because it always relates to

concrete IT products and their properties. Once there is a new version of the exam-
ined product, the certificate might become void, since it is necessary to verify if any
relevant properties have been altered. As a result, the certification of a product only
then makes sense if there is a certain stability. This stability can also be found in the
IT sector, even though in some areas (for example social networks which have
extremely volatile structures) the implementation might only come at the cost of
permanent re-certification. In many cases, the data protection compliance of an IT
product is also (mainly) influenced by its operational environment, which can be
seen as an additional challenge.35 The certification of stand-alone systems such as
shredding machines might not pose any problems. In the case of certifying software
components, additional factors such as the operating system installed, the hardware
used and the configuration of the software may need to be taken into account. This
requires an examination methodology36 that differentiates between product and
operational environment and that needs to disclose the related limitations after con-
cluding the certification. In some cases, it will be useful to rely on technology-
specific certification requirements, as general certification schemes may be too
generic for the testing of products.37
Once the certification was successful, the controller may advertise his IT product
with the respective seal. Advertising can be done on the retail market as well as on
the upstream market, e.g. if a retailer would like to affirm compliance with data
protection law of a component which he is using.
Audit
A data protection audit in the sense of a process audit differs in many respects from
the above-mentioned certification. Instead of being limited to a certain point in time,
the audit is designed to continuously examine the controller. It is not static, but
rather aims to continuously enhance the level of data protection of the controller. By
not focussing on a single object, but rather by looking into the controller, it
34
Scholz (2014), margin note 24; Roßnagel (2000), p. 267.
35
Roßnagel (2000), p. 58; Meissner (2008), pp. 525, 526; Schläger (2004), p. 460.
36
Schläger (2004), p. 460.
37
On the example of cyber-physical systems, see Barnard-Wills (2018), p. 113.
contributes to comprehensive “data protection compliance”. Compared to the

object-oriented certification, the audit is often more complex.
The object of an audit should be the capability of a certain process to achieve
dynamic solutions of privacy issues. In this context, a process is “the interaction of
technical and organisational components, which serves an overarching goal and in
which personal data is collected, used and processed”.38
The object of examination keeps changing because controllers continuously alter
organizational structures, procedures and technology, which, in many cases, can be
challenging. A process audit must therefore (also) be understood as an examination
of the data protection management with the concrete process as the point of refer-
ence. The auditor will then evaluate whether this management can on the one hand
ensure a legally compliant handling of personal data by workplace and administra-
tive processes and on the other hand, induce a continuous learning and improvement
process.39 Ideally, a dynamic change of process, induced by market conditions and
directed towards data protection compliance, would take place.
The use of certified data protection-friendly products by the audited body can be
part of the audit criteria.40 This could constitute a useful link between process audit
and product certification.
4.1.2 Standard of Examination
One of the most important aspects with regard to audits and certification is the ques-
tion as to whether the examination should be limited to compliance with legal
requirements or whether it should encompass more than that. From the perspective
of a controller, the former can indeed be sufficient, if he is uncertain whether his
actions or his IT systems adhere to legal requirements.41 This will often be the case
in the field of new technologies, in particular when legal conformity depends on
general clauses such as the principle of necessity.
The main goal of audits and certification mechanisms (that is the creation of
market incentives) leads to the conclusion that the mere examination of adherence
to legal requirements42 is not appropriate. Only in exceptional cases, examined legal
compliance may be considered an asset, e.g. when dealing with a market that is
penetrated by unlawful behaviour.
If more than mere adherence to data protection law is required, the question
arises which standard of examination should be applied. On the one hand, there are
38
Roßnagel (2011), p. 267.
39
Roßnagel (2000), p. 58; Hammer and Schuler (2007), pp. 77, 79 who do not require a reference
to a certain process.
40
Roßnagel (2000), p. 141 f.
41
Weichert (2010), margin note 11.
42
In the context of the 2009 amendment of the German FDPA this ‘minimum standard’ was
rejected and regarded as a ‘bureaucratic duplication’ of the duty to observe the law, see Grentzenberg
et al. (2009), pp. 535, 542.
criteria which are imposed upon the controller externally, that is, from supervisory
authorities, the auditors or sector associations.43 On the other hand, individual stan-
dards could be considered which allow the controller to determine his own stan-
dards.44 These individual standards could be based upon an examination of legal
compliance and constitute a privacy “plus”, which would then be determined by the
controller. This second approach would, however, lower market transparency, due to
the fact that there would be no clear standard of examination linked to the audit seal.
Transparency with regard to the standard of examination would need to be estab-
lished on a case-by-case basis by means of privacy statements which would be initi-
ated by the respective customers.45 Nevertheless, such individual examinations are
not unusual in other fields, they partly offer incentives to less privacy-friendly com-
panies and they could prevent coherent standards of examination and processes
from leading to unequal burdens on unequally big enterprises.46
4.1.3 Verifying Authority
Effective audit and certification mechanisms can only be properly performed by

competent and independent appraisers.47 In addition, an adequate number of com-
petent authorities is required in order to ensure a timely execution of the examina-
tions.48 This service can be delivered on the open market, but there are risks. If
private appraisers depend on orders by controllers and the corresponding fees, a
dependent relationship may develop which might cause suspicions of misconduct.49
Data protection as a competitive advantage, however, relies on trust in the informa-
tive value of an audit or product seal. Even the slightest suspicion of misconduct
could tarnish this trust.
Ultimate public control could prevent these suspicions from arising.50 In this
context, the model of state-accredited appraisers is suggested.51 The accreditation
43
This is for example the case in the existing scheme of Schleswig-Holstein, cf. Hansen (2018),
p. 40 f. One could also consider mixed models and the (advisory) participation of additional insti-
tutions such as consumer protection organisations or foundations (e.g. the German data protection
foundation).
44
This would be Roßnagel’s concept. Hammer and Schuler (2007), p. 81 use a different
terminology.
45
Hammer and Schuler (2007), p. 78 f. with regard to “fiberizing” of certificates.
46
This was also criticized in the course of the 2009 amendment of the German FDPA, see Hammer
and Schuler (2007), p. 78 f.
47
See for example Roßnagel (2000), p. 514; Schläger (2004), p. 459; ENISA (2017), p. 9.
48
Dieterich (2016), p. 260.
49
Windmann (2010), pp. 396, 401 f.
50
In an alternative model, the verifying authority would be liable for flawed audits and certificates.
With regard to difficulties of proof and the sparsely developed concept of liability in data protec-
tion law, this approach does not seem practicable, see AG Rechtsrahmen des Cloud Computing
(2012), p. 18.
51
Following the environmental protection audit Roßnagel (2000), p. 112; Schläger (2004), p. 459.
procedure and the possibility of revoking an accreditation ensure adequate trust in

the appraisers’ independence. A system of state-accredited appraisers could have
more legitimacy than other models.52 This direct legitimation of appraisers is par-
ticularly relevant with regard to the legal consequences that are linked to the audit
or certification.
4.1.4 Legal Effects
Audits and certification are aimed at creating market incentives. However, they can
also be linked to direct legal consequences. This appears to be useful, as in practice,
market incentives have limits. A good example for this is that users tend to generally
voice their data protection interests and concerns but, when making concrete deci-
sions, paradoxically tend to give precedence to other criteria.53
As regards legal effects, certified products and audited controllers could be given
priority, for example, in the context of public procurement.54 Privileged treatment of
processors also seems useful. According to Article 28(1) GDPR, controllers, in par-
ticular with regard to cloud computing, are required to verify compliance with the
technical and organizational measures undertaken by the processor. Especially
micro, small and medium-sized enterprises can hardly fulfil this obligation, often
due to limited resources.55 Privileges for audited cloud providers could be envisaged
in this context.56 For this purpose, the respective standards need to be developed.57
It would hardly be possible to create legal certainty with regard to future exami-
nations by supervisory authorities. This reduction of responsibility might incentiv-
ise controllers to collaborate. A binding legal effect would, however, be in conflict
with the independence of supervisory authorities,58 which is stipulated in EU pri-
mary law (Article 16(2) TFEU). Audits and certification performed by supervisory
authorities or at least recognised by them could have binding effects.59 Even in this
case other national authorities would not be bound.
52
Bräutigam and Sonnleithner (2011), pp. 240, 242.
53
Heilmann and Schulz (2018), margin note 8; Hornung (2014), pp. 123, 146 ff, with regard to
social networks.
54
As is the case in the German Länder of Bremen, Mecklenburg-Vorpommern and
Schleswig-Holstein.
55
Hornung and Sädtler (2012), pp. 638, 643; AG Rechtsrahmen des Cloud Computing (2012),
p. 12 ff.
56
Currently, these privileges do not exist. As a result, existing private seals regarding commis-
sioned data processing are tainted with lacking legal certainty, see Borges and Brennscheidt
(2012), p. 68.
57
For example Lepperhoff and Jaspers (2013), p. 617; a current standard (together with a seal) was
developed in 2013 by the German associations GDD and BvD and coordinated by the Data
Protection Commissioner of Nordrhein-Westfalen (Der LfDI Nordrhein-Westfalen 2014, p. 6), for
further information see www.dsz-audit.de.
58
Wagner (2011), pp. 229, 232; Scholz (2014), margin note 15 ff.
59
On the legal situation as regards the binding effect within the GDPR framework, cf. von
Braunmühl (2016), margin note 16; Bergt (2017), margin note 27.
4.2 The Status Quo in Europe
Currently, only few normative approaches to data protection audits and certification
mechanisms exist in Europe.
4.2.1 German Law
The idea of audits as a data protection control instrument came up in Germany in the
1990s. Following up on the environmental audit, which had already been estab-
lished at the European level, the project group Constitutionally Compatible
Technology Design (provet) developed an audit concept which resulted in § 17
Mediendienstestaatsvertrag of 1997 and § 9a of the Federal Data Protection Act
(Bundesdatenschutzgesetz; BDSG) in 2001,60 the latter announcing a Federal Data
Protection Audit Act. § 9a BDSG laid the groundwork with regard to addressees and
the object of examination (distinction between product and process audit; meaning
of certification and audit); this “rough concept” was not legally binding for the
German legislator. The expectations of § 9a BDSG having at least a “politically
binding effect”61 were not met. Even though the concept met strong approval in the
scientific community,62 all subsequent implementation attempts failed. A draft bill
from 2007 which stipulated the certification by private appraisers when the legal
data protection requirements were met, was widely rejected.63 In 2009, a revised
version was supposed to be adopted as part of the amendment of the Federal Data
Protection Act.64 In this version, the competence to carry a seal was given to control-
lers, once the Federal Commissioner for Data Protection had been informed. Private
certified control authorities merely exercised an ex-post control. The standard of
control included compliance with data protection law and with guidelines, which
were to be elaborated by a data protection board. After heavy criticism from the
Federal Council (Bundesrat) (too bureaucratic, costly and intransparent
implementation)65 and from experts, the Federal Data Protection Audit Act was
deleted from the final version of the amendment. While this partly caused reactions
of incomprehension and suspicion of lobbying being involved,66 other authors
referred to “fundamental criticism” from experts.67 In particular, the possibility of
60
Roßnagel (2011), p. 275.
61
Roßnagel (2000), p. 140.
62
Scholz (2014), margin note 8 with further references.
63
See, for example, the comment by the German association DVD e.V.: Schuler (2007), pp. 181,
182: “It may be doubted […] that the voluntary certificate is already issued for compliance with
data protection law. This means, that one certifies that there is no infringement of law. Apart from
sending the wrong message, there is no additional advantage that can be gained for consumers”.
64
BT-Drs. 16/12011.
65
BT-Drs. 16/12011, 38.
66
Roßnagel (2011), p. 277.
67
Grentzenberg et al. (2009), p. 542 with further references.
provisionally carrying the seal, without anyone ever having examined the level of
data protection, was criticised. Additional points of criticism were the confirmation
of mere adherence to privacy law, high expenses for small and medium-sized enter-
prises and the narrow national perspective.68
In contrast, there were also success stories in Germany: in Schleswig-Holstein,
the responsible data protection authority (ULD) awards a quality seal based on the
Land’s data protection audit regulation to IT products that are in conformity with
data protection requirements according to accredited experts.69 A number of produc-
ers of a wide range of products has seized this opportunity.70 It has certainly been
promoted by the fact that, according to § 2 of Schleswig-Holstein’s Data Protection
Act, the state administration shall preferably use products that comply with the
regulations on data protection and data security as established by the procedure
specified by the data protection audit regulation. A similar provision exists in
Nordrhein-Westfalen, however, without an audit regulated by state law. Another less
successful example can be found in Bremen.71
In 2007 and 2008, the Schleswig-Holstein auditing formed the nucleus of the
“European Privacy Seal (EuroPriSe)”, which includes several partners from other
EU Member States.72
4.2.2 EU Law: The Data Protection Directive
Within the scope of the Data Protection Directive 95/46/EC, there are no corre-
sponding provisions. “Privacy by design” is regulated neither in a procedural nor in
a material way.73 Article 27 of the Data Protection Directive prescribes the drawing
up of codes of conduct, intended to facilitate the implementation of the directive.
The Art. 29 Working Party included the auditing in the concept of “accountability”,74
demanding more specific data protection measures. Still, there was no detailed con-
cept or system of audits,75 but merely general programme suggestions. The European
Commission took up these suggestions, classifying them as key objectives of the
data protection reform.76
68
See n 58.
69
Bäumler (2002), p. 325; Bäumler (2004), p. 80; Schläger (2004), p. 459; Hornung (2013),
pp. 181, 185; on the specific certification procedure, see Hansen (2018), p. 38 ff.
70
For further information and the list of products, see https://www.datenschutzzentrum.de/guete-
siegel/index.htm; for figures and examples see Hansen (2018), p. 42 f.
71
Holst (2014), p. 710.
72
Meissner (2008), p. 525.
73
Hornung (2011), p. 53; Kamara and De Hert (2018), pp. 7, 9.
74
With regard to this concept, see Art. 29 Working Party, WP 173 (2010); see also Hornung (2013),
p. 188 f. Art 5(2) GDPR now explicitly includes the principle, which as a link to certification, see
ENISA (2017), p. 13; Carvais-Palut (2018), p. 54 f.
75
See Art. 29 Working Party (2010), p. 9 and in particular 17 ff.
76
See COM(2010) 609 final, 12 f.
4.3 General Data Protection Regulation
4.3.1 Proposals
The European Commission adopted its proposal for a General Data Protection
Regulation on 25 January 2012. On 12 March 2014, the European Parliament
endorsed the proposal of its Committee on Civil Liberties, Justice and Home Affairs
(LIBE). The Council of the European Union released its position on 11 June 2015.
European Commission Proposal
The European Commission took up the concept of audit and certification in Article
39 of its proposal for a reform of the European data protection law.77 However, these
rules were phrased very vague. The establishment of certification mechanisms was
to be “encouraged” by Member States and the Commission. The draft lacked any
statement as to the competent authority, the procedure, applicable criteria and legal
consequences of certification. It was left completely unclear by which standards the
Commission was expected to make use of the power to adopt delegated acts and lay
down technical standards via implementing acts pursuant to Article 39(2) and (3) of
its proposal.78
Position of the European Parliament
The European Parliament—LIBE—proposal79 related to Article 39 contained more

details with regard to the standard of examination and certifying bodies. According
to Article 39(1)(a) of the proposal, mere adherence to the GDPR would have been
the examination standard. Any supervisory authority in the EU would have been
able to provide the final certification (Article 39(1)(d) of the proposal).80 Harmonised
standards would have been guaranteed by the consistency mechanism, mitigating
the risk of “dumping competition” between national authorities. Delegated acts by
the European Commission would have conferred enforceable rights on data sub-
jects, Article 39(2) of the proposal. Financial aspects—“taking into account the
administrative costs” (Article 39(1)(a)); “affordable … not unduly burdensome”
(Article 39(1)(b))—were stressed and the concept of a “European Data Protection
Seal” (Article 39(1)(e) and (f) of the proposal) was envisaged.81
77
COM(2012) 11 final.
78
Hornung and Hartl (2014), p. 223; Kamara and De Hert (2018), p. 11 f.
79
European Parliament Doc 7427/14.
80
See Kamara and De Hert (2018), p. 12 f.
81
Hornung and Hartl (2014), p. 223 f.
Position of the Council
The Council proposed to split up the provisions into two. These Articles 39 and 39a
of the proposal of the Council82 were transferred—by and large—to Articles 42 and
43 of the final version of the GDPR, although the Council did not take up Article
39(1)(b) of the LIBE proposal, which foresaw a “transparent” process.
4.3.2 Final Content of the Regulation
The GDPR contains provisions for the establishment of data protection certification
mechanisms and of data protection seals and marks in Articles 42 and 43.
General Approach
According to Article 42(1) GDPR, Member States, the supervisory authorities, the
European Data Protection Board and the Commission shall encourage, in particular
at Union level, the establishment of data protection certification mechanisms and of
data protection seals and marks, for the purpose of demonstrating compliance with
the GDPR of processing operations by controllers and processors. The GDPR itself
does not establish these mechanisms. Member States and the European authorities
mentioned above are merely encouraged to follow the mandate given by the
Regulation. This notion is stressed again in Article 57(1)(n) GDPR, according to
which each supervisory authority shall encourage the establishment of certification
mechanisms, urging supervisory authorities to actively initiate certification
schemes.83
Certification is voluntary and available via a transparent process (Article 42(3)
GDPR), leaving it to the imagination of Member States and the European authori-
ties as to what “transparent” actually means. There is no reference to financial
aspects (such as “affordable”, “unduly burdensome” in the LIBE proposal).
Pursuant to Articles 42(5) and 43(1) GDPR, certification schemes are issued
either by the supervisory authority or by private or other public bodies. According
to Article 42(7) GDPR, the certificate can be issued for a maximum period of 3 years
and may be renewed, if the relevant requirements continue to be met. The certifica-
tion bodies are accredited for a maximum period of 5 years (Article 43(4) GDPR).84
After this period, a new accreditation will be necessary.
82
Council Doc 9565/15; cf. Kamara and De Hert (2018), p. 13 and the analysis of Korff (3 October
2014), http://eulawanalysis.blogspot.nl/2014/10/warning-eu-council-is-trying-to.html.
83
Spindler (2016), pp. 407, 408; Art 70(1) lit. n) GDPR contains a similar rule with regard to the
European Data Protection Board.
84
However, supervisory authorities, which are also considered certification bodies, are not accred-
ited at all.
As per Article 43(1) GDPR, the accreditation is performed by the either the
supervisory authority and/or the national accreditation body named in accordance
with Regulation (EC) No 765/2008.85 In order to guarantee some “transparency”,
the European Data Protection Board will collate all certification mechanisms and
data protection seals and marks in a register and will make them publicly available
(Article 42(8) GDPR).86
Specific Aspects
In light of the general concept of certification and audit mechanisms mentioned

above, it is necessary to point out some specific aspects of Articles 42 and 43 GDPR,
such as the subject and the standard of examination, the certification bodies and the
legal effects.
Subject
The GDPR does not clearly differentiate between the certification of products and
the audit of processes. It is not entirely clear what exactly shall be examined87 and
what is meant by “criteria” and “requirements”.88 Article 42(1) GDPR simply refers
to data protection “certification mechanisms” for the purpose of demonstrating
compliance with the GDPR. Recital (100) of the GDPR on the other hand refers to
certification mechanisms, which allow data subjects to assess the level of data pro-
tection of relevant “products and services”. However, since only controllers and
processors are bound to demonstrate adherence with the GDPR (and neither pro-
ducers nor service providers), priority must be given to the wording of Article 42(1)
GDPR. As a result, Article 42(1) GDPR only allows for the audit of processes in
companies, government agencies etc.89
Standard of Examination
The standard of examination, as set out in Article 42(1) GDPR, is aimed at deter-
mining whether the controller or processor adheres to the regulation. Adherence to
more than what is required by the GDPR is not rewarded.90 One might argue that
85
Reg (EC) No 765/2008 setting out the requirements for accreditation and market surveillance
relating to the marketing of products [2008] OJ L 218/30, see ENISA (2017), p. 14.
86
Cf. Kamara and De Hert (2018), p. 21 f.
87
Paal (2018), margin note 6; with regard to the LIBE-proposal see Hornung and Hartl (2014),
p. 223.
88
Cf. ENISA (2017), p. 22.
89
Cf. Hornung (2017), margin notes 8 ff.; von Braunmühl (2016), margin note 7; ENISA (2017),
p. 15; against Paal (2018), margin note 7; Bergt (2017), margin note 3; Eckhardt (2017), margin
notes 31 ff.; Lepperhoff (2017), margin note 9; Raschauer (2017), margin note 23.
90
Lepperhoff (2017), margin note 26; against Bergt (2017), margin note 15; Heilmann and Schulz
(2018), margin notes 15, 34. See also ENISA (2017), pp. 14 f., 22.
this costly procedure, in particular with regard to micro, small and medium-sized
enterprises, brings no operational benefit, considering the mandatory nature of the
GDPR. Furthermore, a seal that rewards mere compliance might mislead consumers
and/or customers. However, one goal of certification mechanisms is to guarantee
legal certainty for controllers and processors and to reduce liability risks, at least in
the context of administrative fines; which is apparent from Article 83(2)(j) GDPR,
according to which adherence to approved certification mechanisms is a mitigating
factor with regard to administrative fines. This can be viewed as a certain market
incentive, even though some micro-sized enterprises might conclude that the pos-
sible costs resulting from administrative fines are more acceptable than the costs
resulting from the certification procedure. What is more, some authors argue that
Member States could in fact go beyond what is required by the GDPR with regard
to areas which do not fall under the scope of the regulation. Member States might
for example legislate that the burden of proof in civil litigation is also determined by
certification mechanisms.91 In areas however, which are explicitly regulated by the
Regulation, such as Article 83(2)(j) GDPR with regard administrative fines, Member
States are bound by the standard which the GDPR provides. This is mainly due to
the principle of effectiveness (effet utile), according to which the domestic rules of
each Member State must not render virtually impossible or excessively difficult the
exercise of rights conferred by Union law.92 Apart from this, the GDPR does not
prevent controllers and processors from voluntarily going beyond the standards set
out by the Regulation; a legal obligation to do so, however, does not exist.
A certificate shall only be issued on the basis of criteria approved by supervisory
authorities or by the European Data Protection Board. This might lead to unneces-
sary competition between national schemes approved by Member States and
schemes approved by European authorities.93 If the European Data Protection Board
approves the criteria, this may result in a common certification, the “European Data
Protection Seal”, Article 42(5) GDPR. Apparently, there is hope that this seal would
harmonize criteria and processes in the Union. In that way, it could lead to more
transparency and facilitate advertisement for data protection compliance in the
internal market. As the “European Data Protection Seal” is not mentioned elsewhere
in the Regulation, the exact benefits remain unclear though.
Pursuant to Article 43(6) GDPR, the supervisory authority has to make public
the criteria in an easily accessible form. Still, much is left to the imagination with
regard to the actual criteria.94 This uncertainty is reduced by the fact that the
European Commission is competent to adopt delegated acts for the purpose of spec-
ifying the requirements to be taken into account for the data protection certification
mechanisms. In addition, the Commission may lay down technical standards for
91
With regard to this “presumption of conformity” see Spindler (2016), p. 414.
92
See, for example, CJEU, Case C-326/96 B.S. Levez vs. T.H. Jennings (Harlow Pools) Ltd.,
ECLI:EU:C:1998:577.
93
Lachaud (2016), p. 825; the ENISA (2017), p. 23, argues for harmonized criteria across EU
Member States.
94
On the details of the process see Kamara and De Hert (2018), p. 22 ff.
certification mechanisms and data protection seals and marks by adopting imple-
menting acts, Article 43(8) and (9) GDPR. Finally, according to Article 70(1)(q)
GDPR, the European Data Protection Board may provide the Commission with an
opinion on the certification requirements referred to in Article 43(8) GDPR, which
might lead to more clarity.
If the assessed controller or processor infringes the criteria of the certificate, a
withdrawal of the certificate can either be performed by the corresponding certifica-
tion body or the competent supervisory authority. The certification body is forced to
regulate the conditions of withdrawal in its terms and conditions (according to
Article 43(2)(c) and (d)). This might lead to problems when the validity of the “cer-
tification contract” between the certification body and the controller or processor
comes to question.
Certification Bodies
According to Article 42(5) GDPR, the certificate is issued either by the competent
supervisory authority or by the private or public certification bodies referred to in
Article 43 GDPR.95 Whether this competition between public and private schemes
undermines the sustainability of private initiatives96 remains to be seen. In any case,
it raises important issues of cross-border recognition of national certifications,
which is, at least in principle, needed within the internal market.97
The private or public certification bodies are accredited by the competent super-
visory authority and/or by the national accreditation body named under Regulation
(EC) No 765/2008, in accordance with EN-ISO/IEC 17065(2012 and with the addi-
tional requirements established by the supervisory authority (Article 43(1) GDPR).98
Whether the national accreditation body or the supervisory authority are able to
accredit certification bodies on their own, is left to the discretion of Member States.
The GDPR does not contain any provisions with regard to the organization of work
between the national accreditation body and the supervisory authority. What is
more, the Regulation does not specify whether the accreditation process led by the
supervisory authority also has to be in accordance with Regulation (EC) No
765/2008 and in accordance with EN-ISO/IEC 17065/2012. This could lead to con-
fusion with regard to the quality of accreditation and raise consistency issues.99
Before issuing the certificate, the certification body must inform the supervisory
authority and provide it with the reasons for granting or withdrawing the requested
certificate, Article 43(1) and (5) GDPR. Pursuant to Article 58(2)(h), each
supervisory is entitled to order the certification body not to issue a certificate if the
95
It is frequently argued that the supervisory authorities should not take up this role, as this could
come into conflict with their supervisory functions (cf. ENISA 2017, p. 25). In the German exam-
ple of Schleswig-Holstein (cf. Sect. 4.2.1) however, this conflict has not appeared.
96
See Lachaud (2016), p. 825.
97
See ENISA (2017), p. 24 f.; Kamara and De Hert (2018), p. 20 f.
98
ENISA (2017), pp. 11, 15; cf. Kamara and De Hert (2018), p. 18 ff. on different models.
99
See Lachaud (2016), p. 818.
certification requirements are not or no longer met.100 This process enables the
supervisory authority to effectively exercise its (control) powers (e.g. by revoking a
certificate issued by the certification body). The national accreditation body, how-
ever, does not need to be informed, since it cannot revoke or grant certificates.
In order to be accredited, the private or public certification body must have an
“appropriate level of expertise” in relation to data protection (Article 43(1) GDPR).
Furthermore, an accreditation shall only be issued if the certification body fulfils the
requirements referred to in Article 43(2) GDPR. This includes, for example, the
demonstration of independence and the establishment of procedures for the issuing,
periodic review and the withdrawal of data protection certificates, seals and marks.
Although the GDPR does not explicitly state this, prior consultation services per-
formed by the certification body may compromise its independence, since no one
can judge and be judged at the same time.101
The competent supervisory authority or the European Data Protection Board
approve criteria that are the basis for the accreditation of these certification bodies,
Article 43(3) GDPR. This however does not necessarily imply the simultaneous
existence of accreditation criteria at the national as well as at the European level.
The coordination and dispute resolution processes envisioned in Articles 64(1)(c)
and 65(1)(c) GDPR are aimed to reduce complexity and guarantee harmonized cri-
teria, which may encourage especially micro and small sized enterprises to apply
for the certification mechanisms.102
Pursuant to Article 43(4) GDPR, the accreditation issued is valid for a maximum
period of 5 years and can be renewed. The certification bodies are responsible for
the proper assessment leading to the certificate or the withdrawal of such. The
accreditation can be revoked if the conditions for the accreditation are not, or are no
longer, met or if actions taken by the certification body infringe the GDPR.103
Legal Effects
The certification does not reduce the responsibility of the controller or the processor
for compliance with the GDPR and is without prejudice to the tasks and powers of
the supervisory authorities, pursuant to Article 42(4) GDPR.104 The same is
expressed in Article 58(2)(h) GDPR, which states that each supervisory authority
can withdraw a certificate or order the certification body to withdraw a certificate
issued or order the certification body not to issue a certificate if the requirements for
the certification are not or are no longer met. This approach, however, may lead to
inconsistencies with regard to the principle that administrative authorities are bound
by their own acts. The wording of Article 58(2)(h) GDPR seems to assume that this
100
101
Bergt (2017), margin note 7; Lepperhoff (2017), margin note 8; Spindler (2016), p. 409.
102
See also ENISA (2017), p. 23 f.
103
Heilmann and Schulz (2018), margin notes 21 f.; Bergt (2017), margin notes 14 f.; Spindler
(2016), p. 412.
104
Cf. Kamara and De Hert (2018), p. 24 ff.
principle is not applicable with regard to the withdrawal of certificates.105 As a

result, the above-mentioned principle needs to be read into Article 58(2)(h) GDPR
in order to avoid inconsistencies with primary EU law.
There is no priority treatment in public procurement, as implemented in § 2 of
Schleswig-Holstein’s Data Protection Act. Here, the European legislator missed an
opportunity to incentivise the use of data protection seals and marks, in particular in
the private sector. There is however an indirect link: according to recital (78), the
principles of data protection by design and by default should be taken into consid-
eration in the context of public tenders. As certification mechanisms may be used to
demonstrate compliance with these principles (Article 25(3) GDPR), there is a cer-
tain incentive for their use.
Nevertheless, the certification mechanisms mentioned in Articles 42 and 43
GDPR also do have legal consequences.
Firstly, adherence to approved certification mechanisms is a mitigating factor
with regard to administrative fines, according to Article 83(2)(j) GDPR.106
Secondly, numerous provisions within the GDPR refer to certification mecha-
nisms when compliance with certain obligations is relevant.107 An approved certifi-
cation mechanism may, for example, be used as an element to demonstrate
compliance with the requirements for data protection by design and by default,
according to Article 25(3) GDPR. An approved certification can also be an element
by which a processor can demonstrate compliance with the GDPR, Article 28(5)
GDPR; which is particularly relevant for cloud computing. Adherence to the
requirements of IT security can also be demonstrated through an approved certifica-
tion mechanism, pursuant to Article 32(3) GDPR.
Lastly, the application of “appropriate safeguards” required for the transfer of
personal data to a third country can be demonstrated by an approved certification
mechanism, although only together with binding and enforceable commitments of
the controller or processor in the third country to apply the appropriate safeguards,
including as regards data subjects’ rights, pursuant to Articles 46(2)(f) and 42(2)
GDPR.108 This facilitates the enforcement of European data protection standards
beyond the EU, although it could be difficult or even impossible for the accredita-
tion body to exercise its control over the certification body in third countries.
105
Spindler (2016), p. 413.
106
Cf. Bergt (2017), margin notes 4, 31; Kamara and De Hert (2018), p. 25 f. This however could
discriminate against those micro and small-sized businesses which cannot “afford” to be certified;
in this context see Lachaud (2016), p. 820.
107
See Heilmann and Schulz (2018), margin notes 43 f.; Paal (2018), margin note 9; Bergt (2017),
margin notes 2, 28; Lepperhoff (2017), margin note 4; Will (2017), margin note 5; von Braunmühl
(2016), margin note 14; Kamara and De Hert (2018), p. 26 ff.
108
5 Conclusions
The European legislator has developed a system of certification mechanisms, which

is limited to demonstrate mere compliance and sometimes duplicates responsibili-
ties of public and private bodies. However, it would be premature to state that this
certification process is bound to fail. As shown above, the concrete implementation
of the certification system is left to Member States and the European authorities. It
is therefore necessary to wait for the implementing acts, which should be based on
lessons learnt from existing certification schemes,109 as well as from trustmarks in
other areas of consumer protection.110 What is more, Member States could in fact
strengthen audit and certification schemes by going beyond the standard of the
GDPR in areas that do not fall under the scope of the regulation. Companies, when
facing the risk of high administrative fines, will certainly consider and most proba-
bly accept the costs of an evaluation if this can mitigate possible sanctions. The
same applies in areas where controllers and processors strongly need new ways to
demonstrate compliance with the new rules, for example in cloud computing appli-
cations. Harmonized standards with regard to privacy seals and marks could in fact
lead to the extinction of meaningless labels. In the end, this form of “transparency”
alone would mean significant progress.
References
AG Rechtsrahmen des Cloud Computing. (2012). Datenschutzrechtliche Lösungen für

Cloud Computing. http://www.tcdp.de/data/pdf/01_Thesenpapier_Datenschutzrechtliche-
Loesungen-fuer-Cloud-Computing.pdf
Art. 29 Working Party, WP 173. (2010). Opinion 3/2010 on the principle of accountability. http://
ec.europa.eu/justice/policies/privacy/docs/wpdocs/2010/wp173_en.pdf
Balboni, P., & Dragan, T. (2018). Controversies and challenges of trustmarks: Lessons for privacy
and data protection seals. In R. Rodrigues & V. Papakonstantinou (Eds.), Privacy and data
protection seals (p. 83). Berlin, Germany: Springer.
Barnard-Wills, D. (2018). The potential for privacy seals in emerging technologies. In R. Rodrigues
& V. Papakonstantinou (Eds.), Privacy and data protection seals (p. 113). Berlin, Germany:
Springer.
Bäumler, H. (2002). Marktwirtschaftlicher Datenschutz. Datenschutz und Datensicherheit, 325.
Bäumler, H. (2004). Ein Gütesiegel für den Datenschutz. Datenschutz und Datensicherheit, 80.
Bergt, M. (2017). ‘Art. 41’, ‘Art. 42’ and ‘Art. 43’. In J. Kühling & B. Buchner (Eds.), DS-GVO.
Munich, Germany: C.H. Beck.
Bird & Bird. (2016). Guide to the general data protection regulation. https://www.twobirds.
com/~/media/pdfs/gdpr-pdfs/bird%2D%2Dbird%2D%2Dguide-to-the-general-data-protec-
tion-regulation.pdf?la=en
109
See in particular the lessons learnt from the example of Schleswig-Holstein, Hansen (2018),
p. 44 ff.; see also Carvais-Palut (2018).
110
On this perspective and the possibilities to transfer concepts and experiences in the area of data
protection, see Balboni and Dragan (2018), p. 83 ff.
Bock, K. (2016). Data protection certification: Decorative or effective instrument? Audit and seals
as a way to enforce privacy. In D. Wright & P. De Hert (Eds.), Enforcing privacy regulatory.
Legal and technological approaches (p. 335). Heidelberg, Germany: Springer.
Borges, G., & Brennscheidt, K. (2012). Rechtsfragen des Cloud Computing – ein Zwischenbericht.
In G. Borges & J. Schwenk (Eds.), Daten- und Identitätsschutz in Cloud Computing,
E-Government und E-Commerce (1st ed., p. 43). Berlin, Germany: Springer.
Bräutigam, P., & Sonnleithner, B. (2011). Stiftung Datenschutz – Ein Schritt in die richtige
Richtung. Anwaltsblatt, 240.
Carvais-Palut, J. (2018). The French privacy seal scheme: A successful test. In R. Rodrigues
& V. Papakonstantinou (Eds.), Privacy and data protection seals (p. 49). Berlin, Germany:
Springer.
Cavoukian, A., & Chibba, M. (2018). Privacy seals in the USA, Europe, Japan, Canada, India and
Australia. In R. Rodrigues & V. Papakonstantinou (Eds.), Privacy and data protection seals
(p. 59). Berlin, Germany: Springer.
Der LfDI Nordrhein-Westfalen. (2014). Datenschutzsiegel in Nordrhein-Westfalen. Datenschutz
und Datensicherheit, 6.
Dieterich, T. (2016). Rechtsdurchsetzungsmöglichkeiten der DS-GVO Einheitlicher Rechtsrahmen
führt nicht zwangsläufig zu einheitlicher Rechtsanwendung. Datenschutz und Datensicherheit
ie, 260.
Eckhardt, J. (2017). Art. 42. In H. Wolff & S. Brink (Eds.), BeckOK Datenschutzrecht (22nd ed.).
European Union Agency For Network and Information Security (ENISA). (2013). On the
security, privacy and usability of online seals. https://www.enisa.europa.eu/publications/
on-the-security-privacy-and-usability-of-online-seals
European Union Agency For Network and Information Security (ENISA). (2017).
Recommendations on European data protection certifications. https://www.enisa.europa.eu/
publications/recommendations-on-european-data-protection-certification
Feik, S., & von Lewinski, K. (2014). Der Markt für Datenschutz-Zertifizierungen. Zeitschrift für
Datenschutz, 59.
Grentzenberg, V., Schreibauer, M., & Schuppert, S. (2009). Die Datenschutznovelle (Teil II).
Kommunikation und Recht, 535.
Hammer, V., & Schuler, K. (2007). Cui bono? – Ziele und Inhalte eines Datenschutz-Zertifikats.
Datenschutz und Datensicherheit, 77.
Hansen, M. (2018). The Schleswig-Holstein data protection seal. In R. Rodrigues &
V. Papakonstantinou (Eds.), Privacy and data protection seals (p. 35). Berlin, Germany:
Springer.
Heilmann, S., & Schulz, W. (2018). ‘Art. 42’ and ‘Art. 43’. In S. Gierschmann, K. Schlender,
R. Stentzel, & W. Veil (Eds.), Kommentar Datenschutz-Grundverordnung. Cologne, Germany:
Bundesanzeiger Verlag.
Holst, S. (2014). Bremische Datenschutzauditverordnung in Kraft. Datenschutz und
Datensicherheit, 710.
Hornung, G. (2011). Eine Datenschutz-Grundverordnung für Europa?. Zeitschrift für Datenschutz,
51.
Hornung, G. (2013). Regulating privacy enhancing technologies: Seizing the opportunity of the
future European Data Protection Framework. Innovation The European Journal of Social
Science Research, 26, 181.
Hornung, G. (2014). Europa und drüber hinaus – Konzepte für eine Neuregelung des Datenschutzes
im Internet und in sozialen Netzwerken. In H. Hill & U. Schliesky (Eds.), Die Neubestimmung
der Privatheit (p. 123). Baden-Baden, Germany: Nomos.
Hornung, G. (2015). Grundrechtsinnovationen. Tübingen, Germany: Mohr Siebeck.
Hornung, G. (2017). Art. 42. In M. Eßer, P. Kramer, & K. von Lewinski (Eds.), DSGVO BDSG (5th
ed.). Cologne, Germany: Carl Heymanns Verlag.
Hornung, G., & Hartl, K. (2014). Datenschutz durch Marktanreize – auch in Europa? Stand der
Diskussion zu Datenschutzzertifizierung und Datenschutzaudit. Zeitschrift für Datenschutz,
219.
Hornung, G., & Sädtler, S. (2012). Europas Wolken – Die Auswirkungen des Entwurfs für eine
Datenschutz-Grundverordnung auf das Cloud Computing. Computer und Recht, 638.
Hornung, G., & Schnabel, C. (2009). Data protection in Germany I: The population census deci-
sion and the right to informational self-determination. Computer Law & Security Review, 25,
84.
Kamara, I., & De Hert, P. (2018). Data protection certification in the EU: Possibilities, actors
and building blocks in a reformed landscape. In R. Rodrigues & V. Papakonstantinou (Eds.),
Privacy and data protection seals (p. 7). Berlin, Germany: Springer.
Korff, D. (2014, October 3). Warning: The EU council is trying to undermine privacy seals (and
through this, the General data protection regulation). EU Law Analysis Blog. http://eulawanaly-
sis.blogspot.nl/2014/10/warning-eu-council-is-trying-to.html
Kühling, J. (2007). Datenschutz in einer künftigen Welt allgegenwärtiger Datenverarbeitung –
Aufgabe des Rechts? Die Verwaltung, 40, 153.
Kühling, J., & Martini, M. (2016). Die Datenschutz-Grundverordnung: Revolution oder Evolution
im europäischen und deutschen Datenschutzrecht? Europäische Zeitschrift für Wirtschaftsrecht,
448.
Kühling, J., Martini, M., Heberlein, J., Kühl, B., Nink, D., Weinzierl, Q., et al. (2016). Die
Datenschutz Grundverordnung und das nationale Recht. Münster, Germany: Monsenstein und
Vannerdat.
Lachaud, E. (2016). Why the certification process defined in the General Data Protection Regulation
cannot be successful. Computer Law & Security Review, 32, 814–826.
Lepperhoff, N. (2017). Art. 42. In P. Gola (Ed.), DS-GVO. Munich, Germany: C.H. Beck.
Lepperhoff, N., & Jaspers, A. (2013). Neuer Datenschutzstandard DS-BvD-GDD-01 mit passen-
dem Gütesiegel. MultiMedia und Recht, 617.
Meissner, S. (2008). Zertifizierungskriterien für Datenschutzgütesiegel EuroPriSe. Datenschutz
und Datensicherheit, 525.
Paal, B. (2018). Art. 42. In B. Paal & D. Pauly (Eds.), Datenschutz-Grundverordnung
Bundesdatenschutzgesetz (2nd ed.). Munich, Germany: C.H. Beck.
Raschauer, N. (2017). Art. 42. In G. Sydow (Ed.), Europäische Datenschutzgrundverordnung.
Baden-Baden, Germany: Nomos.
Roßnagel, A. (1997). Datenschutzaudit. Datenschutz und Datensicherheit, 505.
Roßnagel, A. (2000). Datenschutzaudit. Wiesbaden, Germany: Springer.
Roßnagel, A. (2007). Datenschutz in einem informatisierten Alltag. Berlin, Germany:
Friedrich-Ebert-Stiftung.
Roßnagel, A. (2011). Datenschutzaudit – ein modernes Steuerungsinstrument. In L. Hempel,
S. Krasmann, & U. Bröckling (Eds.), Sichtbarkeitsregime (1st ed., p. 277). Wiesbaden,
Germany: Springer.
Schantz, P. (2016). Die Datenschutz-Grundverordnung – Beginn einer neuen Zeitrechnung im
Datenschutzrecht. Neue juristische Wochenschrift, 1841.
Schläger, U. (2004). Gütesiegel nach Datenschutzauditverordnung Schleswig-Holstein.
Datenschutz und Datensicherheit, 459.
Scholz, P. (2014). § 9a BDSG. In S. Simitis (Ed.), Bundesdatzenschutzgesetz (8th ed.). Baden-
Baden, Germany: Nomos.
Schuler, K. (2007). Stellungnahme zum Bundesdatenschutzauditgesetz vom 7. September 2007.
Datenschutznachrichten, 181.
Schwartmann, R., & Weiß, S. (2016). Ko-Regulierung vor einer neuen Blüte (Teil 1). Recht der
Datenverarbeitung, 68.
Spindler, G. (2016). Selbstregulierung und Zertifizierungsverfahren nach der DS-GVO Reichweite
und Rechtsfolgen der genehmigten Verhaltensregeln. Zeitschrift für Datenschutz, 407.
von Braunmühl, P. (2016). Art. 42. In K. Plath (Ed.), BDSG DSGVO (2nd ed.). Cologne, Germany:
Otto Schmidt.
Waelbroeck, P. (2018). An economic analysis of privacy seals. In R. Rodrigues & V. Papakonstantinou
(Eds.), Privacy and data protection seals (p. 133). Berlin, Germany: Springer.
Wagner, E. (2011). Bundesstiftung Datenschutz - Chancen? Grenzen! Eine Erwiderung
auf Piltz/Schulz, Stiftung Datenschutz - moderner Datenschutz neu gedacht. Recht der
Datenverarbeitung, 229.
Weichert, T. (2010). § 9a. In W. Däubler, T. Klebe, P. Wedde, & T. Weichert (Eds.),
Bundesdatenschutzgesetz (3rd ed.). Frankfurt am Main, Germany: Bund-Verlag.
Will, M. (2017). Art. 42. In E. Ehmann & M. Selmayr (Eds.), Datenschutz-Grundverordnung.
Windmann, J. (2010). Der Verifikateur und der Aufsichtsbeamte als zentrale Elemente des
Sachverständigen-Vollzugsmodells im Technikrecht. Die öffentliche Verwaltung, 396.
Can Certification Enhance the Feasibility
of Insurance?
Miranda P. M. Meuwissen
1 Introduction
Insurance of agricultural risks is often not feasible because actors in food and agri
supply chains have a big influence on the size of risk. For instance, the majority of
animal feed crises were linked to human mistakes or fraud in the animal feed ingre-
dient sectors.1 Also, widespread losses due to animal and plant epidemics are largely
influenced by the pace at which reporting and loss mitigation measures are enforced
and implemented.2 Although insurance companies attempt to capture insureds’ risk
behaviour in the process of underwriting,3 there are often high transaction costs
involved.4 Using the certified status to map the risk profile of e.g. a farm or feed
company, may reduce costs of underwriting.
Since major feed and food crises in the early 2000s, number and scope of certifi-
cation schemes have grown enormously and companies increasingly use certifica-
tion as a tool to demonstrate good practice and due diligence. Along with this,
literature has covered multiple issues related to certification, including costs of
implementation and auditing, and impact on the size of risk.5 The functionality of
certification as a tool to increase trust among businesses, and between business and
1
See Meuwissen et al. (2009), p. 878.
2
See Breukers et al. (2008), p. 137; Meuwissen et al. (2003), p. 305; Meuwissen et al. (2013),
p. 10.
3
See Rejda (1998).
4
See Meuwissen et al. (2001), p. 343.
5
See, e.g., Valeeva et al. (2006), p. 511, for feed safety risks in dairy chains; Tufa et al. (2010),
p. 537, regarding yield risks of potato production.
M. P. M. Meuwissen (*)
Business Economics Group, Department of Social Sciences, Wageningen University,
Wageningen, The Netherlands
e-mail: miranda.meuwissen@wur.nl

https://doi.org/10.1007/978-3-030-02499-4_6
134 M. P. M. Meuwissen
consumers was discussed by among others Trienekens et al.6 Evidence on the oppor-
tunities of certification schemes for financial institutions, such as insurance compa-
nies, is however scarce. It is timely to address this topic, as currently insurance
companies explore various alternatives to deal with the behavioural component of
agricultural risks. Such alternatives (e.g. remote sensing and index-based contracts)
might be less cost-effective than the use of well-established and institutionalised
certification schemes.
This chapter aims to explore the role of certification for insurance schemes cov-
ering agricultural risks. Section 2 first elaborates on the key issues hampering the
insurability of risks and the potential role certification could play. Section 3 presents
three cases on agricultural risks, and the potential role of certification herein: (1)
liability insurance for animal feed industries, (2) epidemic disease insurance for
farmers, and (3) liability insurance for the horse business. Based on the case study
findings, Sect. 4 comprises the discussion and conclusions.
2 T
wo Key Factors Determining the Insurability of Risks
and the Potential Role of Certification
2.1 Key Factors of Insurability
Insurance is based on the concept of pooling. The principle of pooling is that by

combining independent losses in a pool, the expected amount of losses stays the
same, but variance decreases.7 In addition, if the pool consists of large numbers of
independent risks, relative variation of actual loss from average loss further
decreases (law of large numbers) and the party that pools the risk is able to more
accurately predict average losses and the amount of money (insurance premium)
needed for dealing with these losses.8 Two issues are problematic when pooling
losses: asymmetric information between the insurer and the insured, and correlation
of risks across insureds (so-called systemic risks).
Asymmetric information includes moral hazard and adverse selection. In case of
adverse selection, exposure units most at risk buy more insurance than others but the
extent to which this happens may not be known a priori to the insurer. With moral
hazard, exposure units change their behavior in a manner not predicted by the
insurer after having bought an insurance (e.g. by becoming more careless). Problems
of asymmetric information can lead to established premiums being insufficient to
cover the losses.9 To cope with adverse selection, insurers generally impose an obli-
gation of disclosure in the insurance contract, requiring the insured to tell them of
6
Trienekens et al. (2012), p. 55.
7
Harrington and Niehaus (1999).
8
See Rejda (1998).
9
See Harrington and Niehaus (1999).
Can Certification Enhance the Feasibility of Insurance? 135
Table 1 Potential contribution of certification to deal with problems of adverse selection, moral
hazard and systemic risk
How certification could contribute
Adverse – As an eligibility criterion to access the insurance
selection – As part of the risk classification used for premium differentiation
Moral hazard – Through monitoring the risk behaviour of insureds through regular audits
– Through certification institutes delivering expert knowledge for loss
adjustment
Systemic risk – Through standards on tracking and tracing
– Through standards including incentives for rapid disclosure
any factors that may lead to above normal risk. Based on such information, insureds
are classified and premiums are differentiated for different classes of risk. Moral
hazard is traditionally coped with through imposing deductibles and co-payments,
implying that part of the loss is paid by insureds themselves.
The second problematic factor when pooling risk is the extent to which risks are
stochastically independent. If systemic (i.e. positively correlated) risks are pooled,
the variance of losses decreases less compared to the pooling of independent risks.
Many agricultural risks are somewhat positively correlated due to e.g. extreme
weather events affecting large regions, and contagious plant and animal diseases
rapidly spreading across farms.10 Insurance companies respond to the systemic
nature of risk by limiting insurance cover, and including catastrophic loadings in
premium rates.11
2.2 Potential Role of Certification
Although insurance tools, such as risk classification and use of catastrophic load-
ings, are generally considered effective, well designed certification schemes could
serve as an additional mechanism to deal with the above described problems.
Table 1 summarises potential contributions of certification.
3 Selected Cases
Cases have been selected in the area of risks which are difficult to insure, among
others for the reasons mentioned in the previous section. Each case includes a short
description of the risk, the case study approach, and results. All cases are situated in
the Netherlands.
10
See Meuwissen et al. (2003).
11
See Rejda (1998).
3.1 Case 1: Liability Insurance for Animal Feed Companies
Risk Animal feeds form a major link in the animal production chain: they have a
direct influence on the quality and safety of food of animal origin. Consumers of
meat, milk and eggs expect industry and retail to supply safe, high-quality products.
The government has therefore established stringent rules in the animal feed legisla-
tion which guarantee the quality of animal feeds and consequently the quality of
meat, milk and eggs. Companies in the animal feed sector may voluntarily go a step
further by producing according to the certifiable GMP+ (Good Manufacturing
Practice) standard. This standard applies to producers of and traders in compound
feeds, animal feeds, premixes and additives as well as transport, storage and trans-
shipment, cultivation, storage and livestock farms. Yet a further deepening of the
GMP+ standard is the SecureFeed standard which includes systematic screening of
animal feed ingredient suppliers. Despite the various preventive measures, experts
expect a contamination to occur on average once per 5-year period.12
Case Study Approach Conjoint analysis13 was used to elicit the opinion of experts
about the contribution of six factors to losses from animal feed crises. So-called
profiles, each consisting of a combination of these factors with its different levels,
were evaluated by animal feed experts. The outcomes of the evaluation explain the
impact of these factors on contamination risk (and, therefore, liability risk) of ani-
mal feed companies in the Netherlands. The six factors were selected through a lit-
erature review on factors associated with the size of losses from animal feed
contaminations.14 Factors include Type of animal feed, whereby compound feed is
considered as more risky than wet feed; Supply to the US, with supplying to the US
being regarded as risky due to the US claiming culture; Company size, with higher
risks being attributed to large industries; Separated production lines, with a strong
preference for separated lines especially for chemical risks; Certified quality assur-
ance, for which Securefeed is regarded as more advanced than GMP+; and Farm
types supplied, whereby literature distinguishes between reproduction and meat
farms (without clear expectations on the farm type generating highest losses).
Selected factors and distinct levels per factor are shown in Table 2.
In spring 2008, questionnaires were sent to 28 quality managers of major animal
feed companies in the Netherlands. A cover letter explained the aim of the survey,
i.e. to identify feed industry’s risk profiles to be used in insurance schemes covering
damage of feed crises. Experts evaluated conjoint profiles on a scale from 1 (very
low preference) to 7 (very high preference). After 1 month 14 questionnaires were
returned and used for further analyses. Experts represent 14 compound feed produc-
ers from which 2 are also engaged in wet feed. Furthermore, most (i.e. 12) are from
12
See van Asseldonk et al. (2011), p. 169.
13
Rao (2013).
14
Valeeva et al. (2006), Meuwissen et al. (2009) and van Asseldonk et al. (2011).
Table 2 Perceived importance of factors related to liability risk of animal feed companies in the
Netherlands (n = 14)
Relative importance of
Factors Distinct levels per factora factors (%)
Type of animal feed – Compound feed, i.e. pelleted feed for 32
livestock*
– Wet feed, i.e. by-products of food processing
industry e.g. wheat starch
Export to US – Yes 30
– No*
Certified quality – GMP+ 12
assurance – GMP+ and SucureFeedb,*
Separated – Separated production lines* 11
production lines – No separation of production lines
Company size – Large: >100,000 ton kg per year 8
– Small: <100,000 ton kg per year*
Farm types – Reproduction farms, i.e. farms with sows, 7
supplied dairy cattle, or laying hens*
– Meat farms, i.e. farms with hogs, beef cattle,
or broilers
100
a
Asterisks indicate most preferred level per factor
b
When carrying out the survey, SecureFeed was called ‘TrusQ’
large companies producing more than 100,000 ton kg of animal feed per year.
During the survey period, no animal feed crises occurred.
Results Among the six factors contributing to the size of contamination and liabil-
ity risk, type of animal feed and export to the US are perceived as most important
with relative importance scores of 32% and 30% respectively (shown in last column
of Table 2). Certification is regarded as the third most relevant factor (relative
importance of 12%), thereby being perceived as more important than the separation
of production lines (11%), company size (8%) and farm types supplied (7%).
Looking more closely into the preferred levels per factor, they are all as hypothe-
sised in literature, except the higher preference for compound feed. This probably
relates to the unbalanced sample with most experts representing compound feed
industries.
Regarding the importance of certification, results illustrate that certified quality
assurance is perceived as a relatively important factor determining the size of liabil-
ity risk. Insurance companies could therefore, for instance, consider certification as
eligibility criterion for liability insurance, or differentiate premiums based on the
type of certification (e.g. with lower premiums for SecureFeed certified
companies).
Table 3 Epidemic disease insurance schemes in the Netherlands and reference to certified and
non-certified standards
Certified
Mutual Sector Disease risk covered standards Non-certified standards
Avipol Broilers Salmonella; Integrated –
(rearing, mycoplasma; hysteria Chain Control
breeding) (IKB) Chickens
Potatopol Potatoes Brownrot; ringrot; –b Phytosanitary code of
PSTVd (potato good practice
spindle tuber viroid)
Ovipola Sheep and Scrapie –b –c
goats
Q-pola Greenhouse Quarantine organisms –b Phytosanitary code of
crops good practice, and
additional rules in case of
import
Porcopola Sows Aujeszky’s disease; –b –c
foot and mouth
disease; swine fever
a
Ceased due to lack of participation in 2003 (Ovipol), 2004 (Q-pol, and 2012 (Porcopol)
b
Certified standards are available but they are not referred to in the insurance contracts
c
Insurance contracts refer to general rules of risk prevention
3.2 Case 2: Epidemic Disease Insurance for Farmers
Risk Outbreaks of plant and livestock diseases can have large financial conse-
quences for farmers involved.15 Typically, governments bear direct costs of destroy-
ing infected plants and animals, but consequential losses due to e.g. business
interruption are taken by farmers. For most sectors, consequential loss insurance is
only available through mutuals.16
Approach In order to assess the role of certification in mutuals covering epidemic

disease risk, a structured assessment was carried out with regard to underwriting
criteria. All mutuals existing in the past 20 years were included in the analysis (3
related to livestock, and 2 related to plants), including those which were ended (3 in
total), as shown in Table 3. As some of the mutuals refer to non-certified good farm-
ing practices and standards also these were considered in the assessment.
Results Results of the assessment show that all mutuals mention risk prevention
measures in their contract specifications (columns 4 and 5 of Table 3). However,
only Avipol is based on a certified standard, i.e. Integrated Chain Control (IKB)
Chickens. It uses IKB Chicken as eligibility criterion, i.e. only IKB certified farms
can become a member of the mutual. The other mutuals refer to codes of good
15
See Breukers et al. (2008) and Meuwissen et al. (2003).
16
See Meuwissen et al. (2013).
p ractices (Potatopol, Q-pol) or define general rules of risk prevention (Ovipol and
Porcopol), but apparently choose not to use the certifiable standards. A possible
reason explaining the importance of certification for Avipol might be their focus on
high-value stages of the chain (i.e. rearing and breeding stages) for which business
continuity highly depends on disease prevention. Other mutuals address mainstream
farming. These mutuals might have preferred low entry barriers, e.g. to attract a
large pool of farmers.
3.3 Case 3: Liability Insurance for the Horse Business
Risk Due to substantial growth of the horse business sector, there are relatively
many accidents with severe bodily injuries.17 Due to this growth and the wide vari-
ety of the sector, i.e. including horse riding stables, breeders and farmers providing
for pension stables, insurance companies face difficulties in estimating the size of
liability risk related to bodily injuries. In 2002, a safety certificate for the horse busi-
ness (SVP) was introduced, mainly focusing on mitigating the risk of bodily
injuries.
Approach In order to analyse the risk management situation in certified versus non-
certified horse businesses, a structured questionnaire was developed in 2011 and
sent to 240 randomly selected horse businesses from the yellow pages covering the
whole of the Netherlands. The questionnaire included a variety of risk factors and
risk management strategies and was pretested by a veterinarian, an insurance expert,
and an employee of the Dutch horse riding federation. Response was stimulated
through two rounds of reminders and by indicating that three €25-vouchers would
be allotted among respondents. In total, 35 questionnaires were returned, of which
33 could be used for further analyses, including riding stables (18), horse breeders
(7), pension stables (7), and one other type of horse business. Business were rela-
tively large as the average number of horses was 35.8, compared to an average in the
Netherlands of 9 horses per business. In total, there were 15 SVP certified busi-
nesses, fairly equally distributed across business types. A Chi-square test of homo-
geneity of responses was used to make statistical inferences about the variation in
responses among certified and non-certified groups.18
Results Table 4 shows the 10 risk management strategies related to risk of bodily
injuries. For most strategies, certified business indicate more frequently to ‘always’
implement them, especially strategies related to emergency staff and planning, and
proficiency of staff. However, also the non-certified businesses show to care about
risk management, e.g. with regard to rules for outdoor riding. Due to the sincere
attention for risk management in both groups, SVP certification does not seem to be
17
Hitchens et al. (2010), p. 693.
18
Pashaei Kamali et al. (2014), p. 949.
Table 4 Application of risk management strategies related to liability risks by certified and non-
certified horse businesses in the Netherlandsa,b
Certified (n = 15)c Non-certified (n = 18)c
Risk management Never Sometimes Alwaysd Never Sometimes Alwaysd
strategies (%) (%) (%) (%) (%) (%)
Member of farm 64 7 29 50 17 33
assistance service
Risk analysis of working 21 29 50 53 27 20
environment
Safety instructions for 14 21 64 25 25 50
employees
Availability of emergency 7 0 93 6 29 65
staff*
Availability of emergency 0 7 93 38 25 38
plan**
Proficient staff in stables 0 13 87 7 13 80
Proficient staff for training 7 0 93 0 7 93
Active matching of horse 0 20 80 0 38 63
and horse riders
Outdoor riding with 31 0 69 0 18 82
horses familiar to (large)
traffic*
Outdoor riding with 23 23 54 9 9 82
supervision
a
Certification refers to the SVP safety certification for horse business
b
Asterisks indicate significant differences between certified and non-certified stables at P < 0.10
(*) and P < 0.05 (**) levels
c
Percentages refer to percentage of respondents who indicated ‘never’, ‘sometimes’, or ‘always’
d
Top 3 strategies are in bold
a fair instrument to be used as eligibility criterion, but might well be considered for
risk classification purposes.
4 Discussion and Conclusions
From the various potential contributions of certification sketched in Sect. 2, cases

mostly dealt with certification as a tool to deal with adverse selection. For instance,
in the animal feed case, GMP+ and FeedSecure were perceived as relatively impor-
tant factors determining the size of losses, making them potentially suitable as eli-
gibility or risk classification criteria. In the epidemic disease case, one of the mutuals
already used Integrated Chain Control (IKB) Chickens for eligibility purposes. In
the third case, i.e. the horse business case, the SVP certificate was not advocated as
eligibility criterion but could play a role in risk classification. Cases did not provide
information regarding the use of certification as a tool to deal with moral hazard and
systemic risks.
In order to utilise the synergies between certification and insurance, certification

schemes must fulfil a number of requirements. A key condition is the issuing of the
certificate by a reliable certification institute. For instance, for insurers, risk classi-
fication is only effective if risk classes are robust. A second factor is regular updat-
ing of the standards underlying certification schemes in order to include new insights
on hazards and latest technologies. This warrants that audits by certification insti-
tutes and insured risks are on the same line.
Overall, based on the opportunities of certification to deal with adverse selection,
moral hazard and systemic risks, and the illustrative cases provided, it can be con-
cluded that certification has potential to enhance the feasibility of insurance. For
instance, certification can be used as eligibility criterion, whereby insurance is only
provided to certified business, or as part of risk classification by reducing premium
levels for certified businesses. Further research should reveal empirical evidence in
the area of moral hazard and systemic risk. Based on these findings, as well as the
similar interest of certification institutes and insurance companies (i.e. a profound
monitoring and mapping of a business’ risk behaviour), it is recommended that
insurance companies further exploit opportunities of certification as part of insur-
ance design.
References
Breukers, A., Mourits, M. C. M., van der Werf, W., & Oude Lansink, A. G. J. M. (2008). Costs and
benefits of controlling quarantine diseases: A bio-economic modeling approach. Agricultural
Economics, 38, 137.
Harrington, S. E., & Niehaus, G. R. (1999). Risk management and insurance. Boston: Irwin
McGraw-Hill.
Hitchens, P. L., Blizzard, C. L., Jones, G., Day, L., & Fell, J. (2010). Predictors of race-day jockey
falls in flat racing in Australia. Occupational and Environmental Medicine, 67, 693.
Meuwissen, M. P. M., Assefa, T., & van Asseldonk, M. A. P. M. (2013). Supporting insurance in
European agriculture; Experience of mutuals in the Netherlands. EuroChoices, 12(3), 10.
Meuwissen, M. P. M., Hardaker, J. B., Huirne, R. B. M., & Dijkhuizen, A. A. (2001). Sharing risks
in agriculture: Principles and empirical results. NJAS Wageningen Journal of Life Science, 49,
343.
Meuwissen, M. P. M., van Andel, A. A., van Asseldonk, M. A. P. M., & Huirne, R. B. M. (2009).
Eliciting processing industry damage from feed crises. British Food Journal, 111(8), 878.
Meuwissen, M. P. M., van Asseldonk, M. A. P. M., & Huirne, R. B. M. (2003). Alternative risk
financing instruments for swine epidemics. Agricultural Systems, 75(2–3), 305.
Pashaei Kamali, F., Meuwissen, M. P. M., De Boer, I. J. M., Stolz, H., Jahrl, I., Garibay, S. V., et al.
(2014). Identifying sustainability issues for soymeal and beef production chains. Agricultural
& Environmental Ethics, 27(6), 949.
Rao, V. R. (2013). Applied conjoint analysis. Berlin, Germany: Springer.
Rejda, G. E. (1998). Principles of risk management and insurance. New York: Harper Collins.
Trienekens, J. H., Wognum, P. M., Beulens, A. J. M., & van der Vorst, J. G. A. J. (2012).
Transparency in complex dynamic food supply chains. Advanced Engineering Informatics,
26(1), 55.
Tufa, A., Meuwissen, M. P. M., Tesfaye, A., Lommen, W. J. M., Oude Lansink, A. G. J. M.,
Tsegaye, A., et al. (2010). Analysis of seed potato systems in Ethiopia. American Journal of
Potato Research, 87, 537.
Valeeva, N. I., Meuwissen, M. P. M., Oude Lansink, A. G. J. M., & Huirne, R. B. M. (2006).
Cost implications of improving food safety in the Dutch dairy chain. European Review of
Agricultural Economics, 33(4), 511.
van Asseldonk, M. A. P. M., Meuwissen, M. P. M., & Huirne, R. B. M. (2011). A risk analysis
of compound feed contamination. In S. R. Borgearo (Ed.), Animal feed: Types, nutrition and
safety (p. 169). New York: Nova Publishers.
Control in the Label: Self-Declared,
Certified, Accredited?
On-Pack Consumer Communication About
Compliance Control in Voluntary Food Schemes from a
Legal Perspective
Hanna Schebesta
1 Introduction
In the EU, the number of voluntary food schemes has grown rampantly over the past
20 years.1 From a consumer perspective, what was initially praised as a solution to
the information asymmetry problem of credence goods soon became a problem of
itself: Consumers do not know what the various food scheme labels mean. Some
authors therefore propose education measures to help consumers better understand
labels.2 In this contribution, we approach the issue from a different angle and show
that on pack communication of food scheme labels offers significant opportunities
for influencing consumer perceptions. We argue therefore that food businesses are
under a legal duty not to mislead consumers and to ensure that information is suf-
ficiently clear.
At EU level, the proliferation of voluntary food schemes has sparked inquiry into
the potential need for public intervention: in 2010, the European Commission com-
missioned an inventory of food schemes in the EU.3 Shortly after, Commission
1
A total number of 901 food labelling schemes was identified in 2013 on the EU market, see Ipsos
and London Economics (2013).
2
For instance Koos (2011), p. 127.
3
Areté, Inventory of Certification Schemes for Agricultural Products and Foodstuffs Marketed in
the EU Member States, 2010.
H. Schebesta (*)
Law and Governance Group, Wageningen University, Wageningen, The Netherlands
e-mail: hanna.schebesta@wur.nl

https://doi.org/10.1007/978-3-030-02499-4_7
144 H. Schebesta
Guidelines4 were issued, establishing a set of best practices for voluntary certification
schemes for agricultural products and foodstuffs. In 2013, an additional consumer
market study was conducted that surveyed the functioning of voluntary food
schemes in the EU.5
In some fields, EU regulation of food schemes already occurred, notably the
Organic Scheme and the PDO and PGI Quality Schemes. In other areas, the
Commission lets the market play out before proposing regulatory intervention. For
example, the option to expand the existing EU Ecolabel6 into the food sector gener-
ally7 or to the fish sector specifically8 was dismissed.
In the absence of specific EU law on voluntary food schemes, the question is how
the general legal framework can address the new challenges that emerge with their
unprecedented proliferation.
In this contribution, we focus on the consumer interest in food schemes. Mostly,
scheme labelling is seen as one way of remedying the information asymmetry char-
acterizing promises about product quality that cannot be verified by consumers.9
However, the verification processes on compliance used by food schemes vary dras-
tically, resulting in a difference in “rigour and outcome” that is “not always
understood”.10 We follow up on the insight that research mostly studied the standard-
setting process itself, and therefore examine the food schemes’ compliance control
in relation to consumer perception. The question we analyse in this contribution is
the following: What are the possibilities of food businesses to influence the con-
sumer understanding of schemes’ verification processes through labelling, and what
are their legal duties in this respect?
In order to define the notion of compliance control in food schemes, we rely on
the distinctions drawn between standard-setting, certification and accreditation as
put forward in the so-called Tripartite Standards Regime framework (Sect. 2.1) and
analyse different models of compliance control in food standards from a legal per-
spective (Sect. 2.2).
We subsequently investigate the communication of compliance control to con-
sumers. Studies show that the different control mechanisms are not well understood
by consumers (Sect. 3.1). In addition, food schemes handle very diverging labelling
policies on how adherence to a scheme is communicated towards the consumer on
pack (Sect. 3.2). On this basis, we reason that compliance control in schemes is a
consumer protection concern.
4
European Commission Communication EU Best Practice Guidelines for Voluntary Certification
Schemes for Agricultural Products and Foodstuffs, [2010] OJ C 341/5.
5
Ipsos and London Economics (2013).
6
Reg (EC) No 66/2010 on the EU Ecolabel [2010] OJ L 27/1.
7
Oakdene Hollins (2011).
8
MRAG (2016).
9
Dekhili and Akli Achabou (2014), p. 305.
10
Global Food Safety Initiative (GFSI), Enhancing Food Safety Through Third Party Certification
(2011), p. 14.
Control in the Label: Self-Declared, Certified, Accredited? 145
Lastly, we examine whether and how the current EU legal framework of con-
sumer law and food information law can be used to secure consumer protection. We
find that some food schemes risk infringing the consumers’ rights to take informed
decisions expressed in the prohibition on misleading practices and the duty to
provide clear food information (Sect. 4.1). As we argue, different labelling styles
contribute largely to the perception of compliance control in consumers, and there-
fore should be used adequately to ensure that they are sufficiently clear and not
misleading (Sect. 4.2).
2 Compliance Control in Food Schemes
Compliance control is the activity of assessing whether standard users fulfil stan-
dard requirements. This section briefly surveys the development of different busi-
ness models of control and compares compliance control in different food standards
from a legal perspective.
2.1 The Tripartite Standards Regime framework
The Tripartite Standards Regime (TSR) framework distinguishes standard-setting,

certification, and accreditation activities separately and has found wide reception in
the literature. Despite some limitations,11 TSR has the advantage that it pays atten-
tion to certification and accreditation separately, where “current literature (…) has
not yet fully taken the dynamics and interdependencies of these activities into
account, particularly with regard to the role of accreditation”.12 Also secondary
studies and policy documents tend to neglect certification and accreditation, which
we jointly term ‘compliance control’ in this paper.
Historically, standard-setting organisations developed relatively constantly since
1900. The maintenance of consumer confidence is one—although certainly not the
only—important cause of the rise of standardisation.13 The “explosion” of certifica-
tion bodies happened much later, in the 1990s,14 closely followed by accreditation
bodies that witnessed a sharp increase in the late 1990s.15
11
TSR is not a perfect model as it does not of itself engage with differences between first, second
and third party certification; further, it anchors accreditation in a model of control, thereby neglect-
ing alternatives to third-party oversight self-assessment with third-party audits and participatory
guarantee systems. See for a discussion of the controversy around third-party assurance Loconto
and Fouilleux (2014), p. 166. Also, the element of enforcement is not incorporated into the model.
On enforcement of standards, see Verbruggen (2013), p. 512.
12
Fouilleux and Loconto (2017), pp. 1, 3.
13
Loconto and Busch (2010), pp. 507, 517 ff.
14
Fouilleux and Loconto (2017), p. 8.
15
Loconto and Busch (2010), p. 514.
146 H. Schebesta
The main purpose of certification is to act as a guarantee of compliance with

standards. The proliferation of third-party certification is explained by the need for
independence,16 objectivity and qualification17 in checking compliance with stan-
dards. Certification further has the capacity to provide (reliable) market signals,18
both business-to-business and to the consumer. However, with the emergence of a
market for certification bodies,19 concerns manifest that certification bodies fail to
deliver on these promises.20 Generally, certification is conducted by private parties,
and the role for the state as public authority is limited. By contrast, in accreditation
there is a role for governments to ‘establish a credible system of accreditation within
which private certification bodies operate’21 and accreditation bodies are very often
public or quasi-public.22 Accreditation, then, controls the certifiers, and acts as a
‘second line of trust’.23
There are consequences of using the TSR framework for the public-private dis-
tinction in standards, which will appear much more nuanced.24 Even schemes that
commonly are denoted public (such as the EU Organic Scheme) may in fact be
controlled (in part) by private bodies. Private standards, on the other hand, may be
subject to oversight by accreditation bodies that are subject to public oversight.
Further, public control may be delegated to a private legal entity, but the delegation
is usually subject to limits and marginal public oversight. Conceptually, the overall
qualification of schemes as public or private risks to neglect these important details
about compliance control in voluntary schemes.
2.2 T
he Compliance Control of Voluntary Food Schemes
Under EU Law
The following section sketches the EU legal framework on compliance control in

food schemes. EU law does not require compliance control by certified or accred-
ited bodies for voluntary food labelling schemes generally. However, the EU official
voluntary food schemes, that is, the EU Organic and Quality Schemes, prescribe
specific control mechanisms by public authority or accredited entities.
16
Hatanaka et al. (2005), pp. 354, 358.
17
Tanner (2000), p. 415.
18
Deaton (2004), p. 615.
19
Loconto and Busch (2010).
20
See for example the difference of quality in auditing across different certification bodies observed
in Albersmeier et al. (2009), p. 927.
21
Henson and Humphrey (2010), p. 1628.
22
Loconto and Busch (2010), p. 510 note that 75% of their data set qualified as public or
quasi-public.
23
Ibid., 510.
24
As also argued by Havinga in respect of a blurring between the public and the private, and further
distinguishing different ‘privates’ (notably retailers) in the formulation of standards Havinga
(2008). And the questions of legitimacy raised Fuchs et al. (2011), p. 353.
2.2.1 C
ompliance Control in Voluntary Food Schemes: Accreditation
Endorsed But Not Imposed
Different business models of certification exist, the most prevalent being third-party
certification. Alternatives are first-party self-declarations, and second-party certifi-
cation (first party’s paid consultants).25 Third-party certification bodies (hereafter
simply certification bodies) can, but do not have to be, accredited. According to the
voluntary EU food schemes inventory of 2010, 78% of food schemes were certified,
and 18% self-declared. According to the same data, around 71% of certification was
carried out by an accredited body.26
In the EU, accreditation is an exercise of public authority; it is ‘the last level of
public authority control’.27 The Accreditation Regulation (Regulation (EC) No
765/2008)28 instituted a harmonised system of requirements for accreditation and
market surveillance for the marketing of products and required each Member State
to appoint a single national accreditation organisation. The system further enshrines
several principles in order to safeguard the independent functioning of accredita-
tion. Notably, it institutes a separation from national authorities and certification
bodies. Accreditation bodies have to operate on a not-for-profit basis29 and may not
compete with conformity assessment bodies or other accreditation bodies.30 They
must be independent and without conflicts of interest; objective and impartial; and
competent.31 Further, accreditation bodies are subject to a peer evaluation of other
national accreditation bodies, a process ultimately overseen by the European
Commission.32
For voluntary food certification schemes, the non-binding Commission
Guidelines list certification by accredited bodies as a best practice. The Commission
Guidelines recommend, in order to safeguard impartiality and independence of cer-
tification, compliance assessments that are carried out by an independent body
accredited either by a national accreditation body appointed by Member States
according to the Accreditation Regulation or an accreditation body signatory to the
multilateral recognition arrangement (MLA) for product certification of the
International Accreditation Forum (IAF).33 These best practices therefore endorse a
full TSR framework for voluntary food standards.
25
Tanner (2000).
26
Ipsos and London Economics (2013), p. 50.
27
European Accreditation (EA), What Is Accreditation, available at http://www.european-accredi-
tation.org/what-is-accreditation.
28
Reg (EC) No 765/2008 Setting out the Requirements for Accreditation and Market Surveillance
Relating to the Marketing of Products, [2008] OJ L 218/30.
29
Art. 4 Accreditation Regulation.
30
31
32
33
European Commission (2010), recommendation no 6.
148 H. Schebesta
2.2.2 C
ontrol in ‘Public’ EU Food Schemes: The Organic Scheme
and Quality Scheme (PDO, PGI)
At the moment, neither certification nor accreditation is compulsory for voluntary

food schemes under EU law. By contrast, the two EU schemes in food, i.e. the
Organic Scheme and the PDO and PGI Quality Schemes, do stipulate specific con-
trol requirements. Most importantly, they require accreditation to the relevant ISO
system standards when control is delegated to a private body.34
Under the Organic Regulation (Regulation (EC) No 834/2007), Member States
designate a competent authority for the control system for organic production.
However, they may confer their control competences to one or more public control
authorities and/or delegate their control tasks to one or more private control bodies.
Specific elements may not be delegated. For the designated control bodies, criteria
are laid down, including accreditation.35 Consequently, there is a diversity of sys-
tems across the EU Member States; composed of approved private control bodies;
designated public control authorities; and mixed system, with designated public
control authority(ies) and approved private control bodies.
Under the Quality Schemes Regulation (Regulation (EC) No 1151/2012), com-
petent authorities may delegate official controls of the quality schemes to control
bodies. These must be accredited.36 Accreditation may only be performed by a
national accreditation body in the Union in accordance with the provisions of the
Accreditation Regulation or an accreditation body outside the EU that is signatory
to a mutual recognition arrangement of the International Accreditation Forum.37
2.2.3 Summary
The voluntary EU ‘public’ food schemes (Organic and PDO and PGI Quality
Schemes) are subject to a control system. Even where these controls are partially
delegated to private or mixed bodies, accreditation is used as a public assurance
system in the background. Voluntary schemes, on the other hand, are not subject to
legally mandated control requirements, which means that they leave room for a
diversity of control mechanisms (and lack thereof).
34
In principle, ISO certification can be undertaken by accredited and non-accredited bodies, see
https://www.iso.org/certification.html. Therefore, the statement certified to ISO is different from
accredited to ISO, only the latter would require certification to ISO by an accredited certification
body.
35
Accreditation to European Standard EN 45011 or ISO Guide 65 (General requirements for bod-
ies operating product certification systems) is required if there is delegation, see Council Reg (EC)
No 834/2007 on organic production and labelling of organic products, [2007] OJ L 189/1, Art
27(5)(c). This standard has been revised by ISO/IEC 17065:2012.
36
In accordance with European Standard EN 45011 or ISO/IEC Guide 65 (General requirements
for bodies operating product certification systems), as revised by ISO/IEC 17065:2012.
37
Reg (EU) No 1151/2012 on quality schemes for agricultural products and foodstuffs, [2012] OJ
L 343/1, Art. 39(3).
3 Communicating Compliance Control to the Consumer
The qualitatively very different control mechanisms behind different private food
standards is potentially problematic: among stakeholders, third party certification
was identified as one of the top issues concerning best practices regarding scheme
operation.38 Interestingly, the consumer organisations regarded this issue as less sig-
nificant, i.e. only one in five organisations mentioned third party certification as
relevant.39 Certification by accredited bodies was identified as an issue less often.40
Therefore, third party certification (and to a lesser extent accreditation) was flagged
as an acute concern only by the ‘insiders’ of the supply chain but not by the outsid-
ers, i.e. consumer organisations.
Despite this evidence, we argue that the compliance control behind food schemes
should be a consumer protection concern.
3.1 C
onsumer Perception Studies on Standards and Their
Compliance Control
Empirical evidence shows that consumer confusion prevails when it comes to stan-
dard conformity control. In the consumer market study conducted in 2013, stake-
holders41 overwhelmingly assessed that consumers cannot distinguish between
public and private schemes or self-declared and certification food labelling
schemes.42 Consumers’ actual knowledge about the control of food certification
schemes emerged as very limited and false beliefs as widespread.43 Many consum-
ers incorrectly believe that all food labelling schemes are certified by a third party
organisation44; that all certifiers are public bodies45; and that food producers cannot
38
It was highlighted as important by a third of the accreditation bodies, 42% of the producer,
farmer, retailer associations and 44% of scheme operators, see Ipsos and London Economics
(2013).
39
Ibid.
40
It was regarded as important by 25% of the accreditation bodies and cited by 29% of the scheme
operators. Other stakeholders did not mention accreditation at all, see Ipsos and London Economics
(2013), p. 110.
41
I.e. accreditation/certification bodies, producer/farmer/retailer organisations, and consumer
bodies.
42
Ipsos and London Economics (2013), p. 127; on both questions, stakeholders across the board
disagreed or totally disagreed with the consumers’ ability.
43
Ibid., 153.
44
Only around 20% of consumers positively know that, in fact, not all food schemes are certified.
Testing the actual knowledge of consumers about certification, a dire picture emerged: one third of
consumers thought that all food labelling schemes are certified by a third party organisation (with
little below a half indicating ‘I don’t know’).
45
Over 36% of consumers believe that all third-party organisations that certify schemes have to be
public bodies; only 25% consumers answered correctly, i.e. that not all certifiers are public bodies.
150 H. Schebesta
establish their own food labelling schemes based on their own product standards.46
Uncertainty47 about these issues is widespread in consumers. Further, consumer
trust in third-party certified schemes vastly exceeds that for self-certified schemes;
i.e. trust in third party certified schemes is totally agreed or agreed to by 71% of the
consumers, but only by 30% for self-certified schemes.48 Stakeholders also believe
that consumers trust more in public than in private certification schemes.49 The lit-
erature strongly supports this view: ‘According to a large number of studies, the
most important requirement is that the label is issued and controlled by a public or
independent authority, a so-called “third party”’.50
It is firmly established that certification improves consumer trust in food prod-
ucts significantly. This is troubling when combined with the fact that many consum-
ers erroneously assume that standards are by definition subject to compliance
control conducted by a public body, or at least an independent certification body.
3.2 H
ow Do Schemes Communicate Compliance Control
to Consumers?
In addition, consumer perceptions about schemes are very much influenced by food
labelling. It is therefore necessary to examine how messages about compliance con-
trol are communicated to the consumer on pack and how they affect consumers.
From a legal perspective, scheme operators are usually51 the owner of registered
trademarks. Trademark law can protect the word mark of a scheme (i.e. the brand/
scheme name), figurative marks and figurative marks with word elements (i.e. a
pictoral logo with or without word elements such as the brand name). Scheme own-
ers then licence the use of their trademark and can draw up labelling policies speci-
fying how it is to be used in business and/or consumer directed communication.
Some standardisation schemes understand themselves as clearly business-to-
business geared and prevent the use of the scheme for consumer communication
purposes at scheme level. For example, GlobalGAP is a certification scheme that
Notably, the percentage of consumers incorrectly believing that certifiers are public is highest in
the EU-12, a group of consumers that is usually identified as a ‘higher educated’ consumer.
46
Around 32% consumers incorrectly think that food producers cannot establish their own food
labelling schemes based on their own product standards; again with roughly a third of respondents
giving the correct answer and a third indicating ‘I don’t know’.
47
I.e. consumers indicating that they do not know the correct answer.
48
Ipsos and London Economics (2013), p. 178. Independent research has confirmed a more posi-
tive attitude to “independent labels” than towards self-declared (environmental) claims and also a
higher propensity to pay for labelled as opposed to self-declared claim products Ertz et al. (2017),
p. 1 and numerous studies cited.
49
Ipsos and London Economics (2013), p. 187.
50
Thøgersen (2000), p. 285.
51
In some EU Member States, registration of certification marks is possible.
prohibits certified producers from using the GlobalGAP trademark on the product
or packaging (although it may be used in business-to-business communication).52
Similarly, The BRC Global Standard for Food Safety (Issue 7) allows the use of a
logo only for marketing purposes, but clarifies that the BRC logo is not a product
certification mark and therefore may not be used on products.53
Other schemes are less prescriptive: compliance with the Unilever Sustainable
Agriculture Code can be assessed on the basis of both, self-declarations or through
certification. The Unilever Sustainable Agriculture Code does not have a logo or
trademark associated with the scheme. Sustainability messages in the form of text
are taken at brand level.54
UTZ certified, by contrast, identifies as a business-to-business scheme, but
allows the use of the trademark in accordance with the very detailed UTZ Labelling
and Trademark Policy.55 The UTZ labelling logo always includes the word ‘Certified’
and must be used in combination with a text claim.56 The Marine Stewardship
Council (MSC) allows the use of the MSC ecolabel and MSC textual claims on the
package. It requires a paid license before the label may be used, and stipulates an
approval procedure. Where the label is used, it must be accompanied by one of the
five MSC model textual claims. Some, but not all, of these model text claims con-
tain an explicit reference to certification.57
The EU regulated schemes deploy primarily logos: the PDO and PGI logos
appear as an officious ‘seal’.58 The EU Organic Scheme uses the organic logo, and
additionally regulates the use of words, i.e. ‘organic’ and derivatives such as ‘bio’
and ‘eco’, alone or combined, may be used only on products conforming with the
scheme.59
Not all voluntary food schemes allow consumer messages on pack. Those that do
vary significantly in whether and how such communication is regulated at scheme
level, or whether the prime responsibility for labelling is left to brand owners using
food schemes.
From the consumer point of view, it is clear that consumer confusion about the
degree to which different types of schemes communicated to them on pack are
52
MSC, MSC ecolabel user guide (April 2016) available at https://www.msc.org/documents/logo-
use/msc-ecolabel-user-guide.
53
BRC, BRC Global Standard for Food Safety Issue 7. Point 7.6.
54
See standardsmap.org.
55
UTZ, Labeling and Trademark Policy May 2016, available at https://utz.org/?attachment_id=
7318/.
56
Ibid., point 1.3.
57
The MSC Claim — Marine Stewardship Council, available at https://www.msc.org/get-certified/
use-the-msc-ecolabel/msc-claim#english.
58
Art. 12 Reg (EU) No 1151/2012 (n 35) that can include ‘protected designation of origin’ or ‘pro-
tected geographical indication’ or the corresponding abbreviations ‘PDO’ or ‘PGI’ may appear on
the labelling, as well as text, graphics or symbols referring to the Member State and/or region in
which the geographical are located. The registered product name should appear in the same field
of vision as the logo.
59
Art. 23 Organic Regulation.
152 H. Schebesta
s ubject to independent or even official compliance control prevails. At the scheme-

owner side, a diversity of labelling policies exists. Many food scheme operators are
committed to draw up clear labelling policies that combine a unified brand image
and consumer protection.60 However, this is not always the case. In particular self-
declared schemes emerge as a central concern: depending on how exactly such
schemes are communicated on pack, they may violate consumers’ expectations that
third party control (certified or certified-accredited) exists.
4 The EU Legal Framework from a Consumer Perspective
Given food businesses’ wide freedom in labelling voluntary claims, what are their
legal duties in respect of the consumer’s right to make informed choices? Under EU
consumer law, this right is given expression through the prohibition on unfair com-
mercial practices in general and, food information regulation specifically. The cor-
responding legal framework is the Unfair Commercial Practices Directive 2005/29/
EC (UCPD)61 and food specific legislation that deals with the provision of informa-
tion to the consumer (i.e. the General Food Law, the Food Information Regulation
and certain sector specific laws, such as the Common Market Regulations). These
stipulate that commercial practices may not mislead the consumer and that food
information must be clear.
4.1 T
he Legal Framework: Prohibition on Misleading
the Consumer and Food Information Requirements
It is generally accepted that the UCPD can serve as a useful legal framework in
order to combat unfair practices also with respect to ‘labels’.62 In several general
clauses, the UCPD prohibits unfair commercial practices that are misleading63 and
aggressive64 practices; as well as practices that infringe professional diligence.65
60
For instance, UTZ guiding principles are “clarity, credibility and correctness” (n 50), point 1.6.
61
Directive 2005/29/EC concerning unfair business-to-consumer commercial practices in the inter-
nal market, [2005] OJ L 149/22.
62
The European Commission recently published a new guidance on the UCPD (‘UCPD Guidance
2016’) that contains a section on eco-labels. Commission Staff Working Document. Guidance on
the Implementation/application of Directive 2005/29/EC on Unfair Commercial Practices. A
Comprehensive Approach to Stimulating Cross-Border E-Commerce for Europe’s Citizens and
Businesses, COM(2016) 320 final, (‘UCPD Guidance 2016’). Further, UCPD compliance was
touched upon in the Feasibility Reports for Eco-labelling; and the Market Study of 2013. Third-
party verification and self-declaration with the UCPD was not specifically examined.
63
Arts. 6 and 7 UCPD.
64
Arts. 8 and 9 UCPD.
65
Art. 5(2) UCPD.
Further, it contains a blacklist of automatically unfair practices.66 The UCPD applies

in a complementary manner next to more specific legislation.67 In the food sector,
the UCPD information requirements should be read together with more detailed
food information requirements.
4.1.1 General Prohibition of Misleading Practices
The UCPD prohibits misleading practices that deceive or are likely to deceive the
average consumer even if the information is factually correct (Article 6). The
deceiving information must concern one of a number of elements, for instance the
main characteristics of the product or the extent of the trader’s commitments (Article
6(1)(a) and (c) respectively). Further, the information must be consequential and the
consumer’s economic behaviour must be altered: the information must cause or be
likely to cause the average consumer to ‘take a transactional decision that he would
not have taken otherwise’.68 This prohibition does not test the intention of the food
business operator; it is a prohibition that tests the achieved effect on the consumer.
Information about scheme control constitutes information about the characteris-
tics of a product, and perhaps more pertinently about the extent of the trader’s com-
mitment. In light of the empirical research reviewed (see Sect. 3.1), consumers
expect scheme affiliations on pack to be more than merely aspirational and assume
that independent control mechanisms exist. Self-declared schemes, then, regularly
risk to deceive the consumer, because they are—contrary to the average consumers’
beliefs—not subject to certification or accreditation. The empirical studies further
suggested that consumer trust is significantly higher in certified as opposed to self-
declared schemes and also show that certification increases consumers’ willingness
to pay. This provides evidence that the transactional decision of consumers is likely
distorted by the false belief that self-declared schemes are subject to independent
control. Although a legal appreciation of food scheme labelling will have to be
assessed on a case-by-case basis, self-declared schemes potentially engage in a mis-
leading practice.
The food information law provisions echo the general spirit of the UCPD, but
they lack its more elaborated tests. The overarching, horizontal General Food Law
Regulation69 lays down principles governing all food legislation and commit to a
high level of protection of consumers’ interest. Labelling, advertising and
66
Annex I UCPD.
67
UCPD Guidance 2016, 16. See also e.g. ECJ, 16 July 2015, Joined Cases C-544/13 and C-545/13
Abcur AB v Apoteket Farmaci AB and Apoteket AB, ECLI:EU:C:2015:481, paras 72, 74 and 82.
68
Art. 2(k) UCPD defines ‘transactional decision’ as ‘any decision taken by a consumer concerning
whether, how and on what terms to purchase, make payment in whole or in part for, retain or dis-
pose of a product or to exercise a contractual right in relation to the product, whether the consumer
decides to act or to refrain from acting.’
69
Reg (EC) No 178/2002 laying down the general principles and requirements of food law, estab-
lishing the European Food Safety Authority and laying down procedures in matters of food safety,
[2002] OJ L 31/1.
154 H. Schebesta
p resentation of products “shall provide a basis for consumers to make informed

choices”, and it enshrines a prohibition on “fraudulent or deceptive practices” and
“any other practices which may mislead the consumer”.70 The Food Information
Regulation is slightly more specific, stipulating that information may not mislead as
to the characteristics of the food71 or attribute effects or properties that the food does
not possess.72 Additionally, in the Teekanne case, the CJEU held that pictoral claims
may also be misleading, and that the overall impression of all graphic and textual
elements ought to be considered together.73
Consequently, there is a real legal risk that self-declaratory schemes mislead the
consumer, since it is questionable whether self-declaratory scheme communication
always allows the consumers to make informed choices. Further, the empirical evi-
dence has shown that consumers attribute a compliance control to all schemes that
self-declared schemes do not possess. This does not mean that every self-declared
scheme violates the law: communication methods used on pack vary largely and
considerably influence whether or not consumers are deceived (as elaborated below
in Sect. 4.2). However, it does establish a prima facie case that self-declaratory
schemes’ labelling can potentially be misleading.
4.1.2 Food Information: The UCPD and Specific Food Information Law
While the prior meaning of misleadingness relies on the deception of the consumer,
there are also more objective requirements on food information in se. The UCPD
regulates the omission of information; the provision of information ‘in an unclear,
unintelligible, ambiguous or untimely manner’ is a misleading practice (Article
7(2)).74 Again, this information must be consequential and likely to lead the con-
sumer to take a transactional decision s/he would not otherwise have taken. However,
limitations of space, which regularly apply in case of food products, may be taken
into account.75
Additionally, food information to consumers (comprising on-pack, but also sur-
rounding information on food products) is regulated in detail by the Food Information
70
Art. 8 of Reg (EC) No 178/2002, and Art 16 on the presentation of food products.
71
Art. 7(a) of Reg (EU) No 1169/2011.
72
Art. 7(b) of Reg (EU) No 1169/2011.
73
ECJ, 4 June 2015, Case C-195/14 Bundesverband der Verbraucherzentralen und
Verbraucherverbände - Verbraucherzentrale Bundesverband e.V. v Teekanne GmbH & Co. KG,
ECLI:EU:C:2015:361, see Schebesta and Purnhagen (2016), p. 595.
74
Art. 7(1) UCPD underlines that to assess whether a commercial practice is misleading, it needs
to be considered “in its factual context, taking account of all its features and circumstances and the
limitations of the communication medium”, this can include “any measures taken by the trader to
make the information available to consumers by other means.”
75
Art. 7(3) UCPD “Where the medium used to communicate the commercial practice imposes
limitations of space or time, these limitations and any measures taken by the trader to make the
information available to consumers by other means shall be taken into account in deciding whether
information has been omitted.”
Regulation.76 It requires information to be accurate, clear and easy to understand for

the consumer.77 Voluntary information may also not be ambiguous or confusing,78
and “where appropriate” be based on relevant scientific data.79 More specific label-
ling obligations may be contained in sector legislation.80
Taken together, these provisions impose a positive obligation on food business
operators to provide information about the nature of the control that a given scheme
is subject to in a way that is clear, i.e. intelligible, unambiguous, not confusing, and
easy to understand.81 As is the case for the prohibition on misleading practices, the
appreciation of legality under food information law depends on how voluntary food
schemes label their products in detail.
It is empirically well established that product labels influence the purchasing
intent of consumers,82 therefore food labels can be regularly regarded to influence
the transactional decisions of consumers. Further, behavioural studies widely sup-
port the assessment that a lack of clear communication in food scheme labelling
persists. Studies demonstrate that in many instances, the labelling of schemes is not
sufficiently clear,83 in particular when it comes to the communication of certifica-
tion. From the legal point of view, labelling that is unclear about compliance control
risks to violate the requirements of food information regulation in both the UCPD
and food information law.
4.2 Consumer Communication
After having established that, principally, food scheme labelling may risk to violate
the law if not done properly, we turn to examine the different information elements
that are regularly used in scheme labelling on food products. As has been shown
above, the combination of graphical, textual and reference to off-pack information
can do much to influence consumer understanding of the scheme and influence
consumers’ expectations about scheme compliance control. While most research
76
Reg (EU) No 1169/2011 on the provision of food information to consumers, [2011] OJ L 304/18
(‘Food Information Regulation’ (FIR)).
77
Art. 7(2) of Reg (EU) No 1169/2011.
78
Art. 36(2)(b) of Reg (EU) No 1169/2011.
79
Art. 36(2)(c) of Reg (EU) No 1169/2011.
80
Such as the Fishery and Aquaculture Products Common Market Organization Regulation that
specifies that voluntary information must be clear and unambiguous Art. 39(1) of the CMO
Regulation and may not be included if it cannot be verified Art. 39(4) of the CMO Regulation.
81
These are the most important obligations for the research question examined in this article; other
information requirements include accuracy and verifiability. Also, the trader is subject to the
requirement to act with a due diligence required in the industry.
82
Tang et al. (2004), p. 85.
83
For instance on eco-labels: ‘consumer trust in independent certifications depends on whether
these certifications can clearly convey [emphasis added] responsible standards.’ Dekhili and Akli
Achabou (2014) citing Boström and Klintman (2008).
156 H. Schebesta
has distinguished and focused on the complementarity of visual and verbal com-
munication, for food products additional information elements should be
distinguished:
• Word mark (e.g. scheme name)
• Figurative mark (pictoral logo)
• Figurative mark with fixed word elements
• Explanatory textual claims, sometimes limited mandatory models of phrasing,
and/or subject to approval procedures
• Reference to further information, e.g. inclusion (sometimes mandatory) of a link
to scheme operator’s website.
These elements can be used alone or in combination. Behavioural research con-
firms that visual and verbal communication is additive.84 From a legal point of view,
the overall impression of the product presentation is decisive,85 which means that all
information elements need to be examined together.
A consumer’s understanding of a food scheme begins commonly with the food
scheme name, and how descriptive it is: Fair Trade conveys the purpose of the
scheme, where the name Max Havelaar is much less intuitive. UTZ certified on the
other hand immediately clarifies that the scheme is a certification scheme. Further,
the notoriety of the brand name is significant to consumers. For instance, a famous
(at the time) self-declared sustainability food scheme (Nespresso AAA) was shown
to generate very high confidence rates in consumers, because customers trust big
brands—the trust generated was comparable to that of a famous certified pro-
gramme.86 Scheme labelling is not commonly used to communicate the fact that a
food scheme is certified by an accredited body. One of the few exceptions is the
Tesco Nurture scheme which has labels featuring ‘Independently Accredited
Farming Standards Since 1992’.
Very often, food schemes will also allow the use of a logo in the form of figura-
tive marks on the food packaging. This logo can be used with or without word-
marks. Pictures are powerful,87 and figurative marks have a strong and fast effect on
consumers in cognitive terms. Consumers respond with greater immediacy to them,
and the CJEU has rightly held that pictures may constitute claims for the purposes
of EU law.88 Particularly officious looking logos (‘seals’) may create the impression
of being a form of ‘official’ or at least independent endorsement, and hence control.
Logos further go a long way in complementing textual claims and achieve a more
positive evaluation of the text they support; labels therefore have a reassuring func-
tion. The effect is attributed to consumers perceiving labels as being institutional-
ized and more credible.89
84
Teisl et al. (2002), p. 44.
85
ECJ – Teekanne (n 68).
86
Dekhili and Akli Achabou (2014).
87
See for the famous ‘picture superiority effect’: Kaplan et al. (1968), p. 73.
88
See ECJ – Teekanne (n 68); Schebesta and Purnhagen (2016).
89
Ertz et al. (2017) and Schumacher (2010), p. 2202.
Problematic about figurative marks used alone is that they allude to attributes
without being explicit. Therefore, pictures by themselves, and without any addi-
tional information element, can be considered as vague or ambiguous claims. In this
respect, the EU public logos could serve as an example of a bad practice: the EU
Organic Scheme is a figurative mark only (a leaf shape made of stars on a green
background). The scheme relies on graphic recognition of the consumer and does
not include descriptive textual elements, which makes it difficult for consumers to
comprehend the formal nature of the scheme. It has been generally lamented that
‘(e)co-label designs usually incorporate visual logos, but only a small number of
them include a verbal message to communicate the key reason why the label has
been granted.’90 Although graphic marks alone can suggest positive attributes, they
are not suitable to communicating the control element, i.e. whether a scheme is self-
certified, certified or accredited. Legally, it is settled that vague claims, for example
environmental claims such as ‘nature’s friend’, can be prohibited as a misleading
practice under the UCPD if not substantiated.91 This reasoning could be applied by
analogy to figurative marks. In addition, their vagueness can violate food informa-
tion law in terms of being ambiguous and confusing.
Generally, the meaning of figurative marks should be supported by the provision
of additional information. Studies indicate that ‘the most effective eco-labels would
be those having a “seal” and an additional “written message” that indicates the pri-
mary environmental attribute of the product.’92
Therefore, incorporating textual references to the control element (such as ‘certi-
fied scheme’) induces a more accurate consumer understanding. Further, a textual
claim mentioning certification/accreditation will also be more effective due to the
increase in the claim’s concreteness.93 In the case of UTZ, ‘certified’ as it is a man-
datory textual element used in addition to the seal. Such practice enables consumers
to positively distinguish a certified/accredited label from non-certified ones.
Lastly, the definition of food information is very encompassing, and can cover
any type of information about the food product, not solely on-pack. This means that
additional information can be made available for instance through a link to a web-
site. Food products have very limited on pack space, and therefore a website is an
option for providing details about the scheme. The Commission Guidelines, as well
as the subsequent market study,94 rely heavily on the provision of information on
90
Dekhili and Akli Achabou (2014).
91
Commission Guidance on the UCPD (n 60), section 5.1.2.
92
Tang et al. (2004).
93
Ibid., also David (1998), p. 180.
94
Ipsos and London Economics (2013). Suggesting the policy solution that there should be a ‘[c]
lear statement on the website if the scheme is certified or self-declaration; and, if the scheme is
certified the name of the certification body and information on the certification process and require-
ments in clear and transparent language for non-technical readers should be available. For exam-
ple, how often certification procedures take place. More detailed technical specifications and
requirements could also be provided on the website for users who want access to more specific
details. However, this would be in addition to information that was easy to access and understand
for the consumer’, 114.
158 H. Schebesta
websites, also when it comes to the notion of control. The Commission Guidelines
recommend that ‘[s]chemes should clearly state (e.g. on their website) that they
require certification by an independent body and provide contact details of certifica-
tion bodies which provide this service.’95 For the consumer, in choosing food
products, on-pack information will, however, constitute the most immediate and
important source of information, while other sources, such as websites, will be con-
sulted only in a subsidiary way. References to websites will therefore not in all cases
suffice to prevent consumers from being misled and to ensure information clarity in
line with the legal framework.
By adopting on pack label policies that emphasise the certified/accredited nature
of a scheme, food schemes can foster consumer information and ensure compliance
with the legal framework.
5 Conclusions and the Way Forward
The above analysis identified several shortcomings in the current labelling practices
of food schemes, in particular when it comes to enabling the consumer to distin-
guish whether schemes are self-declared, certified or accredited. Some of these
labelling practices may be illegal because they violate the consumers’ right to take
informed decisions. Beyond identifying the legal risks for food business operators,
this contribution wants to support food business operators in ensuring that the infor-
mation they provide in their labelling is sufficiently clear and does not mislead the
consumer.
While there is a legal framework that captures food scheme labelling practices,
the provisions are very broad and it is questionable whether they are able to deliver
legal certainty. Also the policy initiative taken by the European Commission in the
form of the Best Practices Guidelines mainly relies on recommending disclosure of
food schemes’ mechanisms for compliance control at a secondary level, i.e. on web-
sites. For immediate purchasing decision, this kind of information is likely to be too
remote for consumers to consider.
Perhaps surprisingly, another area of law is moving towards much more stringent
solutions than food information law in the narrow sense. The new EU Trademark
Regulation96 introduced EU certification marks. These already existed in some, but
not all, national intellectual property right systems. In intellectual property law,
certification marks are discussed as a bridge over the trust gap that emerged when
normal trademarks became used for exaggerated marketing claims.97 They are
95
European Commission (2010).
96
Reg (EU) 2015/2424 amending Council Reg (EC) No 207/2009 on the Community Trade Mark
and Commission Reg (EC) No 2868/95 implementing Council Regulation (EC) No 40/94 on the
Community Trade Mark, [2015] OJ L 341/21, hereafter referred to as ‘EU Trade Mark Amending
Regulation (2015)’.
97
Chon and Fujiye (2016).
regarded as ‘capable of distinguishing goods or services which are certified by the

proprietor of the mark in respect of material, mode of manufacture of goods or per-
formance of services, quality, accuracy or other characteristics, from goods and
services which are not so certified’.98 Under both, the EU Certification Mark, and
national certification marks, the independence of the controlling entity is safe-
guarded: the person registering a certification mark may ‘not carry on a business
involving the supply of goods or services of the kind certified’.99 Further, the appli-
cant must submit regulations specifying ‘the persons authorised to use the mark, the
characteristics to be certified by the mark, how the certifying body is to test those
characteristics and to supervise the use of the mark.’100 The EU Certification Mark
can be refused or revoked ‘if the public is liable to be misled as regards the character
or the significance of the mark’.101
The EU Certification Mark therefore incorporates strict legal requirements
regarding independence of the mark holder from businesses selling products with a
mark, certification requirements, and the risk of misleading the public. In principle,
the EU Certification Mark therefore is capable of giving to the consumer that which
s/he expects in looking at labels: ‘[c]ertification marks can inform … end-consumers
of product qualities related to the largely opaque steps of the process leading to the
product to which they are affixed.’102
The use of certification mark law, then, could be a promising instrument to
address consumer concerns about current food scheme labelling practices.
References
Albersmeier, F., Schulze, H., Jahn, G., & Spiller, A. (2009). The reliability of third-party certifica-
tion in the food chain: From checklists to risk-oriented auditing. Food Control, 20, 927.
Areté. (2010). Inventory of certification schemes for agricultural products and foodstuffs mar-
keted in the EU member states. http://ec.europa.eu/agriculture/quality/certification/inventory/
inventory-data-aggregations_en.pdf
Boström, M., & Klintman, M. (2008). Eco-standards, product labelling and green consumerism.
Basingstoke, England: Palgrave Macmillan.
Chon, M. (2014). Marks and more(s): Certification in global value chains. In I. Calboli & E. Lee
(Eds.), Trademark protection and territoriality challenges in a global economy (p. 79).
Chon, M., & Fujiye, M. T. (2016). Leveraging certification marks for public health. Retrieved May
10, 2017, from https://papers.ssrn.com/abstract=2821815
David, P. (1998). News concreteness and visual-verbal association do news pictures narrow the
recall gap between concrete and abstract news? Human Communication Research, 25, 180.
98
Dir (EU) 2015/2436 to approximate the laws of the Member States relating to trade marks,
[2015] OJ L 336/1, Art. 27(a), hereafter referred to as ‘EU Trademark Directive’.
99
Art. 74a(2) EU Trade Mark Amending Regulation (2015); Art. 28(2) EU Trademark Directive.
100
Art. 74b(2) EU Trade Mark Amending Regulation (2015).
101
Art. 74c(2) EU Trade Mark Amending Regulation (2015).
102
Chon (2014), pp. 79, 83.
160 H. Schebesta
Deaton, B. J. (2004). A theoretical framework for examining the role of third-party certifiers. Food
Control, 15, 615.
Dekhili, S., & Akli Achabou, M. (2014). Eco-labelling brand strategy: Independent certification
versus self-declaration. European Business Review, 26, 305.
Ertz, M., François, J., & Durif, F. (2017). How consumers react to environmental information: An
experimental study. Journal of International Consumer Marketing, 1.
Fouilleux, E., & Loconto, A. (2017). Voluntary standards, certification, and accreditation in the
global organic agriculture field: A tripartite model of techno-politics. Agriculture and Human
Values, 34, 1.
Fuchs, D., Kalfagianni, A., & Havinga, T. (2011). Actors in private food governance: The legiti-
macy of retail standards and multistakeholder initiatives with civil society participation.
Agriculture and Human Values, 28, 353.
Global Food Safety Initiative (GFSI), Enhancing Food Safety Through Third Party Certification.
(2011). http://www.mygfsi.com/images/mygfsi/schemes_certification/certification/third_
party/GFSI_White_Paper.pdf
Hatanaka, M., Bain, C., & Busch, L. (2005). Third-party certification in the global agrifood sys-
tem. Food Policy, 30, 354.
Havinga, T. (2008). Actors in private food regulation: Taking responsibility or passing the buck to
someone else? Nijmegen Sociology of Law Working Papers Series 2008/01. Retrieved April 25,
2017, from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2016083
Henson, S., & Humphrey, J. (2010). Understanding the complexities of private standards in global
agri-food chains as they impact developing countries. The Journal of Development Studies,
46, 1628.
Ipsos and London Economics. (2013). Consumer market study on the functioning of voluntary
food labelling schemes for consumers in the European Union.
Kaplan, S., Kaplan, R., & Sampson, J. R. (1968). Encoding and arousal factors in free recall of
verbal and visual material. Psychonomic Science, 12, 73.
Koos, S. (2011). Varieties of environmental labelling, market structures, and sustainable consump-
tion across Europe: A comparative analysis of organizational and market supply determinants
of environmental-labelled goods. Journal of Consumer Policy, 34, 127.
Loconto, A., & Busch, L. (2010). Standards, techno-economic networks, and playing fields:
Performing the global market economy. Review of International Political Economy, 17, 507.
Loconto, A., & Fouilleux, E. (2014). Politics of private regulation: ISEAL and the shaping of
transnational sustainability governance. Regulation & Governance, 8, 166.
MRAG. (2016). Feasibility report on options for an EU ecolabel scheme for fishery and aquacul-
ture products. http://ec.europa.eu/fisheries/file/3360/download_sv?token=TthyUWe8
MSC. (2016, April). MSC ecolabel user guide. https://www.msc.org/documents/logo-use/
msc-ecolabel-user-guide
Oakdene Hollins. (2011). EU ecolabel for food and feed products – Feasibility study. http://www.
oakdenehollins.co.uk/media/251/EC%2D%2D03_251_v3.pdf
Schebesta, H., & Purnhagen, K. (2016). The behaviour of the average consumer: A little less nor-
mativity and a little more reality in the court’s case law? Reflections on Teekanne. European
Law Review, 595.
Schumacher, I. (2010). Ecolabeling, consumers’ preferences and taxation. Ecological Economics,
69, 2202.
Tang, E., Fryxell, G. E., & Chow, C. S. F. (2004). Visual and verbal communication in the design of
eco-label for green consumer products. Journal of International Consumer Marketing, 16, 85.
Tanner, B. (2000). Independent assessment by third-party certification bodies. Food Control, 11,
415.
Teisl, M. F., Peavey, S., Newman, F., Buono, J., & Hermann, M. (2002). Consumer reactions to
environmental labels for forest products: A preliminary look. Forest Products Journal, 52, 44.
Thøgersen, J. (2000). Psychological determinants of paying attention to eco-labels in purchase

decisions: Model development and multinational validation. Journal of Consumer Policy, 23,
285.
UTZ. Labeling and Trademark Policy May 2016. Retrieved April 11, 2017, from https://utz.
org/?attachment_id=7318/
Verbruggen, P. (2013). Gorillas in the closet? Public and private actors in the enforcement of trans-
national private regulation. Regulation & Governance, 7, 512.
Certification of the Sustainability
of Biofuels in Global Supply Chains
Carola Glinski
1 Introduction
This chapter uses the example of certification of biofuels in order to analyse prob-
lems, preconditions and constraints of (private) standards and certification as a
means to ensure compliance with legal requirements, within the European Union but
even more abroad, in the ‘Global South’. It first presents an overview of the substan-
tive requirements for biofuels of the Renewable Energy Directive 2009/28/EC and
the way in which certification is meant to ensure compliance of operators with those
requirements. It then turns to an analysis and critique of both, with a focus on the
certification system, and to legislative measures (of 2015) and new legislative pro-
posals that address the shortcomings of the system, before offering conclusions.
2 The Renewable Energy Directive of 2009
2.1 Substantive Law
On 23 April 2009, Directive 2009/28/EC on the promotion of the use of energy from
renewable sources1 (Renewable Energy Directive, often referred to as ‘RED’) was
adopted. It is part of the climate and energy package of the EU. This package of
binding legislation is intended to ensure that the EU meets its climate and energy
[2009] OJ L 140/16.
1
C. Glinski (*)
Centre for Private Governance (CEVIA), Faculty of Law, University of Copenhagen,
Copenhagen, Denmark
e-mail: carola.glinski@jur.ku.dk

https://doi.org/10.1007/978-3-030-02499-4_8
164 C. Glinski
targets by 2020. The Directive emphasises that the control of energy consumption
in Europe and the increased use of energy from renewable sources together with
energy savings and an improved energy efficiency are essential elements of the set
of measures that is to reduce greenhouse gas emissions and to provide for compli-
ance with the Kyoto Protocol to the United Nations Framework Convention on
Climate Change and other EU and international commitments to reduce greenhouse
gas emissions beyond 2012.
Within the European strategy to combat climate change, Directive 2009/28/EC
promotes the use of biofuels and bioliquids. Article 3(4) of the Directive requires
Member States to ensure a share of at least 10% of energy from renewable sources
in its final energy consumption in transportation in 2020.
As the use of electro-mobility is still in its infancy, until now, this share is mainly
achieved by the use of biofuels. Biofuels are defined in Article 2(i) Renewable
Energy Directive as ‘liquid or gaseous fuel for transport produced from biomass’.
Basically, two types of biofuels can be distinguished: so-called ‘first-generation
biofuels’, mainly derived from energy crops such as oilseeds, sugarcane or cereals,
and so-called ‘second generation biofuels’, derived, for example, from waste or
residues.
In order for the EU to reach its sustainability goals, the challenge is not only to
ensure that the promoted biofuels have a positive greenhouse gas balance, as com-
pared to fossil fuels, but also that this positive effect is not invalidated by negative
(direct or indirect) impacts on greenhouse gas stocks, negative (direct or indirect)
impacts on environmental protection in general or on biodiversity in particular, neg-
ative impacts on (local) livelihoods, or negative impacts on food security due to
(direct or indirect) changes in land use. To this end, Articles 17, 18 and 19 Renewable
Energy Directive shall ensure that only biofuels and bioliquids are taken into
account, which fulfil certain sustainability criteria, irrespective of whether the raw
materials were cultivated inside or outside the territory of the EU. Other biofuels
can also be placed on the EU market but cannot be counted towards meeting the
mandatory national targets and they cannot receive financial support available to
promote the use of biofuels.
Article 17(2) provides that the use of biofuels lead to greenhouse gas emission
savings emissions of at least 35%, from 2017 of at least 50%, and from 2018 of at
least 60%.2 Biofuels shall not be made from raw material obtained from land with
high biodiversity value in or after January 2008, namely primary forests, areas des-
ignated for nature protection, or highly biodiverse grasslands, whether or not the
land continues to have that status, see Article 17(3). The same applies to biofuels
obtained from land with a high carbon stock in 2008, namely wetlands, continu-
ously forested areas and from peatlands, Article 17(4) and (5). In addition to that,
agricultural raw materials cultivated in the EU shall be produced in accordance with
the requirements and standards for good environmental and agricultural practice,
Article 17(6). The latter, however, does not apply to energy crops cultivated outside
Calculation methods are laid down in Art. 19 of Dir 2009/28/EC.

2
Certification of the Sustainability of Biofuels in Global Supply Chains 165
the EU.3 Moreover, the Renewable Energy Directive of 2009 did not contain any
standards or requirements relating to land use conflicts; which will be discussed
below.
The increased need for biofuels that resulted from the 10% target has led to an
enormously increased cultivation of energy crops, not only within the EU but in
particular in the ‘Global South’ where bioliquids, in particular palm oil and soy oil,
can be produced cheaper and more efficiently than in the EU. In fact, the EU would
not even be able to produce the necessary amount of biomass on its own territory.4
Already in 2012, an estimated 4.4 million hectares of cropland within in the EU and
3.5 million hectares outside the EU were used for energy crops in order to achieve
a biofuel share of around 3–4%. Main exporters were Argentina, Indonesia, the
United States and Brazil.5
The resulting challenge is to make sure that biofuels actually comply with the
requirements of the Renewable Energy Directive, a challenge that is even greater
where production takes place outside the EU.
2.2 The Compliance System
Biofuels go through a supply chain, beginning with the farm where energy crops are
cultivated, through production steps such as oil mills and ending at the petrol sta-
tion. Thus, in order to make sure that biofuels are produced in compliance with the
sustainability criteria of the Renewable Energy Directive, control must extend to the
whole supply chain. Here, transnational supply chains pose particular problems. In
fact, the EU legislator expressed concern that production of biofuels and bioliquids
in certain third countries might not respect minimum environmental or social
requirements.6
Authorities from EU Member States can only control production in third coun-
tries with the permission of the exporting State, and controls abroad produce signifi-
cant administrative costs. Thus, using private standardization and/or certification
systems would seem to provide for a feasible and cost-effective means to ensure
compliance with certain social or environmental standards.7
Article 18 Renewable Energy Directive lays down the main features for the veri-
fication of compliance of operators with the system. To this end, the Renewable
Energy Directive provides for three different routes. According to Article 18(4), the
Commission can recognise national or international regulations, agreements or
3
For a more detailed description see Romppanen (2015), pp. 46 ff.
4
See Ponte and Daugbjerg (2015), pp. 96 ff.
5
See European Commission, Technical assessment of the EU biofuels sustainability and feasibility
of 10% renewable energy in transport, SWD (2015) 117 final, 3.
6
See recital (74) of Dir 2009/28/EC.
7
See also Ponte and Daugbjerg (2015), p. 96.
166 C. Glinski
v oluntary schemes as concretising the requirements of the Directive in case they

provide for adequate standards of reliability, transparency and independent
auditing.
Thus, first, Member States develop national systems to control compliance.
According to Article 18(3), the Member States ensure that economic operators sub-
mit reliable information concerning compliance with the sustainability criteria (as
well as measures taken to protect soil, water and air). To this end, a mass balance
system has to be used in order to enable tracking of energy sources, see Article
18(1). The correctness of the information submitted has to be verified by an ade-
quate standard of independent auditing. The auditing shall verify that the systems
used by economic operators are accurate, reliable and protected against fraud. It
shall evaluate the frequency and methodology of sampling and the robustness of the
data.
Second, the European Commission shall endeavour to conclude bilateral or mul-
tilateral agreements with third countries containing provisions on sustainability cri-
teria that correspond to those of this Directive. Where the Community has concluded
agreements containing provisions relating to matters covered by the sustainability
criteria set out in Article 17(2)–(5), the Commission may decide that those agree-
ments demonstrate that biofuels and bioliquids produced from raw materials culti-
vated in those countries comply with the sustainability criteria in question, Article
18(4) subpara. 1. However, bilateral or multilateral agreements have never been
concluded. That option is therefore likely to be removed in the future (see infra,
Sect. 6).
Third, the Commission may decide that voluntary national or international
schemes setting standards for the production of biomass products contain accurate
data for the purposes of Article 17(2) or demonstrate that consignments of biofuel
comply with the sustainability criteria set out in Article 17(3)–(5).
Thus, in practice, economic operators can prove compliance with the require-
ments of Directive 2009/28/EC in two different ways: by participation in a volun-
tary scheme or by participation in a national scheme. Operators may also use
different systems in order to prove compliance with the different requirements.
Member States as well as voluntary schemes have to report their measures and
relevant information to the Commission. The Commission can adopt implementing
acts and examine sources of biofuels and bioliquids, see Article 18(4)–(6).
2.2.1 The German National Scheme
National schemes are those, which have been set up by the Member States in their
implementing legislation in order to fulfil their obligations stemming from Article
18(3) Renewable Energy Directive. To this end, Member States can provide national
authorities with the (additional) competence to evaluate and approve private stan-
dardisation schemes. Compliance with the sustainability criteria has to be ensured
by independent auditing, which is usually carried out by certification bodies, which
on their part have to be supervised by the competent national authorities. In
contrast, Member States cannot set up additional sustainability or socio-economic

requirements, as the Renewable Energy Directive also aims to create an internal
market for biofuels.8
Otherwise, the Directive did not provide for much guidance on how the Member
States should implement their national compliance systems and which economic
operators exactly should provide evidence of compliance with the sustainability
criteria; which resulted in quite significant differences between Member States.9
In the following, I focus on the example of Germany.10 In Germany, the require-
ments of the Renewable Energy Directive have been implemented with two pieces
of legislation: the Biomassestrom-Nachhaltigkeitsverordnung (Regulation on
requirements pertaining to sustainable production of bioliquids for electricity pro-
duction; BioSt-NachV) and the Biokraftstoff-Nachhaltigkeitsverordnung
(Regulation on requirements pertaining to sustainable production of biofuels;
Biokraft-NachV), both dating from 2009. Moreover, the classification as biofuels
leads to tax reduction under the Energiesteuergesetz (Energy Tax Act).
In nearly 70 provisions (§§ 11–79), the Biokraft-NachV and the BioSt-NachV
lay down detailed requirements for an elaborated compliance control system, which
consists of requirements for producers for their statements of conformity with the
sustainability requirements (§§ 11 ff.), requirements for certificates for operators, in
particular oil mills (§§ 25 ff), the approval of certification schemes (§§ 32 ff.) and
certification bodies (§§ 42 ff.), detailed duties of certification bodies (§§ 48 ff.) and
the surveillance of certification bodies by the Bundesanstalt für Landwirtschaft und
Ernährung (Federal Agency for Agriculture and Food; BLE) (§ 55).
The private standardisation schemes concretise the certification requirements
based on the sustainability criteria of the Renewable Energy Directive, as imple-
mented in Germany, define the requirements on certification bodies and auditors
and set up a quality management system, which is meant to ensure full control of the
supply chain. Requirements on private standardisation schemes but also on certifi-
cation bodies are spelt out in Annex 3 of the above-mentioned Regulations and
further specified in administrative regulations of the Federal Ministry of Finance11
and the Federal Ministry for the Environment, Nature Conservation and Nuclear
Safety respectively.12
The control system is based upon the sustainability statement of producers and
focuses on the traceability of the energy crops or oil in the production chain and the
8
See the Commission proposal for a Directive on the promotion of the use of energy from renew-
able sources, COM(2008) 19 final, 8; Romppanen (2015), 48.
9
See Romppanen (2012), pp. 173 and 176 ff. See also the European Commission’s Staff Working
Document accompanying the Renewable Energy Progress Report of 27/3/2013, SWD(2013) 102
final, 17 f.
10
For a description of the Finnish system, see Romppanen (2013), pp. 340 and 344 ff.
11
Verwaltungsvorschrift für die Anerkennung von Zertifizierungssystemen und Zertifizierungsstellen
nach der Biokraftstoff-Nachhaltigkeitsverordnung (Biokraft-NachVwV) of 12/3/2010, as amended.
12
Verwaltungsvorschrift für die Anerkennung von Zertifizierungssystemen und Zertifizierungsstellen
nach der Biomassestrom-Nachhaltigkeitsverordnung (BioSt-NachVwV) of 10/12/2009, as
amended.
168 C. Glinski
certification of the oil mills by approved certification bodies; which on their part are
under the control of the competent authority, the BLE. The BLE is responsible for
the recognition and supervision of standardisation schemes as well as for the recog-
nition and supervision of certification bodies. The individual standardisation
schemes further set up specific requirements on (recognized) certification bodies
that they cooperate with.
Certification bodies are independent natural or legal persons who issue certifi-
cates to economic operators along the supply chain and who monitor all operations
along the supply chain with regard to the fulfilment of the requirements laid down
in the Renewable Energy Directive and in German legislation adopted for its imple-
mentation as well as other requirements of the used system.
Certification bodies issue certificates only to certain types of operators: the so-
called ‘interfaces’ (Schnittstellen). The interfaces include the first gathering points
or gatherers (first interfaces) as well as all conversion operations (final interfaces).
The first gathering points are establishments and operational sites, which first
acquire the biomass required to produce biofuels from the producers that grow and
harvest such biomass for the purpose of trading it on (for example, agricultural trad-
ers). Gatherers are establishments and operations that first take on the biomass
required for the production of biofuels in the form of waste and residues from the
operations or private households which generated the waste and residues, for the
purpose of trading it on. Conversion operations include establishments and opera-
tions which process biomass from sustainable cultivation or from biogenic waste or
residues and supply the semi-finished products to further processing stages for the
purpose of biofuel or bioliquids production (for example oil mills, biogas plants, fat
preparation plants or other plants the process step of which is not sufficient to
achieve the quality level required for final use) and establishments and operations
that process liquid or gaseous biomass up to the quality class required for final use
(for example oil mills, esterification plants, ethanol plants, hydrogenation plants or
biogas processing plants).
The certification bodies are responsible for the monitoring of compliance with
the legal requirements not only of the interfaces but also of producers (cultivators)
and traders within the supply chain. Their certificates certify that the specific
requirements of the Renewable Energy Directive for the production of sustainable
biofuels or bioliquids are met. Certification bodies can act within one or several
certification systems.13
Currently, two certification schemes14 and 25 certification bodies are recognised
in Germany.15
13
See also Müller (2011), p. 405.
14
International Sustainability and Carbon Certification (ISCC) and REDcert.
15
For the list, see https://www.ble.de/SharedDocs/Downloads/DE/Klima-Energie/Nachhaltige-
Biomasseherstellung/Anerkennung_de.pdf?__blob=publicationFile&v=13.
2.2.2 Voluntary Schemes
Voluntary schemes are private standardisation schemes which can be recognised by

the European Commission, Article 18(4) sentence 2 Renewable Energy Directive.
The recognition of these voluntary systems is valid for a term of no more than 5
years, Article 18(6).
Voluntary certification systems lay down the concrete certification requirements
and procedure such as the exact calculation methods to be used and the concrete
preconditions and requirements for certification bodies with regard to the certifica-
tion of economic operators such as oil mills, the issuing of statements of conformity
and auditing procedures. Further, the certification systems regulate their internal
mechanisms such as risk management, quality control, complaint procedures,
appeal, arbitration and sanctions for non-adherence such as withdrawal of the cer-
tificate or blacklisting as well as their cooperation with other certification systems.
As with national schemes, compliance with the sustainability criteria has to be
ensured by independent auditing which is usually carried out by certification bodies
that are recognized by the certification schemes.
Certification under the voluntary schemes must be recognised by all Member
States (Article 18(7) of the Directive), whereas the Renewable Energy Directive has
not introduced a system of mutual recognition of certification under the national
schemes.16
By the end of 2016, the European Commission had recognised 18 voluntary
certification systems and one calculation tool. Four voluntary schemes expired in
2016 and 2017, among them the much criticised Roundtable on Sustainable Palm
Oil RED scheme,17 so that there are 14 voluntary schemes left.18
The voluntary schemes differ in many ways.19 First, there are differences in their
scope of application. Some cover the whole range of biofuels and bioliquids,
whereas others focus on biofuels derived from a particular crop, for example, palm
oil.20 Second, most schemes cover the whole supply chain whereas others only deal
with parts of it, for example, only the first part up to the first processor.21 Those latter
schemes are sometimes purely national or regional, as for example the Scottish
Quality Farm Assured Combinable Crops Limited scheme.
Another important distinction relates to the sponsor. Some schemes are industry-
driven, whereas the majority of schemes are multi-stakeholder initiatives. This does
16
For critique, see Romppanen (2015), 111 ff.
17
See only https://en.wikipedia.org/wiki/Roundtable_on_Sustainable_Palm_Oil. For more
detailed information, see the German Wikipedia page at https://de.wikipedia.org/wiki/
Roundtable_on_Sustainable_Palm_Oil.
18
See https://ec.europa.eu/energy/sites/ener/files/documents/voluntary_schemes_overview_
dec17.pdf.
19
For the following, see also Hamelmann (2016), pp. 30 ff.; Naiki (2016), pp. 129 and 138 ff.
20
See the overview of voluntary schemes at https://ec.europa.eu/energy/sites/ener/files/documents/
voluntary_schemes_overview_dec17.pdf.
21
E.g., the Gafta Trade Assurance Scheme.
170 C. Glinski
not only impact on their governance structures but, according to the findings of the
European Court of Auditors, also on their transparency.22
All voluntary schemes must of course include the minimum requirements on
sustainability of the Renewable Energy Directive. Some, however, provide for addi-
tional regulation and concretization of substantive sustainability standards.
Typically, industry-driven schemes tend to include only the minimum requirements
of the Renewable Energy Directive, whereas multi-stakeholder initiatives often go
beyond them and include additional environmental requirements, such as environ-
mental impact assessment and good agricultural practice, and aspects of social
responsibility and human rights.23
Finally, one may suspect that they might also differ in relation to fees and to the
intensity of control exercised; the latter having been confirmed by the audit team of
the European Court of Auditors (see infra, Sect. 3.5).
3 Evaluation and Critique of the Original System
The system of the Renewable Energy Directive has been criticised in many ways in
academic writing. The voluntary schemes, in particular, and their recognition and
supervision by the European Commission, were even the subject of a special report
of the European Court of Auditors in 2016.24 The most important issues are dis-
cussed hereinafter.
3.1 Preconditions of a Functioning System
In order for a compliance control system to meet its task, a few preconditions have
to be fulfilled and potential constraints to be taken into consideration. Here, the aim
is to ensure the sustainability of biofuels, which count for the EU system for the
promotion of renewable energy. Thus, first of all, there have to be clear encompass-
ing, problem covering and problem solving sustainability standards. Standards that
are too low or that cover only parts of the problem could put the whole system at
risk. The same applies to sustainability problems, which in their complexity or only
indirect relatedness to the immediate production of energy crops cannot be covered
by the certification of production sites only. Second, the proper implementation of
the requirements must be ensured. Third, adherence to the required standards must
be ensured. Here, as the system in principle provides for a two-layered delegation of
22
European Court of Auditors (2016), p. 27.
23
See also Hamelmann (2016), pp. 37 ff., for a comparison of the multi-stakeholder schemes of
ISCC and Roundtable on Sustainable Biomaterials EU RED with the Red Bioenergy Sustainability
Assurance (RSBA) scheme that was developed by the Abengoa Bioenergy company.
24
See n 22.
authority to private parties, first from the European Commission (or the Member
State) to private standardisation schemes concerning the proper implementation of
standards, and secondly the delegation of control (from the standardisation schemes)
to private certification bodies, the reliability of the private parties involved must be
ensured at both levels. Forth, there have to be effective sanctions for non-compliance.
Otherwise, there is the risk of dysfunctional certification systems, ‘greenwashing’
and unwanted steering effects. In addition, in this case of alternating multi-level
compliance systems, inconsistencies between the different alternatives or levels of
implementation must be avoided. A particular problem may arise from competition
between alternative systems, which might lead to a race to the bottom (see infra,
Sect. 4).
3.2 Substantive Requirements on Biofuels
First of all, and perhaps most importantly, in their original version, the legal mini-
mum sustainability requirements of the Renewable Energy Directive 2009/28/EC
only excluded energy crops which were grown on land that had high ecological
value in 2008 but did not address the issue of replacement of other land uses, such
as the growing of food crops. In many countries, this resulted in indirect land use
changes. Indirect land use changes occur when energy crops do not directly replace
land of high ecological value but replace food crops, which then, on their part, are
grown on land of formerly high ecological value, leading to deforestation and to the
destruction of natural lands and biodiversity. The use of palm oil in particular has
been heavily criticized by environmental organizations, NGOs in the field of devel-
opment cooperation and not least the European Parliament.25 This threat to the
effectiveness of the sustainability criteria had been criticised from the very
beginning,26 and it indeed reflects one of the major limitations of the certification of
production sites.27
Consequently, the audit team of the European Court of Auditors ‘found that the
assessments carried out by the Commission as a basis for the recognition of volun-
tary schemes did not adequately cover some important aspects necessary to ensure
the sustainability of biofuels. In particular, the Commission did not require volun-
tary schemes to verify that the biofuel production they certify does not cause signifi-
cant risks of negative socio-economic effects, such as land tenure conflicts, forced/
child labour, poor working conditions for farmers and dangers to health and safety.
Similarly, the impact of indirect land-use changes (ILUC) on the sustainability of
biofuels is not covered by this assessment. Although we acknowledge the technical
25
See also infra, Sect. 6.
26
See, for example, Bowyer (2010).
27
See, for example, van Dam et al. (2010), pp. 2445 and 2460 ff.
172 C. Glinski
difficulties in assessing the impact of ILUC, the relevance of the EU sustainability

certification system is undermined without this information.’28
With the means of certifiable sustainability criteria, the problem of indirect land
use change, the replacement of (local) food crops and the danger to food security at
local, national or even international level, could only be addressed by an additional
encompassing prohibition or serious limitation of growing of energy crops on for-
mer agricultural land used for food crops. Such a requirement, however, has not
entered the law; and in fact, it might have caused tensions with WTO law.29 In fact,
even the system without consideration of socio-economic criteria and indirect land
use changes has already triggered complaints under the WTO dispute settlement
system.30
Another problem, that cannot be addressed by substantive sustainability require-
ments for certain products for a certain market alone, here: biofuels for the EU
market, is the replacement of products and markets. Palm oil for European biofuels
might not be grown on land with former high ecological value, but maybe palm oil
for foodstuff or palm oil for the Chinese market instead. Thus, competition for land
caused by additional land needs for energy crops, related food security issues,
increasing prices for land and food and other macro-economic mechanisms can
hardly be solved by any sustainability criterion related to concrete production sites
for concrete products for concrete markets. Therefore, certification of individual
production cannot replace land planning or other complex political planning and
balancing duties of the State.31
Finally, a serious substantive law shortcoming is the fact, that the requirements
for good agricultural practice in Article 17(6) of the Directive are limited to EU food
crops only and thus do not require imported biofuels or bioliquids to be cultivated
in an environmentally sound manner.
3.3 Implementation of the Sustainability Criteria
Directive 2009/28/EC formulates the sustainability criteria quite broadly; which

leaves a lot of discretion at the level of implementation, by national legislation or
voluntary schemes.
28
See European Court of Auditors (2016), p. 35.
29
See, for example, IPC and Renewable Energy International Law (2006); Switzer and McMahon
(2011), p. 713; Lydgate (2013), pp. 159 ff. For the relationship of private or voluntary schemes and
WTO law, see also Glinski (2017), p. 120, in particular 138 ff.
30
See WT/DS443 European Union and a Member State – Certain Measures Concerning the
Importation of Biodiesel; WT/DS459 European Union and certain Member States – Certain
Measures on the Importation and Marketing of Biodiesel and Measures Supporting the Biodiesel
Industry – Request for consultations by Argentina.
31
See also Schmeichel (2014), pp. 174 ff.; van Dam et al. (2010), pp. 2445 and 2460 ff.
As a first visible consequence, there was significant uncertainty related to a num-

ber of issues, which delayed the recognition process for voluntary schemes. The
first seven voluntary schemes were only recognised in July 2011, and another five
schemes between April and November 2012.32
Subsequent concretising communications by the European Commission either
still left quite some room for interpretation or were only delivered years after the
entering into force of the Renewable Energy Directive.33 A striking example pro-
vides the notion of ‘highly biodiverse grassland’, which is protected under Directive
2009/28/EC. The European Commission only defined the criteria and geographic
ranges to determine which grassland had to be considered ‘highly biodiverse’ in
December 2014, and the criteria only became effective in October 2015.34 As a
result, the various voluntary schemes dealt quite differently with that topic.35 In fact,
three voluntary schemes simply left the ‘highly biodiverse grassland’ aspect out of
the recognition process, which means that the sustainability certificates delivered by
these schemes before 1 October 2015 did not include verification of whether the
feedstock was obtained from such land. The schemes therefore only obtained ‘par-
tial recognition’ from the Commission, explicitly excluding this sustainability crite-
rion. Nevertheless, in practice their sustainability certificates were actually
considered as covering all the sustainability criteria of the Directive.
Another problem was that the Directive did not provide a definition of waste.36
Only in 2014, the European Commission reacted to that problem with a guidance
note.37 This lack of clarity made it easier to declare, for example, virgin oil as waste
oil.38
The ambiguity in the definition of sustainability criteria is reflected in the volun-
tary schemes, which already differ in their definition of excluded areas of high eco-
logical value. Also, while some only reiterate very general principles and criteria,
others have concrete requirements for the different energy crops or take local
32
See Ugarte et al. (2013). In contrast, Germany was the first Member State to implement the cer-
tification system of Directive 2009/28/EC and has recognised two certification systems already in
2010, see BLE (2011), p. 10.
33
See, for example, European Commission, Communication on voluntary schemes and default
values in the EU biofuels and bioliquids sustainability schemes, [2010] OJ C 160/1; Commission,
Communication on the practical implementation of the EU biofuels and bioliquids sustainability
scheme and on counting rules for biofuels, [2010] OJ C 160/8. See also Romppanen (2012),
pp. 177 ff.
34
See Council Reg (EU) No 1307/2014 on defining the criteria and geographic ranges of highly
biodiverse grassland for the purposes of Art 7b(3)(c) of Dir 98/70/EC relating to the quality of
petrol and diesel fuels and Art 17(3)(c) of Dir 2009/28/EC on the promotion of the use of energy
from renewable sources, [2014] OJ L 351/3.
35
For critique, see the European Court of Auditors (2016), p. 26.
36
For critique, see Romppanen (2015), p. 91.
37
European Commission note on ‘Verification of the chain of custody of biofuels made from waste
and processing residues’ (10.10.2014); available at https://ec.europa.eu/energy/sites/ener/files/
documents/2014_letter_wastes_residues.pdf.
38
European Court of Auditors (2016), p. 25. See also infra, Sect. 3.4.
174 C. Glinski
c onditions into consideration.39 Most of the voluntary schemes require compliance

with national laws in order to overcome enforcement deficits abroad,40 thereby
going beyond the requirements of the Directive. Further, while in particular the
industry-driven certification schemes, such as 2BSvs or Greenenergy, do not use
environmental requirements in addition to the exclusion of areas of high ecological
value, others, such as roundtable initiatives like RSB or Bonsucro also require a
certain extent of water, soil and air protection, an environmental impact assessment
and certain environmental management practices. The latter, however, in most
cases41 do not contain concrete substantive requirements but remain vague in the
area of management processes.
In this regard, the inclusion of environmental impact assessment requirements
into the Directive and an extension of the requirements for good agricultural prac-
tice in Article 17(6) of the Directive, which are limited to European food crops,
could contribute to less environmental degradation abroad.42 Another problem
found in this regard was the fact that the schemes only address environmental prob-
lems related to the growing of the food crops but do not address environmental
problems in relation with transportation and the further processing of the fuel.43
As mentioned above, a variety of schemes applied additional socio-economic
considerations such as land rights, other community rights, labour conditions and
even broader development issues like food security44—although the latter might
only be assessable to a limited local impact in relation to the assessment of a con-
crete production site. These criteria were, however, not assessed by the European
Commission, as they were not mandatory.45
Another important issue regarding standards and comparability is the fact that
usually the voluntary schemes do not require compliance with all standards but dif-
ferentiate between core criteria and criteria of minor importance, the latter being
less relevant for certification.46
3.4 The Approval of Voluntary Schemes
The European Commission has the responsibility to recognise voluntary schemes,

Article 18(4) Renewable Energy Directive. In order to safeguard the proper imple-
mentation of the sustainability standards of the Directive, the Commission’s assess-
ment of the substantial requirements of the voluntary schemes as well as of their
39
For details, see Schmeichel (2014), pp. 167 ff.
40
See Schmeichel (2014), pp. 167 f.
41
With the positive exception, in particular, of RSB.
42
See also Schmeichel (2014), pp. 169 f.
43
Ibid., 169 f, 175.
44
See also ibid., 171.
45
46
See Schmeichel (2014), p. 172.
verification procedures and institutional set-up are essential. Thus, the Commission’s
benchmarks for assessment as well as the approval procedure play a decisive role.
The recognition of voluntary schemes is an implementing act by the Commission
in terms of Article 291 TFEU, following the advisory procedure of Article 4 of
Regulation (EU) No. 182/2011 laying down the rules and general principles con-
cerning Commission’s exercise of implementing powers.47 Hereby, the Commission
has to take into consideration the opinion of the Committee on the Sustainability of
Biofuels and Bioliquids, see Articles 18(6) and 25(3) Renewable Energy Directive.
NGOs have criticized the recognition procedure for lack of transparency and
public participation. Several NGOs tried to get access to documents relating to the
recognition of voluntary schemes and, failing to obtain them, claimed an infringe-
ment of their right to access to environmental information. The General Court, how-
ever, dismissed the claim for procedural reasons.48
Article 18(4) subpara. 2 of Directive 2009/28/EC requires voluntary schemes to
provide for accurate data, comply with the methodological requirements concerning
measurement, ensure compliance with the sustainability criteria and meet ‘adequate
standards of reliability, transparency and independent auditing’.
The Commission’s Communication on voluntary schemes49 concretises that vol-
untary schemes (in line with national schemes) have to use the mass balance sys-
tem50 and must provide information on the country of origin, and states that evidence
showing compliance with the sustainability criteria could be provided by a related
statement. Furthermore, the schemes must ensure that the economic operators are
audited before they can participate in the scheme. Also, the schemes have to ensure
regular—at least annual—audits by independent external auditors following the
approval,51 and they must provide for a documentation management, which allows
the verification of information provided.
The audit team of the European Court of Auditors was also critical of the recog-
nition practice. For example, it found that the Commission granted recognition to
voluntary schemes, which did not have appropriate verification procedures to ensure
that, as required by Directive 2009/28/EC, biofuel crops cultivated in the European
Union fulfil the EU environmental requirements for agriculture. Another shortcom-
ing was the verification of the origin of biofuels produced from waste as indeed
waste. The problem here is that waste is counted double because it provides for a
more sustainable source of energy and in particular not in competition with food
production (Article 21(2)). This created an incentive to declare, for example, virgin
oil as waste oil.52
47
[2011] OJ L 55/13. See also Art 13(1)(a) of Reg (EU) 182/2011.
48
See EGC, Case T-278/11 Client Earth et al v Commission, ECLI:EU:T:2012:593; see also
Schmeichel (2014), p. 134.
49
Commission, Communication on voluntary Schemes and default values in the EU biofuels and
bioliquids sustainability schemes, [2010] OJ C 160/1.
50
Ibid., para 2.2.3.
51
Ibid., para 2.2.2.
52
176 C. Glinski
Interestingly, the European Commission did not carry out the assessment of vol-
untary schemes with its own staff but through an external contractor that the Court
of Auditors however found to have applied the rules correctly.53
According to the Commission’s Communication on voluntary schemes, certifi-
cation bodies and auditors must possess sufficient capabilities and expertise to
ensure sustainability. They comply with these requirements when they follow the
ISO 19011 standard on quality and/or environmental management auditing.54 The
main requirements are that audits have to be planned, conducted and reported prop-
erly, and that risk assessments and verification measures have to be carried out.
Apart from that, no detailed requirements on the auditing process or on the required
institutional set-up were codified. In particular, there are no further requirements
concerning the inclusion of stakeholders in order to ensure the independence and
transparency of the audits.55
Moreover, the European Commission’s recognition does not extend to certifica-
tion bodies, nor are they subject to any Commission assessment. The Directive
appears to envisage that certification bodies are recognized and monitored by the
operators of the voluntary schemes. Indeed, the exclusion of certification bodies
from assessment and recognition was regarded as a major shortcoming of the com-
pliance procedure.56 As mentioned above, in the German system, the BLE is respon-
sible for the recognition and supervision of certification bodies both in national
schemes and in voluntary schemes. In the special report of the European Court of
Auditors, this supervision by the BLE is seen as a restriction of the effects of the
European Commission’s recognition of a voluntary scheme, and as an additional
burden to the controls already carried out by the voluntary schemes. In fact, the
Commission also seems to be more concerned with avoiding ‘excessive administra-
tive burden’ on economic operators than with strict control of their activities.57
3.5 Monitoring
One of the main criticisms related to monitoring. In fact, the Renewable Energy
Directive does not require the Commission to exercise supervision over voluntary
schemes.58 Accordingly, once it had recognised them, the Commission did not
supervise the voluntary schemes.
53
54
Commission, Communication on voluntary Schemes and default values in the EU biofuels and
bioliquids sustainability schemes, [2010] OJ C 160/1, para 2.2.2.
55
For critique, see Romppanen (2015), p. 49.
56
See e.g. Schmeichel (2014), pp. 136 f.
57
See the Staff Working Document (2013), 17.
58
In fact, the German participants in the Committee on the Sustainability of Biofuels and Bioliquids
explicitly suggested that monitoring of the voluntary systems should be one of the tasks of the
Committee, which, however, was not regarded as necessary. See the summary report of the m eeting
The special report of the European Court of Auditors of 2016 found:

The Commission does not supervise the functioning of recognised voluntary schemes.
Since the recognition decision is issued on the basis of a documentary review of the certifi-
cation procedures, the lack of supervision means that the Commission cannot obtain assur-
ance that voluntary schemes actually apply the certification standards presented for
recognition. Furthermore, the Commission has no means to detect alleged infringements of
voluntary schemes’ rules as there is no specific complaint system in place and the
Commission does not verify whether complaints directly addressed to voluntary schemes
are correctly dealt with by them.59
According to the Commission, the only control instrument at its disposal is the
withdrawal of the recognition of a scheme, if it has evidence that the scheme has
incurred a serious infringement of its certification rules and requirements. However,
as the audit team rightly remarked, as the Commission does not supervise how vol-
untary schemes operate, it is very unlikely that it can obtain sufficient evidence in
this regard.60 Moreover, no complaint system was in place that could have alerted
the Commission.61
Monitoring apparently has not even taken place where it would have been easy
to do. In relation to the implementation of the European Commission’s guidance
note on ‘Update of Commission website, notifications and transparency measures’
of March 2015,62 the audit team of the European Court of Auditors found, with a
simple review of the voluntary schemes’ websites, that almost 1 year after the guid-
ance note had been issued, the requirements were far from being accomplished:
many gaps still existed where information had either not been published or was
unclear or incomplete.63
Procedural shortcomings concerning the recognition and supervision of volun-
tary schemes also impact on the proper implementation (apart from their vagueness)
of the substantive sustainability requirements by the voluntary schemes. Without
supervision of the voluntary schemes following their recognition, there is obviously
no guarantee that they really provide ‘accurate data’.64 Also, the intensity of the
control exercised by individual schemes is unclear, and again the reason is that the
European Commission has not controlled their activities.
Indeed, the special report of the European Court of Auditors concluded that,
‘because of weaknesses in the Commission’s recognition procedure and subsequent
supervision of voluntary schemes, the EU certification system for the sustainability
of biofuels is not fully reliable.’65
of the Committee on the Sustainability of Biofuels and Bioliquids of 27 May 2011, quoted by
Schmeichel (2014), p. 136.
59
60
Ibid., 28.
61
Ibid., 29.
62
Available at https://ec.europa.eu/energy/sites/ener/files/documents/PAM%20to%20vs%20
on%20transparency%20ARES%202015%201094930.pdf.
63
64
See, e.g., Schmeichel (2014), p. 135.
65
178 C. Glinski
This may be contrasted with the supervision of the German national schemes and
the German certification bodies by the Federal Agency of Agriculture and Food
(BLE); whereby it should be remembered that the latter applies to certification bod-
ies under the national scheme and under the voluntary schemes alike if they are situ-
ated in Germany.
Supervision by the BLE of certification bodies includes office audits at the certi-
fication bodies on a yearly basis and risk-oriented evaluation of the audit work of
the certification bodies (witness audits).66 The BLE auditors monitor certification
audits of certification bodies (so-called witness audits) all over the world, provided
that the countries concerned have permitted the BLE to carry out witness audits on
their territory. According to its latest report relating to 2016, in that year the BLE
monitored 163 (previous year: 146) certification audits carried out by the certifica-
tion bodies. 96 of these audits were carried out in Germany, the remaining 67 audits
took place all over the world in countries both within and outside of the European
Union.67
3.6 Reliability of Voluntary Schemes
The audit team of the European Court of Auditors was not in the legal position to
control the voluntary schemes themselves, as the voluntary schemes are not financed
out of the EU budget. However, four voluntary schemes voluntarily agreed to a
review. In relation to the criterion of compliance with EU environmental law, as
envisaged by Article 17(6) of the Renewable Energy Directive, the audit team found
that the certification standards of three of them did not allow effective and compre-
hensive verification of the fulfilment of that sustainability criterion. Those schemes
relied on controls carried out by national authorities of EU Member States in the
framework of the Common Agricultural Policy, but they had no access to the results
of such controls.68
4 C
ompetition Between Different Systems: A Race
to the Bottom?
The free choice between national schemes and (a variety of) voluntary schemes
creates competition between those schemes. As mentioned above, the voluntary
schemes differ substantially in that some of them go beyond the minimum
66
See BLE (2017), p. 15.
67
Ibid., 23.
68
European Court of Auditors (2016), pp. 20 f.; hereby the audit team indicates that infringements
by farmers of EU environmental law are frequent; which indicates that the controls carried out by
national authorities may be insufficient.
requirements of the Renewable Energy Directive, whereas others do not. One

may suspect that they also differ in relation to fees and to the intensity of control
exercised, as the audit team of the European Court of Auditors suggested. Quite
naturally, it would make sense for economic operators in the area of biofuels to
choose a scheme the use of which promises the desired results at the lowest
costs,69 or, to apply to another certification scheme in case of a rejection.70
Moreover, the intensity of the control exercised by individual voluntary schemes
is not entirely clear, because the European Commission has not controlled their
activities.
One may also note in this context that the requirements of the Renewable Energy
Directive for national schemes were more detailed than those for voluntary schemes.
According to Article 18(3), Member States should not only regulate that the eco-
nomic operators ‘arrange for an adequate standard of independent auditing’ which
‘verif(ies) that the systems used by the economic operators are accurate, reliable
and protected against fraud’ but they should also ‘evaluate the frequency and meth-
odology of sampling and the robustness of the data.’ Indeed, as mentioned above,
Member States have added detailed requirements on certification schemes in their
national legislation.
With a view to the competition between schemes, it may be interesting to look at
the development of participation in the German national scheme and in voluntary
schemes.
Germany was the first Member State to implement the certification system of
Directive 2009/28/EC and recognised two private systems as early as in 2010,71 and
for that reason, many operators initially joined that scheme. In 2010, 16% of the
participants in the German national schemes were from other EU Member States,
and another 4% from third countries, mostly Indonesia, Malaysia and the United
States.72 By the end of 2011, the share of participants from other EU Member States
had increased to 33%, and the share of participants from third countries to 11%.73
Interestingly, the BLE, which is the competent authority for the purposes of bio-
fuels certification and which appears to exercise tight control over nationally recog-
nised schemes74—among others, the BLE has rejected one application for
recognition and withdrawn another recognition—has noticed a constant move out
of the German national scheme and into the voluntary schemes that have been rec-
ognised by the European Commission; whereby the BLE only counts participants
that are active on the German market.
As mentioned above, the process of the recognition of voluntary schemes by the
European Commission took longer, and the first schemes were only recognised in
69
See also Hamelmann (2016), p. 45.
70
On the possibility of such ‘scheme shopping’, see European Court of Auditors (2016), p. 32.
71
ISCC and REDcert, see BLE (2011), p. 10.
72
Ibid., 13.
73
BLE (2012), p. 18.
74
See also the critique of the audit team of the European Court of Auditors (2016), p. 30.
180 C. Glinski
July 2011.75 In 2012, the first participants, in particular from Germany and France,
left the German national schemes; which the BLE related to the coming into effect
of the voluntary schemes.76 From 2013 on, the decrease was significant. In 2013, the
number of participants in the German national schemes decreased by 16% as com-
pared to 2012. Among the participants from third countries, the decrease was even
22%. In contrast, the number of participants in the voluntary schemes that were
registered in the German database more than doubled.77 In 2014, the number of
participants in the voluntary schemes for the first time exceeded the number of par-
ticipants in the German national scheme.78 The trend continued, and in its report on
2016, the BLE counted 1062 participants in the German national schemes, as com-
pared to nearly 2000 participants in 2011 and 2012; whereas 2614 operators (with
relevance for the German market) participated in the voluntary schemes.79
One reason for the move away from national schemes towards voluntary schemes
has certainly been that certification under the voluntary schemes must be recognised
by all Member States, whereas the Renewable Energy Directive had not introduced
a system of mutual recognition of certification under the national schemes. However,
as mentioned above, it also seems that the avoidance of strict controls may have
been an incentive, as can be concluded from the subsequent legislative
development.
5 Amendments in 2015
In 2015, the European legislator adopted a number of amendments with Directive

(EU) 2015/1513.80
5.1 Substantive Law Novelties
Most importantly, that Directive addressed the problem of indirect land use changes.
Following an impact assessment by the European Commission,81 published in
October 2012, the EU legislator acknowledged that based on forecasts of biofuel
75
In the UK and the Netherlands, national systems had been established by that time as well, see
BLE (2012), p. 18.
76
See BLE (2013), pp. 17 and 20.
77
See BLE (2014), pp. 17 ff.
78
BLE (2015), p. 19.
79
See BLE (2017), p. 21.
80
[2015] OJ L 239/1.
81
Impact Assessment accompanying the proposal for a Directive amending Directive 98/70/EC
relating to the quality of petrol and diesel fuels and amending Directive 2009/28/EC on the promo-
tion of the use of energy from renewable sources, SWD(2012) 343 final.
demand provided by the Member States and estimates of indirect land-use change
emissions for different biofuel feedstocks, it was likely that greenhouse gas emis-
sions linked to indirect land-use change were significant, and could negate some or
all of the greenhouse gas emission savings of individual biofuels. This is because
almost the entire biofuel production in 2020 could be expected to come from crops
grown on land that could be used to satisfy food and feed markets. In order to reduce
such emissions, it was therefore deemed appropriate to distinguish between crop
groups such as oil crops, sugars and cereals and other starch-rich crops
accordingly.82
To this end, the EU established a ceiling of 7% for the share of biofuels obtained
from food crops (first generation biofuels), see Article 3(4) of Directive 2009/28/EC
as amended by Article 2(2) of Directive 2015/1513/EU, and changed the timing of
the sustainability criterion of the increased minimum savings from 35% to 50%
(from 2018) and 60% for new installations (since 1 January 2017). The 7% ceiling
applies from 2020. Thus, the rest of the 10% renewable energies target must be
achieved by other means, for example through biofuels derived from waste (second
generation biofuels).
5.2 Procedural Novelties
With regard to the voluntary systems, the 2015 Directive has introduced detailed
annual reporting requirements for voluntary schemes in Article 18(5) subpara 2 and
(6) subpara 2 Renewable Energy Directive (as amended). These reports have to be
made public on the transparency platform referred to in Article 24. They shall pro-
vide the basis of a detailed analysis by the Commission concerning the functioning
of these schemes, see Article 18(6) subpara 3 (a)–(k). In addition, the Commission
may specify the standards of independent auditing in order to prevent fraud, accord-
ing to Article 18(5) subpara 3 Renewable Energy Directive (as amended).
6 The Proposal of 2016
On 30 November 2016, the European Commission proposed a comprehensive leg-

islative package under the name of ‘Clean Energy for all Europeans’, which includes
the draft of a new Renewable Energy Directive for the 2021–2030 period,83 among
other things.
See recital (5) of Dir (EU) 2015/1513.

82
Proposal for a Directive on the promotion of the use of energy from renewable sources (recast),
83
COM(2016) 767 final.

182 C. Glinski
6.1 Substantive Law Novelties
At the level of substantive law, the Commission proposed to introduce a ceiling for

conventional biofuels and a minimum share of advanced biofuels. Actually, the
highly controversial use of palm oil as biofuel (and related certification) is likely to
be phased out entirely in the European Union, as the European Parliament has
decided to amend the Commission proposal in such a way that the contribution from
biofuels and bioliquids produced from palm oil shall be 0% from 2021,84 as already
indicated in its resolution of 4 April 2017 on palm oil and deforestation.85
Also, the proposal of 2016 takes a more encompassing approach insofar as it not
only includes biofuels and bioliquids but also other biomass used for energy pro-
duction. In this regard, in particular requirements for sustainable forestry shall be
included, although critiques argue that those requirements are too vague, and it
seems that in this regard, the 2016 proposal repeats mistakes that have been made in
2009.
Also, Article 27 brings a clarification on the mass balance system and adapts it to
cover biogas co-digestion and injection of biomethane in the natural gas grid.
6.2 Procedural Novelties
To streamline the EU sustainability system, the proposal deletes a number of non-

operational provisions, such as the possibility to establish agreements with third
countries (Article 18(4) subpara 1 of Directive 2009/28/EC).
Article 27(5) of the proposal clarifies the legal basis allowing the Commission to
specify the auditing approaches to be applied by the voluntary schemes, however,
with strong focus on limiting administrative burden. Furthermore, it enhances the
involvement of Member States in the governance of voluntary schemes by allowing
checks of certification bodies, Article 27(7) subpara 2 of the proposal.
The amended article includes the obligatory recognition of evidence from
national schemes of other Member States that have been verified by the Commission
(Article 27(6) of the proposal). This mutual recognition of national schemes could
increase their attractiveness in the future.
Also, the proposal appears to recognise that control under the voluntary schemes
was insufficient to prevent fraud, as it calls for adequate standards of reliability,
transparency and independent auditing to ensure that compliance with the sustain-
ability and greenhouse gas emissions savings criteria is verified in a robust and
harmonised manner and in particular to prevent fraud.86 The Member States are to
84
European Parliament doc. P8_TA-PROV(2018)0009 of 17/1/2018, Amendment 307 on Art 7(1)
subpara 4 of the Commission proposal.
85
European Parliament doc. A8-0066/2017.
86
See recital (81) and Art 27(3) of the proposal.
monitor the certifications, and the economic operators are to register sustainability
certificates in databases. The intention of this is to reduce the vulnerability to fraud
by automatically ensuring that a certain amount of sustainable goods can only
obtain government funding once, even in the case of cross-border dealings.
Moreover, the European Parliament has asked for an amendment, according to
which Member States should get into the position of being able to intervene in vol-
untary schemes. According to amendment 261, Article 27(3) shall include the fol-
lowing sentence:
Where a Member State raises a concern as to the operation of a voluntary scheme, the
Commission shall investigate the matter and take appropriate action.
This seems to be another consequence of the findings of the audit team of the
European Court of Auditors, demonstrating that trust in the European Commission’s
engagement to investigate the effectiveness of voluntary schemes is limited.
7 Conclusions
The certification of the sustainability of biofuels faces a number of challenges,

which can be or have been addressed only partly in a convincing manner.
The major challenge of preventing the destruction of primary forests and other
areas of high ecological value cannot be addressed by certifiable sustainability cri-
teria only. The same applies to the replacement of food crops, the danger to food
security at local, national or even international level, and other socio-economic
problems related to land-use conflicts. This has meanwhile been recognized by the
EU legislator. In order to reduce land use conflicts, Directive 2015/1513/EU has
established a 7% ceiling for biofuels obtained from energy crops. A further reduced
ceiling of 3.8% is envisaged in the proposal of 2016. Biofuels from palm oil, which
is regarded to be the main cause of serious land use conflicts abroad, shall be ruled
out totally from 2021 on. In how far this becomes reality and whether it will be suf-
ficient remains to be seen.
In contrast, the sustainability criteria will neither be concretised nor amended
considerably, for example through the inclusion of social and environmental stan-
dards for the cultivation of energy crops on the basis of best practices already exer-
cised by some of the schemes in order to ensure a high-level playing field for
national and voluntary schemes.87 Thus, the risk of ‘scheme shopping’ with an
inherent tendency towards a race to the bottom remains. The only improvement in
this regard is the obligation to recognise evidence from other national schemed
envisaged in the 2016 proposal.
In terms of compliance and transparency of voluntary schemes, the newly intro-
duced reporting duties and publication requirements on the transparency platform
might be helpful. Further, the proposal suggests an obligation for the Commission
87
See also Schmeichel (2014), pp. 174 ff.
184 C. Glinski
to investigate the operation of voluntary schemes at least in case a Member State

raises concern.
With a view to certification bodies and audits, the proposal clarifies the
Commission’s competence to specify auditing requirements and the competence of
the Member States to control certification bodies, as it is already enshrined in the
German system.
A mandatory inclusion of stakeholders in voluntary schemes and audits, how-
ever, is not being envisaged, although evidence has shown, that this leads to an
increased likelihood of more encompassing and more ambitious standards as well
as of more reliable audits, in particular in countries where administrative enforce-
ment capacities are weak.
References
BLE. (2011). Biomassestrom-Nachhaltigkeitsverordnung, Biokraftstoff-Nachhaltigkeitsverordnung,

Evaluations- und Erfahrungsbericht für das Jahr 2010. Bonn, Germany: Bundesanstalt für
Landwirtschaft und Ernährung.
BLE. (2017). Evaluation and Progress Report 2016. Bonn, Germany: Bundesanstalt für
Bowyer, C. (2010). Anticipated indirect land use change associated with expanded use of biofuels
and bioliquids in the EU – An analysis of the national renewable energy action plans. https://
ieep.eu/publications/climate-change-and-energy/energy/anticipated-indirect-land-use-change-
associated-with-expanded-use-of-biofuels-and-bioliquids-in-the
European Court of Auditors. (2016). The EU system for the certification of sustainable biofuels.
Special Report 18/2016, Luxembourg.
Glinski, C. (2017). CSR and the law of the WTO – The impact of Tuna Dolphin II and EC–Seal
Products. Nordic Journal of Commercial Law, 120.
Hamelmann, J. (2016). Certification of biofuels within the Directive 2009/28/EC: A comparative
analysis of certification schemes. Bachelor thesis, University of Twente.
IPC and Renewable Energy International Law. (2006). WTO disciplines and biofuels: Opportunities
and constraints in the creation of a global marketplace. http://www.agritrade.org/Publications/
wto_biofuels.html
Lydgate, E. B. (2013). The EU, the WTO and indirect land-use change. Journal of World Trade,
47, 159.
Müller, D. (2011). Die Umsetzung der europäischen Nachhaltigkeitsstandards für die Nutzung von
Bioenergie in Deutschland. Zeitschrift für Umweltrecht, 405.
Naiki, Y. (2016). Trade and bioenergy: Explaining and assessing the regime complex for sustain-
able bioenergy. European Journal of International Law, 27, 129.
Ponte, S., & Daugbjerg, C. (2015). Biofuel sustainability and the formation of transnational hybrid
governance. Environmental Policy, 24, 96.
Romppanen, S. (2012). The EU’s biofuels: Certified as sustainable? Renewable Energy Law and
Policy Review, 173.
Romppanen, S. (2013). The role and relevance of private actors in EU biofuel governance. Review
of European, Comparative & International Environmental Law, 22, 340.
Romppanen, S. (2015). New governance in context: Evaluating the EU biofuels regime.
Dissertation, University of Eastern Finland.
Schmeichel, A. (2014). Towards sustainability of biomass importation – An assessment of the EU
renewable energy directive. Groningen, The Netherlands: Europa Law Publishing.
Switzer, S., & McMahon, J. (2011). EU biofuels policy – Raising the question of WTO compat-
ibility. International and Comparative Law Quarterly, 60, 713.
Ugarte, S., van Dam, J., & Spijkers, S. (2013). Recognition of private certification schemes for pub-
lic regulation – Lessons learned from the renewable energy directive. Deutsche Gesellschaft
für internationale Zusammenarbeit.
van Dam, J., Junginger, M., & Faaij, A. P. C. (2010). From the global efforts on certification of
bioenergy towards an integrated approach based on sustainable land use planning. Renewable
and Sustainable Energy Reviews, 2445.
Part III
Liability for Negligent Certification
Certification of Medical Devices: Lessons
from the PIP Scandal
Peter Rott
1 Introduction
EU product safety law generally aims to ensure that only safe products are put into
circulation in the EU.1 At the substantive law level, safety standards have been
adopted. The procedural mechanisms that are put into place in order to achieve this
goal depend on the risk that is inherent in the relevant category of products. For
certain categories of high risk products, EU law requires pre-market approval.
Examples include pharmaceuticals,2 genetically modified organisms3 and pesti-
cides.4 Otherwise, the producer who puts products into circulation must certify him-
self that the products comply with the required safety standards.5 Certification is at
the same time an essential element of EU internal market law. Products that bear the
1
See, for example, recital (4) of Dir 2001/95 on general product safety, [2002] OJ L 11/4. For
medical devices, see the fifth recital of the Medical Devices Dir 93/42/EEC, [1993] OJ 1993, L
169/1.
2
See, for example, Art 6 of Dir 2001/83/EC on the Community code relating to medicinal products
for human use, [2001] OJ L 311/67.
3
See Art 4(2) of Reg (EC) No 1829/2003 on genetically modified food and feed, [2003] OJ L
268/1.
4
See Art 28(1) of Reg (EC) No 1107/2009 concerning the placing of plant protection products on
the market, [2009] OJ L 309/1.
5
For more details, see Hodges (2005), p. 53 ff; Schepel (2005), p. 227 ff; van Leeuwen (2017),
p. 40 ff; Verbruggen and van Leeuwen (2018), pp. 394, 396 ff. VI Daskalova and MA Heldeweg,
‘Challenges for Responsible Certification in Institutional Context. The Case of Competition Law
Enforcement in Markets with Certification’, in this volume, refer to this phenomenon as first party
certification.
P. Rott (*)
Kassel, Germany
e-mail: rott@uni-kassel.de

https://doi.org/10.1007/978-3-030-02499-4_9
190 P. Rott
CE mark can circulate freely in the internal market:6 which means that Member
States cannot make their marketing subject to a prior approval procedure,7 and they
cannot ask for additional self-certification by the person who puts the product into
circulation either.8
Medical devices come under the self-certification system,9 first established by
Directive 93/42/EEC concerning medical devices. The EU legislator has, however,
recognised that some medical devices pose higher risk to patients than others. For
example, whilst the risk associated with an injection needle appears to be low, the
same does not apply to artificial hips or breast implants. Therefore, medical devices
are classified into the different categories I, IIa, IIb and III.10 The conformity assess-
ment procedures for Class I devices can be carried out, as a general rule, under the
sole responsibility of the manufacturers in view of the low level of vulnerability
associated with these devices. For class III devices, which include breast implants,11
prior authorisation by way of third party certification by a notified body is required
so as to ensure the safety of high risk devices.
The proper functioning of that system has been doubted for long. The scandal
around cheap and defective breast implants that were produced and distributed by
the French producer Poly Implant Prothèse (PIP), whose product design was
certified by TÜV Rheinland as being safe, brought the problems to the attention of
the public and also served as a wake-up call for the legislator. Although it was an
atypical case, as neither the certified product design nor the qualification of TÜV
Rheinland as notified body for medical devices was in question, the case triggered
broader amendments to the system.12 Indeed, medical devices law and practice per-
fectly illustrates the variety of ways in which a certification system may fail.
Following the PIP scandal, a number of additional measures have been taken. At the
6
See, for example, Art 4 of the Medical Devices Dir 93/42/EEC.
7
See ECJ, 17/4/2007, Case C-470/03 A.G.M.-COS.MET Srl v Suomen valtio and Tarmo Lehtinen,
ECLI:EU:C:2007:213.
8
See ECJ, 8/5/2003, Case C-14/02 ATRAL SA v Belgium, ECLI:EU:C:2003:265.
9
See also Singh (2013), p. 465.
10
See the 15th recital of Directive 93/42/EEC: ‘Whereas it is necessary, essentially for the purpose
of the conformity assessment procedures, to group the devices into four product classes; whereas
the classification rules are based on the vulnerability of the human body taking account of the
potential risks associated with the technical design and manufacture of the device […].’ On dif-
ferentiation between risk categories within the conformity assessment procedures see generally
Kapoor and Klindt (2008), pp. 649, 650 f.
11
See Commission Dir 2003/12/EC on the reclassification of breast implants in the framework of
Directive 93/42/EEC concerning medical devices, [2003] OJ L 28/43. Prior to that Directive,
breast implants had been classified as class IIb medical devices.
12
For a chronic of the PIP scandal and the related problems, see the Commission Staff Working
Document Impact assessment of the revision of the regulatory framework for medical devices,
SWD(2012) 273 final, Appendix 11—Analysis of the PIP breast implants case in the light of the
envisaged revision of the EU regulatory framework for medical devices (“stress test”). See also van
Leeuwen (2014), pp. 338, 339; de Bruyne and Vanleenhove (2016), pp. 823, 833 f; Verbruggen and
van Leeuwen (2018), p. 395 f.
Certification of Medical Devices – Lessons from the PIP Scandal 191
same time, liability of TÜV Rheinland was tested in litigation in Germany and
France.
This chapter briefly explains the safety system of the Medical Devices Directive
93/42/EEC and the role of certification organisations within that system (2) and the
control system established to make sure that they fulfil that role (3). It then discusses
the recognised weaknesses of that system and the immediate (public law) measures
taken by the European Commission to tackle them (4) as well as the new features of
the new Medical Devices Regulation of 2017 that are aimed to improve the func-
tioning of the system, and analyses potential remaining problems (5).
Finally, this chapter argues in favour of tort liability of notified bodies for insuf-
ficient control or supervision, to complement the public law safety system in its
objective to protect patients (6).
2 T
he Function of Certification Bodies in the Medical
Devices Directive 93/42/EEC
As mentioned above, in the case of high risk, that is, class III medical devices, the
producer is only allowed to affix the CE mark if the product design has been certi-
fied by a notified body, Article 11(1) with Annex II of the Directive. It is the special
expertise of that notified body that adds the necessary safety to the process.
2.1 Duties of Notified Bodies
Duties of the notified body relate to the pre-marketing stage and to post-marketing
monitoring. At the pre-marketing stage, the notified body must, on application of
the producer, audit the quality system of the producer that must guarantee that the
products conform to the provisions of the Directive which apply to them at every
stage, from design to final inspection. The notified body must also examine the
manufacturer’s dossier relating to the product design as to its conformity with the
requirements of the Directive.13
These duties were amended with Directive 2007/47/EC14 that mainly served to
modernize the system, for example, by clarifying the law relating to software, to
enhance cooperation within the EU and at the international level and to clarify the
respective roles of notified bodies and the competent authorities responsible for
market surveillance once a medical device has been put into circulation, but also
13
See, in particular, Annex II Sec 3.3. and 4.3. of Dir 93/42/EEC.
14
[2007] OJ L 247/21.
192 P. Rott
introduced the obligation of notified bodies to assess documentation related to clini-

cal investigation.15
At the post-marketing stage, the Directive imposes surveillance duties on the
notified body, and this is where TÜV Rheinland was alleged to have failed; which
has been judged upon controversially by different courts.16 According to Section
5.1. of Annex II, the aim of surveillance is to ensure that the manufacturer duly
fulfils the obligations imposed by the approved quality system. To that end, the noti-
fied body must periodically carry out appropriate inspections and assessments to
make sure that the manufacturer applies the approved quality system and must sup-
ply the manufacturer with an assessment report (Section 5.3. of Annex II). In addi-
tion, the notified body may pay unannounced visits to the manufacturer. At the time
of such visits, the notified body may, where necessary, carry out or ask for tests in
order to check that the quality system is working properly (Section 5.4. of Annex
II). Victims of the PIP scandal allege that the fraudulent behaviour of PIP had only
been possible because TÜV Rheinland always announced their inspection visits
eleven days before so that PIP had been able, for the duration of the inspection, to
change the manufacturing process back to the certified system. Moreover, they
claim that TÜV Rheinland should have checked the books and would then have
noticed that the amount of medical silicone purchased did by no means correspond
to the amount of breast implants produced. TÜV Rheinland defends itself by argu-
ing that Section 5.4. of Annex II did not require notified bodies to pay unannounced
visits without a cause for mistrust, and that no such cause had been recognisable.
The precise extent of the notified body’s duties was finally subject to the CJEU
case of Elisabeth Schmitt, on reference from the German Bundesgerichtshof
(BGH).17 Here, the CJEU confirmed that the notified body ‘is not under a general
obligation to carry out unannounced inspections, to examine devices and/or to
examine the manufacturer’s business records. However, in the face of evidence indi-
cating that a medical device may not comply with the requirements laid down in
Directive 93/42 (…) the notified body must take all the steps necessary to ensure
that it fulfils its obligations under Article 16(6) of the directive and Sections 3.2, 3.3,
4.1 to 4.3 and 5.1 of Annex II to the directive.’18
Implementing the deliberations of the CJEU, the German Bundesgerichtshof
decided that, based on the facts that had been put forward by Ms Schmitt’s lawyer
in the lower instance courts, TÜV Rheinland had no reason to pay PIP unannounced
visits and had therefore not breached its duties under Directive 93/42/EEC.19 That,
15
For an overview, see Klümper and Vollebregt (2008), p. 57.
16
For an overview of German case law, see Rott and Glinski (2015b), p. 87.
17
BGH, 9/4/2015, VII ZR 36/14, (2015) Verbraucher und Recht 271 with case note Rott (2017a).
18
CJEU, 16/2/2017, Case C-219/15 Elisabeth Schmitt v TÜV Rheinland LGA Products GmbH,
ECLI:EU:C:2017:128; on which see Rott (2017b), p. 1146; Brüggemeier (2017), p. 527; Unger
(2017), p. 299; Heynemann (2017), p. 98; Oeben (2017), p. 42; Degen (2017), p. 462; Wagner
(2018), p. 130.
19
BGH, 22/6/2017, VII ZR 36/14, (2017) Neue Juristische Wochenschrift 2617 and Verbraucher
und Recht with case note P Rott. See also Brüggemeier (2018), p. 191; Verbruggen and van
Leeuwen (2018), p. 399 ff.
however, may not have been the final word yet as the claimant had raised a number
of (new) potential reasons why TÜV Rheinland should have mistrusted PIP and its
products; reasons that the BGH could not, for reasons of civil procedural law, con-
sider in its decision on the case of Ms Schmitt20 but that will have to be considered
in other cases that are still pending in the instance courts.21
It should be mentioned that the notified bodies are of course not the only actors
to ensure the safety of medical devices. As the CJEU noted,22 the primary respon-
sible is of course the manufacturer himself. Moreover, according to Article 2 of
Directive 93/42/EEC, Member States shall take all necessary steps to ensure that
devices may be placed on the market and put into service only if they do not com-
promise the safety and health of patients, users and, where applicable, other persons
when properly installed, maintained and used in accordance with their intended
purpose. In addition to that, Directive 93/42/EEC imposes specific surveillance
obligations on Member States, including the obligation, under Article 8, to take all
appropriate interim measures to withdraw devices from the market or prohibit or
restrict their being placed on the market or put into service if such devices are found
to potentially compromise the health and/or safety of patients, users or, where appli-
cable, other persons; the vigilance procedure under Article 10 relating to informa-
tion and central evaluation of incidents involving medical devices; and particular
health monitoring measures under Article 14b.23 As mentioned above, however,
Article 4 of the Directive stops Member States from restricting the movement of
medical devices beyond these specific competences once they bear the CE mark.
2.2 The Broader Function of Notified Bodies
The broader function of notified bodies in the system has been subject to debate, in
particular, in the German courts dealing with the PIP scandal, and following national
litigation also in the Court of Justice. The debate has been triggered by a special
feature of German tort law, more precisely, of § 823 para. 2 of the German Civil
Code (Bürgerliches Gesetzbuch; BGB) which imposes liability on a person who has
breached a law that is ‘meant to protect the victim’ (Schutzgesetz), thereby causing
harm to the victim.
The notified body is involved due to a private law contract with the producer.24
From this, some German courts had concluded that the role that medical devices law
20
Ibid., margin notes 30 ff. For critique, see Brüggemeier (2018), p. 195, arguing that the BGH
should have passed the case back to the previous instance court, the OLG Zweibrücken, for a
proper inquiry into the facts.
21
See also Heynemann (2017), p. 100; Finn (2017), pp. 2590, 2592.
22
CJEU – Elisabeth Schmitt (n 18), para 51.
23
See also CJEU, 24/11/2016, Case C-662/15 Lohmann & Rauscher International GmbH & Co.
KG v BIOS Medical Services GmbH, ECLI:EU:C:2016:903, paras 35 ff.
24
See, for example, BGH, 31/3/2011, III ZR 339/09, (2011) Monatsschrift des deutschen Rechts
658.
194 P. Rott
ascribes to notified bodies is merely to help the producer to achieve the level of
safety that is required to put his products on the market. Consequently, they argued
that it was not for the notified body but only for the producer to protect patients
from unsafe products.25 They found support in their view by the fact that public
authorities are also involved in the safety of medical devices as the post-market
control lies in their hands.26
In contrast, some academic authors argued that the role of notified bodies in the
law on high risk medical devices was precisely to protect patients.27 They found
support in the recitals of the Directive as well as in a statement by the European
Commission, according to which ‘[c]onformity assessment is a key to trust and
confidence in the regulatory system’s capacity to protect patients and citizens.’28
Quoting that statement, the German Bundesgerichtshof referred the question to the
Court of Justice as to whether it is the purpose and intention of [Directive 93/42]
that, in the case of Class III medical devices, the notified body responsible for audit-
ing the quality system, examining the design of the product and surveillance acts in
order to protect all potential patients and may therefore, in the event of a culpable
infringement of an obligation, have direct and unrestricted liability towards the
patients concerned.29 Advocate General Sharpston shared the view ‘that it is the
purpose and intention of Directive 93/42 that, in the case of Class III medical
devices, the notified body responsible for auditing the quality system, examining the
design of the product and surveillance acts in order to protect all potential patients
and may therefore, in the event of a culpable infringement of an obligation under
that directive, be liable to the patients and users concerned’.30 The Court confirmed
that the Directive serves, amongst others, the health and safety of patients but also
held that the Directive did not require Member States to introduce civil liability of
notified bodies who breach their duties under the Directive, while at the same time
not excluding such liability under national law.31
25
See, in particular, OLG Zweibrücken, 30/1/2014, 4 U 66/13, (2014) Medizinprodukterecht 62, 65
with case note Handorn (2014), p. 84. See also Spickhoff (2014) margin note 3; Beyerbach (2015),
pp. 522, 525.
26
See expressly OLG Zweibrücken (n 25).
27
For detailed discussion, see Rott and Glinski (2015a), p. 192. See also Spindler (2017) margin
note 304; OLG Frankfurt, 13/1/2015, 8 U 168/13, (2015) Beck-Rechtsprechung 09145.
28
European Commission Communication on medical devices, COM(2003) 386 final, 6.1.
29
BGH, 9/4/2015, VII ZR 36/14, (2015) Verbraucher und Recht 268 with case note P Rott.
30
AG Sharpston, 15/9/2016, Case C-219/15 Elisabeth Schmitt v TÜV Rheinland LGA Products
GmbH, ECLI:EU:C:2016:694, para 40.
31
CJEU—Elisabeth Schmitt (n 18), paras 50 ff.
3 Quality Control
Quite obviously, the system heavily depends not only on the duties but also on the
quality of notified bodies. To ensure that quality, notified bodies in the field of medi-
cal devices law need to satisfy a number of requirements set out in Annex XI to
Directive 93/42/EEC. These requirements relate to the independence of the notified
body and its personnel from the manufacturer, professional integrity, financial inde-
pendence, sufficient personal resources and facilities, the relevant qualification of
personnel, impartiality and finally professional indemnity insurance.
In formal terms, notified bodies need to be designated by the competent authority
of their home state or by another body that has been entrusted with the task of des-
ignation, or accreditation, services. Concerning the designating bodies, Directive
93/42/EEC, or EU product safety law in general, did not contain any rules; which
turned out to be a problem. In a review of the ‘New Approach’, the European
Commission found, amongst others, (distortion to competition due to) differing
national practices in relation to the designation of conformity assessment bodies.32
The EU legislator reacted with the adoption of Regulation (EC) No 765/2008
setting out the requirements for accreditation and market surveillance relating to the
marketing of products,33 accompanied by Decision (EC) No 765/2008 on a common
framework for the marketing of products,34 of which the notified bodies and the
notification authorities were one focus point.35 That Decision was not specific to
medical devices law but applied to product safety law in general. It set up, among
others, requirements relating to notified bodies and to accreditation bodies (also
called ‘notifying authorities’), to be applied generally in EU product safety law,
unless sectoral legislation provides otherwise.
The then new catalogue of requirements for notified bodies, laid down in Article
R17 of Decision (EC) No 765/2008, was far more detailed than the one in Annex XI
of Directive 93/42/EEC. At the same time, it reduced the leeway of designating
(accreditation) bodies in accepting certification institutes as notified bodies.
For the first time, the EU also addressed the notifying authorities. In order to
avoid unhealthy competition between notifying authorities and to ensure the neces-
sary level of confidence in conformity certificates, Article 4 of Regulation (EC) No
765/2008 allows Member States only one accreditation body that shall be a public
authority or exercise a public authority activity. According to Article 8, accredita-
tion bodies shall be established in such a way that no conflict of interest with con-
formity assessment bodies occurs. They shall be organised and operated so as to
safeguard the objectivity and impartiality of its activities. Accreditation bodies shall
be organised in such a way that each decision relating to notification of a conformity
32
See, e.g., the Communication of the European Commission ‘Enhancing the Implementation of
the New Approach Directives’, COM(2003) 240 final.
33
[2008] OJ L 218/30.
34
[2008] OJ L 218/82.
35
See, in particular, recitals (37) and (38) of Dec (EC) No 765/2008.
196 P. Rott
assessment body is taken by competent persons different from those who carried out
the assessment. Most importantly, they shall not offer or provide any activities that
conformity assessment bodies perform or consultancy services on a commercial or
competitive basis. The EU legislator even found it worth regulating that accredita-
tion bodies shall have a sufficient number of competent personnel at their disposal
for the proper performance of their tasks.
Whilst the European Commission itself was not integrated into that control sys-
tem (beyond its competence to bring proceedings under Article 258 TFEU),
Regulation (EC) No 765/2008 introduced a peer assessment system, under which
the accreditation bodies of the Member States exercise mutual control.36
Already after the introduction of the obligation of notified bodies to assess docu-
mentation related to clinical investigation with the 2007 Directive, authors had
doubted that all notified bodies would be able to fulfil that duty.37 Following the PIP
scandal, the European Commission organised ‘joint assessments’ by national
experts and Commission experts of notified bodies and accreditation bodies in 23
countries that were carried out between January 2013 and November 2014. Even
though participation was voluntary (which should mean that only those notified
bodies were assessed who thought to do well),
the joint assessment process has identified weaknesses which were common to a number of
NBs in the areas of organisational requirements and quality management systems. More
importantly, a number of NBs could not provide sufficient evidence that some of the staff
employed for conformity assessment activities were appropriately qualified and experi-
enced for the task. Other recurring issues concerned the thoroughness of the NBs’ review
of manufacturers’ clinical evaluations. (…) In several cases, the seriousness of the findings
led to the DAs requiring urgent corrective actions from the NBs with restrictions and sanc-
tions being imposed (including de-designation).38
One may therefore conclude that, despite the 2008 reform, the quality system
was not entirely effective. In the light of the PIP scandal, the European Parliament
claimed ‘the failure of the current system of certification of compliance with essen-
tial health and safety requirements and of the control and surveillance of notified
bodies by national competent authorities’.39
36
For more details, see Kapoor and Klindt (2009), p. 134.
37
Ibid., 65.
38
European Commission, Overview Report of a Series of FVO Missions Carried out in 23 Countries
from January 2013 to November 2014 in the Framework of the Voluntary Joint Assessment Process
for Notified Bodies Designated under the Medical Devices Directive, DG(SANTE)/2014-7666 –
MR final.
39
See European Parliament, Resolution on defective silicone gel breast implants made by French
company PIP, [2012] OJ C 332E/89, J.
4 Immediate Reaction of the European Commission
The EU Commission reacted speedily to the PIP scandal, with a ‘Joint Plan für
Immediate Actions under existing Medical Devices Legislation’, also called the
‘PIP Action Plan’.40 That action plan resulted in the adoption of Commission
Implementing Regulation (EU) No 920/2013 on the designation and the supervision
of notified bodies under (…) Directive 93/42/EEC41 and of Recommendation
2013/473/EU on the audits and assessments performed by notified bodies in the
field of medical devices.42 Moreover, in September 2012, the Commission tabled a
proposal for a new Regulation on medical devices43 that ultimately replaced the
Medical Devices Directive (see below).
The Commission identified three major weaknesses in the system: the insuffi-
cient supervision duties of the notified bodies and insufficient minimum standards
on notified bodies as such, as well as insufficient supervision of notified bodies by
their accreditation bodies. In other words, in the system that was in place there was
no guarantee that notified bodies would fulfil their role and that anybody up the
control chain would notice incorrect certification or supervision and take action.
4.1 Commission Implementing Regulation (EU) No 920/2013
Commission Implementing Regulation (EU) No 920/2013 on the designation and

the supervision of notified bodies under (…) Directive 93/42/EEC was the best the
Commission could achieve immediately and by its own, that is, without an ordinary
legislative procedure, after the PIP scandal.44 It was a reaction to ‘variations in the
level of competence of notified bodies and in different degrees of stringency applied
by them’.45 In fact, investigative media have submitted that producers have a clear
idea which notified bodies to turn to if they look for lax controls.46
The Implementing Regulation concerns various levels of the safety system. It is,
firstly, meant to tighten control of the designating bodies over notified bodies. To
that end, Article 5 specifies some of the duties of designating bodies, including file
reviews, on-site assessments and audits in specified intervals and continuous moni-
toring, particularly the systematic follow-up of complaints, vigilance reports and
40
See European Commission, ‘PIP Action Plan’, https://ec.europa.eu/growth/sectors/medical-
devices/pip-action-plan_de.
41
[2013] OJ L 253/8.
42
[2013] OJ L 253/27.
43
COM(2012) 542 final.
44
In fact, the Commission was criticised for having exceeded its competences by regulating aspects
of the administrative procedure as well as the supervision of notified bodies in detail, see Spickhoff
(2014), margin note 7.
45
See recital (1). See also Spielberg (2009), p. A-1602.
46
See, for example, Newell and Watt (2012).
198 P. Rott
other information, including from other Member States, which might indicate the
non-fulfilment of the obligations by a notified body or its deviation from common
or best practice. The designating body shall also initiate unannounced or short-
notice on-site assessments if those on-site assessments are needed to verify compli-
ance. Quite obviously, the designation has to be withdrawn if the requirements are
not met any longer.
Under Article 6 of the Regulation, the European Commission can itself investi-
gate cases regarding the competence of a notified body or the fulfilment of the
requirements and responsibilities to which a notified body is subject under medical
devices law.47 If the Commission finds that the notified body no longer meets the
requirements, it will request the Member State in question to take the necessary
measures.
The operation of the designating bodies themselves is subject to Article 8 of the
Regulation that specifies the very general Annex XI to Directive 92/43/EEC and
fleshes out standards such as a sufficient number of competent personnel, objectiv-
ity and impartiality and avoidance of conflicts of interest. In particular, the designat-
ing authorities shall be organised so that each decision relating to a notification of a
conformity assessment body is not taken by the same member of personnel who
carried out the assessment of that body. Obviously, this is meant to prevent regula-
tory capture.
Moreover, the work of the designating bodies also receives some element of
external control, according to Article 3 of the Regulation. Member States shall
involve representatives of the designating authorities from two other Member States
as well as a Commission representative in the procedure for appointing notified
bodies. That body, together with the representatives consulted, shall produce within
45 days after the on-site assessment an assessment report containing, among other
things, a recommendation with regard to the designation. The assessment reports
shall be made available to all other Member States. Legally, the assessment reports
of the consulted representatives of other designating authorities, as well as any fur-
ther comments by designating authorities, by competent agencies of other Member
States and by the Commission, are not binding. A Member State whose designating
body designates a notified body against the recommendation of such a report would
however face the risk of infringement proceedings under Article 258 TFEU.
These measures have already produced the effect that a number of certification
organisations have ceased their activities as notified bodies in the medical devices
sector.48
For critique, see Spickhoff (2014), margin note 10.

47
See Graf (2016a), p. 43; Eggenberger Stöckli (2015), p. 202. A list of withdrawn and expired
48
notifications can be found at the NANDO website, http://ec.europa.eu/growth/tools-databases/

nando/index.cfm.
4.2 Recommendation 2013/473/EU
Recommendation 2013/473/EU on the audits and assessments performed by noti-

fied bodies in the field of medical devices was meant to set benchmarks for assess-
ments and unannounced audits by notified bodies and respond to the most frequent
shortcomings of the existing practices. Formally, the Commission claimed to give
guidance on the ‘interpretation’ of the provisions of Directive 93/42/EEC relating to
the audits, assessments and unannounced audits performed by notified bodies in the
field of medical devices, whereas truly, the Recommendation goes beyond the duties
of notified bodies as established by the Medical Devices Directive.49 They were
expressly obliged to carry out unannounced inspections and audits and also to check
whether the quantity of finished products corresponds with quantity of raw material
purchased50; which would have allowed TÜV Rheinland to detect PIP’s fraud.51
In fact, the Recommendation did produce effects, for example, in Germany,
where the Zentralstelle der Länder für Arzneimittel und Medizinprodukte (ZLG) as
the body that is responsible for the supervision of notified bodies, made unan-
nounced audits compulsory immediately after the adoption of the Recommendation.52
5 The New Regulation on Medical Devices
As mentioned above, the European Commission speedily tabled a proposal for a

new Regulation on medical devices, meant to increase harmonious application of
the law in the Member States. Still impressed by the PIP scandal, the need for
improvements of the safety system was undisputed. However, it became clear very
fast that the various actors had very different agendas. Whereas the European
Parliament, in a resolution of 2012, called for a shift to a system of pre-market
authorisation for high risk medical devices,53 others, and in particular the medical
devices industry, tried to maintain the old certification system with its lighter touch
approach.
Those who insisted on keeping the current status by and large won that fight:
Regulation (EU) 2017/745 on medical devices54 has maintained the certification
system including EU-wide competition of notified bodies55 but aims to improve it at
all levels of control. The Regulation will enter into force in May 2020.
49
See also Graf (2016a), p. 43.
50
For more details, see de Bruyne and Vanleenhove (2016), p. 832 f.
51
See Rott and Glinski (2015a), p. 205 f.
52
For more details, see Graf (2016a), p. 43 ff.
53
See European Parliament, Resolution on defective silicone gel breast implants made by French
company PIP [2012] OJ C 332E/89, no 7.
54
[2017] OJ L 117/1.
55
See Art. 53 of Reg (EU) 2017/745.
200 P. Rott
Amendments relate, for example, to the re-classification of certain medical

devices into higher risk classes (Annex VIII), which consequently require confor-
mity assessment by a notified body for the first time.56 On part of the manufacturer,
duties relating to the quality management system, to documentation and also to
post-market surveillance have been vastly increased. Expert panels, to be desig-
nated by the European Commission, are included in the procedure in that they shall
provide an opinion on clinical evaluation assessment reports of notified bodies in
the case of certain high-risk devices. The Regulation also brings improved transpar-
ency through the establishment of a comprehensive EU database on medical devices
and of a device traceability system based on Unique Device Identification (UDI)
and, specifically for implants, an ‘implant card’ containing information about
implanted medical devices for a patient. The focus of the following analysis, how-
ever, is on changes to the quality control system.
5.1 Duties of Notified Bodies
First of all, important changes apply to the duties of notified bodies. With the
increased requirements on the manufacturer’s quality management system, the
requirements on its assessment by the notified body increase likewise (Annex IX
Section 2). Moreover, the post-certification supervision duties of the notified bodies
were intensified, following the approach of the non-binding Recommendation
2013/473/EU and reflecting what went wrong in the case of PIP. The duties are now
regulated in Annex IX Section 3 of Regulation (EU) 2017/745. Besides the regular
periodic audits (at least every 12 months), the notified body shall randomly perform
at least once every 5 years unannounced audits on the site of the manufacturer and,
where appropriate, the site of the manufacturer’s suppliers and/or subcontractors,
which may be combined with the mentioned periodic surveillance assessment or be
performed in addition to that surveillance assessment. Within the context of such
unannounced on-site audits, the notified body shall test an adequate sample of the
devices produced or an adequate sample from the manufacturing process to verify
that the manufactured device is in conformity with the technical documentation.
Alternatively, notified bodies shall take samples of devices from the market for test-
ing purposes (Annex IX Section 3.4.).
5.2 Requirements for Notified Bodies
The requirements for notified bodies, laid down in Article 36 with Annex VII, reflect
the increased duties but also experience with the competence of notified bodies.
They by and large reiterate the requirements laid down in Annex I of Commission
56
For details, see Graf (2017a), p. 57.
Implementing Regulation (EU) No 920/2013 but are even more detailed, in particu-
lar in relation to the independence of the notified body from the manufacturer but
also from the accreditation body. Special emphasis is placed on the permanent avail-
ability of sufficient administrative, technical and scientific personnel, Article 36(1).
Annex VII Section 1.4.1. still requires notified bodies to take out appropriate liabil-
ity insurance for its conformity assessment activities; which the Court of Justice,
unlike Advocate General Sharpston, found of being of no relevance in its judgment
in Elisabeth Schmitt but which is clearly important in the light of third party liability
under national laws (see below, Sect. 6.3).
More remarkable are the extensive documentation duties of notified bodies,
relating to their concepts and procedures, in particular for the conformity assess-
ment, and also to the results of their assessments; which allow the accreditation
body as well as the European Commission (see below) to review the notified bodies’
activities in great detail (see also Article 36(2) of the Regulation); again this may be
a result of the experience gathered in the joint assessment exercise mentioned above
(see supra, Sect. 4).
5.3 The Amended Control System
5.3.1 Control of Notified Bodies
Article 39 of the new Medical Devices Regulation takes up the joint assessment in
the procedure of appointing notified bodies, involving experts from the European
Commission and other Member States, as first introduced by Commission
Implementing Regulation (EU) No 920/2013. While designating, or accreditation
authorities do not have to follow the recommendation of that joint assessment team,
they have to provide a duly substantiated justification if they deviate, Article 42(4).
Any Member State as well as the European Commission can raise objections against
the notification, which then leads to proceedings in front of the Medical Device
Coordination Group (MDCG), an expert committee composed of persons desig-
nated by the Member States based on their role and expertise in the field of medical
devices (see Article 103).
Monitoring of notified bodies is regulated in detail in Article 44. The primary
responsible is of course the designating authority of the Member State where the
notified body is established. At least once a year, the designating authorities shall
re-assess whether the notified bodies established on their respective territory still
satisfy the requirements and fulfil their obligations set out in Annex VII. That review
shall include an on-site audit of each notified body and, where necessary, of its sub-
sidiaries and subcontractors, Article 44(4). In addition to that, the designating
authority responsible for notified bodies may conduct short-notice, unannounced or
‘for-cause’ reviews if needed to address a particular issue or to verify compliance,
Article 44(7). Moreover, the notified body must also send, upon request, all
202 P. Rott
n ecessary information to verify compliance to the European Commission and to

other Member States.
Monitoring is also facilitated through the mechanism for scrutiny of conformity
assessments of (high risk) class III and class IIb devices, including implantable
devices, Article 55(1) with Article 54(1)(a). The notified body shall notify the com-
petent authorities through the electronic system of certificates it has granted to such
devices. Such notification shall include the summary of safety and clinical perfor-
mance pursuant to Article 32, the assessment report by the notified body, the instruc-
tions for use referred to in Section 23.4 of Annex I, and, where applicable, the
scientific opinion of the expert panels referred to in Section 5.1 of Annex IX.
Besides the Member States, or their designating bodies, the European Commission
can also challenge the competence of a notified body in cases where concerns have
been brought to its attention regarding the continued fulfilment by that notified body
of the requirements set out in Annex VII or the obligations to which they are subject,
Article 47(1). If the Commission ascertains, after an assessment procedure under
Article 39, as described above, that a notified body no longer meets the require-
ments for its designation, it shall inform the notifying Member State accordingly
and request it to take the necessary corrective measures, including the suspension,
restriction or withdrawal of the designation if necessary. If the Member State then
does not comply with this request, the Commission can itself by means of imple-
menting acts, suspend, restrict or withdraw the designation, under the Committee
procedure of Article 114(3). Thus, the Commission has to involve the Committee on
Medical Devices and needs a positive opinion of that Committee (following the
procedure of Article 5 of Regulation (EU) No 182/2011 laying down the rules and
general principles concerning mechanisms for control by Member States of the
Commission’s exercise of implementing powers57). This mechanism is way less
burdensome than proceedings against the Member State under Article 258 TFEU.
5.3.2 Control of Designating Bodies
The designating authorities, or the Member States themselves, are also placed under
closer scrutiny. As notified bodies, they are subject to extensive reporting duties that
allow the European Commission and other Member States (through the MDCG) to
control compliance with their monitoring obligations, see for example Article 44(4)
subpara 2 and (12). Moreover, the peer review mechanism, coordinated by the
European Commission, as established by Regulation (EC) No 765/2008, is also
specified in Article 48 of the Medical Devices Regulation.
57
[2011] OJ L 55/13.
6 Complementary Tort Liability?
Without any doubt, the risk of tort liability has an influence on the potential tortfea-
sor.58 This impact has also been recognised by practitioners for the sector of medical
devices certification who predict stricter assessment and monitoring of manufactur-
ers by notified bodies.59 Vice versa, it has been argued that the absence of third party
liability was suitable to ‘relax’ the supervision of manufacturers by notified bodies
due to the adverse incentive of solicitation and payment by the manufacturers.60
Given the EU-wide competition of notified bodies for medical devices manufacturer
customers, there may be a risk that notified bodies rather act in their own interest of
acquiring and maintaining business than in the patients’ interest in health and
safety.61
6.1 The CJEU Judgment in Elisabeth Schmitt
As mentioned above, the Court of Justice has rejected the view that the Medical
Devices Directive 93/42/EEC requires Member States to impose civil liability on
notified bodies who breach their duties under the Directive.
First, the Court argued that the Medical Devices Directive 93/42/EEC was silent
on the issue of civil liability. This is an argument, however, that has never prevented
the Court of Justice from imposing on Member States the duty to provide for civil
liability in the past. For example, in the cartel law case of Courage, the Court had
argued that the existence of the right to claim damages ‘strengthens the working of
the Community competition rules and discourages agreements or practices, which
are frequently covert, which are liable to restrict or distort competition. From that
point of view, actions for damages before the national courts can make a significant
contribution to the maintenance of effective competition in the Community.’62
Surely, the same would apply to the covert dealings between notified bodies and
manufacturers of medical devices.
58
See only AG Bot, opinion of 20/10/2014, joined cases C-503/13 and C-504/13 Boston Scientific
Medizintechnik GmbH v AOK Sachsen-Anhalt — Die Gesundheitskasse et al, ECLI:EU:C:2014:2306,
para 38, relating to product liability law. See also Reich (2015), pp. 619, 624 ff.; de Bruyne and
Vanleenhove (2016), p. 846 ff.
59
See Oeben (2017), p. 47 f.; Unger (2017), p. 303.
60
On the latter, see, for example, Jahn et al. (2005), pp. 53, 54 and 57 ff.
61
See Rott and Glinski (2015a), p. 209 f.; Wagner (2017), margin note 805; Wagner (2018),
p. 134 ff. See also Kapoor and Klindt (2009), p. 136, concerning the situation prior to the 2008
reform.
62
ECJ, judgment of 20/9/2001, Case C-453/99 Courage Ltd v Bernhard Crehan,
ECLI:EU:C:2001:465, para 27.
204 P. Rott
Surprisingly, the Court reached its conclusion by way of reference to the case of
Peter Paul63; a case that also turned on supervisory duties (by Member States) but is
otherwise so different from the case of Elisabeth Schmitt that AG Sharpston had
explicitly rejected that reference.64 In Peter Paul,65 state liability for insufficient
control over a bank under the Banking Directive 2000/12/EC66 had been at stake.
The bank went bankrupt, and depositors lost parts of their savings. For those losses,
they claimed damages from the Federal Republic of Germany under state liability,
arguing that the German supervisory authority had negligently failed to prevent that
bankruptcy and/or the losses to savers arising from it. The first instance court
awarded the claimants the equivalent of ECU 20,000 (plus interest) because
Germany had failed to implement Directive 94/19/EC on deposit-guarantee
schemes67 in time. Under Article 7(1) of that directive, the aggregate deposits of
each depositor had to be covered up to ECU 20,000 in the event of deposits’ being
unavailable. The court concluded that due to that failure, the depositors had no
claim against any deposit-guarantee scheme, for which the Federal Republic of
Germany was liable. At the same time, the LG Bonn rejected further claims, arguing
that the German legislator had expressly stipulated in banking law that banking
supervision was merely in the public interest but not in the interest of bank custom-
ers, thereby excluding tort law claims against the state.68 The OLG Cologne con-
firmed that decision on appeal,69 whereas the Bundesgerichtshof had doubts whether
that interpretation was in compliance with EU banking supervision law and referred
the case to the Court of Justice.70
The Court rejected the view that the Banking Directive 2000/12/EC implicitly
required Member States to provide for civil liability of the supervisory authority, or
rather the state, in case of a breach of supervisory duties. The Court argued that (at
the time) harmonisation of banking supervision law was restricted to that which was
essential, necessary and sufficient to secure the mutual recognition of authorisations
and of prudential supervision systems, making possible the granting of a single
licence recognised throughout the (then) EC and the application of the principle of
home Member State prudential supervision, whereas the coordination of the national
rules on the liability of national authorities in respect of depositors in the event of
defective supervision did not appear to be necessary to secure these results.71
63
CJEU – Elisabeth Schmitt (n 18), para 55. For further examples, see Reich (2015), p. 632 ff.
64
AG Sharpston – Elisabeth Schmitt (n 30), para 38 with fn 27. See also Reich (2015), p. 638;
against van Leeuwen (2014), p. 349.
65
ECJ, judgment of 12/10/2004, Case C-222/02 Peter Paul et al v Germany, ECLI:EU:C:2004:606.
66
Directive 2000/12/EC related to the taking-up and pursuit of the business of credit institutions
[2000] OJ L 126/1.
67
[1994] OJ L 135/5.
68
See LG Bonn, 16/4/1999, 1 O 186/98, (2000) Neue Juristische Wochenschrift 815.
69
OLG Cologne, 11/1/2001, 7 U 104/00, (2001) Neue Juristische Wochenschrift 2724.
70
BGH, 16/5/2002, III ZR 48/01, (2002) Neue Juristische Wochenschrift 2464.
71
ECJ – Peter Paul (n 61), paras 42 f.
Moreover, the Court pointed towards the variety of interests, including financial
stability that the banking supervision authorities were to protect.72
Finally, as mentioned above, potential loss of savings was addressed by the spe-
cial regime of Directive 94/19/EC on deposit-guarantee schemes. The Court of
Justice saw the risk that this legislative decision to only limited protection of deposi-
tors would be undermined if savers could claim their remaining losses by way of
state liability.73 That kind of legislative decision on limitations to the claims of
patients resulting from damage caused by medical devices is obviously missing in
medical devices law. By failing to recognise this, the Court of Justice jumped too
short in simply replacing the analysis of the Medical Devices Directive with a refer-
ence to a non-comparable earlier case.74
In contrast, it would rather seem that civil liability was absolutely necessary to
achieve the aims and objectives of the Directive, which is, amongst others, the pro-
tection of patients.75 Given the situation prior to the post-PIP scandal reforms, with
the above-mentioned insufficient quality controls within the safety system of the
Medical Devices Directive, the reference to the judgment in Peter Paul seems to be
seriously flawed.
Of course, EU law provides for a product liability regime that has established
strict liability of producers and EU importers in cases in which a defective product
causes damage. This regime, however, does not provide any safety net when the
producer goes bankrupt, as PIP did. In fact, in the area of medical devices, this is a
quite realistic scenario, since the medical device sector in Europe comprises around
25,000 companies, of which 95% are Small and Medium-sized Enterprises
(SMEs).76 Compulsory insurance was required by Annex XI Section 6 of Directive
93/42/EEC for notified bodies—who, according to the Court of Justice, are not lia-
ble towards patients—but not for producers; and national manufacturers’ compul-
sory insurance as required, for example, in France, does not extend to patients who
are not domiciled in that Member State.77 This left a gap, as the PIP case
demonstrates.
72
Ibid., para 44.
73
Ibid., paras 45 ff.
74
See also Reich (2015), p. 638.
75
Verbruggen and van Leeuwen (2018), p. 402, conclude that the safety of products and therefore
the health and safety of patients was only a secondary aim of the Medical Devices Directive,
whereas its primary aim was the promotion of the free movement of medical devices. For discus-
sion, see also Reich (2008), pp. 85, 96.
76
See European Commission, Medical devices, https://ec.europa.eu/growth/sectors/
medical-devices_de.
77
See OLG Karlsruhe, 20/4/2016, 7 U 241/14, (2016) Gesundheitsrecht 363; Cour d‘appel
d‘Aix-en-Provence, 22/1/2015, No 2015/21. For a different view, see Micklitz et al. (2015), p. 37.
206 P. Rott
6.2 A New Situation Under the Medical Devices Regulation?
The new Regulation (EU) 2017/745 is also silent on the issue of civil liability. It
does, however, provide for a much tighter net of control mechanisms than the
Medical Devices Directive 93/42/EEC. Has the need for civil liability therefore
ceased?
First, as mentioned above, the number of notified bodies has already decreased,
and one would hope that it was the less competent or less reliable ones that have
ceased their operations under medical devices law. At the same time, this means that
a smaller number of notified bodies has to deal with the more than 25,000 compa-
nies in that sector and the share of their products that come under the rules on con-
formity assessment, with massively increased duties. Monitoring of the individual
assessments, as it is now foreseen under Article 55 of the Medical Devices
Regulation, will only be able to cover a small proportion of the medical devices on
the market. Monitoring of the concepts and activities of the notified bodies will not
normally lead to immediate withdrawal of their notification, in particular since too
strong reduction of the number of notified bodies might threaten the whole certifica-
tion system. It should also be noted that—according to the judgment of the Court of
Justice in Elisabeth Schmitt, none of the actors in the control system needs to be
submitted to civil liability if the Member State decides so; which means that in a
worst case scenario, the only incentive to comply with monitoring duties may stem
from the procedure under Article 47 with Article 114(3) of the Medical Devices
Regulation, for notified bodies, and from potential proceedings brought by the
European Commission under Article 258 TFEU, for accreditation bodies or the
Member States.78 A fairly weak threat indeed that is therefore unlikely to prevent
damage. Moreover, all these measures may come too late as the medical device will
already have entered the market.
Regulation (EU) 2017/745 implicitly recognises that damage cannot be entirely
prevented by the new system by addressing product liability. Under Article 10 no
16, ‘[m]anufacturers shall, in a manner that is proportionate to the risk class, type of
device and the size of the enterprise, have measures in place to provide sufficient
financial coverage in respect of their potential liability under Directive 85/374/EEC,
without prejudice to more protective measures under national law.’ This resembles
Article 17 of the Directive (EU) 2015/2302 on package travel and linked travel
arrangements,79 although the latter provision provides for a clearer formula. The
obvious goal is to ensure that the producer, as the primary responsible for the medi-
cal device, will be able to compensate the loss of potential victims. This is a note-
worthy development, although there is no clarity yet as to who will control that
manufacturers actually take sufficient insurance, given the immense risks of modern
medical devices.80
78
See also Rehmann (2010), margin note 3.
79
[2015] OJ L 326/1.
80
See also Graf (2016b), p. 214.
Complementary (joint and several) liability of the notified bodies would then
seem to be abdicable, from the point of view of the compensation of patients’ dam-
ages. What remains, however, is the preventive function of tort law that also pro-
vides for an incentive to comply with duties.
As mentioned above, the threat of damage claims in the aftermath of the PIP
scandal has raised fear that notified bodies could cease their activities, and that the
whole system of the ‘New Approach’ might break down81; an argument that seems
to find support in the latest development. Apart from the fact that this is an often
used argument against new legislation, or even new case law, however, this scenario
is nevertheless quite unlikely, given the lucrative business of certification organisa-
tions.82 After all, it only illustrates the flaws in a system that seems to be built on no
third party liability and therefore no accountability, and therefore on too little incen-
tive to comply with the law.
6.3 National Law and Private International Law
As the Directive, in the interpretation of the Court of Justice, does not regulate civil
liability of notified bodies at all, the Member States are free to decide on the matter;
which means, of course, that the rules may differ from one Member State to the
next.83
For example, under French law, all that is needed to establish tort law liability is
the breach of a duty that causes damage.84 Consequently, the Tribunal de Commerce
de Toulon found no difficulties, in principle, to establish tort law liability of TÜV
Rheinland vis-à-vis the patients that had been implanted PIP breast implants once it
was satisfied that TÜV Rheinland had breached its duties under the Medical Devices
Directive.85 Also, the Cour d’appel d’Aix-en-Provence did not overturn the decision
of the Tribunal de Commerce de Toulon for doctrinal reasons but because it dis-
agreed with the first instance courts on the content of these duties, and therefore on
the breach, quite in line with the reasoning of the Bundesgerichtshof.86 The Cour de
cassation has repealed that decision and ordered a new trial before the Cour d’appel
81
See, for example, Unger (2017), p. 303. See also Graf (2017b), pp. 486, 489.
82
On which see Schmidt (2015).
83
See also Heynemann (2017), p. 101, who fears that some Member States will be less strict than
others.
84
See, for example, Sonnenberger and Autexier (2000), margin note 89; Verbruggen and van
Leeuwen (2018), p. 403. On relevant heads of damage, see Fröding and Chivoret (2016), p. 181.
85
Tribunal de commerce de Toulon, 14/11/2013, 2011F00517 (Société GF ELECTROMEDICS &
société EMI IMPORTACAO E DISTRIBUCAO LTDA & société J&D MEDICALS et autres inter-
venants volontaires); on which see Fröding (2014), p. 1; van Leeuwen (2014), p. 345 f; Rott and
Glinski (2015a), de Bruyne and Vanleenhove (2016), p. 839. See also Tribunal de commerce de
Toulon, 20/1/2017, 2014F00306; on which see Verbruggen and van Leeuwen (2018), p. 404.
86
Cour d‘appel d‘Aix-en-Provence, 22/1/2015, No 2015/21; on which see Fröding (2015), p. 162;
de Bruyne and Vanleenhove (2016), p. 840; Verbruggen and van Leeuwen (2018), p. 404.
208 P. Rott
de Paris.87 It followed the opinion that TÜV Rheinland has breached its duties by
not even checking the books for potential inconsistencies.
German law also offers the possibility of holding the notified body liable for a
breach of its duties under medical devices law, now that the protective aim of these
duties has been clarified by the Court of Justice (supra at Sect. 2.2.).
Given the potential differences between the liability regimes of the Member
States,88 the rules of private international law become relevant. Here, the basic rule
is Article 4(1) of the Rome II Regulation (EC) No 864/2007,89 according to which
the law applicable to a non-contractual obligation arising out of a tort/delict shall be
the law of the country in which the damage occurs. This would be the laws of all the
Member States where the medical device is used on patients. The Rome II
Regulation, however, also has some deviating rules for special situations, one of
them being product liability. Indeed, one could consider applying the special regime
of Article 5 for product liability cases, so as to align the applicable law concerning
the liability of notified bodies with that of the producer who actually puts the prod-
ucts on the market.90 This would add the additional requirement that the medical
device was marketed in the country where the damage occurred, thereby excluding
the laws of countries that were not reasonably foreseeable for the notified body.
These would be all the EU Member States where the manufacturer wants to market
the medical device and which he can choose freely, due to the CE mark. In other
words, no matter whether Article 4 or 5 Rome II Regulation applies, the notified
body will normally run the risk of being held liable, at least for negligent breach, in
some Member States91; which impacts on the level of professional insurance that the
notified body has to take under Annex VII Section 1.4.1. of the Medical Devices
Regulation.
7 Conclusion
The PIP scandal and the following thorough analysis of the certification and accred-
itation system of EU medical devices law have demonstrated the systemic failure of
a system that is based on trust as well as on common interests of controllers and
those controlled to deliver to the benefit of third parties (here: patients). That the
massively increased control mechanisms in the hands of accreditation bodies,
Member States and the EU Commission will be able to remedy the failures may be
87
Arrêt n° 610, 10/10/2018 (15-26.093); Arrêt n° 615, 10/10/2018 (16-19.430).and Arrêt n° 616,
10/10/2018 (17-14.401), all available at https://www.courdecassation.fr.
88
For potential grounds of liability under English law, see Glinski and Rott (2018); for Dutch law,
see Verbruggen (2013), p. 39.
89
Reg (EC) No 864/2007 on the law applicable to non-contractual obligations (Rome II), [2007]
OJ L 199/40.
90
Against de Bruyne and Vanleenhove (2016), p. 844.
91
See also Fulli-Lemaire (2015), pp. 99, 118.
doubted, given the economic and also social significance of the medical devices
industry. The current drama around the car industry may serve as a deterrence.
What is therefore clearly necessary is a player in the other camp; which is the
patients and the organisations or law firms representing their interests, to provide an
incentive to comply with the law. As in other areas, including competition law,
patients then become agents of EU medical devices safety law. Despite the dissatis-
factory outcome of the individual case of Elisabeth Schmitt, that player is now pres-
ent on the scene, and it is changing the industry already. With regard to their new
liability risk, it has already been suggested that notified bodies should be regarded
as part of the public administration, with the effect that the State would be liable for
their torts, rather than the notified body.92 This suggestion at the same time indicates
that a privately organised scheme might not be the best way to serve the public inter-
est and that public interest concern should not eclipse the need for proper third party
protection.93
References
Beyerbach, H. (2015). Haftung der Benannten Stelle für Mängel in der Medizinprodukteherstellung?
Gesundheitsrecht, 522.
Brüggemeier, G. (2017). Fehlerhafte Brustimplantate und die Haftung der Zertifizierungsinstitute –
Das EuGH-Urteil in der Rechtssache Schmitt v. TÜV Rheinland. Medizinrecht, 527.
Brüggemeier, G. (2018). Luxemburg locuta, causa finita? – Eine Nachbetrachtung der juristischen
Behandlung der sogenannten PIP-Affäre in Deutschland. Juristenzeitung, 191.
de Bruyne, J., & Vanleenhove, C. (2016). Liability in the medical sector: The ‘Breast-Taking’ con-
sequences of the poly implant Prothèse case. European Review of Private Law, 823.
Degen, J. K. (2017). Die Haftung der “Benannten Stelle” i.S.v. § 3 Nr. 20 MPG. Versicherungsrecht,
462.
Eggenberger Stöckli, U. (2015). Pharma Recht Schweiz. Pharma Recht, 202.
Finn, M. (2017). Keine Haftung mangels nachgewiesener Hinweise auf minderwertige
Brustimplantate. Neue Juristische Wochenschrift, 2590.
Fröding, V. (2014). Industriesilikon in Brustimplantaten – Urteil des Handelsgerichtes (Tribunal de
Commerce) Toulon vom 14. November 2013. Medizinprodukterecht, 1.
Fröding, V. (2015). PIP Brustimplantate: Warum das Berufungsgericht Aix-en-Provence die
Haftung des TÜV abgelehnt hat. Medizinprodukterecht, 162.
Fröding, V., & Chivoret, I. (2016). Schadensersatz bei Haftung für Gesundheitsprodukte.
Medizinprodukterecht, 181.
Fulli-Lemaire, S. (2015). Affaire PIP: Quelques Réflexions sur les Aspects de Droit International
Privé. Revue Internationale de Droit Economique, 99.
Glinski, C., & Rott, P. (2018). The role and liability of certification organisations in transnational
value chains. Deakin Law Review, 23, 83.
Glinski, C., & Rott, P. (2019). Liability of certification bodies in the field of medical devices: The
PIP breast implants litigation and beyond. European Review of Private Law, 2, (forthcoming).
92
See Unger (2017), p. 303.
93
See also Glinski and Rott (2019). See, however, van Leeuwen (2014), p. 440, who points at the
inconsistency of a liability scheme with the New Approach.
210 P. Rott
Graf, A. (2016a). Unangekündigte Audits: BMG-Bekanntmachung konkretisiert Empfehlung

2013/473/EU. Medizinprodukterecht, 43.
Graf, A. (2016b). Die neue Europäische Verordnung über Medizinprodukte (MDR) – Erste
Informationen zur praktischen Umsetzung. Medizinprodukterecht, 214.
Graf, A. (2017a). Revision des europäischen Rechtsrahmens für Medizinprodukte: Einfluss auf die
Klassifizierung von Medizinprodukten. Pharma Recht, 57.
Graf, A. (2017b). Revision des europäischen Rechtsrahmens für Medizinprodukte. Pharma Recht,
486.
Handorn, B. (2014). Industriesilikon in Brustimplantaten – OLG Zweibrücken bestätigt fehlende
Haftung der Benannten Stelle. Medizinprodukterecht, 84.
Heynemann, J. (2017). Haftung der Benannten Stelle für die fehlerhafte “Überwachung” mangel-
hafter Medizinprodukte oder allgemeines Lebensrisiko? Gesundheit und Pflege, 7, 98.
Hodges, C. (2005). European regulation of consumer product safety. Oxford, England: Oxford
University Press.
Jahn, G., Schramm, M., & Spiller, A. (2005). The reliability of certification: Quality labels as a
consumer policy tool. Journal of Consumer Policy, 53.
Kapoor, A., & Klindt, T. (2008). “New Legislative Framework” im EU-Produktsicherheitsrecht –
Neue Marktüberwachung in Europa? Europäische Zeitschrift für Wirtschaftsrecht, 649.
Kapoor, A., & Klindt, T. (2009). Die Reform des Akkreditierungswesens im Europäischen
Produktsicherheitsrecht. Europäische Zeitschrift für Wirtschaftsrecht, 134.
Klümper, M., & Vollebregt, E. (2008). Die wesentlichen Änderungen an der Medizinprodukterichtlinie
92/43/EWG durch die Richtlinie 2007/47/EG. Medizinprodukterecht, 57.
Micklitz, H.-W., Reich, N., & Boucon, L. (2015). L’action de la victime contre l’assureur du pro-
ducteur. Revue Internationale de Droit Economique, 37.
Newell, C., & Watt, H. (2012, October 22). Faulty medical implants investigation: Patients’ health
put at risk by unscrupulous EU regulators. The Telegraph. http://www.telegraph.co.uk/news/
health/news/9626756/Faulty-medical-implants-investigation-Patients-health-put-at-risk-by-
unscrupulous-EU-regulators.html
Oeben, M. (2017). Drittschutzwirkung der Konformitätsbewertung und Pflichtenkorsett der
Benannten Stelle. Medizinprodukterecht, 42.
Rehmann, W. A. (2010). § 15 MPG. In W. A. Rehmann & S. A. Wagner (Eds.), Medizinproduktegesetz
(2nd ed.). Munich, Germany: CH Beck.
Reich, N. (2008). AGM-COS:MET or: Who is protected by EC safety regulation. European Law
Review, 85.
Reich, N. (2015). Product liability and beyond: An exercise in gap-filling. European Review of
Private Law, 619.
Rott, P. (2017a). Anmerkung. Verbraucher und Recht, 394.
Rott, P. (2017b). Pflichten und Haftung der “benannten Stelle” bei Hochrisiko-Medizinprodukten.
Neue Juristische Wochenschrift, 1146.
Rott, P., & Glinski, C. (2015a). Die Haftung der Zertifizierungsstelle im Produktsicherheitsrecht.
Zeitschrift für Europäisches Privatrecht, 192.
Rott, P., & Glinski, C. (2015b). Le scandale PIP devant les jurisdictions allemandes. Revue
Internationale de Droit Economique, 87.
Schepel, H. (2005). The constitution of private governance. Oxford, England: Hart.
Schmidt, C. (2015). Bezahlte Unabhängigkeit – TÜV zwischen Prüfung und Profit. Deutschlandfunk
of 17/7/2015, http://www.deutschlandfunk.de/bezahlte-unabhaengigkeit-tuev-zwischen-prue-
fung-und-profit.724.de.html?dram:article_id=325783
Singh, S. (2013). What is the best way to supervise the quality of medical devices? Searching for
a balance between ex-ante and ex-post regulation. European Journal of Risk Regulation, 465.
Sonnenberger, H. J., & Autexier, C. (2000). Einführung in das französische Recht (3rd ed.).
Heidelberg, Germany: Verlag Recht und Wirtschaft.
Spickhoff, A. (2014). § 15a. In A. Spickhoff (Ed.), Medizinrecht (2nd ed.). Munich, Germany: CH
Beck.
Spielberg, P. (2009). Zertifizierung von Medizinprodukten: Gefährliche Lücken im System.

Deutsches Ärzteblatt, 106(33):A-1602.
Spindler, G. (2017). § 823 Schadensersatzpflicht. In B. Gsell et al. (Eds.), Beck-online
Großkommentar. Munich, Germany: CH Beck.
Unger, S. (2017). Herstellerbegleitung oder Marktüberwachung? Zur Haftung “benannter Stellen”
im Medizinproduktrecht. Europäische Zeitschrift für Wirtschaftsrecht, 299.
van Leeuwen, B. (2014). PIP breast implants, the EU’s new approach for goods and market sur-
veillance by notified bodies. European Journal of Risk Regulation, 338.
van Leeuwen, B. (2017). European standardisation of services and its impact on private law.
Oxford, England: Hart.
Verbruggen, P. (2013). Aansprakelijkheid van certificatie-instellingen als private toezichthouders.
Nederlands Tijdschrift voor Burgerlijk Recht, 39.
Verbruggen, P., & van Leeuwen, B. (2018). The liability of notified bodies under the EU’s new
approach: The implications of the PIP breast implants case. European Law Review, 394.
Wagner, G. (2017). § 823 BGB. In M. Habersack (Ed.), Münchener Kommentar zum Bürgerlichen
Gesetzbuch (vol. 6, 7th ed.). Munich, Germany: CH Beck.
Wagner, G. (2018). Marktaufsichtshaftung produktsicherheitsrechtlicher Zertifizierungsstellen.
Juristenzeitung, 130.
Public Function Liability of Classification
Societies
Vibe Ulfbeck and Anders Møllmann
1 Introduction
Classification societies (hereinafter: CS) play an important part in the pursuit of

safety at sea. In practice, virtually all commercial ships are certified by a CS. CSs
can act in two capacities when certifying ships. First, CSs certify that a ship com-
plies with the specifications for ship design etc., which the CS itself has developed,
and that the ship is thus ‘in class’ (class certification). Second, flag states commonly
delegate it to CSs to perform surveys and inspections pursuant to various interna-
tional conventions and to issue certificates under these conventions on behalf of the
flag state (statutory certification). If a ship that has been certified by a CS is involved
in an incident causing damage to a third party (e.g. pollution damage) the question
arises whether that third party can hold the CS liable in damages. This article
explores whether the liability of the CS varies depending on whether the CS has
acted in the former or latter capacity.1 More specifically, it explores whether the CS
is better protected (and the injured party is conversely worse protected) when the CS
acts on the basis of authority delegated to it by a flag state.
The chapter is a contribution to the project ‘Certification Bodies – Trust, Accountability, Liability’,
funded by the Deutsche Forschungsgemeinschaft, and to the project on Private/Public Enterprise
Liability, funded by the Danish Research Council for independent research.
1
For literature on the liability of classification societies in general, see inter alia De Bruyne (2014),
p. 181; De Bruyne (2015); De Bruyne and Vanleenhove (2014), p. 103; Basedow and Wurmnest
(2005), Lagoni (2007), Antapassis (2007), Pulido Begines (2005), p. 487. For a law and policy
perspective, see Furger (1997), p. 445.
V. Ulfbeck (*) · A. Møllmann

Centre for Enterprise Liability (CEVIA), Faculty of Law, University of Copenhagen,
Copenhagen, Denmark
e-mail: vibe.ulfbeck@jur.ku.dk; anders.mollmann@jur.ku.dk

https://doi.org/10.1007/978-3-030-02499-4_10
214 V. Ulfbeck and A. Møllmann
The role of CSs in the maritime industry has a century-long history. In the late
seventeenth and throughout the eighteenth century, in London an increasing ten-
dency to insure seaborne cargoes raised a need for the underwriters to be able better
to assess the risk of the individual journey. The most important factor in this regard
was the physical condition of the ship in question. Thus, a need for neutral assess-
ments of the ships’ condition arose. This development eventually led to the estab-
lishment of the first classification society in 1760. Throughout the nineteenth
century, classification societies were established in most of the major shipping
nations of the time.2
The CSs developed criteria on which to categorize ships into different classes
depending on their condition. CSs have continued to develop these criteria into what
is nowadays comprehensive and detailed specifications on especially ships’ hull,
machinery and electrical systems, normally referred to as the ‘rules’ of the CS.3
Ships are no longer divided into classes depending on their condition. A ship is
either in class or not, but there are different classes signifying that a ship has addi-
tional qualities or uses. A ship may for instance be ice classed. Shipowners employ
a CS to certify that their ship comply with the specifications of the CS (the rule-
book) and is thus ‘in class’. The CS will conduct various surveys under its own rules
to verify that this is the case and will then issue a class certificate. These services are
rendered on the basis of a contract between the shipowner and the CS. It is difficult
bordering on impossible for a shipowner to trade the ship’s services without being
in class.
In the twentieth century, public law rules on safety at sea, including specifica-
tions for ships to comply with, have emerged and now form a large body of require-
ments mainly regulated in public international law instruments. These have mainly
been developed in the International Maritime Organization (IMO). In terms of
requirements regarding the physical condition of ships, the Safety of Life at Sea
Convention (SOLAS)4 is by far the most important. This convention places various
obligations in terms of surveys, inspections and certificate issuance on flag states.
For practical reasons, the convention (and other conventions) allow flag states to
delegate such obligations to classification societies under certain conditions. It is
illegal (in most parts of the World) to use a ship without SOLAS (and other conven-
tion) certificates.5
2
For brief, informative introductions to the concept of classification and the history thereof, see
e.g., Boisson (1994), p. 363; Lagoni (2007), part 1 (including the historical development of CSs in
part 1. A. II.), and Basedow and Wurmnest (2005), part 1. General information on classification
societies can be found in Goebel (2018). Interesting information can also be found on the website
of the International Association of Classification Societies, www.iacs.org.uk.
3
See e.g. Basedow and Wurmnest (2005), p. 8 f.
4
International Convention for the Safety of Life at Sea, 1974, as amended. For an overview of its
content and history, see http://www.imo.org/en/About/Conventions/ListOfConventions/Pages/
International-Convention-for-the-Safety-of-Life-at-Sea-%28SOLAS%29%2c-1974.aspx.
5
The method for achieving this differs in the conventions. The two main methods are that the con-
vention obligates (ratifying) flag states to ensure that ships flying their flag obtain the proper certifi-
cates and that the convention requires ratifying states to deny ships not in possession of certificates
Public Function Liability of Classification Societies 215
As a consequence, CSs perform functions which are of a private nature (class

certification) and functions which are of a public nature (statutory certification) with
regard to the same ship.
The original purpose of classification was to ensure private (commercial) inter-
ests. Thus, classification was a means of ensuring that the vessel had the needed for
qualities with regard to for instance strength, loading capacity and speed. For this
reason, liability claims based on the fact that a vessel should not have been classed
may be raised by for instance the ship owner or the cargo owner.
The purpose of the statutory (public) certification is to protect human life and the
environment. Thus, claims raised on the basis that the vessel should not have been
statutorily certified may be raised by injured third parties such as passengers and
owners of land that has been polluted or by states the territorial waters of which
have been polluted.
Thus, broadly speaking, it seems that public certification serves the purpose of
guarding against the most serious types of dangers and damages seen from a soci-
etal point of view. Consequently, one would expect better protection of the injured
parties in cases concerning negligence with regard to public certification than in
cases that merely concern private interests. However, as this article seeks to show,
surprisingly it seems to be the other way round.6
2 Private Function Liability
Broadly speaking, negligent class certification may give rise to two different kinds
of claims; claims by the owner based on the contract between the CS and the owner
for mal-performance of the contract and claims raised by third parties, such as for
instance ship buyers or cargo owners.
The major problem with regard to claims based on the contract between the
owner and the CS—seen from the point of view of the owner—is that these claims
will often be subject to limitation of liability clauses.7
With regard to claims raised by third parties, the third party may seek to rely on
tort law but in many legal systems, recovery for pure economic loss in tort will be
ruled out as a starting point.8 And even if the claim is for loss suffered due to p hysical
injury, the third party must show that recovery of the third party comes within the
under the convention in question access to its ports or to detain ships calling at their ports. SOLAS
is ratified by 163 states representing over 99% of the World’s tonnage, cf. http://www.imo.org/en/
About/Conventions/StatusOfConventions/Documents/Status%20of%20Treaties.pdf.
6
The implications of the difficulties in drawing the line between private and public certification
will be further explored below in Sect. 4.
7
As an example, the case of the Sundancer could be mentioned (799 F Supp 363, 1992 AMC 2946
(SDNY 1992), and for an analysis of the exemption clause in the case, see e.g. Honka (1994),
pp. 1, 15.
8
In German law this follows from §§ 823 ff BGB, limiting the liability for pure economic loss to
certain specific situations. In English law, as a general rule, the doctrine of pure economic loss bars
recovery for this type of loss.
protective purpose of the certification rules that have been infringed. As a recent
example of the application of this rule, the Prestige case may be mentioned.9 In this
case, a claim by the Spanish state (as flag state) against ABS (the CS) for environ-
mental damage was rejected on the basis that the CS could not be presumed to have
a duty of care towards the flag state to prevent “reckless” class certification.
Furthermore, to rely on contract law is normally not an option for the third party
because of the principle of privity of contract.10
Thus, several obstacles must be overcome to succeed with a claim based on the
mal-performance of class certification.11 However, as will be shown below, even
greater challenges exist with regard to claims based on negligent public (statutory)
certification.
3 Public Function Liability
3.1 Introduction
The international conventions on maritime safety and pollution from shipping place
various obligations on the state parties to ensure the compliance with the
conventions.
For instance, SOLAS chapter I, Part B sets out a number of rules on surveys of
different types of ships and equipment. With regard to performance of these,
Regulation I/6 sets out that the inspections and surveys ‘so far as regards the enforce-
ment of the provisions of the present regulations […] shall be carried out by officers
of the Administration’ (i.e. the flag state government). The second sentence, how-
ever, goes on to allow the Administration to ‘entrust the inspections and surveys
either to surveyors nominated for the purpose or to organizations recognized by it’.
Pursuant to Regulation XI-1/1, the recognized organizations must comply with the
RO Code adopted by the IMO.12
In essence, this means that CSs can become recognized organizations (ROs)13
and a state party to SOLAS can then authorize such ROs (one or more) to perform
9
Reino de Espana v The American Bureau of Shipping, 729 F Supp 2d 63d5 8 SDNY 2010.
10
In some legal systems, this problem has been solved by construing third party rights to rely on
the contract, see e.g. on the concept of the ‘contract with protective effects towards third parties’,
Basedow and Wurmnest (2005), p. 45 ff. In German law this has been accepted in principle, but did
not lead to liability in the concrete case, see OLG Hamburg, 14/6/1990 – 6 U 34/90 (1991)
Versicherungsrecht 476.
11
More recent cases where this has been attempted include the English cases The Nicholas H
[1996] 1 AC 211, [1995] 2 Lloyd’s Rep. 299 (HL) (cargo claim), The Morning watch [1990] 1
Lloyd’s Rep. 547 (pure economic loss). See further e.g. De Bruyne (2015), pp. 221, 223 ff.
12
Resolution MSC.349(92) of 21 June 2013.
13
For the purposes of this chapter, it is only relevant to look at CSs that have in fact been “recog-
nized” and are thus also ROs as otherwise they cannot be authorized to perform flag state obliga-
tions. Throughout the chapter, however, the term CS will be preferred, but this should thus not be
its obligations as flag state in respect of surveys and inspections on its behalf. The
CS (RO) when carrying out these functions will then, in fact, be exercising public
functions resting on the flag state.
In the EU, the competence to ‘recognize’ CSs has been taken over by the EU. It
is thus the EU Commission who ‘recognizes’ CSs.14 However, the competence to
authorize ROs to act on behalf of the Member State in its capacity as flag state rests
with the Member States.15 The authorization is normally done by an agreement that
sets out the scope of the authorization and the conditions therefore as well as some
(very limited issues regarding liability).16
When a CS exercises public functions two basic questions arise. One is whether
the CS may—in the same ways as states—enjoy procedural immunity from law
suits in foreign courts.17 The other one is whether the CS—to the extent it can be
sued in some court—enjoys substantial immunity from liability claims, in other
words whether there may be barriers in national law to claims based on the fact the
CS has exercised a public function.18
3.2 Immunity Defenses According to EU Law
As explained in Sect. 3.1, in the EU, it is the Member States who have the compe-
tence to decide to delegate the authority to perform surveys and inspections on
behalf of the Member State as flag state. However, when the Member State decides
to do so, it must do so in accordance with Directive 2009/15/EC on common rules
and standards for ship inspection and survey organisations and for the relevant
activities of maritime administrations.19 The directive only to a very limited extent
regulates the potential liability of the RO, namely in relation to the recourse liability
seen as an indication that the CS is not recognized as an RO.

14
In accordance with Reg (EU) No 391/2009 on common rules and standards for ship inspection
and survey organisations, [2009] OJ L 131/11.
15
However, a Member State may ‘in principle’ not deny to authorize an RO, but ‘may restrict the
number of organisations they authorise in accordance with their needs provided there are transpar-
ent and objective grounds for so doing’, Art 4(1) of Dir 2009/15/EC. Of course, the Member State
may also decide not to delegate its responsibilities at all, Art 3(2) e.c.
16
Art 5 of Dir 2009/15/EC. The Danish RO Agreement can be found at www.dma.dk/
SynRegistrering/Syn/Klassifikationsselskaber/Documents/Annex%20to%20Danish%20RO%20
Agreement%202015.pdf.
17
See UN Convention on Jurisdictional Immunities of States and their Property, 2005. See also
Orakhelashvili (2015), Finke (2010), p. 853.
18
If the potential liability stems from oil pollution from a tanker vessel, the CS may be able to
claim that no claim can be made against it on the basis of the International Convention on Civil
Liability for Oil Pollution Damage, 1992. That will depend on an interpretation of whether the CS
is covered by the channeling provision in Art. III, r 4. This is a separate question from the question
of whether the CS may be protected by the general principles of procedural and substantial immu-
nity and will therefore not be dealt with in this chapter.
19
[2009] OJ L 131/47.
of the RO to the Member State if that state is held liable towards a third party for
actions or omissions attributable to the RO.20 However, in the preamble, recital (16)
states that when an RO issues certificates on behalf of the Member State, the
Member State ‘should consider enabling them [i.e. the ROs], as regards these dele-
gated activities, to be subject to proportionate legal safeguards and judicial protec-
tion, including the exercise of appropriate rights of defence, apart from immunity,
which is a prerogative that can only be invoked by Member States as an inseparable
right of sovereignty and therefore that cannot be delegated’.
The recital thus suggests that ROs should be given some kind of (extra?) protec-
tion from claims when acting in a public capacity, but that this may not be immu-
nity. The question is what the recital really means and what the legal value of it is.
First, it may be asked whether ‘immunity’ refers to procedural or substantial
immunity. While the directive itself does not provide an answer, it seems difficult to
accept that substantial immunity is ‘an inseparable right of sovereignty’ which
would suggest that it is procedural immunity that is intended. This part of the recital
thus presents itself as an interpretation of the public international law principle of
sovereign immunity.
Second, it may be asked what the value is of a statement in a recital which has
not found its way to the articles of the directive. In this respect, it should be noted
that the directive only deals with the liability of the RO in very limited terms.
Questions of liability both for the RO and for the Member State who has delegated
authority to the RO are thus subject to (the otherwise applicable) national law. It is
only the question of recourse by the Member State when it is held liable for the
actions or omissions of the RO that is regulated. Furthermore, issues of immunity
against liability generally is not a matter regulated by EU law, but by the Member
States (including in their application of public international law). It could therefore
be argued that the EU cannot bind the Member States in this manner simply by a
statement in a recital to the directive.21 As stated, this part of the recital seems to be
an interpretation of the principle of sovereign immunity, but it does not seem to be
for the EU to make such an interpretation in the preamble of a directive, but rather
for the Member States to legislate on or its courts to apply in a liability case against
the RO. For this reason, the following sections describe the various approaches that
have been adopted in different national legal systems.
20
Art 5(2).
21
In the Al-Salam Boccaccio 98 case, see below n 65, the Italian court held that the recital had no
binding force under Italian law because the Italian legislation implementing the directive had not
transformed its content into a positive law provision, see Siccardi (2013), pp. 41, 66 available at
www.shippinglbc.com/content/uploads/members_documents/Webfile_-_Classification_Societies.
pdf.
3.3 Procedural Immunity Defense at the National Level
When a CS carries out statutory certification on the basis of an agreement with the
flag State, it carries out a public task and exercises public authority. In other words,
it carries out the tasks that would have otherwise been performed by the state. If the
state had carried out these tasks, it would have been immune from law suits for mal-
performance in foreign courts. Thus, it is a basic principle under international law
that states cannot be sued in foreign courts since this would conflict with the prin-
ciple of state sovereignty.22 The principle applies both to criminal and civil liabili-
ty.23 For this reason, it could be argued that when the CS carries out the tasks of the
state also the CS should be immune from law suits in foreign courts. This view has
been put forward in some recent cases and has been accepted by various national
courts.
The Erika case24 is a good example. The case concerned oil pollution off the
French coast caused by the vessel Erika sailing under Maltese flag. Erika had been
class certified by the Italian RINA (private certification). RINA had also acted as
RO for Malta and issued an International Safety Certificate (statutory certification).
In this case, the French state sued RINA claiming damages on the basis that the oil
pollution was caused (in part) by negligent class certification on the part of
RINA. RINA claimed procedural immunity since it had acted as RO for Malta. In
the first instance, the French Tribunal Correctionnel found that RINA did not enjoy
procedural immunity since the inspections and certification of the vessel had been
performed in the interest of the vessel owner (i.e. private certification).25 However,
the Cour d’Appel found that certificates issued by a classification society acting as
RO were ‘actes de puissances publiques’ and not simple administrative acts (‘actes
de gestion’).26 For this reason, RINA was able to claim (procedural) immunity.27
It is thus apparent that liability litigation against a CS encounters the risk that the
CS is protected by procedural immunity (unless the CS has waived its immunity).
Consequently, in order to be sure that the claim against the CS is not dismissed on
procedural grounds, the CS must be sued in the authorizing state (flag state) which
is the only state in which the CS with certainty does not enjoy procedural
immunity.
This raises the question of whether the courts of the flag state have jurisdiction in
a case against the CS. The answer will depend on the jurisdiction rules of that state.
22
See UN Convention on Jurisdictional Immunities of states and Their Property, 2005.
23
See Shaw (2008), p. 699.
24
The case of the Erika, Tribunal de Grande Instance Paris, January 16, 2008, no 9934895010,
p 1-358, The case of the Erika, Cour d’Appel Paris, March 30, 2010, no RG 08/02278-A, p 1-487,
The case of the Erika, Cour de Casssation, September 25, 2012, no H 10-82.938.
25
The case of the Erika, Tribunal de Grande Instance Paris, January 16, 2008, no 9934895010, 276.
26
The case of the Erika, Cour d’Appel Paris, March 30, 2010, nr. RG 08/02278-A, 232.
27
On the blurring of the line between the public and the private function of the CS in this case, see
further infra in Sect. 4.4. Another example where procedural immunity was granted can be found
in the Italian case Al-Salam Boccaccio 98, see infra Sect. 4.4.
If under the jurisdiction rules of the flag state the courts of that state do not have
jurisdiction to hear a case against the CS, potential claimants will, thus, not have
access to any venue in which they can sue the CS if the CS enjoys procedural immu-
nity in the other relevant venues.
In Europe, the question of jurisdiction for tort claims in general is regulated by
Regulation (EU) No 1215/2012 on jurisdiction and the recognition and enforcement
of judgments in civil and commercial matters.28 The Regulation applies to ‘civil and
commercial matters’, article 1(1). However, it ‘shall not extend, in particular, […]
to the liability of the State for acts and omissions in the exercise of State authority
(acta iure imperii)’, ibid. It is probably questionable that this will be interpreted by
the CJEU to also cover a situation where it is the liability of a CS acting on behalf
of the state which is at issue.29 It cannot therefore be said with certainty whether
Regulation (EU) No 1215/2012 will apply to a case of this kind.30 If the Regulation
applies, the general rule is that persons domiciled in a Member State must be sued
in that state, article 4(1).31 If the regulation does not apply, the national rules on
jurisdiction of most states, it is submitted, also grant jurisdiction for claims against
persons (including legal persons) domiciled in that state. In this connection, it is
important that many agreements by which flag states authorize CSs to act on their
behalf, include a provision that the CS must establish a local representation to estab-
lish legal personality in the flag state and ensure the competence of that state’s
courts.32 It must thus be assumed that there will often be jurisdiction for a liability
claim against a CS in the courts of the flag state that has authorized the CS to act on
its behalf.
As will be apparent, the procedural immunity defense may severely limit the
extent to which it is possible for a third party to sue a CS performing public func-
tions in another state than the flag state. However, even when it is possible procedur-
ally to sue, such a suit may encounter further obstacles in the form of substantial
immunity as will be developed in the following part.
28
[2012] OJ L 351/1.
29
Recital (16) of Directive 2009/15/EC would suggest that the EU Commission would take the
stance that these two situations are not to be treated as equal. See above, Sect. 3.2.
30
A deeper analysis of this issue falls outside the scope of the present chapter.
31
In tort cases, the tortfeasor may also be sued in the courts of the place where the harmful event
occurred, art 7(2). For present purposes this will only be the case if the accident by chance occurs
in the territory of the flag state. In respect of persons not domiciled in a Member State, jurisdiction
is to be determined on the basis of the national law of each Member State.
32
Dir 2009/15/EC, Art. 5(3) allows for this type of provision. As an example, see the Danish RO
Agreement, n 16, cl 5.2.
3.4 Substantial Immunity Defense at the National Level
3.4.1 Introduction
Suing a classification society may also give rise to issues of substantial immunity.
Thus, as was seen in the cases concerning procedural immunity, the classification
society carrying out public functions may be seen as in one way or the other repre-
senting the state. This raises the question whether principles of substantial liability
immunity (or limited immunity) applying to the state also applies to the classifica-
tion society, or whether the classification society will be subject to other liability
principles. Different models apply in different legal systems.
3.4.2 US: Principle of Immunity
In the US, the starting point is governmental immunity from tort law liability.33
Moreover, the principle applies not only to public entities but—under certain condi-
tions—also to private entities fulfilling the role of the public entity.34 The doctrine
of sovereign immunity has historical roots back to the idea that ‘the King can do no
wrong’. Today, this principle has been modified. Several exceptions apply. Thus, in
the US, governmental immunity has to some extent been waived through the Federal
Tort Claims Act (FTCA)35 and through the Suits in Admiralty Act (SIAA).36 The
SIAA applies if the CS acts on behalf of the US and if the act constitutes an action
in admiralty.37 A claim lies in admiralty if the issue relates to traditional maritime
activity.38 It must be assumed that the question of the liability of statutory certifiers
of vessels is an issue that is related to traditional maritime activity and that conse-
quently, the SIAA is applicable (as lex specialis). This means that as a starting point,
the principle of governmental immunity from liability does not apply to a
CS. However, the waiver of immunity is limited to certain cases. Thus, under the
FTCA, the waiver of immunity does not apply to cases of ‘discretionary function’.39
The reason for this is that discretionary function involves an element of choice
which according to the separation of powers-principle should be left to the admin-
istration or the legislator.40 The SIAA does not contain an explicit discretionary
function exemption. However, case law has established an implied discretionary
33
Lagoni (2007), p. 243, fn 930 with reference to Craig (2005), vol 1, § 1-1.
34
Yearsley v W.A. Ross Construction Co 309 US 18 at 20–21 (US 1940).
35
28 U.S.C. § 2674.
36
46 U.S.C. App. § 742.
37
Lagoni (2007), p. 244.
38
Ibid., 245.
39
28 U.S.C. § 2680 (a).
40
Lagoni (2007), p. 247.
function limitation of liability in the SIAA.41 On this basis, it must be assumed that
a CS acting on behalf of the government enjoys immunity from liability when it
carries out statutory certification.42 In other words, the principle of immunity is
transferred from the state to the CS.43
3.4.3 Germany: Limited immunity
In German law, the question of the liability of the CS when exercising public func-
tions is linked to the question of state liability according to § 839 para 1 of the Civil
Code (Bürgerliches Gesetzbuch; BGB) and art 34 para 1 of the Basic Law
(Grundgesetz; GG). According to § 839 para 1 BGB, the state (the public authority)
is liable for its officials (Beamte) exercising public functions on its behalf. At the
same time, it is only the public authority which becomes liable, not the official
itself. This follows from art 34 para 1 GG. In other words, to the extent a CS may be
regarded an ‘official’ in the sense of § 839 para 1 BGB, it may be exempted from
liability.44 Consequently, the concept of an ‘official’ under § 839 para 1 BGB
becomes crucial. The concept is not narrowly defined. In addition to employees, the
concept covers persons who have been given a certain public function (Beliehene)
and also aides of the administration (Verwaltungshelfer), i.e. certain independent
contractors carrying out tasks for the administration. It has been accepted in case
law that licensed motor vehicle experts by issuing attestations that motor vehicles
live up to public law rules on safety exercise a public function to ensure safety of
traffic and that these experts are therefore so closely integrated in the administrative
functions that they can be regarded as part of the administration (‘officials’) for the
purpose of § 839 para 1 BGB.45 On this basis, it could be argued that also a CS
should be regarded as a public official exercising public tasks under § 839
BGB. However, the status of the classification society when exercising public tasks
is unclear under German law and it has been pointed out that a foreign classification
society may not qualify as an official or Beliehener under § 839 BGB since foreign
entities cannot be assigned functions of public authority.46 In this case, the CS would
41
Ibid, 247, fn 953.
42
Ibid, 248.
43
Another example of CS liability immunity created via governmental immunity is represented by
Bahamian law. Thus, according to the Bahamian Merchant Shipping Act, 1976 (with later amend-
ments), § 275 any government appointee is immune from liability for issuing certificates in good
faith. In Sundancer, above n 5, it was a held that a CS was included in the sphere of immunity.
Consequently, under Bahamian law, the extent to which a CS can be held liable is limited in the
same way as the liability of the public authority, Honka (1994), p. 18.
44
The elimination of the liability of the ‘official’, also when the official is a private party exercising
public functions, was recently confirmed in BGH, 9/10/2014 – III ZR 68/14 (2014) Neue Juristische
Wochenschrift 3580.
45
See e.g. BGH, 30/11/1967 – VII ZR 34/65 (1968) Versicherungsrecht 200; BGH, 25/3/1993 – III
ZR 34/92 (1994) Versicherungsrecht 216.
46
See Peets et al. (2016), SeeArbG § 135 margin notes 1 f.
not enjoy immunity. In contrast, to the extent the CS qualifies as Verwaltungshelfer,

the CS would enjoy immunity in the sense that the liability would be transferred to
the state under § 839 BGB and art 34 GG.47
3.4.4 UK: Ordinary Tort Law Principles Apply
In the UK, there is no basic principle of governmental immunity. Also in general,

public authorities are subject to the same tort law liability rules as are private enti-
ties. With regard to the liability of the CS this means that as a starting point the CS
is subject to the same tort law rules whether it exercises private or public functions.
According to the Marc Rich dictum48 it must be determined whether it would be
‘fair, just and reasonable’ to hold the CS liable, if the owner is protected by global
limitation rules and the CS is not. The practical effect of this is that under English
law liability will be relevant primarily in personal injury cases.49
3.4.5 Scandinavia: Professional Liability Standard?
The question of the public function liability of the CS has never been tried in
Scandinavian case law. However, in legal writing it has been argued that the CS
should be subject to a professional liability standard.50 In general, a professional
liability standard would be stricter that an ordinary negligence standard. It is also
emphasized that the professional liability standard should apply regardless of
whether the state would be subject to a milder liability standard or no liability at
all.51 It is explicitly stated that ‘there seems to be no valid grounds for rejecting
liability’ towards passengers, crew members and landowners.52
3.5 Summing Up
In many jurisdictions, there are additional barriers for imposing liability on a CS

when the CS exercises public functions as opposed to private functions. The clearest
example of this is posed in jurisdictions applying a principle of immunity to the CS
on the basis that it represents the government which would have been immune from
47
Lagoni (2007), p. 252.
48
The dictum is in the case The Nicholas H [1996] 1 AC 211, [1995] 2 Lloyd’s Rep 299 (HL) (n 6).
See also Lagoni (2007), p. 237.
49
Lagoni (2007), p. 237.
50
Krüger (1991), pp. 273, 279, 280, 286.
51
Ibid., 277 with reference to Norwegian preparatory works.
52
Ibid., 286. See also Honka (1994), p. 30 ff, making reference to Krüger, but finding that reliance
and control become the real issue.
liability had it carried out the task itself. In particular, this approach is found in US
law. Also in German law, a CS may be exempted from liability when it exercises
public functions but this is on a different basis. Under German law, the line of
thought is a ‘respondeat superior’ line of thought implying that the ‘public official’
is relieved from liability when acting on behalf of the state because the state becomes
liable instead. The UK represents a third model according to which a public entity
is subject to the same liability rules as a private. No special principles of govern-
mental immunity apply. This also means that no such rules protect the CS even if it
exercises public functions. Under UK law, a CS can primarily be held liable in
personal injury cases. Apparently, only in the Scandinavian legal systems has it
been argued (in academic writing) that the CS should be subject to a professional
liability regime and that it should be possible to hold liable the CS for the exercise
of public functions regardless of whether the public authority behind would have
been liable had it carried out the task itself.53 Until now, this position has not been
confirmed in case law.
4 T
he Blurring of the Distinction Between Private
and Public Function and Liability Consequences
4.1 Introduction
Seen in light of the fact that additional defenses against liability seem often to be
available to a CS exercising public functions, the question of how to define public
functions as opposed to private functions becomes relevant. In this respect, it is
interesting to note that the distinction in fact seems to become increasingly blurred
both in case law and in legislation.
4.2 T
he Interplay and Overlap Between Private and Public
Certification
The failure to live up to both the private and the public standards may in fact lead to
the same types of losses. Thus, if a vessel does not live up to the technical standards
of a CS, the vessel may not be seaworthy and may risk sinking. The same is true if
the vessel does not live up to the public law standards. If a vessel sinks, damage may
be caused to the owner of the ship, mortgagees, owners of cargo on board the ship,
passengers and the environment if the vessel for instance leaks oil.
In line with this, the Danish Safety at Sea Act even has a provision which explicitly states that the
53
Danish Maritime Authority is not vicariously liable for a CS that it has authorized.
Thus, private certification may also serve a public function and public certifica-
tion may serve a private function. This sentiment is reinforced by SOLAS itself. As
described in Sect. 3.1, SOLAS sets out a large number of requirements as to the
safety of ships, and it obliges the flag states to carry out various surveys and inspec-
tions and to issue certificates in this regard. These tasks are clearly public functions.
However, SOLAS further requires that ships ‘shall be designed, constructed and
maintained in compliance with the structural, mechanical and electrical require-
ments of’ an RO.54 Ships may alternatively comply with national standards of the
flag state which ‘provide an equivalent level of safety’, but few, if any, flag states
have issued such national standards. While the development of structural, mechani-
cal and electrical requirements (the ‘rulebook’) is clearly performed as a private
function by the RO, it is a statutory requirement that ships comply with such a rule-
book. Thus, a ship cannot obtain certificates under SOLAS unless it complies with
the rulebook of an RO. It should be noted that it is not a requirement that a ship is
in class, that is, that it is certified by an RO that the ship complies with its rulebook,
but the shipowner must be able to document that the ship complies with the rule-
book. A certificate to verify the compliance of the ship with an RO’s rulebook may
thus be issued by the flag state authorities. In practice, however, almost all ships are
classed, and the RO thus issues a class certificate and—if it has been authorized by
the flag state—inter alia on the basis thereof issues certificates under SOLAS.
Maintaining a very strict distinction between the public and private functions of
the RO can in these circumstances seem strained. This seems to be reinforced by
developments in recent international legislation and case law as will be described in
the following sections.
4.3 IMO Code for Recognized Organizations
In 2013, the IMO adopted a Code for Recognized Organizations.55 The RO Code
sets out minimum requirements which CSs must fulfil in order for flag states to
recognize and authorize them to act on their behalf as well as guidelines for the
oversight of the ROs by flag states.56 Notably, the Code does not deal with the liabil-
ity of the RO neither towards its customer nor towards third parties.57
The Code states that it applies to ROs when they perform ‘statutory certification
and services on behalf of’ the flag state.58 The term ‘Statutory certification and
54
Reg II-1/3-1.
55
Resolution MSC.349(92) of 21 June 2013.
56
Part 1, reg 1.
57
Appendix 3 sets out elements to be included in an agreement between the flag state and the
RO. Item 8.4 simply states ‘Liability’. However, the footnote indicates that this mainly refers to the
potential recourse of the state against the RO in case the state is held liable for loss or damage
caused by any negligent act or omission of the RO.
58
e.g. Part 1, regs 2.1.1 and 2.2.2.
services’ has a lengthy definition set out in Part 2, regulation 1.1.3: ‘certificates
issued, and services provided, on the authority of laws, rules and regulations set
down by the Government of a sovereign State. This includes plan review, survey,
and/or audit leading to the issuance of, or in support of the issuance of, a certificate
by or on behalf of a flag State as evidence of compliance with requirements con-
tained in an international convention or national legislation. This includes certifi-
cates issued by an organization recognized by the flag State in accordance with the
provisions of SOLAS regulation XI-1/1, and which may incorporate demonstrated
compliance with the structural, mechanical and electrical requirements of the RO
under the terms of its agreement of recognition with the flag State’. This is a very
wide definition. The final sentence seems clearly to indicate that the RO is also per-
forming ‘statutory certification and services’ when it conducts surveys and issues a
class certificate, i.e. certifying that the ship is in class in accordance with the RO’s
own rulebook. This would seem to mean that the RO’s issuance of a class certificate
is also considered under the RO Code to be performed ‘on behalf of the flag state’.59
This has been objected to by the EU.60 Directive 2009/15/EC61 distinguishes very
clearly between ‘statutory certificates’ and ‘class certificates’ which are defined in
article 2, lit i) and k) respectively. After the adoption of the IMO RO Code, the
European Commission adopted the Commission Implementing Directive 2014/111/
EU amending Directive 2009/15/EC with regard to the adoption by the International
Maritime Organization (IMO) of certain Codes and related amendments to certain
conventions and protocols.62 The interesting part in the present context is the pre-
amble in which the Commission analyzes how the RO Code (and the so-called III
Code) differ from the Directive and Regulation (EU) No 391/2009. Recital (21)
makes it clear that this distinction is to be maintained and that the certificates have
different natures. Statutory certificates have a ‘public nature’ while class certificates
have a ‘private nature’. Thus, class certificates ‘are documents of a strictly private
nature which are neither acts of a flag State nor carried out on any flag State’s
behalf’. It is specifically set out that this is also the case even when the class certifi-
cate is verified by a flag state as proof of compliance with the requirement in SOLAS
that the ship must comply with the rulebook of an RO.
The RO code and the EU instruments thus take very differing standpoints as to
the nature of class certification. Whereas the EU instruments consider such certifi-
cation as being of a strictly private nature, the RO Code does not seem to differenti-
ate between statutory and class certification. Neither of the instruments deal with
the liability of ROs towards third parties. However, as shown above, further defenses
in the form of immunity may be available to the RO when acting on behalf of the
flag state and the distinction thus becomes relevant also in relation to the liability
questions. The instruments may therefore rub off on the liability issue. Seen in this
light, it is an interesting development that the RO Code seems to include class
59
De Bruyne (2015), p. 237.
60
See also ibid.
61
Above text to n 13 ff and Sect. 3.2.
62
[2014] OJ L 366/83.
c ertification in its definition of ‘statutory certification and services’. This may have
been influenced by the SOLAS requirement that ships must comply with the rule-
book of an RO.
4.4 Recent Cases
Similar blurring of the line between private and public functions of the RO as a
result of the difficulty of categorizing class certification can be seen in The Erika
case.63
Interestingly, in this case as described above, the fact that it was the class certifi-
cation service that had been negligently performed did not seem to be of impor-
tance. In this context, the court placed emphasis on the fact that by virtue of the
SOLAS convention class certification is a precondition for statutory certification.
For this reason, class certification plays a role in improving safety at sea and thus
serves the public interest.64 Thus, according to this decision, the defense of proce-
dural immunity seems applicable (under French law) also to claims based on negli-
gent class certification (and not only to statutory certification). In other words, a
public function defense is being pulled into a private function claim.
Similar arguments were forwarded in The Al-Salam Boccaccio 98 case.65 The
Al-Salam Boccaccio 98, flying the Panamanian flag, sank in 2006 in the Red Sea
leading to the tragic loss of more than 1000 lives. The ferry had previously flown the
Italian flag. The Italian RO RINA had throughout acted as CS, issuing class certifi-
cates, and had also acted as RO, issuing statutory certificates, first on behalf of Italy
and after the flag change on behalf of Panama. An association of victims’ families
sued RINA in damages in the Italian courts. The plaintiffs claimed inter alia that
RINA had acted negligently when performing the class certification. RINA claimed
procedural immunity because it claimed to have acted as an RO on behalf of a flag
state. The City Court of Genova found that RINA was protected by procedural
immunity. Interestingly, the court held that no distinction should be made between
statutory and class certification in this regard, inter alia considering that class certifi-
cates are required for each ship to sail.66 It would seem that the court thus placed
emphasis on the SOLAS requirement that ships must comply with the rulebook of
an RO.
63
See n 24.
64
De Bruyne (2015), p. 228.
65
Abdel Naby Hussein Maboruk Aly v RINA s.p.a., Tribunale di Genova, 8/3/2012, no. 9477/2010.
The present mention of this case is based on the summaries of the case by Siccardi (2013), p. 62 ff,
De Bruyne (2014), p. 217 f and De Bruyne (2015), p. 231 f.
66
Siccardi (2013), p. 65; De Bruyne (2015), p. 232.
5 Conclusion
On the basis of the above, three observations can be made.

First, whereas there are several barriers to imposing liability on classification
societies for negligent private certification, pursuing a claim for negligent public
function certification adds an extra layer of complications to the cases. This is due
to the concepts of immunity found at both the procedural and the substantive law
level. Principles of procedural immunity may imply that claims can only be brought
in the flag state, which may not always be attractive, and principles of substantial
immunity limit the extent to which the CS can be held liable under tort law at all
when the CS exercises public functions. Principles of substantial immunity in tort
law seem to be found to varying degrees in different legal systems. The impact of
the various concepts of immunity is that in a tort law suit more barriers are to be
overcome if the claim is based on negligent public function certification than private
certification. This may be described as somewhat of a paradox since negligent statu-
tory certification may potentially lead to bigger and more serious losses than negli-
gent private certification.
Second, the fact that the liability standard seems to differ depending on whether
certification is private or public also means that drawing the distinction between
these two types of certification becomes central. However, as the analysis shows,
whereas distinguishing between these two types of certification was the original
starting point, today the line between private and public function certification seems
to be getting more and more blurred. This is evident both in recent international
instruments and in recent case law.
Third, as illustrated by notably The Erika case and The Al-Salam Boccaccio 98
case, the effect of the blurring of the line between the two categories of certification
seems to be a spillover effect of the public function immunity defenses to the private
function situations.
In other words, the net result seems to be that the increase in the importance of
the role played by the classification societies is paralleled by a decrease in the extent
to which it is possible to hold the classification societies liable.
References
Antapassis, A. M. (2007). Liability of classification societies. Electronic Journal of Comparative

Law, 11(3):13–14.
Basedow, J., & Wurmnest, W. (2005). Third-party liability of classification societies. Berlin,
Germany: Springer.
Boisson, P. (1994). Classification societies and safety at sea – Back to basics to prepare for the
future. Marine Policy, 18, 363.
Craig, J. L. (Ed.). (2005). Civil actions against the United States, its agencies, officers and employ-
ees (2nd ed.). St. Paul, MN: West.
De Bruyne, J. (2014). Liability of classification societies: Cases, challenges and future perspec-
tives. Journal of Maritime Law & Commerce, 45, 181.
De Bruyne, J. (2015). Liability of classification societies. Developments in case law and legis-
lation. In M. Musi (Ed.), New challenges in maritime law: De lege lata et de lege ferenda
(p. 221). Bologna, Italy: Bonomo.
De Bruyne, J., & Vanleenhove, C. (2014). An EU perspective on the liability of classification soci-
eties. Selected current issues and private international law concerns. Journal of International
Maritime Law, 20, 103.
Finke, J. (2010). Sovereign immunity: Rule, comity or something else? European Journal of
International Law, 21, 853.
Furger, F. (1997). Accountability and systems of self-governance: The case of the maritime indus-
try. Law & Policy, 19, 445.
Goebel, F. (2018). Classification societies: Competition and regulation of maritime information
intermediaries. Münster, Germany: LIT Verlag.
Honka, H. (1994). The classification system and its problems with special reference to the liability
of classification societies. Tulane Maritime Law Journal, 19, 1.
Krüger, K. (1991). Fault liability for classification societies towards, third parties? In L. Gorton,
J. Ramberg, & J. Sandström (Eds.), Festskrift til Kurt Grönfors (p. 271). Stockholm, Sweden:
Nordstedts.
Lagoni, N. (2007). The liability of classification societies. Berlin, Germany: Springer.
Orakhelashvili, A. (2015). Research handbook on jurisdiction and immunities in international law.
Peets, R., Bubenzer, C., & Mallach, E. (2016). Seearbeitsgesetz. Baden-Baden, Germany: Nomos.
Pulido Begines, J. L. (2005). The EU law on classification societies: Scope and liability issues.
Journal of Maritime Law and Commerce, 36, 487.
Shaw, M. N. (2008). International law (6th ed.p. 699). New York: Cambridge University Press.
Siccardi, F. (2013). Immunity from jurisdiction are CS entitled to it (a) as recognized organisa-
tions acting for flag states (b) when performing class services. In: Conference paper in the
conference material Classification Societies’ regulatory regime and current issues on liability,
London Shipping Law Centre, 21 February 2013, p 41.
Liability of Rating Agencies Under
German and European Law
Axel Halfmeier
1 Introduction
In the aftermath of the financial crisis that culminated in the Lehman Brothers col-
lapse in 2008, one of the many issues was the role of rating agencies in the develop-
ment of the crisis. These rating agencies act globally and have developed a lucrative
business model that is usually described as “solicited rating” or “issuer pays” rating.
In this model, banks or other financial institutions develop financial “products” that
are structured in complex and mathematically sophisticated ways. The arranging
bank then contracts with the rating agencies to receive a rating of the “product”, in
return for a fee. With this rating, the arranging bank can then sell its “product” to
investors—mostly institutional investors, but occasionally also retail investors.
Investors are often inclined to buy only investments with a certain quality or risk
category that is signified by the rating. Some investors may even have internal rules
under which they are obliged to buy only financial products with a certain rating.
In the process of “solicited ratings”, it was common—at least before 2008—to
see a wondrous transition from rather speculative assets or casino-type bets and
options to “AAA” rated financial products.1 This transition was achieved by certain
mathematical operations and highly complex structures of the products, structures
that were incomprehensible to all but a few experts in mathematics.
However, if one looks at the incentive structures of such “solicited rating” con-
tracts, the transition from junk to gold becomes less astonishing: If the “producer”
1
The rating “AAA” is used in one of the usual rating systems as the grade for the most secure
investments possible, such as government bonds of highly respected and economically successful
countries.
A. Halfmeier (*)
Leuphana Law School, Leuphana University of Lüneburg, Lüneburg, Germany
e-mail: axel.halfmeier@leuphana.de

https://doi.org/10.1007/978-3-030-02499-4_11
232 A. Halfmeier
pays the rating agency good money for the rating, there is a strong interest on both
sides to arrive at a good rating: The producer can sell his product better—or in many
cases only—if the “AAA” stamp by a well-known rating agency is attached to the
product. The rating agency has an interest to keep its customers happy, so that they
come back with more business.2 Accordingly, there is a strong incentive to simply
give the good rating without asking too many questions—unless there is something
to lose by publishing wrong ratings.
Interestingly, the employees at Standard & Poor’s, one of the leading rating
agencies, were themselves astonished how well their business model of turning junk
into gold was working: “Let’s hope we are all wealthy and retired by the time this
house of cards falters”, as a senior S&P employee put it.3 In the literature, it is esti-
mated that 80% or even 90% of the rating agencies’ income comes from “issuer
pays” rating activity.4
In a corporate law context, the German Higher Regional Court of Dusseldorf has
even argued that because of the conflict of interest for the rating agency in “issuer
pays” situations, such ratings could not be relied on at all and that it is negligent for
a company’s executive to make investment decisions based solely on such ratings.5
In economic literature, there is broad discussion regarding the incentive structure
in such circumstances, in particular with a view to the “reputation risk” for rating
agencies that deliver false or careless ratings. There seems to be some evidence that
under the specific market situation of rating agencies and the oligopolistic structure
of the ratings market, these reputational risks are rather low.6 This means that even
if ratings are unreliable, this will not affect the rating agencies’ business. This the-
ory with respect to the lack of reputational risks is supported by recent historical
evidence: Notwithstanding the false ratings of “AAA” regarding many financial
products in the pre-crisis era, the large rating agencies have come out of the crisis
without losing their large market shares.
Liability for false ratings towards investors who suffered losses could therefore—
at least as a theoretical possibility—act as an additional incentive to be more careful
in the “solicited ratings” business model. There are several court cases in which this
issue was discussed after the financial crisis. Most notably, Australian courts handed
down judgments against Standard & Poor’s in which they accepted large damage
claims by investors based on “unreasonable, unjustified and misleading ratings”.7
Australian investors had trusted into the “AAA” ratings given by S & P with regard
to structured financial instruments that proved to be rather worthless. In her
2
Regarding this conflict of interest see e.g. Darcy (2009), p. 605.
3
Taibbi (2013).
4
Dreher and Ballmaier (2015), pp. 1357, 1359 with fn 30 with further references.
5
OLG Dusseldorf, 9.12.2009, 6 W 45/09 – IKB, (2010) Zeitschrift für Wirtschaftsrecht (ZIP) 28.
6
See the comprehensive description of the relevant incentive and interest structures by Kumpan
(2009), p. 261.
7
Full Federal Court of Australia, 6.6.2014, ABN AMRO Bank NV v. Bathurst Regional Council
[2014] FCAFC 65, 224 FCR 1, with case notes by Sahore (2015), p. 437 and Harding-Farrenberg
and Donovan (2015), p. 91.
Liability of Rating Agencies under German and European Law 233
1 000-pages opinion, the trial judge had described the construction of these securi-
ties as “grotesquely complicated”.8
In this case, Australian procedural law allowed a discovery procedure which
resulted in the disclosure of e-mails and other documents that were seen as evidence
that S & P as well as the issuing bank knew or should have known the mathematical
flaws in the “AAA” ratings. Based on this evidence, European investors also brought
proceedings against S & P, which were settled in 2016 before the High Court in
London; the details of the settlement are confidential. Smaller claims against S & P
were also brought before German courts.9 In the US, the federal government sued
Standard & Poor’s for alleged false ratings and reached a settlement over the amount
of US-$ 1.5 billion.10
Apart from and beyond these individual cases, the issue of rating agencies’ lia-
bility remains relevant for the future. An adequate liability regime may create useful
incentives for these agencies, which can, in principle, serve a useful function within
the economy: It is not very efficient if each individual investor tries to individually
evaluate the quality and risk category of a possible investment. If one could rely on
rating agencies to perform their task adequately, they would act as trustworthy pro-
fessional intermediaries and thus save substantial amount of transaction costs which
would be economically beneficial.11
Before this background, this chapter looks into specific aspects of the current
liability regime for rating agencies, namely issues of jurisdiction (Sect. 2) and con-
flicts of law (Sect. 3) as well as the recent introduction of relevant substantive law
in the European Union (Sect. 4). As the new EU legislation has not yet had much
practical relevance, German law will also be covered as an example for a possibly
applicable EU Member State’s law (Sect. 5).
2 Jurisdiction
The bigger rating companies typically have their headquarters in New York, so that
the issue of jurisdiction becomes relevant for cases brought before EU Member
States’ courts. The EU Brussels I Regulation12 very often will not apply, as the
defendant has its seat outside the EU. This means that the national jurisdictional
rules of the forum state will apply and that even “exorbitant” grounds for
jurisdiction—mentioned in Article 5(2) Brussels I Regulation—may be used against
8
Federal Court of Australia, 5.11.2012, Bathurst Regional Council v. Local Government Financial
Services Pty Ltd (No 5) [2012] FCA 1200.
9
See e.g. Bundesgerichtshof, 13.12.2012, (2013) Neue Juristische Wochenschrift 386.
10
See Pacces and Romano (2015), pp. 673, 675.
11
On the important economic function of rating agencies see e.g. Lehmann (2011), pp. 60, 61 f;
Pacces and Romano (2015), p. 673 f with further references.
12
Reg (EU) 1215/2012 on jurisdiction and the recognition and enforcement of judgments in civil
and commercial matters, [2012] OJ L 351/1.
234 A. Halfmeier
the defendant. For example, the German Federal Court decided that the much-dis-
cussed asset-based jurisdiction rule of § 23 ZPO (German Civil Procedure Code)
was sufficient to provide jurisdiction against a US rating agency because the agency
held assets within Germany and the claimant was domiciled in Germany.13
3 Conflicts of Law
In contrast to the asymmetric structure of the Brussels I Regulation, in which the

defendant’s domicile typically decides on the applicability of the EU Regulation,
the EU Rome Regulations are universally applicable in all transnational disputes
that arise before EU Member States’ courts. This means that these Regulations will
typically be used by EU Member States’ courts to determine the applicable law in
disputes between investors and rating agencies. With regard to older cases—in par-
ticular those concerning ratings before the financial crisis of 2008—the applicabil-
ity of the Rome Regulations depends on certain dates: The Rome I Regulation (EC)
No 593/2008 on the law applicable to contractual obligations14 applies only to con-
tracts concluded on or after 17 December 2009 (Article 28 Rome I Regulation). The
Rome II Regulation (EC) No 864/2007 on the law applicable to non-contractual
obligations15 applies with effect from 11 January 2009 (Article 32 Rome II
Regulation).
With regard to the latter date, there has always been some ambiguity regarding
the meaning of that date. The European Court of Justice has decided that the
Regulation will apply if the “event giving rise to damage” occurred after the date
mentioned above.16 This does not fully clarify things: Is it the harmful event that
matters, or the damage? The latter could well happen several years after the rating
activity, for example in the case of securities that lose their market value at a later
point in time. Therefore, it is still possible to interpret Article 32 Rome II Regulation
in the sense that the time of the actual injury to the victim counts, and not the time
of the original action by the alleged tortfeasor.17
But even if the Rome Regulations are applicable to the case—which one covers
the issue? Is a claim brought by an investor against a rating agency, based on alleg-
edly false ratings, a contractual claim (Rome I) or a non-contractual claim (Rome
II)? In the terminology of conflict of laws theory, this is a question of “characterisa-
tion”. The answer should not depend on the national system that one may be used
to: Indeed, older German case law and literature had characterised such issues of
13
Bundesgerichtshof, 13.12.2012, (2013) Neue Juristische Wochenschrift 386, 387.
14
[2008] OJ L 177/6.
15
[2007] OJ L 199/40.
16
ECJ, 17.11.2011, Case C-412/10 Homawoo v GMF, ECLI:EU:C:2011:747, paras 33 and 36.
17
In this sense, see the English decision of Alliance Bank v. Aquanta, [2012] Lloyd’s Law Reports
181 (Q.B.D. 2011); see also Knöfel (2016) margin note 10; Halfmeier (2015) margin note 5.
“expert liability” under certain conditions as contractual.18 This view is rooted to the
German case law on “contracts with protective effect for third parties” that was
developed by German courts and doctrine in order to cope with perceived deficien-
cies in German tort law.19 The idea here is that the contract between the issuer of the
securities and the rating agency creates a protective effect for third parties—the
investors—in the sense that they could bring claims in a similar way as the contract-
ing party can, making these claims “contractual” in a broader sense.
However, the Rome I and II Regulations must be interpreted autonomously from
a EU perspective and not through the lens of particular private law systems. In order
to define “contractual” obligations, the European Court of Justice often speaks of an
obligation that is “freely assumed” by the debtor in relation to the other party.20 In
the context of experts’ liability vis-á-vis third parties, this is typically not the case:
The expert may freely assume an obligation to act diligently in relation to his con-
tracting partner by whom he is paid. In relation to—possibly very many—third
parties, it would not be adequate to say that such obligations are “freely assumed”
by the expert. Therefore, expert liability towards third parties is—in a comparative
and European perspective—rather a question of tort law, so that the Rome II
Regulation is to be applied.21
3.1 Application of Article 4(1) Rome II Regulation
None of the special conflict rules in Articles 5 to 9 Rome II Regulations are relevant.
In particular, “product liability” in the sense of Article 5 Rome II Regulation is
meant to cover only physical products.22 This means that notwithstanding the usual
bankers’ lingo of “financial products”, non-contractual liability in the area of finan-
cial services comes under the general conflicts rule in Article 4 Rome II Regulation.
According to Article 4(1) Rome II Regulation, the applicable law is that of the
“country in which the damage occurs”. Investors who suffer losses due to false rat-
ings have only financial damage, not physical damage. For such purely financial
losses, the “country in which the damage occurs” is notoriously hard to determine.
The reason for this is that Article 4(1) Rome II Regulation presupposes a geographi-
cal location of the “damage”. Such a geographical approach may be feasible in case
18
OLG Hamburg, 21.5.1981, (1983) Versicherungsrecht 350 (bank’s third party liability for false
information); OLG Köln, 17.9.1993, (1993) Recht der Internationalen Wirtschaft 1023, 1025
(bank’s third party liability in money transfer situation); Magnus (2002) margin no. 37 with further
references.
19
See on this development in Germany Bussani and Palmer (2003), p. 150 f.
20
ECJ, 20.1.2005, Case C-27/02 Petra Engler v Janus Versand, ECLI:EU:C:2005:33, paras 50 and
51; ECJ, 14.3.2013, Case C-419/11 Česká spořitelna v. Feichter, EU:C:2013:165, paras 46 and 47.
21
This is also the prevailing view in more recent German literature, see van Hein (2011) margin
note 10; Dutta (2009), pp. 293, 294.
22
Junker (2018) margin note 13.
236 A. Halfmeier
of physical damage, because physical events do have a location in space. With finan-
cial losses, it is different, because the idea of “wealth” or “money”—unless we are
talking of tangible coins and paper money, which typically are not involved in
investment cases—is not physical, but relies on social and legal constructions.
When I get a letter in my home in Frankfurt, sent from my Swiss bank with a bank
statement that shows large losses on my account that result from trading on the
New York stock exchange, where is the damage geographically located?
The answer to this question cannot be based on a literal interpretation of the
Regulation, but needs to be supported by normative standards concerning the regu-
latory interests at stake. For example, if a certain investment offer is tailored to
German investors as a target group, there may be good reasons why German law
should govern the question of non-contractual liability, even if—for example—one
of the buyers uses a Swiss bank account for the transaction. The question of what is
the adequate liability regime should not depend on contingent factors such as the
bank accounts involved.
Unfortunately, the European Court of Justice has not—at least not explicitly—
given much consideration to such a normative approach. Relevant cases come
mainly from the EU law of jurisdiction, where jurisdiction in tort cases can also be
based on the place of the damage.23 In this context, the ECJ has decided that the
place of financial damage is located “where the investor suffered it”, which is speci-
fied further as the investor’s domicile if the loss occurred in a bank account held
with a bank established in that same country.24
Even though this case law on the localisation of the place of damage is much
discussed and far from settled,25 it leads at least for the moment to the conclusion
that in the context of Article 4(1) Rome II Regulation, purely financial damage can
probably be located at the domicile of the victim of the alleged tort, unless there are
foreign bank accounts or other special factors involved. This would mean that the
victim’s home law would be applicable.
3.2 Application of Article 4(3) Rome II Regulation
On the other hand, some authors argue that a “market-place” principle should be
applied with regard to rating agencies’ liability, similar to arguments that have been
brought forward in the area of prospectus liability.26 From a normative point of view,
this makes sense: In the area of financial markets, liability law does not only have a
23
Ever since ECJ, 30.11.1976, Case 21/76 Bier v. Mines de Potasse d’Alsace, ECLI:EU:C:1976:166,
paras 24 and 25.
24
ECJ, 28.1.2015, Case C-375/13 Kolassa v. Barclays Bank, ECLI:EU:C:2015:37, paras 54 and
55.
25
See e.g. the very critical comment on the ECJ’s Kolassa decision by Freitag (2015), p. 1165.
26
On rating agencies’ liability see Wagner (2017) margin note 141; with regard to prospectus lia-
bility see Lehmann (2016), p. 318.
compensatory function, but also an important regulatory function.27 As different

national markets are governed by different regulatory regimes, it seems adequate to
use a national market-regulating regime also with respect to private law claims.
However, this argument has not been taken up yet by the European Court of
Justice, and there are a number of problems associated with it: First of all, the
explicit rules in the Rome II Regulation may not be able to accommodate the
market-place argument. On the contrary, one could argue that since there is an
explicit market-place principle spelled out in Article 6 Rome Regulation (for com-
petition law cases), capital market tort claims should be governed by the general
rule in Article 4 Rome II Regulation.
The only way in which one could make the market regulation argument compat-
ible with the wording of the regulation would be to use Article 4(3) Rome II
Regulation, that is, the concept of the one country that is “manifestly closer con-
nected” to the case than any other country. This route may possibly be taken in
prospectus liability cases, where an emission is targeted for a specific national
market—in particular to be traded on one country’s stock exchange. If rating activi-
ties are connected to such a country-focused emission, the use of Article 4 (3) may
be possible.
On the other hand, there are many rating activities that relate to financial instru-
ments that are not traded on a stock exchange or any other form of a specific national
market, but that are designed for a global customer base. For such financial instru-
ments, it may be difficult to find a specific country to which the rating activity is
“more closely connected”, so that the current wording of the Rome II Regulation
may require the application of its general rule in Article 4(1) instead. As pointed out
above, this will typically lead to the law of the victim’s domicile.
4 European Union Ratings Regulation
After the financial crisis, the shady activities of the big rating agencies came into the
legislative focus of the European Union. One of the results was the creation of a
liability provision in Regulation (EC) 1060/2009 (amended in 2013) on credit rating
agencies (“Ratings Regulation”).28 The new Article 35a of this Regulation is titled
“civil liability” and appears as a largely substantive law provision, but with sprin-
kles of conflict rules in it. It has not yet seen any application in practice.
Lehmann (2011), pp. 62–63.

27
Reg (EC) No. 1060/2009 on credit rating agencies, [2009] OJ L 302/1, as amended by Reg (EU)
28
No 462/2013, [2013] OJ L 302/1.

238 A. Halfmeier
4.1 Application and Function
Article 35a Ratings Regulation has a very limited scope of application: The whole
Regulation, including the civil liability provision, only applies to rating agencies
which are registered in the EU, see Article 2(1) of the Regulation. There is a special
registration process with the European Securities and Markets Authority (ESMA)
described in Articles 14 to 20 of the Regulation. The ESMA keeps a list of these
EU-registered rating agencies.29 That ESMA list shows that of the dominating rating
agencies, only Fitch (with double headquarters in New York and London) is regis-
tered with its group parent company, while Moody’s and Standard & Poor’s have
only registered their European subsidiaries. This means that insofar as the activity
of the US parent companies is concerned, Article 35a Ratings Regulation is not
applicable.
With regard to jurisdiction, Article 35a(4) states that the competent court to
decide on a claim brought by an investor—or even an issuer of financial i nstruments—
shall be “determined by the relevant rules of private international law”. Here, the
term “private international law” is used in the broader sense that is common in the
English-speaking world, that is, it includes both conflict rules and rules regarding
the jurisdiction of courts. Since no new rules on jurisdiction are introduced, the
results outlined above (at Sect. 2) remain valid in principle, although the Brussels I
Regulation will play a bigger role in cases coming under Article 35a Ratings
Regulation, as the potential defendants are all headquartered in the EU.
With regard to the applicable law, Article 35a is less clear. It is not a new conflict
rule, but rather a rule of harmonised substantive law. This is evident from Article
35a(1) which sets out substantive conditions for a liability claim against rating
agencies. Therefore, Article 35a Ratings Regulation could at first glance be imme-
diately applied without the prior determination of an applicable law, similar to uni-
form laws. On a closer look, however, things are not that easy. First of all, Article
35a(4) explicitly orders that the legal terms and concepts employed in the provision
shall be interpreted not as autonomous EU concepts—as it would be the case in
most EU legislation—but according to the “applicable national law as determined
by the relevant rules of private international law.” This means that Article 35a cre-
ates a mixture between a harmonised normative structure and its interpretation
according to the applicable national laws.
This is a rather unusual approach in the area of harmonised substantive law. To
be sure, any uniform law may leave open issues that need to be filled in a given case
with additional national rules. For example, Article 7(2) of the Convention on the
International Sale of Goods (CISG) provides that matters not expressly dealt with in
the uniform law shall be settled in accordance with general legal principles or, as a
last resort, in conformity with the applicable national law. What is striking with
respect to Article 35a Ratings Regulation is that this provision does not even attempt
to harmonise central concepts—such as “gross negligence” or “due care”—but
29
See https://www.esma.europa.eu/supervision/credit-rating-agencies/risk.
intentionally leaves the interpretation of these concepts to the applicable national

laws. This is particularly peculiar in view of the fact that—unlike the CISG or other
international law conventions—the European Union has a judiciary in place that is
willing and able to interpret the terminology of EU law.
Another peculiarity of Article 35a Ratings Regulation is that it does not replace
national laws on the same issue, but only adds an additional possible cause of action.
The existing claims under national law are untouched, as Article. 35a(5) clarifies.30
In a given case therefore, the question of a rating agency’s liability needs to be
answered both under the regime of Article 35a Ratings Regulation (if applicable) as
well as under the applicable national law. If the applicable national law provides for
a stricter liability standard, the Ratings Regulation does not bar such a claim. In fact,
Article 35a Ratings Regulation must therefore be viewed as a type of minimum
harmonisation which forces Member States to accept a certain level of rating agen-
cies’ liability but at the same time allows the use of a stricter standard under national
law.
4.2 Liability Standard
This “minimum harmonisation” character of Article 35a Ratings Regulation is also

visible if one looks at its content. According to Article 35a(1), a rating agency is not
liable for any breach of a duty of care, but only for the infringements that are enu-
merated in Annex III of the Ratings Regulation. This list is rather extensive and
covers many types of possible infringements, including the violation of the duty to
use adequate measures that ensure the correct processing of information and of the
duty to use rigorous rating methodologies.31 Nevertheless, such an enumeration of
specific infringements that need to be shown in order to establish a breach of duty
may provoke the argument that the specific case concerns a different type of viola-
tion outside the list in Annex III so that Article 35a would not be applicable.
Evolutionary legal systems such as the Common Law, but also codified systems
typically rely on a more flexible approach, for example on the use of open terms
such as “reasonable care” or “professional duties”. In the history of legal systems,
such terms have been successfully used by courts to adapt the case law or code
interpretation to new developments, new technologies or formerly unknown prob-
lems. In contrast, the enumerative approach used in Article 35a and Annex III
Ratings Regulation is rather static and invites hair-splitting arguments regarding the
exact type of infringement.
A further limitation in Article 35a is the requirement of “gross” negligence or
intent on the side of the rating agency, in contrast to ordinary tort law, where negli-
gent behaviour is usually sufficient to trigger a claim.
30
It is therefore unclear why Lehmann (2011), p. 73 argues that certain French laws regarding rat-
ing agencies’ liability cannot be applied because of the EU Ratings Regulation.
31
Reg 1060/2009, Annex III, no I. 42 and 43.
240 A. Halfmeier
With regard to the burden of proof, Article 35a(1) subpara 2 stipulates that the
investor must prove reasonable reliance on the rating when making the investment
decision. We know from other areas of capital market law—such as prospectus
liability—that the issue of reliance is typically contested and often difficult to prove.
This is why some national systems presume reliance in certain cases, depending on
the exact circumstances.32 The apparently rigid rule in Article 35a Ratings Regulation
may therefore provide a major obstacle to investor claims.33 On the other hand, as
Article 35a(4) orders the interpretation of “reasonable reliance” according to the
applicable national law, there is a possibility that more flexible standards from
national legal systems may influence cases brought under Article 35a Ratings
Regulation.
Summing up, Article 35a Ratings Regulation appears to be a rather unusual pro-
vision that is clearly the outcome of a complicated political compromise. Its signifi-
cance probably does not lie so much in its possible application, but rather in the
symbolic value of a European Union minimum standard regarding rating agencies’
liability.
5 German Substantive Law
5.1 The Contract with Protective Effect for Third Parties
The foregoing analysis shows that due to the limited reach of EU law, national laws
will continue to play an important role in the area of rating agencies’ liability. As an
example—and since it did play a certain role in actual disputes—we will analyse the
situation in German law. As mentioned above, German case law on experts’ liability
vis-á-vis third parties is centred around the doctrine of the “contract with protective
effect for third parties”.
In one of the leading cases under this doctrine, an architect was commissioned to
provide an expert opinion on the condition of a house. The owner wanted this opin-
ion in order to present it to prospective buyers of the house, and the architect knew
about this intent. The opinion was flawed, since the architect did not inspect the
roof, which in fact was defective. The seller of the house knew about this defect but
succeeded in hiding it from the negligent architect. After the house had been sold,
the buyer found out about the defective roof and sued the architect for damages—
the seller was apparently insolvent. The German Federal Court confirmed the “pro-
tective effect” of the contract between seller and architect, for the benefit of the
buyer.34 Note that the buyer in this case has more “contractual” rights against the
32
In particular in prospectus liability cases under German law, see § 23 para (2)
Wertpapierprospektgesetz, according to which reliance on the prospectus is presumed unless the
defendant proves non-reliance.
33
Wagner (2017), margin note 141.
34
Bundesgerichtshof, 10.11.1994, (1995) Neue Juristische Wochenschrift 392, 393.
architect than the actual contracting partner (the house seller) who probably could
not claim that the expert opinion was faulty or negligently prepared in a situation
where he himself had instructed the architect not to look for problems with the
roof.35 Furthermore, the third party’s rights are independent of the will of the origi-
nal contracting parties, that is, they cannot avoid the protective effect: “An expert
assessment that is presented to third parties as a basis for economic transactions in
relation to the person who ordered the expert assessment and that is supposed to be
used for this purpose, includes in principle the protection of these third parties; a
contrary will of the parties aimed at deceiving the third parties is against good faith
and therefore ineffective.”36
This complete denial of party autonomy shows clearly that the German courts
may use contract law language here, but have in fact extended and re-designed the
German law of torts by case law.
In the defective roof case, only the one single buyer was seen as the protected
third party. In a more recent decision, the Federal Court extended this legal con-
struction to a larger number of investors: Again, the case dealt with an opinion on
the value of real estate, but in this case, the real estate was to be used as collateral
for the emission of bonds with a total value of 10 million DM. The Federal Court
reasoned that there was no structural difference here to the earlier expert opinion
cases, so that the protective effect of the original contract between the expert and his
client extended to all the investors who had bought bonds in reliance on the expert
opinion.37 To justify this decision, the Court added that the total amount of the liabil-
ity risk—the volume of the bond emission—was foreseeable from the start.
Therefore, it should not matter whether the complete risk relates to one protected
party or is divided among a number of investors.38
Another area where the protective effect contract doctrine is relevant is the liabil-
ity of accountants and auditors towards third parties. German courts distinguish
between regular audits—in particular concerning annual statements—that have no
protective effect vis-à-vis third parties, and more specific audits that are done in the
interest of specific third parties, for example a potential creditor, and where the audit
result is to be used by that third party as a basis for its decisions. Such specific audits
contracts (between the company and the auditor) do unfold their protective effect
for the relevant third parties.39 This applies in principle also to the audit of a pro-
spectus in the emission process of bonds or other securities.40
35
Ibid.
36
Bundesgerichtshof, 20.4.2004, (2004) Neue Juristische Wochenschrift 3035, 3036 (translation by
author).
37
Ibid., 3037.
38
Ibid., 3038.
39
Bundesgerichtshof, 14.6.2012, (2012) Neue Juristische Wochenschrift 3165, 3167 with further
references to the case law development.
40
Bundesgerichtshof, 31.10.2007, (2008) Neue Juristische Wochenschrift - Rechtsprechungsreport
286.
242 A. Halfmeier
This case law shows that German law provides for a significant area of experts’
liability for financial loss by investors, albeit through the doctrine of the contract
with protective effect which may look rather unusual in a comparative perspective.
For rating agencies, the structure seems very similar to the cases described above:
Just like real estate experts or auditors, the rating agency has a certain reputation
and function relating to the risk assessment done by investors. In the system of
“issuer pays” or “solicited rating”, the rating agency knows from the beginning that
the rating result will be presented to potential investors as part of the acquisition
strategy used by the issuer. Furthermore, the total volume of the prospective emis-
sion is typically known to the rating agency—in practice, it is sometimes even used
to measure the rating agency’s fee as a certain fraction of the emission volume.
Therefore, the rating agency may not know the exact number or even identity of the
investors that rely on the rating, but it knows the total risk volume so that the risk
exposure for the agency is not limitless but can be calculated. The described case
law therefore fits the “solicited rating” situation, so that at least in such situations, a
rating agency is liable under German law towards investors if they rely on the rating
result and if the result has been achieved in breach of professional duties.
This result is shared by important authors in German legal literature.41 However,
there are also other voices that completely deny liability by rating agencies, espe-
cially in the older literature that does not always distinguish between “solicited” and
“unsolicited” ratings.42 Many of these more sceptical authors add that although they
do not see such liability under the current law, they are in favour of implementing it
de lege ferenda.43 In view of the described evolution of the case law, such deference
to the legislator seems rather unnecessary, as German tort law has already been
completely revised by the courts when they created the protective-effect-contract
doctrine.44 In fact, the German legislator has had very little influence on the relevant
law: With the reform of the German law of obligations in 2002, the legislator intro-
duced a new provision in the German Civil Code, § 311 para 3 BGB. This provision
creates the possibility that quasi-contractual obligations could arise even in relation
to “persons who do not themselves become party to the contract”. In 2002, an influ-
ential commentator saw this as a legislative endorsement of the protective-effects-
contract doctrine.45 One could have expected that since then, case law would have
been based on this new provision. This was not the case, however. The courts con-
tinued their old line of case law, often without even mentioning the new provision
in the Code.46 This development is another sign for the de-codification process that
German law has experienced in this area.
41
Grundmann and Renner (2013), pp. 379, 383.
42
Berger and Stemper (2010), pp. 2289, 2291.
43
Haar (2010), pp. 1281, 1285; Habersack (2005), pp. 185, 208; Wagner (2013), pp. 467, 478.
44
The development in this area is described as “purest judge-made law” by Vogenauer (2007) mar-
gin note 124 (translation by author).
45
In particular Canaris (2001), pp. 499, 520; for further references see Vogenauer (2007).
46
See, e.g., the Federal Court’s summary of the protective-effects doctrine without even mention-
ing its possible codification from 2002: Bundesgerichtshof, 14.6.2012, (2012) Neue Juristische
Wochenschrift 3165, 3166 f.
In 2017, a lower German court delivered what may be the first ruling in a rating
agency liability case: An investor had suffered losses in corporate bonds and argued
that he had relied on the “BBB” rating given by the (German) rating agency with
respect to the issuing company, and that this rating had been grossly negligent. The
court dismissed the claim and in particular rejected any claims based on the “con-
tract with protective effect for third parties”.47 The court argued that the parties to
the original contract did not want such protection and that the extent of the possible
liability towards investors would be without limits.48 Both arguments appear to be
rather weak in view of the previous development of the case law described above:
The fact that the original parties had no interest in such protection did not stop the
Federal Court from assuming third-party protection in the defective roof case.49 As
to the possible extent of liability, it appears in the Düsseldorf case that the rating was
solicited by the company in view of a specific bond emission,50 so that this volume
could indicate the amount of exposure just as in the real estate bond emission case.51
The Düsseldorf court does not even mention these higher court decisions, nor
does it make any effort to distinguish the case at hand from them. Accordingly, the
decision was criticised in the literature52 and will probably have only limited influ-
ence on future case law.
5.2 Codified Tort Law
In addition to the disputed “contract with protective effect” as developed by the

courts, codified tort law may also play a role in German law on rating agencies’
liability. According to the original system of the German Civil Code, tort liability
for pure economic loss is based on two principles: The first area, as it is regulated in
§ 823 para 2 BGB is the violation of a specific “protective statute”. This means that
the tortfeasor must have violated a specific statutory provision that is designed to
protect the victim’s economic interests. Such statutes are typically found in criminal
law or other areas of public law. One of the main examples in practice is the crimi-
nal fraud. Fraud in the sense of criminal law will therefore, through the mechanism
47
LG Düsseldorf, 17.3.2017, (2017) Verbraucher und Recht 383, 384. The decision was confirmed
on appeal by OLG Düsseldorf, 8.2.2018, (2018) Neue Juristische Wochenschrift 1615. In this deci-
sion, the appeal court in particular relies on the argument that the rating related not to a specific
emission, but to a company in general.
48
LG Düsseldorf (n 47 above).
49
See n 36.
50
LG Düsseldorf, 17.3.2017, (2017) Verbraucher und Recht 383: The background of the rating was
that the rated company intended to offer its bonds on a public stock exchange.
51
See n 39.
52
A Meier, case note on LG Düsseldorf, 17.3.2017, (2017) Verbraucher und Recht 385; G
Deipenbrock, case note on the same case, (2017) Entscheidungssammlung zum Wirtschafts- und
Bankrecht (WuB) 438 (arguing that the decision has no relevance for emission-related ratings).
244 A. Halfmeier
of § 823 para 2 BGB, also lead to civil law liability. Whether or not criminal fraud
can be proven in the area of rating agencies’ liability depends on the specific case,
but it is theoretically possible.
The second important liability provision for pure economic loss within the
German Civil Code is § 826 BGB, stipulating liability for the intentional infliction
of damage against good morals. This is a residual provision designed to allow the
courts to provide liability in cases that are not covered by specific rules but where
liability nevertheless seems adequate from a normative point of view. The courts
have developed various lines of case law under this provision, and in particular, they
have softened the “intent” requirement significantly. As intent is hard to prove for
the claimant, it is now sufficient to show reckless behaviour by the defendant in the
sense of a very strong and manifest form of negligence, and the courts will presume
conditional intent from such reckless behaviour.53 As this interpretation of “intent”
comes close to “gross negligence”, a German commentator has even said that for
practical purposes, there is not much difference between Article 35a Ratings
Regulation and § 826 BGB.54
The application of § 826 BGB therefore depends largely on what degree of reck-
lessness or even intentional misbehaviour on the rating agency’s side can be shown.
If one looks at the Australian cases and the e-mails cited earlier, it seems that at least
in that case, the rating agency’s employees knew very well that what they were
doing was against any mathematical principles and that in fact they were cheating
investors who relied on the ratings. In such a factual setting, the provision of § 826
BGB would probably give rise to liability claims as well.
As a practical matter, however, the demonstration of recklessness requires evi-
dence that is typically not in the hands of the plaintiff—unless a whistleblower is
present on the rating agency’s side. Therefore, the success of litigation depends
largely on the applicable procedural rules on the disclosure of evidence. Apparently,
such disclosure rules forced the rating agency in the Australian case to uncover its
own reckless behaviour. In a system without such extensive disclosure rules, as in
Germany, it will typically be much more difficult to prove the required degree of
recklessness under § 826 BGB.
In this context, it is important to note that Article 35a(2) Ratings Regulation
addresses the evidence problem by determining that courts shall “take into consid-
eration” the fact that the investor “may not have access to information which is
purely within the sphere of the credit rating agency” when they assess the require-
ment for the claimant to produce information that can prove the defendant’s infringe-
ments. EU law therefore forces the Member States—regardless of their local
procedural law systems—to find an adequate solution for the disclosure problem.55
53
Bundesgerichtshof, 19.2.2008, (2008) Neue Juristische Wochenschrift 1734, 1737;
Bundesgerichtshof, 22.6.1992, (1992) Neue Juristische Wochenschrift 3167, 3174 with further
references.
54
Wagner (2017), margin note 142.
55
For proposals regarding the development of disclosure and burden of proof rules in this context
see Seibold (2016), pp. 211–216.
There are significant parallels here to the development in antitrust law, where both
the ECJ’s case law56 and legislative activities at EU level57 have contributed to a rise
in litigation activity and to better chances for claimants to recover damages, includ-
ing adequate disclosure rules.58
5.3 Disclaimer Language
It is common for rating agencies to include a waiver or disclaimer provision in their

contracts and public communications, in the sense that their ratings are non-binding
predictions and that no liability claim whatsoever can be based on such ratings.
Whether and to what extent such a waiver or disclaimer is effective towards a third-
party investor depends on the applicable law. Concerning German law, it has already
been pointed out that the protective effect of a contract towards third parties does
not depend on the will of the original contracting parties.59 If a claim is based on tort
law, in particular on § 826 BGB or on § 823 para 2 BGB (in connection with the
criminal law fraud provision), it is also quite clear that the intentional tortfeasor
cannot avoid liability by using a disclaimer.
Even if under specific circumstances one did allow such a disclaimer to influence
liability claims, its validity would have to be scrutinised under the law of unfair
contract terms, as disclaimers will typically appear in standard form contracts or
similar pre-arranged documents. German statutory law and case law is very critical
towards liability waivers in this area: First of all, § 309 para 7 lit (b) BGB prohibits
liability exclusion clauses in standard form contracts as far as liability for gross
negligence and intent is concerned. This means that a complete waiver of liability is
not valid under German law, if this provision is applicable. This is the case in busi-
ness to consumer relations. In business to business relations, the specific prohibition
of § 309 para 7 lit (b) BGB is not applicable, but only the general prohibition of
unfair terms of § 307 BGB. With respect to this general provision, the German
Federal Court has decided—in a case involving investment advice—that if consult-
ing or advice is the central object of the contract, a standard form disclaimer trying
to avoid liability for false advice is unfair and thus invalid.60
In academic writing, this case law is also applied to rating contracts.61 Their cen-
tral object is the correct rating activity, so that it would be unfair and unacceptable
56
Starting with ECJ, 20.9.2001, Case C-453/99 Courage v Crehan, ECLI:EU:C:2001:465.
57
In particular Dir 2014/104/EU on certain rules governing actions for damages under national law
for infringements of the competition law provisions of the Member States and of the European
Union, [2014] OJ L 349/1.
58
This parallel is highlighted by Möllers and Niedorf (2014), pp. 333, 350.
59
See above n 36; see also Gottwald (2016) margin note 2.
60
Bundesgerichtshof, 13.1.2000, (2000) Neue Juristische Wochenschrift - Rechtsprechungsreport
998, 999.
61
Wildmoser et al. (2009), pp. 657, 667; Berger and Stemper (2010), p. 2293 f; Wagner (2013),
p. 486.
246 A. Halfmeier
for the contracting partner to sell one’s services but at the same time deny in one’s
form contracts any liability for breaches of contract by inadequate performance.
In conclusion, standard form disclaimers as they are used by rating agencies will
usually not have any legal significance under German law. In comparison, Article
35a(4) Ratings Regulation appears to be a bit more lenient towards the rating agen-
cies, as it seems to create the possibility that limitation of liability by the rating
agency may be valid if it is “reasonable and proportionate”, as letter (a) of that
provision puts it. This apparently refers to quantitative limitations, since a complete
exclusion of liability is generally ruled out at the end of that provision. Even with
regard to quantitative limitations of liability, however, letter (b) of this provision
requires that such a limitation must be allowed by the applicable national law.
Although the case law mentioned above deals with complete waivers of liability,
quantitative limitations come basically under the same rules, as § 309 para 7 (b)
BGB makes clear (“waiver or limitation”). This means that if German law is the
applicable law, limitation of liability terms will typically be invalid not only with
respect to claims under German law, but also with regard to the claims under Article
35a Ratings Regulation.
5.4 Contributory Negligence
Another typical issue in cases where rating agencies’ liability is claimed is the
claimant’s contributory negligence. Especially in the cases relating to the pre-2008
ratings of structured financial instruments, it is rather obvious that the buyers of
these instruments could not reasonably have thought that the “AAA” rating was cor-
rect. No reasonable person can truly believe that an extremely complicated and
intransparent bundling of credit claims would arrive at the same credit rating as US
or German treasury bonds. The main reason for investing in these speculative instru-
ments was probably that “everybody did it”. The question is how this follow-the-
herd instinct is treated under the law of contributory negligence.
Article 35a Ratings Regulation is silent on this issue, so that the applicable
national rules become relevant, both in regard to claims under national law and to
Article 35a claims. Looking at German law, there is an explicit provision on con-
tributory negligence in § 254 BGB which plays an important role in practice. In
cases of alleged false consulting or false advice, however, the case law hardly ever
uses it. The predominant argument is that if one holds himself out to give advice or
consulting for money, it seems rather odd and unfair if that same person then later
defends himself with the argument that the other party should not have believed this
advice.62 The same holds true for rating agencies: It seems hardly acceptable to
allow a rating agency to argue on the one hand that it never did anything wrong in
its rating activities, and on the other hand that the flaws in the ratings were so obvi-
Bundesgerichtshof, 19.2.2015, 2015 Neue Juristische Wochenschrift - Rechtsprechungsreport

62
1180, 1181 with further references to the older case law.

ous that everybody should have seen them. In view of this problem, a rating agency
will probably not be able to rely on the claimant’s alleged contributory negligence.
6 Outlook
This overview of European and German law shows that there is a significant devel-
opment towards more or at least some liability of rating agencies for false ratings,
in particular in cases of “issuer pays” ratings. The main issue for the future develop-
ment in this area will be not the “if” of such liability in principle, but instead the
“how far” and “under what circumstances”. As rating agencies fulfil an important
economic function in their position as information intermediaries, an adequate lia-
bility regime should be tailored to provide sufficient incentives to perform this func-
tion diligently, but at the same time the liability regime must accept that errors are
always possible and that an information intermediary’s business could become
impossible if every error leads to large-scale liability.
We therefore arrive at the question that has been raised similarly in other areas of
tort law related to business activity: What is the best liability regime in order to
secure the economically efficient activity of the rating agency? Many proposals can
be found in legal literature on how to structure such liability: In particular, a “liabil-
ity ceiling” has been proposed in order to not put the existence of rating agencies at
risk in cases of large-scale damage.63 This proposal has been criticised, as a purely
quantitative ceiling cannot distinguish between clear and egregious errors and minor
errors.64
However, this raises the question as to how to define an adequate standard of care
for rating agencies’ activities. In this regard, the EU Regulation’s decision to use
“gross negligence” is not necessarily the best solution. One of the major problems
in the discussion regarding rating agencies’ liability for negligent behaviour is the
ex post situation. The mere fact that a rating turns out to be false does not make the
rating activity negligent, because ratings are predictions looking into the future, and
it is normal for predictions that they do not necessarily come true. The legal treat-
ment of wrong predictions must be careful to avoid the usual hindsight bias in the
sense that because the prediction did not come true, it must have been the result of
an ex ante breach of the duty of care. A clear assessment of an ex ante breach of
adequate care is not easy—with the exception of situations as in the Australian case
where the rating agency itself apparently did not believe in the ex ante accuracy of
its own ratings. But in situations where the behaviour of the rating agency is less
clear, it is very hard for a court to set an adequate level of care and thereby define
what is good rating practice and what is not.65
63
Wagner (2013), pp. 491–493.
64
Lehmann (2011), pp. 67–68.
65
Coffee (2011), pp. 231, 347.
248 A. Halfmeier
In economic literature, a radical theoretical solution to this problem is offered in

the form of strict liability for rating agencies.66 The obvious argument against such
a no-fault regime would be that it could lead to over-deterrence, that is, deterring too
strongly economically useful rating activity. On the other hand, empirical studies
claim already that even the existing negligence standard has led to “defensive prac-
tices” on part of rating agencies that reduce the value of their activities.67 The authors
that argue in favour of strict liability propose certain modifications designed to
avoid over-deterrence. Again, they argue in favour of a quantitative cap on such
liability,68 which is often found in strict liability regimes. They also propose that the
rating agency itself should be able to influence the extent of its liability by commu-
nicating a certain parameter that would then signify the perceived quality of the
rating.69
The authors of this rather theoretical proposal acknowledge that their concept
moves away from compensating actual harm for investors and instead focuses on
optimal deterrence.70 However, this aspect is typical for legal situations involving
pure economic loss: In capital market cases, the money lost by one investor is
always gained by another, so that there is no actual reduction of total wealth, unlike
the situation when a car crashes or a house breaks down. The real harm to society is
therefore not the loss suffered by individual investors but the possible allocative
effects of the misleading of the market.71 It would be in the interest of society to put
capital where it is most useful, which is only possible if the information situation on
the capital market is good. Therefore, any future solution to the problem—whether
it is in the unlikely event of further legislation or, more likely, in case law
development—should focus on improving the incentive effects for the market inter-
mediaries. This requires more cooperation between lawyers and economists as well
as courts and legislative bodies that are receptive for economic arguments.
References
Berger, K. P., & Stemper, M. M. (2010). Haftung von Ratingagenturen gegenüber Anlegern.
Wertpapiermitteilungen, 2289.
Bigus, J. (2016). Optimism and auditor liability. Accounting and Business Research, 46, 577.
Bussani, M., & Palmer, V. (2003). Pure economic loss in Europe. Cambridge, England: Cambridge
University Press.
Canaris, C.-W. (2001). Die Reform des Rechts der Leistungsstörungen. Juristenzeitung, 499.
66
Pacces and Romano (2015), p. 679 ff.; but see also Bigus (2016), p. 577 (comparing strict liabil-
ity and negligence regimes in the field of auditors’ liability).
67
Dimitrov et al. (2015), pp. 505, 518.
68
Pacces and Romano (2015), p. 693.
69
Ibid., 697.
70
Ibid., 700.
71
Schäfer (2002), pp. 453, 458 f.
Coffee, J. (2011). Ratings reforms: The good, the bad and the ugly. Harvard Business Law Review,
1, 231, 347.
Darcy, D. (2009). Credit rating agencies and the credit crisis: How the “issuer pays” conflict con-
tributed and what regulators might do about it. Columbia Business Law Review, 605.
Dimitrov, V., Palia, D., & Tang, L. (2015). Impact of the Dodd-Frank act on credit ratings. Journal
of Financial Economics, 115, 505.
Dreher, M., & Ballmaier, C. (2015). Die Nutzung externer Ratings durch Versicherungsunternehmen.
Wertpapiermitteilungen, 1357, 1359.
Dutta, A. (2009). Das Statut der Haftung aus Vertrag mit Schutzwirkung für Dritte. Praxis des
Internationalen Privat- und Verfahrensrechts (IPRax), 293, 294.
Freitag, R. (2015). Internationale Prospekthaftung revisited – Zur Auslegung des europäischen
Kollisionsrechts vor dem Hintergrund der “Kolassa”-Entscheidung des EuGH.
Wertpapiermitteilungen, 1165.
Gottwald, P. (2016). § 334. In Münchener Kommentar BGB (7th ed.). Munich, Germany:
C.H. Beck.
Grundmann, S., & Renner, M. (2013). Vertrag und Dritter – zwischen Privatrecht und Regulierung.
Juristenzeitung, 379.
Haar, B. (2010). Haftung für fehlerhafte Ratings von Lehman-Zertifikaten – Ein neuer Baustein für
ein verbessertes Regulierungsdesign im Ratingsektor. Neue Zeitschrift für Gesellschaftsrecht,
1281.
Habersack, M. (2005). Rechtsfragen des Emittenten-Ratings. Zeitschrift für das gesamte Handels-
und Wirtschaftsrecht (ZHR), 169, 185.
Halfmeier, A. (2015). Rome II Art. 32. In G.-P. Calliess (Ed.), Rome regulations (2nd ed.). Alphen
aan den Rijn, The Netherlands: Wolters Kluwer.
Harding-Farrenberg, R., & Donovan, K. (2015). Case note: Duty of care, rating agencies and
the ‘Grotesquely Complicated’ Rembrandt: Bathurst Regional Council v Local Government
Financial Services Pty Ltd (No 5). Business Law International, 16, 91.
Junker, A. (2018). Rom II-VO Art 5. In Münchener Kommentar BGB (7th ed.). Munich, Germany:
C.H. Beck.
Knöfel, O. (2016). Art. 32 Rome II Regulation. In Nomos Kommentar BGB (3rd ed.). Baden-
Baden, Germany: Nomos.
Kumpan, C. (2009). Conflicts of interest in securitisation: Adjusting incentives. Journal of
Corporate Law Studies, 9, 261.
Lehmann, M. (2011). Civil liability of rating agencies – An insipid sprout from Brussels. Capital
Markets Law Journal, 11, 60.
Lehmann, M. (2016). Prospectus liability and private international law – Assessing the landscape
after the CJEU’s Kolassa ruling (Case C-375/13). Journal of Private International Law, 12,
318.
Magnus, U. (2002). Art 32 EGBGB. In Staudingers Kommentar zum Bürgerlichen Gesetzbuch.
Berlin, Germany: De Gruyter.
Möllers, T., & Niedorf, C. (2014). Regulation and liability of credit agencies – A more efficient
European law? European Company and Financial Law Review, 333.
Pacces, A., & Romano, A. (2015). A strict liability regime for rating agencies. American Business
Law Journal, 52, 673.
Sahore, S. (2015). Case note: ABN Amro Bank NV v Bathurst Regional Council: Credit rating
agencies and liability to investors. Sydney Law Review, 37, 437.
Schäfer, H.-B. (2002). Liability of experts and the boundaries between tort and contract. Theoretical
Inquiries in Law, 3, 453.
Seibold, S. (2016). Die Haftung von Ratingagenturen nach deutschem, französischem, englischem
und europäischem Recht. Tübingen, Germany: Mohr Siebeck.
Taibbi, M. (2013). The last mystery of the financial crisis. Rolling Stone of 4 July 2013. http://
www.rollingstone.com/politics/news/the-last-mystery-of-the-financial-crisis-20130619
250 A. Halfmeier
van Hein, J. (2011). Rom I-VO Art 1. In T. Rauscher (Ed.), Europäisches Zivilprozess- und
Kollisionsrecht: Rom I-VO, Rom II-VO. Köln, Germany: Otto Schmidt.
Vogenauer, S. (2007). §§ 328–335. In Historisch-Kritischer Kommentar zum BGB (Vol. II/2).
Tübingen, Germany: Mohr Siebeck.
Wagner, G. (2013). Die Haftung von Ratingagenturen gegenüber dem Anlegerpublikum. In P. Jung
et al. (Eds.), Einheit und Vielheit im Unternehmensrecht, Festschrift für Uwe Blaurock (p. 467).
Tübingen, Germany: Mohr Siebeck.
Wagner, G. (2017). § 826. In Münchener Kommentar BGB (7th ed.). Munich, Germany: C.H. Beck.
Wildmoser, G. et al. (2009). Haftung von Ratingagenturen gegenüber Anlegern. Recht der inter-
nationalen Wirtschaft, 657.

(Studies in European Economic Law and Regulation 16) Peter Rott - Certification - Trust, Accountability, Liability-Springer International Publishing (2019) PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

(Studies in European Economic Law and Regulation 16) Peter Rott - Certification - Trust, Accountability, Liability-Springer International Publishing (2019) PDF

Загружено:

Авторское право:

Доступные форматы

Studies in European Economic Law and Regulation 16

More information about this series at http://www.springer.com/series/11710

ISSN 2214-2037 ISSN 2214-2045 (electronic)

Library of Congress Control Number: 2019932706

© Springer Nature Switzerland AG 2019

Part II Success and Shortcomings of Certification Systems

Part III Liability for Negligent Certification

1 The Theme of the Book

Certification means the confirmation of compliance with a pre-defined standard

© Springer Nature Switzerland AG 2019 1

products, services, or management are certified, as in the case of credit rating or of

2 The Structure of the Book

as a potential solution. Carola Glinski describes the certification of biofuels under

3 The Individual Chapters

3.1 Part 1: Foundations

In his chapter on ‘Certification as solution to the asymmetric information prob-

grant of such a permission, or where certification is part of public enforcement or a

3.2 Part 2: Success and Shortcomings of Certification Systems

3.3 Part 3: Liability for Negligent Certification

If a ship that has been so certified is involved in an incident causing damage to a

‘Certification Bodies – Trust, Accountability, Liability’ was the title of a bilateral

Certification of products, services and even certification agencies aims at various

Viscusi (1978), p. 277.

G. von Wangenheim (*)

© Springer Nature Switzerland AG 2019 11

between producers and certifiers. Section 5 studies certification of reaching

Nelson (1970), p. 311.

Emons (1997), p. 107.

3 The Basic Viscusi Model

Obviously, Viscusi’s model was a first step towards understanding certification,

4 Opportunistic Certifying Agencies

The simple-most way to allow for opportunistic certifying agencies is to assume

5 Certification of Minimum Quality

Leaving aside the aforementioned problems of incomplete information of the certi-

The consequences of minimum quality certification on producers’ incentives to

effects of active distortion of information by producers and certifiers, for example

How does certification relate to legally prescribed patterns of behaviour of states,

V. I. Daskalova (*) · M. A. Heldeweg

© Springer Nature Switzerland AG 2019 23

significant impact of certification as regulation on the institutional fabric of legal gov-

2 Certification as Responsible Regulation in Context

This section offers an analytical approach to certification, in order to clarify and

2.1 Certification as a Statement

2.1.1 Certification as a Declarative-Assertive Act

Table 1 Different legal meanings and consequences of certification

2.1.2 Certification Upon Assessment

The underlying assessment leading to certification may take various performative

2.1.3 Significance of Certification

The significance of certification as a declarative-assertive act—both as regards its

2.1.4 Certification as a Factual or Legal Act

As follows from the examples, the significance of certification as declarative-­

2.2 Certification as Regulation

or outcomes, which may involve, as control, mechanisms of standard-setting,

2.2.1 Certification Linking Behaviour to Outcomes

2.2.2 Regulatory Strategies Behind Certification

2.2.3 Regulatory Relations Behind (Strategies Behind) Certification

Regardless of the legal nature, different patterns of regulatory relationships may

2.2.4 Certification Bodies and Regulatory Relations

Table 2 Certification as regulation: types of certification and regulatory relations

2.2.5 Certification in Three Kinds

2.2.6 Certification as a Process

We have to make explicit note that in the categorisation of types of certification a

2.2.7 Certification: An Instrument and Object of Regulation

Part II Success and Shortcomings of Certification Systems

Part III Liability for Negligent Certification

1 The Theme of the Book

2 The Structure of the Book

3 The Individual Chapters

3.1 Part 1: Foundations

3.2 Part 2: Success and Shortcomings of Certification Systems

3.3 Part 3: Liability for Negligent Certification

3 The Basic Viscusi Model

4 Opportunistic Certifying Agencies

5 Certification of Minimum Quality

2 Certification as Responsible Regulation in Context

2.1 Certification as a Statement

2.1.1 Certification as a Declarative-Assertive Act

2.1.2 Certification Upon Assessment

2.1.3 Significance of Certification

2.1.4 Certification as a Factual or Legal Act

As follows from the examples, the significance of certification as declarative-

2.2 Certification as Regulation

2.2.1 Certification Linking Behaviour to Outcomes

2.2.2 Regulatory Strategies Behind Certification

2.2.3 Regulatory Relations Behind (Strategies Behind) Certification

2.2.4 Certification Bodies and Regulatory Relations

2.2.5 Certification in Three Kinds

2.2.6 Certification as a Process

2.2.7 Certification: An Instrument and Object of Regulation

2.2.8 Certification as a Legal Institution

2.3 Responsible Certification in Governance Context

2.3.1 Modes of Governance

2.3.2 Modes of Legal Governance

2.3.3 Normative Alignment

2.4 Responsible Certification

2.4.1 Four Maxims

2.4.2 Institutional and Collective Choice Rules

2.4.3 On the Origin of Rules

2.4.4 Again: In Modes of Regulation

2.5.1 Public Law Certification and Public Hierarchy Institutional Rules

2.5.2 Public Law Use and Consequences of Private Certification Schemes

2.5.3 Public Hierarchy Certification Regulation

Co-regulation of private certification becomes a relevant option when meta-

4.2 Fixing ‘Prices’

4.2.1 Collusion in Parallel with Certification

4.2.2 Collusion Inherent in Certification

4.3 ‘Fixing Rivals’

4.3.1 Who Sits on the Board?

4.3.2 Fixing Rivals and Fixing Prices: A Recipe for Watertight Control

4.4 ‘Fixing Rules’

4.5 Suspect Cooperation

3.1 From New Approach to New Legislative Framework

5.1 Legitimacy and Effectiveness: General Aspects