The Malta Digital Innovation Authority (MDIA) Regulatory Complaint Form applies to the complaints received from any natural or legal person, in accordance with Article 63 of Regulation (EU) 2019/881 (Cybersecurity Act), Article 27 of Regulation (EU) 2022/868 (Data Governance Act), Article 38 of Regulation (EU) 2023/2854 (Data Act), Article 85 of Regulation (EU) 2024/1689 (Artificial Intelligence Act)*, Article 52 of Regulation (EU) 2024/2847 (Cyber Resilience Act)*, pertinent Subsidiary Legislations, and any other regulations which may fall under the MDIA.
*It should be noted that the corresponding provisions under the Artificial Intelligence Act and Cyber Resilience Act are still to come into application.
Through this service you will be able to submit a complaint in accordance to Article 63 of Regulation (EU) 2019/881 (Cybersecurity Act), Article 27 of Regulation (EU) 2022/868 (Data Governance Act), Article 38 of Regulation (EU) 2023/2854 (Data Act), Article 85 of Regulation (EU) 2024/1689 (Artificial Intelligence Act)*, Article 52 of Regulation (EU) 2024/2847 (Cyber Resilience Act)*, pertinent Subsidiary Legislations, and any other regulations which may fall under the MDIA.
*It should be noted that the corresponding provisions under the Artificial Intelligence Act and Cyber Resilience Act are still to come into application.
- Under Regulation (EU) 2024/1689 Artificial Intelligence Act*, any natural or legal person who has grounds to believe that the provisions of the AI Act have been infringed.
- Under Regulation (EU) 2024/2847 Cyber Resilience Act*, any natural or legal person may lodge a complaint regarding non‑compliance with provisions established under this Regulation.
- Under Regulation (EU) 2019/881 Cybersecurity Act, any natural or legal person may lodge a complaint with the National Cybersecurity Certification Authority in relation to European cybersecurity certificates issued by conformity assessment bodies upon prior approval by the same National Cybersecurity Certification Authority in accordance with Article 56(6)(a), as well as complaints relating to EU Statements of Conformity issued under Article 53.
Under Regulation (EU) 2022/868 Data Governance Act, any natural or legal person may lodge a complaint if they consider that their rights under the Data Governance Act have been infringed.
A complaint may concern infringements relating to:
- Data Intermediation Services Providers; (ii) Registered Data Altruism Organisations.
Under Regulation (EU) 2023/2854 Data Act, any natural or legal person, individually or, where relevant, collectively, may lodge a complaint in the Member State of their habitual residence, place of work, or establishment, if they believe their rights under the Data Act have been infringed.
A complaint may concern infringements relating to:
- Users' rights to access the product data and related service data, generated by the use of connected products and related services against a data holder;
- The level of compensation requested by the data holder, or disagreement by the data holder on the transmission or making available of data in relation to making data available to public sector bodies, the commission, the European Central Bank and Union Bodies on the basis of an exceptional need (Chapter V);
Third-party's right to access product data and related service data, generated by the use of connected products and related services, upon request by a user, or by a party acting on behalf of a user.
*It should be noted that the corresponding provisions under the Artificial Intelligence Act and Cyber Resilience Act are still to come into application.
Fill out the Regulatory Complaints Form
Documents Required:
Any documentation that can be used as evidence in relation to the complaint being made can be submitted.
