EMSA THETIS helpdesk
EMSA THETIS helpdesk
Email
THETIS@emsa.europa.eu
5.04 THETIS EU Maritime Security
Agency responsible
Data group
05. Ship Inspection Support and Port State Control
Coast Guard Functions with access
Maritime Safety Including Vessel Traffic Management
Maritime Ship and Port Security
Status of implementation
Available
Dissemination channels
Agency web interface
Point(s) of contact
Last reviewed on
Last saved on
Description
Information on performed ship-inspections with the aim to enforce compliance with Regulation 725/2004 on enhancing ship and port facility security.
Data elements
The Regulation makes the ISPS Code mandatory for EU and EEA Member States. Moreover, the Regulation makes Part B mandatory above the voluntary status of the part in the ISPS. The Regulation also applies to some types of nationally flagged ships, unlike the ISPS code with only applies to foreign ships calling at a MS port.
Legal basis
The legal basis for the ship-inspections lies in Article 8. The information system has been built following a recent request from the MARSEC Committee mentioned in Article 11 of the Regulation but is not specifically mentioned in the Regulation itself.
Scope and source of data
Ships entering any EU port have to provide a pre-arrival notification, the “security message”. This message is captured by SSN and made available to authorised users. THETIS and THETIS EU are considered information systems for authorised users.
In case of a foreign ship, PSC (THETIS user) may decide to inspect the ship. The ISPS code is part of the relevant instruments for control by PSC. Upon findings, the PSC authority may inform the Security Authority in the Member State whom then will decided to send Duly Authorised Officers to perform a detailed Security inspection.
In the case of a national flagged ship covered only by the Regulation, the primary inspection may be done only by DAO’s.
The Competent authority for Security may also perform direct inspections and record those in THETIS EU without waiting for a PSC inspection to report any findings.
All inspections related to the ship only; Security elements of terminals and facilities cannot be recorded in the applications, but these inspections still have to be performed.
The whole of the pre-arrival, and inspection processes are captured in the information systems.
Technical implementation
There is one MARSEC information system for the entire region: THETIS & THETIS-EU. This is a web-based application funded by the Commission, managed, operated and hosted by EMSA for and on behalf of all States of the Paris MoU. All data is stored centrally.
All data detailed in the notifications is collected through SSN for every arrival and departure and subsequently transmitted to THETIS (EU) where the information is stored, processed and made presentable for the authorised user.
To be noted is that Port State Control also covers part of the provisions of the MARSEC Regulation but not everything. It may therefore be seen as complementary.
The system:
- is used by means of a graphical interface available to authorised users;
- has a deeply embedded webservice to exchange data between THETIS and THETIS-EU MARSEC to reduce the administrative burden in case an inspector would do both a MARSEC inspection and a PSC inspection on the same ship at the same time or as follow up;
- Has an inbound webservice from SSN for notification details;
- has no public search engine or aggregated data presentation;
- The PSC public website will show Security deficiencies, but given the sensitive nature of the information, in aggregated format only.
Inspection information is related to PSC inspections is available as far back as 2011. In THETIS EU data is available since 2019.
Conditions of access
Access to data and the system is divided in two distinct methods:
- Access to data: Data from PSC inspections is only available in aggregated form. Data from MARSEC inspections (THETIS EU) is not available to the public;
- Access to the system: Each participating State has a National Coordinator who decides on the relevance of the request for an account, and is responsible afterwards for user management;
The Regulation is placed in the remit of the Security Committee referred to in Article 11 of the Regulation, which is therefore the appropriate forum where data access may be discussed.