Decree No. 281 / 2021 Coll.

Decree implementing the Civil ID Act and certain provisions of the Travel Documents Act and the Basic Register Act

Valid Order Effective from 02.08.2021
Contents
ČÁST PRVNÍ § 1 § 2 § 3 § 4 § 5 § 6 § 7 § 8 § 9 § 10 § 11 § 12 § 13 § 14 § 15 § 16 § 17 § 18 § 19 § 20 § 21 § 22 § 24 § 25 § 26 § 27 § 28 ČÁST DRUHÁ § 29 § 30 § 31 § 32 ČÁST TŘETÍ § 33 ČÁST ČTVRTÁ § 34 ČÁST PÁTÁ § 35
281
DECLARATION
of 20 July 2021
to implement the Civil ID Act and certain provisions of the Travel Documents Act and the Basic Register Act
The Ministry of Interior provides pursuant to Article 71 of Act No. 269 / 2021 Coll., on Civil Documents, Section 5 (5) (a) of Act No. 329 / 1999 Coll., on Travel Documents, as amended by Act No. 106 / 2007 Coll., Act No. 197 / 2010 Coll. and Act No. 318 / 2015 Coll., Section 20 (9) of Act No. 329 / 1999 Coll., on Travel Documents, as amended by Act No. 559 / 2004 Coll. and Act No. 318 / 2015 Coll., and Section 69 (3) (d) of Act No. 111 / 2009 Coll., on Basic Registers, as amended by Act No. 261 / 2021 Coll.:

ČÁST PRVNÍ

IMPLEMENTATION OF THE CIVIL TRANSPORT LAW
§ 1
Model ID card
(1) The model of the identity card is set out in Annex 1 to this Order.
(2) The model of the temporary identity card is set out in Annex 2 to this Order.
(3) The name of the item on the back of the ID card shall be given only if the contents of the item are completed.
(4) An official record containing an unabated name or a composite surname shall be entered on the back of the identity card.
§ 2
Data also in machine-readable form in the data medium
The data referred to in Article 6 (1) of the Civil ID Act, which shall also appear in machine-readable form in the data medium, shall be:
(a) details of the holder of the identity card:
1. name, if any, and surname,
2. sex,
3. citizenship,
4. date of birth,
5. place and district of birth, born on the territory of the Czech Republic, according to the status on the date on which the application for the issue of the identity card was submitted,
6. the code of the country of birth according to the statistical code sheet created by the Czech Statistical Office, if born outside the territory of the Czech Republic, according to the condition on the date of the application for the issue of the ID card,
7. the address of the place of permanent residence, if declared for permanent residence in the Czech Republic, including the designation of this information as the address of the office, if so indicated in the population registration information system; and
8th birth number,
(b) an official record containing an unabated name or a composite surname of the holder of the identity card, provided that the particulars of the holder of the identity card are in abbreviated form,
(c) particulars of the identity card which are:
Number 1,
2. date of issue,
3. Date of expiry; and
4. the designation of the administrative department which issued it; and
(d) family status or registration of a registered partnership, if any of these data is on the identity card.
§ 3
Method of putting certain entries on the ID card
The data referred to in Article 6 (2) of the Civil ID Act shall be provided exclusively in machine-readable form in the data medium.
§ 4
State data for electronic use of the ID card
(1) An identification certificate shall be stored on the identity card.
(2) If their function is activated, the ID card shall be stored
(a) security personal code,
(b) identification personal code; and
(c) a deblocking personal code.
§ 5
Other data for electronic use of identity cards
(1) In the identity card, the holder of the identity card may deposit or, at the request of the holder of the identity card, their provider may deposit
(a) a qualified electronic signature certificate, together with the corresponding electronic signature creation data and electronic signature validation data, a qualified electronic signature code, a personal access code and a personal unlocking code; and
(b) an authentication certificate together with its corresponding cryptographic keys, with a personal access code and a personal unlocking code.
(2) If a qualified certificate for electronic signature and authentication certificate is stored in the ID card, the personal access code and the personal code for unlocking are common to both certificates.
§ 6
Data carriers providing ID
The ID shall be provided
(a) a machine-readable zone;
(b) 2D code,
(c) by a contact electronic chip; and
(d) a carrier of biometric data.
§ 7
Data and data in the machine-readable zone
(1) In the machine-readable zone, the particulars on the identity card or the data on the identity card shall be indicated or stored in that order.
(a) the document code referred to in Council Regulation (EU) 2025 / 1208 of 12 June 2025 on the strengthening of the security of identity cards of Union citizens and residence permits issued to Union citizens and their family members exercising their right of free movement (the Security Enhancement Regulation),
(b) the code of the Czech Republic under the Security Enhancement Regulation;
(c) the identity card number;
(d) the number of the identity card number,
(e) the date of birth of the holder of the identity card;
(f) the check number of the date of birth of the holder of the identity card;
(g) the sex of the holder of the identity card;
(h) the expiry date of the identity card;
(i) the check number of the expiry date of the identity card;
(j) citizenship of the holder of a card;
(k) the total control figure; and
(l) the surname, first name or, where appropriate, the name of the holder of the identity card.
(2) The total control digit means the numerical expression of the control digits indicated in the machine-readable zone.
§ 8
Data and data in 2D code
In the 2D code, the identification number of the identity card shall be provided from the information on the identity card or the data on the identity card.
§ 9
Data and data in the contact electronic chip
(1) In the contact electronic chip, the information on the identity card or the data on the identity card shall be entered or stored
(a) an identification certificate;
(b) the identity card number;
(c) identification personal code,
(d) deblocking personal code;
(e) a qualified certificate for electronic signature, together with the corresponding electronic signature creation data and data for verifying the validity of electronic signatures, with a qualified electronic signature signature code, a personal access code and a personal unlocking code; and
(f) an authentication certificate together with its corresponding cryptographic keys, with a personal access code and a personal unblock code.
(2) If, due to lack of space in the contact electronic chip, it is not possible to store all the data required by the holder of the identity card, only the data specified by the holder of the identity card shall be stored.
§ 10
Data and data in the biometric data medium
In the biometric data medium, the particulars on the identity card or the data on the identity card shall be entered or stored:
(a) display of the face of the holder of the identity card;
(b) fingerprints of the holder's hands, if they can be obtained,
(c) details of the holder of the identity card:
1. name, if any, and surname,
2. sex,
3. citizenship; and
4. date of birth,
(d) particulars of the identity card which are:
Number 1,
2. the document code under the Security Enhancement Regulation;
3. the code of the Czech Republic according to the regulation on strengthening security; and
4. the expiry date; and
(e) the check number of the date of birth of the holder of the card, the check number of the card number, the check number of the expiry date of the card and the total check number; the total control digit means the numerical expression of the control digits specified in the biometric data medium.
§ 11
Identification certificate
(1) The identification certificate is used to authenticate the holder of the identity card in remote access to the information system or electronic application using the procedure under the electronic identification law.
(2) The option to use the identification certificate function is to activate the function by the holder of the identity card and authenticate the holder of the identity card using the identification personal code.
(3) The identification certificate shall indicate:
(a) details of the holder of the identity card:
1. name, if any, and surname,
2. sex,
3. citizenship,
4. date of birth,
5. place and district of birth, born on the territory of the Czech Republic, according to the status on the date on which the application for the issue of the identity card was submitted,
6. the code of the country of birth according to the statistical code sheet created by the Czech Statistical Office, if born outside the territory of the Czech Republic, according to the condition on the date of the application for the issue of the ID card,
7. the address of the place of permanent residence, if declared for permanent residence in the Czech Republic, including the designation of this information as the address of the office, if so indicated in the population registration information system; and
8th birth number,
(b) an official record containing an unabated name or a composite surname of the holder of the identity card, provided that the particulars of the holder of the identity card are in abbreviated form,
(c) particulars of the identity card which are:
Number 1,
2. date of issue,
3. Date of expiry; and
4. the designation of the administrative department which issued it; and
(d) family status or registration of a registered partnership, if any of these data is on the identity card.
(4) The identity certificate function may be activated by the holder of the identity card
(a) upon receipt of the identity card with the assistance of the official of the administrative authority responsible for the transmission of the identity card; or
(b) upon receipt of the identity card with the assistance of the official of any office or representative office authorised to prove its identity.
§ 12
Security personal code
(1) The security personal code is used for:
(a) the additional authentication of the holder of the identity card in the physical demonstration of his identity; and
(b) the authenticity of the holder of the identity card when reporting the loss, theft or risk of misuse of the identity card by means of an electronic application for reporting the loss, theft or misuse of the identity card.
(2) The option to use the security personal code function is to activate the card holder.
(3) The security personal code consists of at least 4 and not more than 10 digits.
(4) The security personal code function may be activated by the holder of the identity card by entering the combination of the security personal code digits selected by him.
(a) upon receipt of the identity card with the assistance of the official of the administrative authority responsible for the transmission of the identity card,
(b) on receipt of a identity card with the assistance of an official at any office or representative office authorised to prove its identity; or
(c) by means of an electronic data management application for the electronic use of the identity card by the holder of the identity card, using a qualified electronic identification system.
(5) The security personal code may be changed by the holder of the identity card during its period of validity.
(a) assisted by an official at any office or representative office responsible for proving its identity; or
(b) by means of an electronic data management application for the electronic use of the identity card by the holder of the identity card, using a qualified electronic identification system.
(6) After the third false entry of the security personal code, the security personal code function shall be blocked.
(7) Unlocking of the security personal code function shall be carried out at the request of the holder of the identity card and after proof of his identity by any designated office or representative office.
(8) Unlocking of the security personal code function may be carried out by the holder of the identity card by means of an electronic data management application for the electronic use of the identity card by the holder of the identity card after demonstrating his identity using a qualified electronic identification system.
§ 13
Identifying personal code and deblocking personal code
(1) The identity code is used to authenticate the holder of the identity card using the identification certificate.
(2) The deblocking personal code serves to unblock the possibility of using the identification personal code.
(3) Activation of the identification and deblocking personal code function is a condition for activation of the identification certificate function.
(4) The identification personal code and the deblocking personal code consist of at least 4 and not more than 10 digits.
(5) The function of the identification personal code and the deblocking personal code may be activated by the holder of the identity card by entering the selected combination of the digits of the identification personal code and the deblocking personal code.
(a) upon receipt of the identity card with the assistance of the official of the administrative authority responsible for the transmission of the identity card; or
(b) upon receipt of the identity card with the assistance of the official of any office or representative office authorised to prove its identity.
(6) The identity code and the deblocking personal code may be changed by the holder of the identity card during their period of validity.
(a) assisted by an official at any office or representative office responsible for proving its identity; or
(b) by means of an electronic data management application for the electronic use of the identity card by the holder of the identity card.
(7) The identification code function shall be blocked after the third malfunctioning entry of the identification personal code.
(8) Unblock the function of the identification personal code may be performed by the holder of the identity card by entering the deblocking personal code.
(9) After the tenth consecutive incorrect entry of the deblocking personal code, unblock the identification personal code function can only be done by entering a new identification personal code and a deblocking personal code. The creation of a new identification personal code and a de-blocking personal code shall, upon request of the holder of the identity card and upon proof of its identity, be permitted by any designated office or representative office.
§ 14
Qualified certificate for electronic signature and corresponding electronic signature creation and validation data for electronic signatures
(1) A qualified certificate for electronic signature must be created and used using the SHA-2 hashing function in accordance with the standard FIPS PUB 180-4: Secure Hash Standard from August 2015 and using the RSA algorithm in accordance with the PKCS # 1 v2.1: RSA Cryptograph Standard of 14 June 2002 or using the ECC algorithm in accordance with the FIPS Publication 186-4 (July 2013): Digital Signature Standard (DSS) and IETF RFC 5753: Use of Elliptic Curve Cryptograph (ECC) Algorithms in Cryptographic Message Syntax (CMS).
(2) A qualified certificate for electronic signature must be created, stored and used in a format established in accordance with RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile of May 2008.
(3) The length of the hashing function SHA-2 must be in accordance with the recommendation in the ETSI TS technical specification 119 312 V1.3.1: Electronic Signatures and Infrastructures (ESI); Cryptographic Suites.
(4) Data for creating electronic signatures and data for verifying the validity of electronic signatures corresponding to a qualified electronic signature certificate must be generated and used according to:
(a) the RSA algorithm in accordance with standard PKCS # 1 v2.1: RSA Cryptograph Standard of 14 June 2002; or
(b) ECC algorithm in accordance with FIPS Publication 186-4 (July 2013): Digital Signature Standard (DSS) and IETF RFC 5753: Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS).
(5) The length of the data for the creation of electronic signatures and data for the validation of electronic signatures must be in accordance with the recommendation set out in the technical specification ETSI TS 119 312 V1.3.1: Electronic Signatures and Infrastructures (ESI); Cryptographic Suites.
§ 15
Authentication certificate and corresponding cryptographic keys
(1) The Authentication Certificate is used to authenticate the holder of a citizen's card when accessing the information system or electronic application remotely.
(2) The Authentication Certificate must be issued by a qualified trust service provider.
(3) Authentication certificate must be created and used using the SHA-2 hashing function in accordance with the standard FIPS PUB 180-4: Secure Hash Standard from August 2015 and using the RSA algorithm in accordance with the standard PKCS # 1 v2.1: RSA Cryptograph Standard of 14 June 2002 or using the ECC algorithm in accordance with the standards FIPS Publication 186-4 (July 2013): Digital Signature Standard (DSS) and IETF RFC 5753: Use of Elliptic Curve Cryptograph (ECC) Algorithms in Cryptographic Message Syntax (CMS).
(4) The Authentication Certificate must be created, stored and used in a format established in accordance with RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile of May 2008.
(5) The length of the hashing function SHA-2 must comply with the recommendation set out in the ETSI TS technical specification 119 312 V1.3.1: Electronic Signatures and Infrastructures (ESI); Cryptographic Suites.
(6) The authentication certificate must state:
(a) details of the holder of the identity card:
1. the name and, where applicable, the names and surnames; and
2. special features, if the purpose of the authentication certificate so requires,
(b) details of the issuer of the authentication certificate, which are:
1. the business name or name, names and surnames, and
2. the State in which it is based; and
(c) details of the authentication certificate which are:
1. unique number for the publisher of the authentication certificate; and
2nd beginning and end of validity.
(7) The cryptographic keys corresponding to the authentication certificate must be created and used according to:
(a) the RSA algorithm in accordance with standard PKCS # 1 v2.1: RSA Cryptograph Standard of 14 June 2002; or
(b) ECC algorithm in accordance with FIPS Publication 186-4 (July 2013): Digital Signature Standard (DSS) and IETF RFC 5753: Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS).
(8) The length of cryptographic keys corresponding to the authentication certificate must be in accordance with the recommendation in the ETSI TS technical specification 119 312 V1.3.1: Electronic Signatures and Infrastructures (ESI); Cryptographic Suites.
§ 16
Personal access code and signature code by qualified electronic signature
(1) The personal access code shall be used for the approval of operations with a qualified electronic signature certificate, electronic signature creation data and electronic signature validation data corresponding to the qualified electronic signature certificate, authentication certificate and cryptographic keys corresponding to the authentication certificate.
(2) The code for signature by qualified electronic signature is used to approve the act of creating a qualified electronic signature.
(3) The setting of a personal access code is a condition for using a qualified certificate for electronic signature, data for creating electronic signatures and data for verifying the validity of electronic signatures corresponding to a qualified certificate for electronic signature, authentication certificate and cryptographic keys corresponding to an authentication certificate.
(4) The setting of a code for signature by qualified electronic signature is a condition for the use of a qualified certificate for electronic signature, data for creating electronic signatures and data for verifying the validity of electronic signatures corresponding to the qualified certificate for electronic signature for the purpose of creating a qualified electronic signature.
(5) The personal access code and the code for signature by qualified electronic signature shall consist of at least 5 and not more than 15 digits.
(6) The holder of the identity card shall enter a combination of the digits of the personal access code or the signature code by qualified electronic signature after entering the personal unlocking code.
(7) A personal access code and a code for signature by qualified electronic signature may be entered or changed by the holder of the identity card during the period of validity by means of an electronic data management application for electronic use by the holder of the identity card.
(8) After the third improper entry of the personal access code or signature code by qualified electronic signature, the functions of the personal access code or signature code by qualified electronic signature shall be blocked.
(9) Unblock the function of a personal access code or signature code by qualified electronic signature may be performed by the holder of the identity card by entering the personal unblock code by means of an electronic data management application for electronic use by the holder of the identity card.
Zobrazit všechna ustanovení (364)

Sign in for notes, favorites and notifications

Register Free Sign In
Rating:

Comments 0

To write comments, please sign in.

Regulation Information

CitationDecree No. 281 / 2021 Coll. implementing the Civil ID Act and certain provisions of the Travel Documents Act and the Basic Register Act
Regulation TypeOrder
Author-
CollectionCode of Laws
Date of Promulgation27.07.2021
Effective from02.08.2021
Effective until-
Status Valid
Legal Areas: Administrative law Telecommunications, Communications, Mail General internal administration

Public Contracts 5

II/101 Kováry, provozní oprava mostu ev.č. 101-042 přes Zákolanský potok_koordinátor BOZP
Krajská správa a údržba silnic Středočeského kraje... A-Monit Consulting, s.r.o.
45 980 CZK
03.10.2025
III/23711 Srbeč, provozní oprava mostu ev.č. 23711-1 přes Bakovský potok_koordinátor BOZP
Krajská správa a údržba silnic Středočeského kraje... MANIFOLD GROUP s.r.o.
43 560 CZK
16.06.2025
Studie na řešení vnitrobloku v ul. Čechovská zejména z hlediska dopravní obslužnosti HZS a parkování...
Město Příbram PSDS s.r.o.
423 500 CZK
13.06.2025
Studie na řešení vnitrobloku v ul. Komenského zejména z hlediska dopravní obslužnosti HZS a parkován...
Město Příbram PSDS s.r.o.
181 500 CZK
13.06.2025
Studie na vybudování chodníku v Žežicích v délce cca 850 m (podél hlavní silnice)
Město Příbram PSDS s.r.o.
169 400 CZK
13.06.2025
Source: Hlídač státu (CC BY 3.0 CZ)
The regulation text is for informational purposes only.

Partner Websites

Založení s.r.o. Virtual offices and company formation
MojeDatovka.cz Data box database and search
ČeskéFirmy.online Czech company directory and reviews
Favorites
Browsing History
This website uses cookies to ensure proper functionality, analyze traffic and display advertising. More information
Cookie Settings

Choose which cookie categories you want to allow.