Answer given by Mr Barrot on behalf of the Commission
1. The Commission is studying the impact of anonymity services on the ability of law enforcement bodies to provide security to the citizens in the EU. The Commission is currently not planning to submit a proposal prohibiting the use of such services.
2. It is the Member States' responsibility to safeguard their internal security. If the use of these services demonstrably limits their ability to do so, they may consider regulating the use of these services, while respecting the European Convention on Human Rights and other principles and guarantees regarding civil liberties in Europe and their obligations under the Treaties. Any such measures must be duly justified and must be proportionate and limited to what is necessary in a democratic society.
Furthermore, given the relevance of whistle blowing systems for law enforcement against certain types of crime, the need to maintain the possibility of conferring information anonymously to the relevant organisations should be taken into account when considering regulation of anonymous communications services.
3. The fundamental right to protection of personal data is enshrined in Article 8 of the EU Charter. Whilst there is no explicit right to electronic anonymity as such under Community law, the Data Protection Directive 95/46/EC(1), is to require that personal data must be processed fairly and lawfully, including the data minimisation principle. This principle may be furthered by the use of anonymous data wherever possible. Confidentiality of communications and related traffic data is protected by the directive on privacy and electronic communications 2002/58/EC(2). The data minimisation principle, leading to anonymity, may also be achieved by the use of Privacy Enhancing Technologies (PETs)(3). However Member States may adopt measures to restrict the scope of these principles which are necessary to safeguard important public interests such as national security or law enforcement, including combating terrorism or fighting cybercrime.
Directive 95/46/EC of the Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L 281, 23.11.1995.
Directive 2002/58/EC of the Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ L 201, 31.7.2002.