Source: European Parliament
Question for written answer E-001740/2025
to the Commission
Rule 144
Danilo Della Valle (The Left), Valentina Palmisano (The Left), Dario Tamburrano (The Left), Gaetano Pedulla’ (The Left)
In the light of reports by qualified news sources, it appears that the Vice-President of the Commission / High Representative of the Union for Foreign Affairs and Security Policy (VP/HR) and the Ministers for Foreign Affairs of some Member States use the Signal encrypted messaging platform for informal institutional communications. The European External Action Service (EEAS) has confirmed this, invoking operational confidentiality requirements.
This situation raises concerns about compliance with Article 5(1)(a), (b) and (f) and Article 33 of Regulation (EU) 2018/1725 and with the guidelines of the European Union Agency for Cybersecurity (ENISA) on protecting institutional communications.
In view of this, can the VP/HR answer the following questions:
- 1.Was the use of the Signal platform preceded by a data protection impact assessment (DPIA) and by security audits as required by current EU legislation?
- 2.What technical and organisation measures have been taken to ensure the confidentiality, integrity and availability of the diplomatic communications, to prevent the risk of compromise arising from informal use?
- 3.Do they intend to issue cogent guidelines within the EEAS for the use of digital tools by institutional leaders, to avoid the improper dissemination of strategic information due to procedural or organisational failures?
Submitted: 30.4.2025