In the past independent IT security evaluation according to published criteria has not realized its potential for the assessment of privacy enhancing technologies (PETs). Main reason for this was, that PETs were not covered appropriately in the evaluation criteria. This situation has changed somewhat, and therefore this paper reports on a case study, in which we developed Protection Profiles for remailer mixes. One reason for the development of these Protection Profiles was to test the privacy related components in the new Evaluation Criteria for IT Security – Common Criteria (International Standard 15408, ECITS/CC) and to develop improvements. Another reason was to contribute to an independent evaluation of privacy enhancing technologies. The experiment shows, that the ECITS/CC enable PPs for remailer mixes, but that there are still improvements necessary. The paper presents the Protection Profiles and the structured threat analysis for mixes, on which the Protection Profiles are b...