Database

Browse Database

FRANCE

Since 1950

Pillar Online sales and transactions  |  Sub-pillar Local presence requirement for digital services providers
General Taxation Code
According to Art. 289A of the General Taxation Code, a person not established in the European Union, who is liable for the value added tax or must fulfill reporting obligations, is required to have a taxable representative established in France accredited to the tax office.
Coverage Horizontal

FRANCE

Since 2021

Pillar Technical standards applied to ICT goods, products and online services  |  Sub-pillar Restrictions on encryption standards
Policy on the Security of Information Systems of the State, together with ANSSI Manual for Cloud Service Providers (SecNumCloud)
Under the Policy on the Security of Information Systems of the State, only providers which are certified under the SecNumCloud standard have access to public procurement tenders for cloud services. The SecNumCloud standard requires providers to use root certificates emitted by the certification authority of an EU Member State in the presence of the provider.
Coverage Cloud services

FRANCE

Since August 2019

Pillar Technical standards applied to ICT goods, products and online services  |  Sub-pillar Product screening and additional testing requirements
Act 2019-810 aiming to preserve the interests of defence and national security in the framework of exploiting mobile radioelectric networks
Under the "Act aiming to preserve the interests of defence and national security in the framework of exploiting mobile radioelectric networks", any components used to connect consumers with mobile telecommunications networks are subject to prior approval by the Prime Minister, whose decision is based on the permanence, integrity, security and the availability of networks, as well as confidentiality of the messages transmitted. Fourth generation networks and older generations are exempted.
Coverage Network equipment

FRANCE

Since March 2010, entry into force in May 2010, last amended in 2018
Since June 2021

Pillar Quantitative trade restrictions for ICT goods, products and online services  |  Sub-pillar Local content requirements (LCRs) on ICT goods for the commercial market
EU Directive on Audiovisual Media Services (AVMS)

Decree 2021-793 on on-demand audiovisual services
The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13(1) provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works through facilitating access to such works using any appropriate means to ensure prominence of European works. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
According to Art. 14 Decree 2021-793 on on-demand audiovisual services, providers of audio-visual streaming services active in the French market have to invest 25% of their annual turnover in France into European or French-language productions if they show at least one cinematic work that has been released to theatres in the previous 12 months; in all other cases, the contribution is lowered to 20%. Details can be fixed in an agreement with the Superior Audiovisual Council.
Coverage On-demand audiovisual service

FRANCE

Since October 2014

Pillar Quantitative trade restrictions for ICT goods, products and online services  |  Sub-pillar Import ban applied on ICT goods, products and online services
Act No. 2014-1104 on taxis and transport cars with drivers
The Act No. 2014-1104 on taxis and transport cars with drivers bans ride-sharing apps and other digital services that put consumers in contact with unlicensed drivers, including companies like Uber and Lyft. A complaint has been brought against the regulation in front of the European Court of Justice.
Coverage Ride-sharing services

FRANCE

Since 2015

Pillar Intermediary liability  |  Sub-pillar Monitoring requirement
Code of Internal Security
According to Article L851-3, telecommunication providers can be required to automatically analyse connection data in their networks to detect terrorist threats.
Coverage Telecommunications sector

FRANCE

N/A

Pillar Intermediary liability  |  Sub-pillar User identity requirement
Mandatory SIM card registration
It is reported that France imposes identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card, or a passport in case of foreigners, to activate a new prepaid SIM card.
Coverage Horizontal

FRANCE

Since 2018

Pillar Intermediary liability  |  Sub-pillar Monitoring requirement
Act 2018-1202 related to the fight against the manipulation of information
Under Art. 11 of the Act related to the fight against the manipulation of information, platform operators have to implement measures to fight against the spread of false information that may disrupt public order or affect general elections. To this end, they have to provide a complaint mechanism and are invited to establish complementary voluntary measures such as blocking accounts that massively spread disinformation, and increasing transparency over their algorithms and the sources of information.
Coverage Intermediaries

FRANCE

Since July 2000
Since 2004

Pillar Intermediary liability  |  Sub-pillar Safe harbor for intermediaries for any activity other than copyright infringement
Directive 2000/31/EC (E-Commerce Directive)

Law No. 2004-575 of 21 June 2004 (Law to promote confidence in the digital economy) (Loi pour la confiance dans l'économie numérique)
The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbor. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The E-Commerce Directive was transposed into French law by Law No. 2004-575 of 21 June 2004. According to this law, the hosting provider is liable for the stored contents, only if (i) he was actually aware of the illicit character of the content or if (ii) he did not delete the illicit content or did not forbid access to such content promptly after becoming aware of its illicit character.
Coverage Horizontal

FRANCE

Since 2015

Pillar Domestic Data policies  |  Sub-pillar Requirement to allow the government to access personal data collected
Internal Security Code
Under Art. L851-1 of the Internal Security Code, the Prime Minister can authorise the collection of connection data and other technical data for law enforcement purpose without a court order. Under Art. L851-2, in exceptional cases, real-time online surveillance of individuals connected to a terror suspect can be authorised. The maximum number of authorisations for this is determined by the Prime Minister.
Coverage Telecommunications sector

FRANCE

Since July 2000
Since 2004

Pillar Intermediary liability  |  Sub-pillar Safe harbor for intermediaries for copyright infringement
Directive 2000/31/EC (E-Commerce Directive)

Law No. 2004-575 of 21 June 2004 (Law to promote confidence in the digital economy) (Loi pour la confiance dans l'économie numérique)
The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbor. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The E-Commerce Directive was transposed into French law by Law No. 2004-575 of 21 June 2004. According to this law, the hosting provider is liable for the stored contents, only if (i) he was actually aware of the illicit character of the content or if (ii) he did not delete the illicit content or did not forbid access to such content promptly after becoming aware of its illicit character.
Coverage Horizontal

FRANCE

Since 2021

Pillar Domestic Data policies  |  Sub-pillar Minimum period for data retention
Postal and Electronic Communications Code
Under Art. L34-1 of the Postal and Electronic Communications Code, telecommunication service providers have to keep personal data like the name and address of consumers for simple law enforcement purposes, as well as users' payment information and other information. For the purpose of fighting grave crime, as well as national security and public security threats, providers can be obliged to keep data on the source and destination of communications as well as data on the devices used. In cases where there is a grave threat to national security, currently or in the immediate future, the Prime Minister can enjoin providers to keep other data, including location data.
Coverage Telecommunications sector

FRANCE

Since 2006
In April 2014
Since March 2006

Pillar Domestic Data policies  |  Sub-pillar Minimum period for data retention
Data Retention Directive 2006/24/EC

Judgment European Court of Justice in Joined Cases C-293/12 and C-594/12 Digital Rights Ireland and Seitlinger and Others

Decree No. 2006-358 Relating to the conservation of electronic communication data
Under the EU Directive on Data Retention, operators were required to retain certain categories of traffic and location data (excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid. However, not all national laws which implemented the Directive have been overturned.
France implemented the Directive with Decree no. 2006-358 Relating to the conservation of electronic communication data. In 2021, the Conseil d'Etat upheld the law despite the CJEU ruling, arguing that it remained compatible as it was necessary to safeguard national security.
Coverage Electronic Communications

FRANCE

Since May 2021

Pillar Cross-border data policies  |  Sub-pillar Local storage requirement
Heritage Code
Under Arts. L-111-1 and L-111-2 of the Heritage Code, public archives that are kept because of scientific interest or ongoing administrative utility are national treasures. As such, they must be stored on French territory, even in electronic form.
Coverage Public archives

FRANCE

Since January 1997

Pillar Telecom infrastructure and competition  |  Sub-pillar Presence of independent telecom authority
Presence of independent telecom authority
It is reported that the Postal and Print media distribution Regulatory Authority (ARCEP), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.
Coverage Telecommunications sector