France has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

France has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

France has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

According to Art. 45-3 of the Postal and electronic communications code, ".fr" domains can only be registered by physical persons residing in the territory of an EU member state or legal persons established there.

According to Art. 289A of the General Taxation Code, a person not established in the European Union who is liable for the value-added tax or must fulfil reporting obligations is required to have a taxable representative established in France accredited to the tax office.

According to Art. L851-3, telecommunication providers can be required to automatically analyse connection data in their networks to detect terrorist threats.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In France, the EU Directive was transposed into domestic law through Decree 2021-793 on On-Demand Audiovisual Services. According to Art. 28 of the Decree, service providers must reserve a minimum share of the total number of feature-length cinematographic and audiovisual works made available to the public, specifically at least 60% for European works and 40% for original French-language works.
Furthermore, under Art. 14 of the Decree, providers of audiovisual streaming services operating in the French market are required to invest 25% of their annual turnover in France into European or French-language productions if they exhibit at least one cinematic work that has been released in theatres within the previous 12 months. In all other cases, the investment requirement is reduced to 20%. The specific details of this investment can be established in an agreement with the Superior Audiovisual Council.

Under the "Act aiming to preserve the interests of defence and national security in the framework of exploiting mobile radioelectric networks", any components used to connect consumers with mobile telecommunications networks are subject to prior approval by the Prime Minister, whose decision is based on the permanence, integrity, security and the availability of networks, as well as the confidentiality of the messages transmitted. Fourth-generation networks and older generations are exempted.

Under the Certification framework for cloud service providers, only providers who are certified under the SecNumCloud standard have access to public procurement tenders for cloud services. The SecNumCloud standard requires providers to use root certificates emitted by the certification authority of an EU Member State in the presence of the provider.

Under Arts. L-111-1 and L-111-2 of the Heritage Code, public archives that are kept because of scientific interest or ongoing administrative utility are national treasures. As such, they must be stored on French territory, even in electronic form.

According to the Art. L102 C of the Tax Procedures Handbook, if invoices are sent in electronic form, taxable persons may not store invoices in a country not linked to France by an agreement providing for mutual assistance or not providing immediate online access rights, downloading and use of the whole of the data concerned. Taxable persons are obliged to declare the place of storage of their invoices and any modification of that place where it is located outside France.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. The Act No. 78-17 of 6 January 1978 on Data Processing, Data Files and Individual Liberties was amended in June 2018 to implement the GDPR.

Under the EU Directive on Data Retention, operators were required to retain certain categories of traffic and location data (excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid. However, not all national laws that implemented the Directive have been overturned.
France implemented the Directive with Decree No. 2006-358, Relating to the conservation of electronic communication data. In 2021, the Conseil d'Etat upheld the law despite the CJEU ruling, arguing that it remained compatible as it was necessary to safeguard national security.

Under Art. L34-1 of the Postal and Electronic Communications Code, telecommunication service providers have to keep personal data like the name and address of consumers for simple law enforcement purposes, as well as users' payment information and other information. For the purpose of fighting grave crime, as well as national security and public security threats, providers can be obliged to keep data on the source and destination of communications as well as data on the devices used. In cases where there is a grave threat to national security, currently or in the immediate future, the Prime Minister can enjoin providers to keep other data, including location data.

According to Art. L851-1 of the Internal Security Code, the Prime Minister can authorise the collection of connection data and other technical data for law enforcement purposes without a court order. Furthermore, under Art. L851-2, in exceptional cases, real-time online surveillance of individuals connected to a terror suspect can be authorised. The maximum number of authorisations for this is determined by the Prime Minister.