On November 15 2001 the French Parliament adopted Law 2001-1062 on Daily Security. This law introduces new rules governing the cooperation of encryption service providers with public authorities. These provisions were originally part of the draft of a more general Law on the Information Society, which is expected to be adopted later this year. However, following the terrorist attacks in the United States on September 11 2001, French legislature decided to include them as a matter of urgency into Law 2001-1062.
The rules have no direct effect and will only apply after special decrees are adopted by the French government, which should occur later this year.
The new rules require that providers of encryption services make available agreements permitting the decryption of data encrypted through their services to authorized state agents responsible for the interception of electronic correspondence at the request of such agents. These agents may further require the providers to decrypt the exchanged correspondence, unless the providers prove that they cannot comply with the agents' request.
Failure to comply with the agents' requests constitutes a criminal offence punishable by a fine and imprisonment.
The procedure for compliance with such requests will be specified in a special decree of the French government that has yet to be adopted. This decree will also set forth the procedure for the state to compensate the encryption service providers' surcharges resulting from such compliance.
For further information on this topic please contact Bradley L Joslove at Franklin by telephone (+33 1 45 02 79 00) or by fax (+33 1 45 02 79 01) or by email ([email protected]).