Back France

    Status regarding Budapest Convention

Status regarding Budapest Convention

Status : Party See legal profile

Cybercrime policies/strategies

No strategy specifically dedicated to cybercrime has been adopted so far. An inter-ministerial working group was tasked to prepare a report on a General strategy for the fight against cybercrime. It submitted its report containing 55 recommendations to the Government on 30 June 2014. A short introduction the report is available here (in French only).

Following the establishment in 2009 of an Agency responsible for information systems security (the “ANSSI”), a Cybersecurity strategy was published in February 2011 (“Défense et sécurité des systèmes d’information: Stratégie de la France”, available in French and German). Cybersecurity remains a priority in the last White Paper on defence and national security (April 2013, available here). A digital strategy has been adopted in 2015.


An action plan of the Ministry of Interior against cyberthreats and a current state of cyber threats in January 2017 have been released.


France’s International Digital Strategy presented by the Minister for Europe and Foreign Affairs on 15 December 2017, is centred around three key focuses: governance, the economy and security.


A Strategic Review on Cyber Defence has been carried out by France’s Secretariat-General for National Defence and Security and published on 12th of February 2018, providing a very detailed overview of cyber threats and the current state of French security infrastructure.

Specialised institutions

On December 2014, a Government Special Advisor for the Fight against cyberthreats was appointed within the Ministry of Interior. He is in charge of coordinating the ministry's strategy in this domain.

A department for ICT-related offences, the “Office central de lutte contre la criminalité liée aux technologies de l'information et de la communication” (OCLCTIC), was created within the Judicial Police department (investigative police) in 2000 (Decree n° 2000-405 of 15 May 2000). It has since been incorporated into a sub-directorate for the fight against cybercrime (“SDLC”) within the DCPJ.

Within the National Gendarmerie, different departments have been created:

  • A central unit entitled « Centre de lutte contre les criminalités numériques (“C3N”) du service central de renseignement criminel de la gendarmerie nationale (“SCRC”) »; it encompasses several departments in charge of the fight against malware, against online child abuse and all other illegal content on the Internet ; a last department is in charge of prospective and national coordination for the gendarmerie ;
    • In 2003, the national centre for the analysis of child abuse material was created (“Centre national d'analyse des images de pédopornographie - CNAIP”), and it is part of the C3N ;
  • A department to develop methods, tools and software to automatically detect paedophile pictures called « Département informatique et électronique de l'institut de recherche criminelle de la Gendarmerie nationale (“IRCGN”) »;
  • More recently (2003), in cooperation with the National Police, a National Center of paedophile pictures (“CNAIP”)

The national platform on which French citizens can report cybercrime is entitled Pharos.

The Agency responsible for the security of information systems is the “Agence Nationale de la Sécurité des Systèmes d'information (ANSSI)”. France’s CERT is the “CERT-FR” (created in 1999, and known as “CERTA” until 2014), created within the ANSSI. CERT-FR is a member of FIRST since 2000, and takes part to the activities of TF-CSIRT.

CECyF is the French expert centre against cybercrime (also called F-CCENTRE). Established in 2014, it enables law enforcement agencies, researchers from all sectors (academia, industry, independent experts) and educational institutions to meet and exchange to create projects that contribute to the training, education and research against cybercrime. It was initiated as part of the European project 2CENTRE (Cybercrime Centre of Excellence Network for Training Research and Education).

The data protection agency is the “Commission Nationale de l’Informatique et des Libertés (“CNIL”), created by the Law 78-17 of 6 January 1978.

The « Autorité de Régulation des Communications Electroniques et des Postes (“ARCEP”) is responsible for the regulation of telecom activities in France.

The Conseil National du Numérique (Digital Council) is an independent consultative commission set up in 2011 which give recommendations on all aspects of the impact of ICTs on society and the economy.

Jurisprudence/case law

Available here:

Sources and links

Tools on Cybercrime & Electronic Evidence Empowering You!

These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe. 


  Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?

  Share this information with us helping to keep this platform up to date.

Useful links