French Law Forces Backdoors On ISPs

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Profile image of Mattias Geniar

Mattias Geniar, May 05, 2015

Follow me on Twitter as @mattiasgeniar

This law just got approved in France. 438 votes in favor, 86 against, 42 abstained.

The original, French, version is here: ASSEMBLÉE NATIONALE 2669.

A google translated version reads as follows.

Article 6 […]

It is also stated that operators and service providers will, if necessary, be able to observe the provisions governing the secrecy of national defense.

Finally, Article L. 871-4 provides that CNCTR the members and agents can penetrate, for control purposes, on the premises of operators and service providers.

Article 7 also moves, adapting in the new Book VIII of the Code of internal security of existing criminal provisions, including the fact that repress from revealing that information technology is implemented or refusal to transmit login data whose collection has been authorized.

Every ISP or hosting provider in France should be worried. OVH, one of the biggest hosting providers in the world, was already threatening to leave France. If they’re looking to store their servers physically nearby, maybe we can partner up.

But all kidding aside, I’m curious what they’ll do now, since the law has been approved.

A translated post on OVH’s statement shows some of the real dangerous of this law.

… Requiring French hosts to accept real-time capture of connection data and the establishment of “black boxes” with blurred in infrastructure, means giving French intelligence services access and visibility into all data traveling over networks. This unlimited access insinuate doubt among customers of hosting providers on the use of these “black boxes” and the protection of their personal data.

OVH.com

We can all argue in favor of end-to-end encryption, SSL everywhere, … but that doesn’t change the fact that your government is forcing the internet providers in your country to install and maintain a backdoor, so French law enforcement can intervene and spy at their own choosing.

It’s a sad day for France and a sad day for ISPs and hosting providers in general.

Hat tip to @FredericJacobs for bringing this to my attention.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.