France’s new cybercrime law targets tech executives, including Telegram’s Durov

The groundbreaking legislation, which took effect in January 2023, positions France as a leader in the fight against cybercrime. This law subjects tech executives, including Telegram CEO Pavel Durov, to criminal charges for their role in crimes conducted through their platforms.

Durov, who is currently under formal investigation in France, could face up to a 10-year prison sentence and a €500,000 fine. He has contested the allegations, asserting that Telegram adheres to EU regulations.

The law, officially named LOPMI (Loi d’Orientation et de Programmation du Ministère de l’Intérieur) 2023-22, is unprecedented in its reach and remains untested in court. This makes France the first nation to directly target tech executives in this manner.

According to the GIP Digital Watch Observatory team, the LOPMI law for the Ministry of the Interior outlines a €15 billion plan over five years to address future security challenges by enhancing human, legal, and budgetary resources.

It aims to modernize operations through digital transformation, with nearly half the budget dedicated to digitizing services, modernizing investigative tools, and improving cybercrime response.

The law plans to create 8,500 new jobs, improve recruitment diversity, and double police and gendarme presence by 2030.

It emphasizes crisis management, especially for civil security and climate events, and strengthens public order for major international events like the 2024 Olympics. Additionally, it aims to improve border security through advanced technology and cooperation.

Legal experts have noted that there are no comparable laws in the U.S. or other Western countries.

“There is no crime in U.S. law directly analogous to that and none that I'm aware of in the Western world,” said Adam Hickey, a former U.S. deputy assistant attorney general who established the Justice Department's (DOJ) national security cyber program, to Reuters.

Hickey, now at U.S. law firm Mayer Brown, said U.S. prosecutors could charge a tech boss as a ‘co-conspirator or an aider and abettor of the crimes committed by users’ but only if there was evidence the ‘operator intends that its users engage in, and himself facilitates, criminal activities’.

He cited the 2015 conviction of Ross Ulbricht, whose Silk Road website hosted drug sales. U.S. prosecutors argued Ulbricht ‘deliberately operated Silk Road as an online criminal marketplace ... outside the reach of law enforcement’, according to the DOJ. Ulbricht got a life sentence.

While the US has prosecuted individuals like Ulbricht, by proving their active involvement in crimes, French law aims to hold platform operators accountable for illegal activities on their sites, even without direct involvement.

Paris prosecutors, led by Laure Beccuau, have lauded the law as a vital tool against organized cybercrime, such as child exploitation and credit card trafficking. The recent arrest of Durov and the shutdown of platforms like Coco underscore France’s tough stance on online crime. The J3 cybercrime unit, handling Durov’s case, has also tackled other major cases, including Dominique Pelicot’s crimes via the chat forum Coco.

Despite the law’s potential, its novelty may pose legal challenges. Nevertheless, it marks a significant escalation in the global fight against cybercrime.