Over the last year, The French parliament passed new laws granting additional powers to intelligence services regarding interception of communications and data requests. This is part of a broader reform aimed at creating a legal framework for intelligence practices which were not formally authorized by law before 2015. In the press, it was said that these laws allowed sweeping new surveillance powers, legalizing highly intrusive methods without guarantees for individual freedom and privacy.
This article will focus on the provisions related to communications intelligence (COMINT), including targeted telephone tapping (lawful interception or LI), metadata collection and data requests to internet service providers (ISPs). Targeted interception of the content of internet communications is not regulated by these new laws, but only by older decrees which are still a bit unclear. The new laws are only about collection the metadata of internet communications.
In France, communications interception is authorized under two distinct frameworks :
- Judicial interceptions ordered by a judge of inquiry (juge d'instruction) during a criminal investigation. These interceptions can be done both by the police, the gendarmerie (a military force charged with police duties) and by DGSI.
- Administrative interceptions, also known as security interceptions, which are requested by both the domestic security and the foreign intelligence services.
Administrative interceptions are approved by the Prime Minister for various motives, such as defending and supporting major national interests including national defense, foreign policy interests, economical and industrial interests, or preventing terrorism and organized crime. Whereas the Unites States strongly denies conducting commercial espionage in the sense of stealing trade secrets for the benefit of individual companies, France is known for being less strict on this.
The main French security and intelligence services are:
- Direction Générale de la Sécurité Intérieure (DGSI) which reports to the Interior Ministry and is responsible for domestic security. It has some 3500 employees and an annual budget of 300 million euros. DGSI was formed in 2008 through the merger of the direction centrale des Renseignements Généraux (RG); Direction de la Surveillance du Territoire (DST) of the French National Police.
- Direction Générale de la Sécurité Extérieure (DGSE), which reports to the Minister of Defence and is responsible for collecting foreign intelligence on civilian issues and also performs paramilitary and counterintelligence operations abroad. DGSE is responsible for both HUMINT and SIGINT.
- Direction du Renseignement Militaire (DRM), which reports directly to the Chief of Staff and to the President of France as supreme commander of the French military. DRM is responsible for collecting military intelligence in support of the French armed forces.
- Direction de la Protection et de la Sécurité de la Défense (DPSD), which is also part of the Ministry of Defence. DPSD is responsible for the security of information, personnel, material and facilities of the armed forces as well as the defence industry.