Two Czech website publishers appealed to the Conseil d'État, challenging the provisions that give ARCOM (French audiovisual and digital communication regulatory authority) powers to enforce French criminal law prohibiting under-age access to pornographic content. In dismissing the general criticisms against the implementing decree and act, the Conseil d'État noted that a recent ruling by the Court of Justice of the European Union (CJEU) – the “Google Ireland” case of 9 November 2023 – interpreted the European directive of 8 June 2000 as being able to prevent a Member State from adopting certain general measures in respect of operators established in another Member State. For this reason, the Conseil d'Etat decided to refer the issues raised by this question, regarding the application of French criminal law and the protection of minors, to the CJEU.
While article 227-24 of the French Criminal Code prohibits anyone from posting a pornographic message that could be seen by a minor online, the act of 30 July 2020 gives the Chair of ARCOM the power to issue formal notices and refer matters to the courts to ensure compliance with this ban. A decree dated 7 October 2021 set out the terms of the legislation. Two pornographic website publishers based in the Czech Republic – Webgroup Czech Republic and NKL Associates sro – applied to the Conseil d'État, seeking the annulment of this decree, which they considered to be contrary to European law (Directive 2000/31/EC of 8 June 2000, known as the E-Commerce Directive).
The Conseil d'État dismisses several general criticisms of the decree and the act
Firstly, the applicants claimed that the act and its implementing decree imposed requirements that were too vague, impossible to meet, and, therefore, contrary to several principles, specifically proportionality, legal certainty, freedom of expression, and the right to a fair trial.
The Conseil d'État rejected all of these criticisms. It noted that the act requires website publishers to take appropriate measures to ensure the protection of minors, while leaving them with a degree of flexibility in their choice of these measures. There was no requirement for the decree to further specify the nature of the measures. The Conseil d'État also ruled that, contrary to the claims put forward by the two companies, the act and decree did not infringe the French Declaration of the Rights of Man and of the Citizen nor the European Convention on Human Rights.
An important question of principle concerning France's ability to ensure that a digital service based in another EU Member State complies with French criminal law
The applicants’ claim that the act and decree do not comply with European law, in particular Directive 2000/31/EC of 8 June 2000, known as the E-Commerce Directive, raised more challenging issues. On 9 November 2023, in the “Google Ireland” case (No. C-376/22), the Court of Justice of the European Union essentially ruled that this directive, by establishing the so-called “principle of control in the Member State of origin” – which states that communication platform providers are subject to the legal system of the Member State in which they are established – prevents other Member States from imposing general rules regarding matters that fall within the directive’s “coordinated field” in terms of access to digital services or the exercise of such services.
On the basis of this directive and ruling, the applicants maintained that the act and decree they are challenging could not be applied to them, since they are not established in France but in another European Union Member State (in this case the Czech Republic). They concluded that the decree should be annulled as contrary to European law. This criticism raises an important question of principle concerning the scope of the “principle of control in the Member State of origin” set out in the 2000 Directive, which has not been called into question by the recent European regulation on digital services (Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market for Digital Services and amending Directive 2000/31/EC, known as the Digital Services Act), which came fully into force on 17 February 2024.
The issue is whether France may enforce compliance with at least parts of its legislation on digital services established in other EU Member States.
The Conseil d'Etat refers the issue of the application of French criminal law, in particular the provisions relating to the protection of minors, to the Court of Justice of the European Union
In view of the issues raised by the interpretation of European law, the Conseil d'État decided to refer the matter to the Court of Justice of the European Union for a preliminary ruling on three issues, which can be summarised as follows: should the European directive be considered to prohibit the application of the general principles of French criminal law, including the rules adopted for the protection of minors, to service providers established in other Member States? What exactly is the nature of the “coordinated field” covered by the directive?
Pending the Court of Justice of the European Union’s response to these questions, the Conseil d’État suspended its review of the appeal. The decree and the act, therefore, remain applicable.
In another decision handed down on the same day, the Conseil d'État also decided to refer two other questions on the interpretation of the same directive to the Court of Justice of the European Union. They concern a dispute brought by Coyote System against a regulation requiring navigation and driving assistance application providers to desist from re-posting messages sent by their users at certain times, where such re-posting is likely to allow other users to evade police roadside checks. The aim is also to clarify the scope of the “coordinated field” of the directive and the Member States' room for manoeuvre in this area, which affects public order and safety.
Read the decisions (in French):
- WebGroup Czech Republic et al.