Two French ISPs have asked France's highest court to make public a secret government decree defining how French security services can monitor the Internet.
France's foreign intelligence service, the Directorate General of Exterior Surveillance (DGSE) operates under rules set in a secret government decree in 2008. The existence of the decree was revealed by the magazine l'Obs in July this year.
The decree's existence has not been denied by the government. While its content remains secret, it is known that it authorizes the DGSE to tap Internet communications entering or leaving French territory on a massive scale.
On Thursday, ISPs FDN and FFDN, along with online rights group La Quadrature du Net, revealed that they had filed two suits with the Council of State, seeking a summary judgment and suspension of the unpublished decree. The Council of State is, among other functions, France's highest court for matters involving the administration.
Their challenge focuses on two legal points.
The first is that the decree's secrecy, preventing citizens and parliamentarians from examining it, contravenes rulings of the European Court of Human Rights.
The second stems from a ruling of the French Constitutional Council in July, which found that a new security and surveillance law, while broadly constitutional, did not provide sufficient checks on the activities of the DGSE.
In the light of that ruling, the secret degree is illegal because it does not provide real and detailed safeguards against abuses by the security services, and has no constitutional basis, the ISPs claim. As a result, the council deleted one of the surveillance law's provisions.
Now the government is preparing a new bill to patch the hole in the law left by the council's ruling.
La Quadrature and the ISPs hope that their action will put pressure on the government to set out tighter -- and more transparent -- limits on what the security services can do.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.