Amended as Law no.2004-575 of June 21, 2004, entered into force on June 23, 2004. See the explanatory report.

Ratification of the Council of Europe Convention on Cybercrime was made on January 10, 2006.

Article 323-1:

Fraudulent accessing or remaining within all or part of an automated data processing system is punished by a sentence not exceeding two years’ imprisonment and a fine of 30.000 euro.

Where this behavior causes the suppression or modification of data contained in that system, or any alteration of the functioning of that system, the sentence is not exceeding three years’ imprisonment and a fine of 45.000 euro.

Article 323-2

Obstruction or interference with the functioning of an automated data processing system is punished by a sentence not exceeding five years’ imprisonment and a fine of 75.000 euro.

Article 323-3

The fraudulent introduction of data into an automated data processing system or the fraudulent suppression or modification of the data that it contains is punished by a sentence not exceeding five years imprisonment and a fine of 75.000 euro.

Article 323-3-1

Fraudulently, and without legitimate motive, importing, holding, offering, selling or making available any equipment, tool, computer program or any data designed or particularly adapted to commit one or more offences provided for by articles 323-1 to 323-3, is punishable by the sentences prescribed for offences in preparation or the one that carries the heaviest penalty.

Article 323-4

The participation in a group or conspiracy established with a view to the preparation of one or more offences set out under articles 323-1 to 323-3, and demonstrated by one or more material actions, is punished by the penalties prescribed for offences in preparation or one that carries the heaviest penalty.