April 23, 2021

Volume XI, Number 113


April 22, 2021

Subscribe to Latest Legal News and Analysis

April 21, 2021

Subscribe to Latest Legal News and Analysis

April 20, 2021

Subscribe to Latest Legal News and Analysis

France’s New Investment Control in the Cybersecurity and Technology Sectors

Decree No. 2058-1057 of November 29 2018 on foreign investments subject to prior approval

France, who in recent years has been relatively open to overseas investors, has extended its control over foreign investment into certain ‘sensitive’ industries, particularly the IT, cybersecurity, communication, and technology sectors.

Extension of the relevant activities

The sectors, listed in Articles R.153-2 of the French Monetary and Financial Code, are considered sensitive either because they contribute to the exercise of public authority, or because they represent a significant risk to the national interest with respect to public order and security, or to national defence.

The decree of 29 November 2018, which came into effect on 1 January 2019, extended the range of activities that are considered as sensitive by adding:

  • Technological devices “able” to intercept correspondence, communication or electronic data;

  • IT security systems’ products and services;

  • R&D in relation to cybersecurity, artificial intelligence, robotics, additive manufacturing/3D printing, and semiconductors;

  • Equipment, products or services, which are essential to guarantee the integrity, security, and continuity of aerospace operations;

  • Equipment, products or services, which are essential to guarantee the integrity, security, and continuity of the specific IT and electronic systems needed by the national police, the military police, the civil security services or for the public security work of customs officials;

  • Data hosting services of data where its compromise or disclosure is likely to affect public order, public security or national defence; and

  • R&D in relation to dual-use goods and technologies.

The existing list already includes, amongst others:

  • Equipment, products or services, which are essential to guarantee the integrity, security, and continuity of the operating of electronic communication networks and service;
  • Activities relating to the means of cryptology and the services of cryptology;
  • Accredited assessment centers for the certification of the security offered by IT products and systems; and
  • IT security systems’ products and services for the benefit of an operation of vital infrastructure.


Foreign investment in such sectors needs prior approval from the Minister for the Economy, who may also require any such transaction to be subject to certain conditions. Until now, these conditions could only relate to criteria such as “preservation by the investor of the durability of activities, industrial capacities, research and development capabilities or associated know-how”. However, the recent decree, adds “protection of data” as well as protection of “technologies” to these criteria.

Increased sanctions

The French Government has also announced a stricter sanctions procedure and more severe sanctions for failure to comply with the rules.


The government has stated that its objective is to help the country adjust to new and contemporary challenges through better protection of the technological sectors of the future. Although the government’s view is that this should not create a barrier to future foreign investment, potential investors in the technological sectors should be aware that investments into France may be closely examined.

© Copyright 2021 Squire Patton Boggs (US) LLPNational Law Review, Volume IX, Number 24



About this Author

Stephanie Faber International Business Attorney Squire Patton Boggs Paris, France
Of Counsel

Stephanie Faber heads the Data Privacy & Cybersecurity Practice and the Intellectual Property & Technology Practice in the Paris office. She specialises in international business law, with more than 20 years of experience. Her legal practice encompasses business transactions and operations, as well regulatory and compliance work.

In relation to the Data Privacy & Cybersecurity Practice, Stephanie advises on:

  • GDPR gap assessment and compliance programs
  • Data breach management and notification
  • Database creation, international...
33 1-5383-7400
Véronique Collin Financial Attorney Squire Patton Boggs Paris, France

Véronique Collin is a partner based in our Paris office. She has over 25 years of banking and finance experience, mainly advising financial institutions, and spent almost 20 years at a Magic Circle firm.

Véronique advises French and foreign credit institutions, arrangers, corporates, investment funds, and guarantors. Her multinational and cross-border transactional expertise covers the entire spectrum of issues, including asset and structured finance, securitization, distressed debt, real estate financing, and restructurings. 

Véronique has played a vital role in training,...

33 1-5383-7406