France
National Overview • 5 Cases • 28 Rules • 3 Incidents
I. Jurisprudence
| Date ↓ | Case Title | Summary | Tool |
|---|---|---|---|
| 2025-12-18 | TJ Périgueux (FR) — ai 'hallucinations' warning | In a social-security dispute over an adult disability allowance overpayment, the tribunal noted that some case-law references cite... | Unknown / Not D... |
| 2025-12-03 | TA Grenoble (FR) — generative ai pleading criticised | The tribunal noted that the application’s lack of clarity likely resulted from it being drafted using a so-called generative AI to... | Unknown / Not D... |
| 2025-10-28 | TA Besançon (FR) — chatgpt output not a petition | The claimant submitted the results of a ChatGPT search about how to challenge a building-permit refusal. The tribunal held that th... | ChatGPT |
| 2025-10-06 | CA Lyon (FR) — chatgpt analysis rejected as proof | In an application to stay provisional enforcement of a commercial judgment, the applicant alleged that an acceptance/hand-over doc... | ChatGPT |
| 2025-06-26 | CA Paris (FR) — chatgpt excerpt offered as access proof | The appeal concerned an interim order about restitution/access to cloud-hosted business data after termination of a software subsc... | ChatGPT |
II. Regulation
| Date | Regulation Title | Summary | Status ↑ |
|---|---|---|---|
| 2026-01-05 | CNIL AI how-to sheets (English) — GDPR-compliant AI system development | Legal and advisory teams supporting AI development (including within professional services firms and client advisory work) should ... | in effect |
| — | Decree 2020-797 (public availability of judicial/admin court decisions) | — | |
| — | Law 2019-222 (justice programming and reform) | — | |
| 2018-06-21 | Law 2018-493 (personal data protection) | — | |
| 2016-10-08 | Law 2016-1321 (Digital Republic) | — | |
| — | Law 78-17 (Informatique et Libertés) | — | |
| — | Report: AI in the service of justice (strategy and operational solutions) | — | |
| — | CNIL checklist for developing AI systems | — | |
| 2025-06-01 | CNIL synthesis of consultation inputs on legitimate interest for AI development | AI developers relying on legitimate interest should operationalise a documented assessment workflow and evidence safeguards for la... | |
| — | CNIL practical AI sheets (portal) on GDPR-compliant development of AI systems | Useful as a navigation entry point for compliance teams to locate CNIL’s detailed practical guidance across the AI development lif... | |
| — | Survey: AI and the legal profession (lawyers) | — | |
| — | Algorithms and discrimination prevention report (Defender of Rights/CNIL) | — | |
| 2019-03-24 | Law 2019-222 Article 33 (open decisions + ban on reuse of judge identity data) | — | |
| 2017-03-16 | Decree 2017-330 (algorithm-based individual decisions) | — | |
| — | Order of 28 April 2021 implementing Decree 2020-797 Article 9 (publication timetable) | — | |
| — | Administrative judiciary AI use charter (2025) | — | |
| — | Decree 2021-1276 (automated processing / court decisions dissemination) | — | |
| — | Paris Bar AI White Paper | — | |
| — | CNIL legitimate interest recommendations for AI development | — | |
| — | CNB AI tool selection reading grid | — | |
| 2022-08-31 | Conseil d’État study on AI and public action: trust and performance | Provides strategic and governance reference points for French public bodies considering AI adoption; may inform internal policies ... | |
| 2023-05-16 | CNIL action plan on artificial intelligence (focus on generative AI and LLMs) | Signals CNIL supervisory priorities and the direction of forthcoming guidance and enforcement activity in relation to AI, especial... | |
| 2025-04-29 | Cour de cassation: release of report 'Preparing the Court of tomorrow' on AI | Relevant to courts considering AI tooling: provides an evaluation methodology and a governance model emphasising human oversight a... | |
| — | Deontological vigilance for judges and lawyers using generative AI tools | For judges and lawyers, the document supports immediate implementation of guardrails around generative AI use: mandatory verificat... | |
| 2025-02-07 | CNIL practical sheet: enabling data subject rights in AI training datasets and models | Requires AI developers/controllers to implement practical workflows for rights requests that address dataset/model distinctions, i... | |
| 2025-07-22 | CNIL finalises GDPR recommendations for AI system development and announces future work | Supports compliance teams by signalling CNIL’s expectations and practical focus areas (model GDPR applicability analyses, annotati... | |
| 2025-02-07 | CNIL practical sheet: informing individuals about personal data use in AI development | Requires AI developers/controllers to enhance privacy notice design and operational timing—particularly for web-scraped or third‑p... | |
| — | CRPA Article L311-3-1 (algorithmic decision transparency) | — |
III. Incidents
| Date ↓ | Headline | Summary | Type |
|---|---|---|---|
| 2025-12-22 | French CNIL Imposes €1.7M Fine on IT Software Consultant Nexpublica | The CNIL sanctioned a software consultancy for structural security flaws in its user relationship management software used by publ... | Data Breach |
| 2025-12-18 | French court flags “AI hallucination” risk in written submissions with unverifiable citations | A French court decision (Pôle social, Tribunal judiciaire de Périgueux) highlighted that legal authorities cited in a party’s writ... | Hallucination |
| 2025-12-11 | French CNIL Fines IT Consultant Mobius Solutions Over Data Breach | The CNIL imposed a €1 million fine on an IT processor (Mobius Solutions) for failing to protect user data, highlighting the neglig... | Data Breach |
France
Country Intelligence Report
I. Jurisprudence
| 2025-12-18 | TJ Périgueux (FR) — ai 'hallucinations' warning In a social-security dispute over an adult disability allowance overpayment, the tribunal noted that some case-law references cited by the claimant did not appear to match published decisions and warn... |
| 2025-12-03 | TA Grenoble (FR) — generative ai pleading criticised The tribunal noted that the application’s lack of clarity likely resulted from it being drafted using a so-called generative AI tool that was wholly unsuited to that use.
It also noted duplicated form... |
| 2025-10-28 | TA Besançon (FR) — chatgpt output not a petition The claimant submitted the results of a ChatGPT search about how to challenge a building-permit refusal.
The tribunal held that those ChatGPT results could not be treated as an administrative court pe... |
| 2025-10-06 | CA Lyon (FR) — chatgpt analysis rejected as proof In an application to stay provisional enforcement of a commercial judgment, the applicant alleged that an acceptance/hand-over document was forged.
The respondent argued that the applicant’s reliance ... |
| 2025-06-26 | CA Paris (FR) — chatgpt excerpt offered as access proof The appeal concerned an interim order about restitution/access to cloud-hosted business data after termination of a software subscription.
One party produced a ChatGPT excerpt and appeared to treat it... |
II. Regulations
| 2026-01-05 | CNIL AI how-to sheets (English) — GDPR-compliant AI system development Legal and advisory teams supporting AI development (including within professional services firms and client advisory work) should align internal playbooks and client guidance to CNIL’s practical expec... |
Decree 2020-797 (public availability of judicial/admin court decisions) — | |
Law 2019-222 (justice programming and reform) — | |
| 2018-06-21 | Law 2018-493 (personal data protection) — |
| 2016-10-08 | Law 2016-1321 (Digital Republic) — |
Law 78-17 (Informatique et Libertés) — | |
Report: AI in the service of justice (strategy and operational solutions) — | |
CNIL checklist for developing AI systems — | |
| 2025-06-01 | CNIL synthesis of consultation inputs on legitimate interest for AI development AI developers relying on legitimate interest should operationalise a documented assessment workflow and evidence safeguards for large-scale training and web scraping, including minimisation and risk b... |
CNIL practical AI sheets (portal) on GDPR-compliant development of AI systems Useful as a navigation entry point for compliance teams to locate CNIL’s detailed practical guidance across the AI development lifecycle. | |
Survey: AI and the legal profession (lawyers) — | |
Algorithms and discrimination prevention report (Defender of Rights/CNIL) — | |
| 2019-03-24 | Law 2019-222 Article 33 (open decisions + ban on reuse of judge identity data) — |
| 2017-03-16 | Decree 2017-330 (algorithm-based individual decisions) — |
Order of 28 April 2021 implementing Decree 2020-797 Article 9 (publication timetable) — | |
Administrative judiciary AI use charter (2025) — | |
Decree 2021-1276 (automated processing / court decisions dissemination) — | |
Paris Bar AI White Paper — | |
CNIL legitimate interest recommendations for AI development — | |
CNB AI tool selection reading grid — | |
| 2022-08-31 | Conseil d’État study on AI and public action: trust and performance Provides strategic and governance reference points for French public bodies considering AI adoption; may inform internal policies and future rulemaking but does not impose direct compliance duties. |
| 2023-05-16 | CNIL action plan on artificial intelligence (focus on generative AI and LLMs) Signals CNIL supervisory priorities and the direction of forthcoming guidance and enforcement activity in relation to AI, especially generative AI. |
| 2025-04-29 | Cour de cassation: release of report 'Preparing the Court of tomorrow' on AI Relevant to courts considering AI tooling: provides an evaluation methodology and a governance model emphasising human oversight and ethics. |
Deontological vigilance for judges and lawyers using generative AI tools For judges and lawyers, the document supports immediate implementation of guardrails around generative AI use: mandatory verification, confidentiality controls, tool vetting, and training. It reduces ... | |
| 2025-02-07 | CNIL practical sheet: enabling data subject rights in AI training datasets and models Requires AI developers/controllers to implement practical workflows for rights requests that address dataset/model distinctions, identification challenges, and the need to deliver meaningful access wh... |
| 2025-07-22 | CNIL finalises GDPR recommendations for AI system development and announces future work Supports compliance teams by signalling CNIL’s expectations and practical focus areas (model GDPR applicability analyses, annotation governance, and secure development). Organisations may need to upda... |
| 2025-02-07 | CNIL practical sheet: informing individuals about personal data use in AI development Requires AI developers/controllers to enhance privacy notice design and operational timing—particularly for web-scraped or third‑party data—including public-facing notices when individual outreach is ... |
CRPA Article L311-3-1 (algorithmic decision transparency) — |
III. Incidents
| 2025-12-22 | French CNIL Imposes €1.7M Fine on IT Software Consultant Nexpublica The CNIL sanctioned a software consultancy for structural security flaws in its user relationship management software used by public bodies. |
| 2025-12-18 | French court flags “AI hallucination” risk in written submissions with unverifiable citations A French court decision (Pôle social, Tribunal judiciaire de Périgueux) highlighted that legal authorities cited in a party’s written submissions appeared untraceable or incorrect and explicitly warne... |
| 2025-12-11 | French CNIL Fines IT Consultant Mobius Solutions Over Data Breach The CNIL imposed a €1 million fine on an IT processor (Mobius Solutions) for failing to protect user data, highlighting the negligence of specialized consultancies. |