No, sharing passwords in France violates the Loi n°2018-133 (2018) and GDPR, risking fines up to €300,000 under CNIL enforcement. Corporate policies must prohibit sharing, as French courts treat it as unauthorized access under Article 313-1 of the Penal Code.
Key Regulations for Sharing Passwords in France
- GDPR Compliance (2018): Passwords are personal data; sharing breaches Article 32 (security of processing) and Article 5(1)(f) (integrity/confidentiality), triggering CNIL investigations.
- Loi n°2018-133 (2018): Explicitly criminalizes password sharing under Article 226-15, classifying it as a délit punishable by up to 1 year imprisonment and €45,000 fines for individuals.
- CNIL 2026 Guidance: Upcoming enforcement shifts prioritize corporate liability; companies failing to enforce password policies face fines up to 4% of global turnover under Article 83 GDPR.
French jurisprudence (e.g., Cass. Crim., 2021-00124) confirms that even internal sharing without malicious intent constitutes a breach. Employers must document password policies in Registre des traitements to mitigate liability.