One will find that countries don't really distinguish when it's one of their citizens taking action and those citizens are within the country's jurisdiction.
Governments are funny like that. If I go to Germany and kill a man in the street, I might not end up under arrest if I go to, say, Russia, but if I go back to my home country? Yeah, they'd arrest me for a crime committed elsewhere in someone else's jurisdiction we're allied with.
Edit: By "operates" I mean its services are accessible from France. If an entity cannot or will not comply with EU laws (e.g. GDPR) they can block clients from the EU. I regularly come across such websites with geoblocks (a few times a year).
You can access substantially all internet services from France, and from any other country that doesn't explicitly block them, and from most of the ones that do via satellite internet or VPNs etc.
> you can create an account from a French number.
You can have a French number and not be in France. Also, this is the location of the user, not the company. This is basically the same reasoning as the internet; the phone network is global and anybody can call anybody. That doesn't mean that every service provider is in every country.
> Also the website is in French and the illegal messages are likely in French.
There are millions of people who speak French who aren't in France.
> Now add on top, that the CEO is French on French soil...
But we're talking about where the company is operating. Should France arrest the French CEO of a US company that does something in the US which is legal in the US but not in France?
For internet websites, if a website can be accessed from France, then the French law applies.
It's under the same principle that Megaupload was shut down by the US, despite the company was not connected to the US or operating from the US.
This is why some websites block visitors from France (e.g. newspapers not willing to bother with GDPR for example) or that some sites block visitors, registrations and payments from the US (e.g. investment websites).
Here Telegram refuses to respect French law. Whether they are ethically right or not, it's one debate, but in the meantime, the detectives want to gather elements.
It's the standard way that police talks there. They don't send lawyers. Instead they put you in custody for interrogation.
A bit rude, I recognize it, though relatively common. Even the French CEO of Uber was sent in custody there.
> The law is quite simple (and it's not just in France), if a website can be accessed from France, then the French law applies.
The internet is global. Any website can by default be accessed from any country. Are you proposing that anyone with a website is subject to the laws of every country? Notice that this is impossible to do; the laws of different countries will require mutually exclusive things.
> It's under the same principle that Megaupload was shut down by the US, despite the company was not connected to the US or operating from the US.
You're citing an extremely controversial practice to justify the same. The question is what should be the case and is reasonable, not what some country has managed to get away with through some questionable shenanigans or might makes right.
> At least to show: "we tried our best".
This is just a fig leaf. IP location services are notoriously unreliable and trivially bypassed. Anybody in any location can choose the IP address they make a request from. Also, fragmenting the internet in this way is poison and should be discouraged as a matter of policy. You're effectively asking websites to block foreign countries by default because they don't have the resources to hire a lawyer for every country that exists to see how to comply with their laws.
The ship has long sailed. EU decided that our laws will be applied maximally - to all EU citizens regardless of their location and for everyone within our territorial control.
And if other countries like USA have conflicting laws like Patriot Act then companies can be even forced to divest from EU or split their businesses so that USA branch can not enforce USA spy laws in EU. Google Privacy Shield.
> The ship has long sailed. EU decided that our laws will be applied maximally - to all EU citizens regardless of their location and for everyone within our territorial control.
Ships that have sailed can still be sunk.
> And if other countries like USA have conflicting laws like Patriot Act then companies can be even forced to divest from EU or split their businesses so that USA branch can not enforce USA spy laws in EU.
How is this supposed to apply to a small business with one employee?
