FAQ on the graduated response proceedings

Translations are provided as a service to Arcom users and are supplied “as is”, throught the DeepL tool. Consequently, only the text of the original version is authentic.

Find out more about translation

What's the point?

The Internet cannot be considered as a public space free from the laws that govern our society. Nevertheless, the legislator has sought to adapt the intellectual property protection regime to the reality of the digital revolution.

Thus, the graduated response was conceived as a copyright protection measure adapted to the reality of digital uses. Its aim is to raise awareness among the general public in order to put a stop to unlawful distribution on peer-to-peer networks, and it is intended to result in legal sanctions only in cases where those warned do not heed the warnings they receive.

Who is responsible for the findings?

Sworn and authorized agents appointed by duly constituted professional defense organizations, collective management organizations and the Centre national du cinéma et de l'image animée (CNC), who carry out the inspections as of each work's unique fingerprint.

Arcom can also act on the basis of bailiffs' reports, or on information transmitted by the state prosecutor.

How are reports drawn up?

Using a dedicated information system, rights holders collect, on the one hand, the extract of the illegal file (chunk) made available on the Internet and, on the other hand, the public Internet Protocol address of the connection box, as well as the date and time of the unlawful downloading.

This information makes it possible to obtain the name of the Internet Service Provider (ISP) rights holder (by querying the "RIPE-NCC" public register). All these elements are then recorded in a statement of offence, which is forwarded to Arcom.

What are you accused of?

Internet contract holders are obliged to ensure that their Internet access is not used for counterfeit purposes (article L. 336-3 of the French intellectual property code). To this end, the subscriber must put in place measures to prevent protected works from being downloaded or shared over the Internet from his or her connection, either by himself or herself or by anyone using his or her access.

The purpose of the first and second warnings is to remind you of your legal obligation to ensure that your connection is not used to download or make available on the Internet works protected by copyright. At this stage, these are warnings for educational purposes, and no legal sanctions are incurred.

On the other hand, if Arcom is again informed of facts observed from your connection within one year of the presentation of the second warning letter (recorded delivery), the "negligent" contract holder may be held criminally liable for failing to take measures to put an end to the infringements of which he or she has been warned (article R. 335-5 of the French intellectual property code).

The "characterized negligence" offence therefore punishes the repeated failure to secure Internet access, in the absence of a legitimate reason.

For more details on the graduated response proceedings, click here.

As a professional, are you subject to the same obligations as private individuals, even though your issues are not the same?

A professional structure with an Internet contract is subject, through its legal representative, to the same obligations as an individual, namely to ensure that its connections are not used for counterfeiting purposes.

The graduated response proceedings do not distinguish between contract holders who are natural persons and those who are artificial persons. However, Arcom is aware that securing a professional connection, which is often made available to several users, is often more complex to implement than for a private individual whose connection is only used for domestic purposes. That's why Arcom offers specific support to professionals who make their connections available to the public.

To find out more about the measures you need to take as a professional, click here.

What do you risk?

If you ignore the warnings you receive, you risk a penalty notice issued by a judge: maximum 1,500 euros for an individual; maximum 7,500 euros for an artificial person.

In the event of a sentence, you may also be ordered to compensate the rights holders whose works have been unlawfully shared on the Internet.

Stage 1 (first warning)

The first step in the graduated response proceedings is to send a warning to the e-mail address of the contract holder whose access has been used to commit infringement. Arcom receives this information from the subscriber's ISP.


The first warning informs the subscriber that his or her Internet access has been used to make protected works available on peer-to-peer networks (article L. 331-20 of the French intellectual property code). It contains an educational video explaining the reasons for the warning, and details of the works made available.

It reminds the user of the penalties incurred, and invites him or her to take all necessary steps to ensure that his or her connection is no longer used for such purposes. It also directs the user to the legal cultural supply listed on the Arcom website.


If there is no repeat offence within six months of the 1st warning, the current graduated response proceedings come to an end. In the event of repeat offence after the six-month period, a new procedure may be launched.

Stage 2 (second warning):

In the event of repeated infringement within six months of the first warning, Arcom may send the subscriber a 2nd warning, both electronically and by recorded delivery.

The 2nd warning contains the same information as the 1st warning, and again invites the connection holder concerned to take steps to put an end to the breaches. It is sent both electronically and by recorded delivery.

If there is no repeat offence within twelve months of the 2nd warning, the graduated response proceedings come to an end. In the event of repeat offence after this period, a new procedure may be launched.

Stage 3 (finding of gross negligence, sending of a letter of notification):

When educational measures fail to produce results, the behavior of a contract holder whose connection is again used for counterfeiting purposes, despite two warnings, may lead Arcom to initiate the third stage of the procedure and refer the matter to the judicial authorities for criminal proceedings / prosecution.

Thus, in the event of a repeat offence within twelve months of the date of presentation of this recorded delivery letter, Arcom may send the contract holder a letter (notification letter) informing him that these new acts, committed from his connection, are liable to criminal proceedings / prosecution on the basis of the offence of "characterized negligence".


In phase 3 of the graduated response proceedings, Arcom notifies the contract holder, by recorded delivery letter and by electronic means, that downloading or sharing of protected works has again taken place from his or her connection, and that he or she is liable to legal sanctions. The letter invites the user to submit his observations within 15 days, and reminds him that he may request a hearing within the same period, and that he has the right to be assisted by counsel. It also invites the applicant to state his or her dependents and resources. Arcom may also, on its own initiative, summon the interested party to a hearing (article R. 331-12 of the French intellectual property code).

The member in charge of the works protection mission may then decide to forward these files to the competent state prosecutor, with a view to possible criminal proceedings / prosecution.

I've received a letter telling me that my file has been forwarded to the state prosecutor. What happens next in the proceedings?

On receipt of the file, the state prosecutor will in most cases demand that the police or gendarmerie carry out an investigation. Usually, the police or gendarmerie will interview the contract holder to verify his or her full identity and to obtain his or her statements on the facts.

In all cases, the state prosecutor decides whether or not to take legal action (articles 40 and 40-1 of the French Code of Criminal Procedure), on the basis of the legal grounds he or she chooses, be it the offence of gross negligence or the offence of counterfeiting.

For more details on the graduated response proceedings, click here.

Why secure my Internet connection?

Securing your Internet connection is designed to prevent unlawful use, particularly unauthorized use of copyrighted works.
This is a legal obligation for the contract holder(article L. 336-3 of the French intellectual property code). Should the subscriber fail to meet this obligation, Arcom can issue a warning.

As in the case of your home, you should lock your computer to prevent unauthorized access.
These means of protection enable Internet users to think differently about how their Internet connection is used by their family and friends.


How do I secure my Internet access?

To secure your wireless connection, you can use encryption and authentication management tools. This type of protection is achieved using cryptographic keys and protocols (WEP or WPA).

  • A WEP key is a protection mechanism for your wireless connection. It secures wireless networks by encrypting information circulating between the box and computers. A WEP key takes the form of a code made up of a series of characters, which must be set on the box (or, in some cases, on the ISP's website) and on the connected devices. As WEP encryption presents well-known and widely-exploited vulnerabilities, we strongly advise you to choose WPA or WPA2 protocols, if your equipment allows.
  • WPA and WPA2 are designed to overcome the security shortcomings of WEP. They are more recent protocols offering enhanced security. A WPA (or WPA2) key is a protection mechanism for your wireless connection. It secures a wireless network by encrypting information circulating between the box and computers. A WPA key takes the form of a code made up of numbers and letters, which must be entered at the box (or in some cases on the ISP's website) and on the connected computers. Several French Internet Service Providers already deliver their boxes with the security keys activated by default. Some ISPs have, over a period of time, delivered boxes whose default WPA key generation sequence was fallible, and we therefore recommend that you modify the keys present in the boxes by default.

Generally speaking, the best practice is to avoid leaving the default key and opt for a key of your own choosing. The term "password" is often used to protect Wi-Fi access. In fact, it's an encryption key that needs to be as long as possible (63 characters) to avoid exhaustive key search attacks.
This length is not a problem, as the household's equipment will memorize this key, which only needs to be entered once, and can be copied from the configuration interface (for wired access).

Of course, this key should only be communicated to people you trust, as it controls access to your personal network.


WPA authentication can be managed by two distinct protocols: TKIP or CCMP. We recommend choosing the CCMP protocol with AES-encrypted keys rather than TKIP, for which vulnerabilities have been identified.

For more details on setting up a box, click here.

How do I secure my computer?

First of all, you need to check whether peer-to-peer software is present on any of your devices. If this is the case, we recommend that you uninstall this type of software from household computers, as it may automatically make available previously downloaded files in the sharing library.

For more information on uninstalling peer-to-peer software, click here.

To secure your computer, you can also install parental control software. These mainly enable you to prohibit browsing on certain sites. They can also authorize or prevent downloading of certain types of file. All major Internet service providers include parental control options in their contracts.

Anti-virus and firewall software are also available. They help you to fight agains malicious content that allows third parties to usurp your identity and take remote control of your machine.

To find out more about what to do when you receive a warning, click here.

For more details on the technical and awareness-raising measures you can take as a professional, click here.

I don't download, but perhaps a member of my family (children, etc.) does. Am I responsible?

As the holder of an Internet contract, you are responsible for ensuring that your connection is not used by you or a third party for infringing purposes.

It's not the downloading itself that you're accused of, but the fact that, from your Internet connection, protected works have been made available. These acts may have been perpetrated from any computer, smartphone or tablet using your connection, on which the software or application mentioned in the warning is likely to have been installed.

You can set up a parental control tool and configure your devices (computers, tablets) to define distinct user profiles, with differentiated rights.


I've stopped downloading, yet I keep getting warnings from Arcom. Why is this?

The peer-to-peer software used for downloading is probably still installed on a device in the household and continues to make previously downloaded files available on the Internet, automatically, each time you connect to the Internet. The best way to avoid this type of problem is to uninstall the software from home computers or tablets.


I wasn't at home at the time of the events mentioned in the warning. How is this possible?

There are several possible scenarios:

  • Either the Wifi connection is open to all, unsecured, and anyone within range of the wifi can connect to your box;
  • Or the wifi code (key) has been communicated to close relations (family, neighbors). If these third parties connect to your wifi with a device (computer, tablet, etc.) on which peer-to-peer software is installed, the latter can automatically make available files containing previously downloaded protected works when the device is active and connected to your wifi;
  • Or the peer-to-peer software is installed on a device in your household. This type of software can automatically make available files containing previously downloaded protected works when the device is active and connected to your wifi.

What's more, the factual times given in the warnings are GMT times: to correspond with Paris time, you need to add 1 hour in winter and 2 hours in summer.


I don't know the software mentioned in the warning, I don't use it, I don't even have a computer at home. How can this be?

In this case, the downloading is probably coming from a third party who connects to your Internet access via wifi, either because this wifi is not secure, or because you have given them the codes.


After checking, I see that the Internet Protocol address given on the Arcom warning does not correspond to my current Internet Protocol address. Is this normal? Could this be a mistake?

The Internet Protocol address in the warning corresponds to the public Internet Protocol address assigned to your connection by your Internet Service Provider at the time of the incident, and not to the Internet Protocol address of one of your computers.

The identity of the computer (MAC address) is not within the scope of the data held by Arcom. With regard to the offence of gross negligence, it is the owner of the Internet access who is responsible for the use made of this access, and not the computer user.

What's more, it's quite possible that the Internet Protocol address given in your warning does not correspond to the one you currently have. This can be either dynamic or fixed:

  • A dynamic Internet Protocol is one that changes cyclically during your contract.
  • A fixed Internet Protocol is one that remains unchanged during the contract.

Some ISPs allow subscribers to choose between a fixed or dynamic Internet Protocol.

For more information about your Internet Protocol address, please contact your ISP.


Does the graduated response allow intrusion into a private computer?

Under no circumstances. The rights holders' sworn agents carry out searches on public peer-to-peer networks as of the unique fingerprint of each work. When they find that a protected work is being made available on the Internet without their authorization, they collect the public Internet Protocol address of the connection box as of which the work is being made available.


The e-mail address entered in the warning is incorrect or not used, you did not receive the first warning, can the proceedings be cancelled?

No. Failure to receive the first electronic warning does not affect the validity of the graduated response proceedings.

By law, the first warning must be sent by e-mail to the e-mail address provided to Arcom by your Internet Service Provider (ISP). If the e-mail address on the warning is incorrect or out of date, it's probably because the Internet Service Provider hasn't received or updated the change.

You can contact the ISP to have the address corrected in its database. You can then write to Arcom with this information.

I've just received a warning and I don't understand it. How can I comment?

At any time during the graduated response proceedings, you can contact Arcom to make your observations, to be accompanied by our services or, more generally, to ask us your questions.

  • To contact us simply, quickly and free of charge, with the guarantee of a faster response, use one of our forms* provided for this purpose:
  • By post (quoting the file number indicated on the warnings received):

Arcom, for the attention of the member of the Authority in charge of the works protection mission - Confidentiel "réponse graduée" - Tour Mirabeau, 39-43 quai André-Citroën, 75739 PARIS CEDEX 15.

  • By telephone:

From Monday to Friday, from 9am to 12:30pm and from 1:30pm to 5pm, you can obtain general information on the graduated response proceedings and on the measures to be taken, from our telephone advisors by dialing 09.69.32.90.90 (toll-free).

*The information collected via these forms is exclusively intended for use by Arcom's authorized and sworn agents, and will be processed in accordance with the law and decree no. 2010-236 of March 5, 2010. In accordance with the French Data Protection Act of January 6, 1978, you have the right to access and rectify your personal data. The procedure for exercising this right is specified on the form.

What information about me is held by Arcom if I am the subject of a graduated response proceedings?

Arcom receives submissions of a case before the court from collecting and rights breakdown societies and professional defense organizations authorized by the French national data protection agency. Submissions of a case before the court include the date and time of the incident, the subscriber's Internet Protocol address, information on the works and the name of the Internet Service Provider (ISP). When Arcom decides to initiate a graduated response, it demands that the Internet Service Provider concerned provide the subscriber's identity details (surname, first name, company name, telephone number, e-mail address and telephone installation address). Personal data is only processed by authorized and sworn members or agents of Arcom.


Does Arcom collect my Internet Protocol address on the Internet?

No. Arcom does not directly collect your Internet Protocol addresses on the Internet. It is the sworn agents of the organizations representing the rights holders of protected works who carry out searches on public peer-to-peer networks as of the unique fingerprint of each work. When they find that a protected work is being made available on the Internet without their authorization, they collect the public Internet Protocol address of the connection box as of which the work is being made available.

The official reports of offence drawn up in this way are then forwarded to Arcom, which questions the Internet service providers in order to obtain the identity of the Internet access holder responsible for the infringement (article L. 331-14 of the French intellectual property code). The law stipulates that Arcom only obtains data limited to identifying the holder of the Internet contract concerned, which will enable it to send warnings, without any other traffic data or details of end users.

These organizations representing rights holders have received the necessary authorizations from the French national data protection agency to carry out these procedures.


How can I be sure that my identity remains confidential?

Arcom warnings are sent directly to the Internet access holder. Only authorized and sworn Arcom agents have access to Internet users' personal data.


How long does Arcom have the right to keep my personal data?

The length of time data is kept comes under the control of the number of warnings sent.

These time limits were modified by decree no. 2021-1823 of December 24, 2021: data is deleted two months after transmission, unless there is a first warning. They are deleted twenty months after the first warning is sent, in the absence of a repeat offence, and twenty-seven months after the second warning is sent, in the absence of a repeat offence.

However, these new deadlines do not apply to proceedings pending on January 1, 2022, which are being pursued before Arcom by operation of law.

For these proceedings, data will be deleted two months after transmission, except in the event of a first warning. They are deleted fourteen months after the first warning is sent, unless there is a repeat offence in the meantime. They are deleted twenty-one months after the date on which the second warning is sent, unless there is a repeat offence in the meantime.

For further information

Graduated response
Responding to warnings
Respond to warnings (professional contract holders)
Uninstalling peer-to-peer software
Box settings