German Intelligence Service to Gain Expanded Powers for IT Surveillance and Cyber Operations

Germany's federal government is advancing legislation that would significantly expand the surveillance and cyber capabilities of the Federal Intelligence Service (BND). The proposed law aims to provide the BND with broader authority to monitor and store internet traffic at major network hubs, as well as to conduct active operations against large IT companies when deemed necessary for national security.

At the heart of this proposal is an overhaul of existing surveillance policies at the Frankfurt-based DE-CIX, one of the world's largest internet exchange points. Currently, the BND is permitted to collect and analyze only metadata from communications for a limited time. The planned changes would allow the agency to store up to 30 percent of all data traffic passing through DE-CIX--including the full content of emails, chats, and voice calls--for up to six months. This stored data would then be subject to further analysis for intelligence purposes.

The legislative draft also introduces a two-phase approach to data handling. In the first phase, the BND would collect and store bulk data. In the second phase, analysts would review the information to extract relevant insights. This represents a significant shift from the current system, where only targeted searches using predefined keywords are conducted in real time.

The government contends that the new measures are necessary to reduce reliance on intelligence provided by foreign partners, particularly the United States' National Security Agency (NSA). By enhancing its own surveillance infrastructure, the BND would be able to independently gather information vital to national security.

The proposal further includes provisions for what is known as Computer Network Exploitation (CNE). Under these new guidelines, the BND would receive explicit legal authorization to infiltrate the systems of major international technology companies--such as Google, Meta, or X--if those companies are uncooperative with official data requests. This capability would extend to IT infrastructure located within Germany in cases where such actions are required to counter hostile cyber threats.

Another notable aspect of the draft law is the expanded definition of surveillance targets. The BND would be allowed to monitor foreign officials operating in Germany, including those with diplomatic status, as easily as they do abroad. The measure also seeks to differentiate between independent journalists and staff employed by state-controlled media organizations in authoritarian countries. According to the government, employees of such outlets may not be entitled to the same source protection as their independent counterparts, as they are sometimes viewed as acting on behalf of foreign intelligence services.

The proposed legislation also grants the BND the authority to enter private residences to install surveillance software, such as so-called 'state trojans', for intelligence gathering purposes. This builds on previous amendments to the BND Act, which already permit the agency to hack into foreign telecommunications systems and IT infrastructure operated by service providers.

Supporters of the reform argue that these changes align German intelligence practices with those of other European countries and reflect the evolving nature of cyber threats. However, the expansion of surveillance powers and the potential for domestic IT infrastructure infiltration has sparked debate among civil liberties advocates, who warn of possible infringements on privacy and press freedoms.

The government maintains that the updated legal framework is essential for protecting Germany's digital infrastructure and ensuring an effective response to complex international cyber risks. The legislative process is ongoing, with further discussion and potential amendments expected before any final implementation.