Germany is expanding the mandate of its Federal Intelligence Service, the BND, authorizing it to carry out offensive cyber operations, hack into foreign providers, and amass complete data content for storage periods of up to six months. This legislative shift aims to diminish Berlin’s reliance on U.S. intelligence, foster a more independent capacity to combat cybercrime and terrorism, and align the agency’s practices with European standards.
The revamped legal framework extends the BND’s reach in gathering intelligence on individuals inside Germany itself, encompassing journalists employed by foreign state media outlets. Additionally, the agency will now possess the right to execute residential searches and deploy state-grade “federal Trojan” surveillance software on targeted devices – tools that were once the exclusive domain of domestic law enforcement.
A key provision of the draft law enables the agency to compel access to data held by foreign service providers should they deny cooperation, a move likely to stir tensions with leading American tech firms and their regulators. Historically limited to intercepting data from private individuals residing overseas, the BND will, under the new rules, gain operational latitude to target foreign nationals within German borders based on suspicions of espionage, terrorist activities, or cyber threats.