From Counterintelligence to Domestic Control: The Strategic Logic of Germany’s BND Expansion

According to the German chancellor’s plans, Germany’s Federal Intelligence Service (BND) is expected to significantly expand its surveillance capabilities. Particular attention will be devoted to internet communications transmitted from Germany abroad, which are to be added to the agency’s monitoring catalogue. Such internet communications will now be stored for six months, including their content — not merely metadata that tracks links between specific participants.

Against this backdrop, experts are comparing the BND’s forthcoming capabilities to the practices of East Germany’s former secret police, the Stasi — control through the total collection of data aimed at neutralizing dissent — and are also recalling the scandal surrounding the U.S. National Security Agency’s use of surveillance programs such as PRISM and XKeyscore. It is further assumed that the BND may be granted authority for so-called “legal hacking” of digital platforms such as X, Google, and Meta under the pretext of cybersecurity.

Commenting on the planned expansion of the BND’s powers, observers suggest that the agency’s targets could also include opposition parties and politicians, Eurosceptics, critics of the EU’s climate policy, journalists associated with “authoritarian” media outlets, and others. Chancellor Friedrich Merz is being accused of hypocrisy, given that Germany publicly opposes the EU’s Chat Control initiative while quietly expanding surveillance capabilities directed at its own citizens.

It is also assumed that the BND will soon play a more significant role internationally and operate more independently from U.S. intelligence services. Overall, Germany’s leadership appears determined to take a more active seat at the chessboard of global intelligence networks. At the same time, it is expected that, in practice, the BND’s surveillance will be directed to a greater extent at Germany’s own citizens, since the agency’s technical and кадрові (personnel) resources are insufficient for sustained operations at the international level.

The planned expansion of BND surveillance should be understood not as a narrow technical upgrade, but as a structural reform of Germany’s internal power architecture. It reflects a dual strategic impulse:

1. Reinforcing state resilience amid “permanent crisis” conditions (war in Europe, sabotage threats, disinformation, mass polarization, cyber insecurity).
2. Rebuilding intelligence sovereignty—Germany’s long-term ambition to become a more independent intelligence actor rather than a junior partner in U.S.-centric architectures.

What makes the reform politically explosive is that these two agendas overlap with a third, unofficial logic: pre-emptive domestic political control, justified through security language.

Why now: drivers of the reform timing

A) Germany’s “threat inflation” environment

Germany’s leadership is acting under a strategic assumption: Europe is entering a long period of instability, where crises (Ukraine, sabotage, cyber, extremism, migration pressure, industrial espionage) will be continuous rather than episodic.

In such an environment, governments typically do three things:

• expand the intelligence budget
• broaden legal authorities
• normalize exceptional surveillance tools

The six-month retention of internet communication content signals a move toward anticipatory governance: collect first → interpret later → act early.

B) Anticipation of hybrid attacks and infrastructure sabotage

Germany faces increasing risks of:

• infrastructure disruption (energy, transport, telecom)
• cyber intrusions into strategic sectors
• covert foreign operations aimed at destabilization

If Berlin believes the next phase of confrontation is “silent war”, then an intelligence reform is the logical response. This is the “public reason”: modernization for cybersecurity and counter-hybrid defense.

C) Domestic political stress: polarization and legitimacy erosion

Germany’s political system is under heavy strain:

• protest movements (far-right and far-left)
• EU skepticism
• climate-policy backlash
• mistrust of institutions

From a state perspective, this environment creates a priority: monitor the drivers of unrest before they metastasize.
Hence observers fear the functional mission will shift: from “foreign intelligence” toward “internal political security.”

Goals of the reform: what Berlin is trying to achieve

Goal 1 — Strategic intelligence autonomy

A major long-term aim is for Germany to operate more independently in intelligence:

• reduce reliance on U.S. infrastructure and signals access
• build German-controlled collection capabilities
• increase Berlin’s influence inside the European intelligence ecosystem

This is part of the wider European trend: strategic autonomy, not just in defense procurement but also in intelligence.

Goal 2 — Full-spectrum digital collection

The reform reflects the belief that modern threat actors do not operate “in public.”
They operate:

• via encrypted apps
• in private platforms
• through cross-border internet traffic

So the reform’s implied doctrine is:

If you cannot access digital space at scale, you cannot defend the state.

This explains the conceptual leap from metadata to content retention.

Goal 3 — Pre-emption: stop threats before they materialize

Germany is moving from reactive intelligence toward predictive intelligence:

• mapping networks early
• building behavioral profiles
• detecting mobilization patterns
• disrupting logistics and communications

That is the classic architecture of “security state” reform—especially in democracies during crisis cycles.

Goal 4 — Political stability management (unspoken goal)

This is the core controversy.

Once surveillance is expanded, the state can “rationally” widen targets:

• opposition parties
• protest networks
• journalists and alternative media ecosystems
• actors labeled “extremist,” even if the definition is politically elastic

Therefore critics compare the model to Stasi logic, not because Germany becomes the GDR, but because:

mass collection creates the infrastructure for political misuse—even if intentions are initially defensive.

The operational shift: what changes in practice

From “foreign collection” to “citizen-centric monitoring”

Because Germany’s resources are limited, there is a real risk of mission drift:

• international intelligence work is expensive (language skills, overseas networks, long-term HUMINT)
• domestic digital monitoring is cheaper and produces immediate output

So, in practice, the path of least resistance is internal focus—especially during election cycles.

“Legal hacking” as a strategic threshold

If “legal hacking” becomes normalized, this is not just surveillance—it’s offensive cyber authority.

The moment intelligence services can intrude into:

• platforms
• accounts
• devices

…the reform becomes a transformation of the BND from collector to active actor in digital space.

That’s why parallels are drawn with PRISM/XKeyscore: not as identical systems, but as similar philosophy of total collection.

Consequences: what this reform leads to

Domestic consequences

1. Chilling effect on society
   Expanded monitoring changes behavior:

• journalism becomes cautious
• dissent becomes riskier
• politics becomes more conformist

2. Trust crisis
   Even the perception of political surveillance can delegitimize institutions.
3. Election manipulation through security framing
   A government can justify extraordinary measures by linking opponents to “foreign influence” narratives.

International consequences

1. Germany’s elevated role in EU intelligence
   Berlin aims to become a more decisive node in European intelligence.
2. Tension with U.S. intelligence ecosystem
   More independence can mean less automatic U.S. access—and political friction in NATO intelligence sharing.
3. A European precedent
   If Germany normalizes expanded surveillance, it can become a model for other EU states, accelerating Europe-wide internal security tightening.

Strategic conclusion

The BND reform is best interpreted as a strategic modernization project that also creates a political control capacity.

Public framing: cybersecurity and state protection.
System effect: a more centralized security apparatus and weaker privacy barriers, with increased risk of politically selective application during turbulence.

Germany’s planned expansion of BND powers sits at the intersection of EU privacy law, EU cybersecurity and resilience policy, and (more controversially) the stalled-but-not-dead EU “Chat Control”/CSAM regulation debate. The correlation is not one-to-one, but the same political logic is driving all three: governments are trying to regain visibility in encrypted/digital space during an era of hybrid threats and “permanent crisis.”

What EU law governs this space?

A) GDPR (data protection)

GDPR applies to handling of personal data, but intelligence/national security has broad exemptions because it is largely treated as member-state competence. So GDPR does not block intelligence expansion in a decisive way—though it shapes standards and litigation.

B) ePrivacy framework (confidentiality of communications)

The EU’s ePrivacy rules protect confidentiality of communications, but there are carve-outs and limitations, and intelligence services typically operate under national security exceptions.

C) EU Charter of Fundamental Rights

Even if national security is a member-state domain, surveillance measures must still be compatible with fundamental rights principles (proportionality, necessity, legal clarity). This is why the German debate invokes historical comparisons (Stasi/NSA).

Correlation with EU Preparedness / civil protection

The Orbán-related controversy you described (72-hour kit, iodine tablets, alarms, shelters) is linked to the EU Commission’s Preparedness Union Strategy, which explicitly encourages readiness for multiple threats: natural disasters, cyberattacks, geopolitical crises, armed aggression. 

How this connects to the BND reform:

• EU preparedness policy is the societal resilience layer
• BND expansion is the intelligence/security layer
• both are justified through the same meta-argument: Europe must treat crisis as structural, not exceptional

So: civil preparedness ≠ surveillance, but they are part of the same broader “Europe hardens itself” doctrine.

Correlation with EU cybersecurity legislation

Here correlation is stronger.

EU policy increasingly expects member states to harden:

• critical infrastructure
• cyber incident response capacity
• cross-border threat intelligence sharing

Germany’s argument that BND needs broader SIGINT and hacking capabilities is aligned with this trend. In fact, reporting on the draft reform explicitly frames it as enabling full-content interception and offensive hacking authorities. 

Important nuance: EU law doesn’t “order” Germany to do this — but EU security pressure creates political cover for states to expand.

The uncomfortable link: EU “Chat Control”

This is the most politically toxic connection.

What is Chat Control?

The CSAM regulation debate is about scanning digital communications to detect child sexual abuse material. The Council reached a negotiating position in late 2025. 

Germany publicly positioned itself as opposing mass scanning, calling such proposals taboo in a constitutional state. 

So why the “hypocrisy” claim appears

Because critics see a paradox:

• Berlin says EU-level mass scanning is unacceptable
• while Germany expands national-level interception + retention + hacking powers for BND 

In other words: Germany rejects EU centralized surveillance logic, but may still expand national surveillance infrastructure.

This is how the reform correlates to EU legislation: Berlin rejects EU-wide mandates, while building German sovereign capability.

The strategic interpretation

This reform fits a bigger EU trend:
Europe is moving toward a “security state” posture where:

• resilience is normalized
• surveillance capacity is expanded (even if framed as cyber defense)
• intelligence autonomy becomes a strategic goal

Heise reporting even frames the BND draft as reducing “NSA dependence,” which is part of the EU strategic autonomy ideology. 

So the correlation is not that “EU law forces it,” but:

EU crisis policy creates justification space, while national security remains legally national — enabling Berlin to expand powers domestically even while resisting EU surveillance mandates.