The German federal government aims to significantly broaden the authority of security agencies to counter cyberattacks, including threats that originate abroad. The draft bill from the Interior Ministry, reported by “Der Spiegel”, proposes new powers for the Federal Police, the Federal Criminal Police Office (BKA) and the Federal Office for Information Security (BSI).
Under the plan, these agencies would not only detect attacks but also be able to intervene technically. They could reroute or block traffic, shut down systems, and in severe cases delete or alter data. A new paragraph would be added to the Bundespolizeigesetz granting the police “special defensive measures” against hackers. The intervention catalogue would permit disallowing the operation of IT systems or redirecting traffic. If public safety, critical facilities, essential IT systems, or human life are threatened, data could be deleted or modified without the affected parties being notified, provided a court order is obtained. In cases of acute danger, a retroactive order could be secured up to three days later.
The BKA would receive comparable powers, coordinated with foreign security agencies specifically for cyber defence. It would also be granted responsibility for threats of cyber attacks with foreign or security‑policy significance. Previously the BKA could intervene actively only in cases of international terrorism; otherwise it was limited to criminal prosecution. BKA chief Holger Münch had labeled that restriction as “no longer modern”.
The BSI is slated to gain far more authority over the collection, storage and analysis of data, including the ability to search for activities that may prepare an attack. Telecommunication operators and large digital firms would be obliged to provide security‑relevant technical information when ordered and to comply with directives from security authorities. Non‑compliance could lead to fines of up to €20 million.
Key provisions for the draft bill had already been adopted by the federal cabinet in the summer, and Interior Minister Alexander Dobrindt (CSU) announced at the start of the year that Germany intends to confront the growing cyber threat more aggressively.