In order to obtain a copy of the NSA’s XKeyscore software, Germany’s domestic intelligence agency agreed to hand over metadata of German citizens it spies on.
According to documents seen by the German newspaper Die Zeit, after 18 months of negotiations , the US and Germany signed an agreement that would allow the German domestic intelligence agency (BfV) to get a copy of Xkeyscore, and use it for the analysis of data gathered in Germany.
This was a lower level of access compared to the non-US “Five Eyes” nations—the UK, Australia, Canada, and New Zealand—which had direct access to the main XKeyscore system. In return for the software, the BfV would “to the maximum extent possible share all data relevant to NSA’s mission.”
Unlike Germany’s foreign intelligence service, the BND, the domestic-oriented BfV does not employ bulk surveillance of the kind also deployed on a vast scale by the NSA and GCHQ.
Instead, it is only allowed to monitor individual suspects in Germany, and even to do that must obtain the approval of a special parliamentary commission.
Because of this targeted approach, BfV surveillance is mainly intended to gather the content of specific conversations, whether in the form of emails, telephone exchanges, or even faxes, if anyone still uses them.
Inevitably, though, metadata is also gathered, but as Die Zeit explains, “whether the collection of this data is consistent with the restrictions outlined in Germany’s surveillance laws is a question that divides legal experts.”
The BfV had no problems convincing itself that it was consistent with Germany’s laws to collect metadata, but rarely bothered since all analysis was done by hand before 2013, even though metadata by its very nature lends itself to large-scale automated processing.
This explains the eagerness of the BfV to obtain the NSA’s XKeyscore software after German agents had seen its powerful metadata analysis capabilities in demonstrations.