Xkeyscore: the secret Germany’s deal with the NSA

An agreement between the German intelligence agency BfV and the NSA allows the access to the XKeyscore platform to return of data on German citizens.

The German weekly Die Zeit disclosed documents that reveal how the German Intelligence did a deal with the NSA to get the access to the surveillance platform XKeyscore.

Internal documents show that Germany’s domestic intelligence agency, the Federal Office for the Protection of the Constitution (BfV), received the software program XKeyscore from the NSA in return of data from Germany.

Back in 2o11, the NSA demonstrated the capabilities of the XKeyscore platform of the BfV agency. After two years of negotiation, the BfV signed an agreement to receive the NSA spyware software and install it for analyzing metadata collected on German citizens.

In return, the German Agency promised to share metadata collected.

The NSA tool collects ‘nearly everything a user does on the internet’, XKeyscore gives ‘widest-reaching’ collection of online data analyzing the content of emails, social media, and browsing history.

In 2013, documents leaked by Edward Snowden explained that a tool named DNI Presenter allows the NSA to read the content of stored emails and it also enables the intelligence analysts to track the user’s activities on Facebook through a system dubbed XKeyscore.

According to Die Zeit, the document “Terms of Reference” stated: “The BfV will: To the maximum extent possible share all data relevant to NSA’s mission”.

The BfV didn’t provide the details of the agreement to Germany’s data protection commissioner, nor it informed the Parliamentary Control Panel.

The report highlights that Bundesnachrichtendienst BfV is not allowed to set up a mass surveillance activity, differently from the BND, instead it can spy suspect individuals.

The agreement with the NSA doesn’t allow BfV to spy on American suspect individuals.

“The term US persons includes US citizens, an alien lawfully admitted for permanent residence in the US, groups and associations a substantial number of the members of which are US citizens, or corporations incorporated in the US,” reads the Terms of Reference.

Die Zeit sustains that the agreement “proves what exactly German intelligence agencies give to the NSA in exchange for technical support. We believe it potentially violates the fundamental rights of German citizens, and that the danger of such violations remains clear and present.”

The collaboration between the German Intelligence and the NSA is not new, in April, it was reported that the BND agency had helped the NSA spy on the European Commission and French government with the support of the Deutsche Telekom.

It is important to remark that the access granted to the BfV is a lower level of access compared to the one assigned to the Intelligence agencies belonging to the “Five Eyes” alliance.

Pierluigi Paganini

(Security Affairs – NSA, XKeyscore)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.