(de-news.net) – As part of a new political debate over proposed German cybersecurity reforms that would expand the powers of multiple security agencies to respond to cyberattacks, some officials criticize the plan for unclear competencies and risks of fragmented authority, while others call for a more centralized, legally defined structure with stronger accountability and clearer operational mandates, alongside broader reforms of intelligence law and cybersecurity governance.

Within parts of the political establishment, some level of doubt has emerged regarding federal government plans to authorize multiple security agencies to respond directly to cyberattacks, with critics warning that an expansion of competencies across numerous institutions could create uncertainty rather than improve operational effectiveness. In statements made to several media organizations, Sebastian Fiedler, the SPD parliamentary group’s spokesperson for home affairs policy, argued that extending such authorities to a broad range of agencies was ultimately unpersuasive from both an organizational and strategic perspective. Instead, he maintained that overlapping jurisdictions, institutional interfaces, and ambiguities in operational responsibility should be kept to a minimum.

In Fiedler’s view, the state should concentrate resources and expertise within a limited number of highly capable institutions that could be comprehensively equipped to repel cyberattacks effectively during emergency situations. Fiedler further indicated that the ongoing parliamentary process would still need to determine whether the Federal Police should be granted these operational powers alongside the Federal Criminal Police Office (BKA), suggesting that the division of authority between the agencies remained unresolved.

Pressure mounts for legally binding rules

Significant concerns about the Government’s proposed cybersecurity legislation were also raised by Konstantin von Notz, deputy chair of the Green parliamentary group. According to his assessment, the draft legislation failed to define with sufficient precision which authorities would exercise particular competencies and how those powers would be implemented in concrete operational scenarios. He additionally stressed that the legal and political accountability for retaliatory measures directed against hostile digital infrastructure had to be clarified beyond doubt, particularly given that the attribution of cyberattacks is often uncertain or contested. In that context, von Notz argued that any offensive or disruptive cyber response required an unambiguous chain of responsibility before implementation could be considered legitimate.

Beyond his criticism of the immediate draft legislation, the Green politician advocated a broader restructuring of Germany’s security and intelligence framework in the digital sphere. Among the reforms he supported were a comprehensive modernization of intelligence law, the introduction of clear and binding legal standards governing the activities of security agencies in digital operations, and a constitutional amendment that has long been under discussion and is intended to strengthen the Federal Office for Information Security (BSI). These proposals were presented as necessary components of a more coherent and legally defined cybersecurity architecture.

According to several media reports, the government’s wider plans for reorganizing Germany’s cyber defense capabilities extend considerably beyond the authorities publicly outlined on Wednesday by Interior Minister Alexander Dobrindt for the BKA and the Federal Police. Media accounts citing an Interior Ministry document indicated that the Federal Office for the Protection of the Constitution (BfV) is also expected to receive powers enabling it to interfere disruptively with the infrastructure used by cyberattackers. The reported proposals allegedly include measures aimed at manipulating attack tools in order to prevent damage, as well as the deployment of deceptive or misleading information intended to distract, confuse, or divert hostile actors during cyber operations.

Audio: TTSFree