Germany’s foreign intelligence agency, the BND, usually operates abroad in the shadows – but on Wednesday it found its practices in the dock in Leipzig.

The operator of the world’s largest internet hub has gone to court, claiming BND taps on cables in its Frankfurt data centre are illegal because they also capture German domestic communications.

“We have grave doubts about the legality of the current practice,” said the German Commercial Internet Exchange (De-Cix) in a statement on Wednesday.

“We consider ourselves under obligation to our customers to work towards a situation in which strategic surveillance of their telecommunications only takes place in a legal manner.”

De-Cix says its Frankfurt exchange is the world’s largest, bringing together 1,200 communication lines from around the world: China, Russia, the Middle East and Africa. At peak times the facility – spread across 19 data centres – reportedly consumes more electricity than Frankfurt airport and handles more than 6 terabits of data per second.

At crucial points, however, the BND has inserted so-called “prism” devices into the fibre-optic cables, diverting a copy of all data to BND servers.

Company lawyer Sven-Erik Heun accused the BND, and the federal interior ministry that oversees its work, of “choosing the biggest pond to go fishing in”.

De-Cix management said its lawsuit, at Germany’s highest administrative court, is about seeking “judicial clarification and…legal certainty for our customers and our company”.

‘Accomplice’

A member of the company management board, Klaus Landefeld, is more outspoken, telling the Süddeutsche Zeitung daily that the firm did not want to be an “accomplice” to mass BND surveillance.

De-Cix – a consortium with members that include Deutsche Telekom, the former German state telecoms company, Google and Ebay – says it feels bound by article 10 of the German post-war constitution guaranteeing the privacy of communications.

German wiretap laws allow the BND to capture foreign communications passing through German territory. In the 1990s, however, Germany’s constitutional court outlawed widespread data dragnets, obliging the BND to capture data in a targeted way – and no more than 20 per cent of total traffic.

In addition, BND is forbidding from intercepting German citizens’ communications. Yet the prism technology, said to be in use in the Frankfurt data centre since 2009, copies everything, and is unable to separate foreign and domestic communications. The BND says it uses data filters for this, but there is no independent confirmation that this is the case.

The German agency is not alone in such practices, with whistleblower Edward Snowden revealing widespread communications tapping both by US and UK intelligence services.

Major junctions

Having one of the internet’s major junctions on its territory has made life easy for Germany’s BND. And a former intelligence chief has warned that without telecommunication surveillance in Frankfurt and elsewhere the BND could “close up shop”.

Yet Germany’s history of two 20th century dictatorships has left mass surveillance a sensitive issue, particularly after the Snowden revelations. That the BND is sucking up the world’s communications – and possibly sharing them with partner agencies including the BND in the US – has seen the opposition Green Party lead calls for more moderate data surveillance.