BERLIN (Reuters) - German lawmakers on Friday approved a law the government says will tighten oversight of the BND spy agency, while critics in a country particularly sensitive to violations of privacy insist the reform does exactly the opposite.

Bruno Kahl, President of the German Federal Intelligence Agency (BND), gives a speech during the presentation of book editions with historic results of the independent Commission of Historians about Germany's intelligence agency at the BND's headquarters in Berlin, Germany October 6, 2016. REUTERS/Fabrizio Bensch

The most controversial section of the law is a clause allowing the Bundesnachrichtendienst to intercept communications of foreign entities and individuals on German soil and abroad which pass through a major internet exchange point in Frankfurt.

The government says this is necessary to detect possible militants planning attacks in Germany or Europe.

“How do we want to find terror suspects? How do we want to detect them if not through those means?” asked Clemens Binninger a lawmaker with Chancellor Angela Merkel’s conservative party.

The legal changes have alarmed some Germans who attach great importance to privacy amid lingering memories of the Nazi Gestapo and old Communist East Germany’s Stasi security police.

The law stipulates that through this activity it cannot be ruled out that the communications of German citizens and entities could also be accidentally intercepted, a major shift for the BND, which had been forbidden from spying on Germans.

The Greens have threatened to petition Germany’s highest court and the European Court of Justice to repeal the reform, saying it infringes on Germans’ right to privacy.

“Our constitution, basic and human rights laws are not an obstacle to the fight against terrorism,” said Green lawmaker Konstantin von Notz.

Lawmaker Martina Renner of the hard-left Left party said filters used by the BND are not reliable enough to discern messages sent by foreigners from those of Germans.

NO LIMIT

DE-CIX, the Frankfurt-based operator of the world’s largest internet exchange point, in September filed a suit at a court in Leipzig against the government, branding the legislation illegal.

Until now, the BND could only monitor up to 20 percent of traffic at one exchange point. The new law removes the cap, giving the agency access to all traffic.

“We want a judicial clarification and legal security for our clients and companies,” said a spokesman for DE-CIX.

The BND has been in the limelight after scandals that embarrassed Merkel, including revelations that the agency had helped the U.S. National Security Agency (NSA) spy on European allies.

The new law bans the BND from spying on countries in the European Union and its citizens, as well as EU institutions, except in the case of suspected terrorist activity.

It also requires the BND to submit requests for cooperation with other spy agencies with a parliamentary committee and bans the agency from carrying out industrial espionage.

It requires the head of the BND, the chancellor’s office and an independent panel of judges to approve strategic foreign espionage activities.

Critics also chafe at what they call ambiguous formulations of the conditions under which the BND is required to conduct spying activities.

Under old rules, fighting criminality, war, terrorism and cyber attacks were threats that the agency was mandated to monitor. Now, its mandate includes the “early interception of dangers”.