Dr Stefan Burbaum, who worked at the BND from 2000 to 2005, said that some Germans were targeted as “office holders”, a legal loophole the spies used to circumvent the law that protects Germans citizens from being spied on by its own intelligence agency.
Normally, the intelligence agencies must overcome high legal hurdles laid out in the so-called “G10 law” to spy on German citizens, including when they live abroad.
Otherwise, information regarding German citizens has to be filtered out from any foreign communications intercepted by the BND.
But the German spies argue that a citizen working for a foreign company abroad is only protected in his private life, not in his professional communications, Burbaum told the Bundestag inquiry committee into National Security Agency (NSA) mass spying.
"The office holder is the legal person," Burbaum said. "It's a small exception. But a German citizen can function as an office holder in a foreign organization.
"The decisive thing is whether he's communicating as a citizen or as an office holder."
“This construct of an office holder is just as absurd in practice as it appears in the law,” Konstantin von Notz of the Green party said.
Further, foreigners' communications conducted abroad are not protected, even if they are in contact with German people or work for a German company.
MPs from the Social Democratic (SPD), Green and Left (Linke) parties all criticized the BND's ability to operate in a “lawless zone” when it came to spying on foreigners.
Under the “G10 Law” the BND is also allowed access to data from German telecoms firms to search for specifically identified suspicious traffic.
But Burbaum told the MPs that the BND regularly retains traffic which it had not received specific permission to investigate which it collects during such trawls.
In this way, access acquired under the “G10 law” becomes a “foot in the door” to otherwise closed-off sources of data, Burbaum said.
Don't spy on us
Meanwhile, the Süddeutsche Zeitung reported on Thursday that the federal government signed a “no-spying contract” with Canadian smartphone makers Blackberry.
German authorities will be able to audit the technology company's software following an announcement in the summer that it will buy Secusmart, the firm which supplies the government – including Chancellor Angela Merkel – with secure mobile phones.
Secusmart and Deutsche Telekom currently have a contract to provide as many as 10,000 secure phones to the government.
The Blackberry deal had until now been blocked by the Ministry of the Economy, who said it might endanger national security.
Revelations by NSA whistleblower Edward Snowden showed that American and British spy agencies the National Security Agency (NSA) and GCHQ regularly force technology companies to grant them access to customers' data.
Under the contract, Blackberry will be forced to reveal to the German government whether it is under any legal or other obligation to provide data or access to foreign intelligence services.
The German Office of Security in Information Technology will also be able to check the source code – a closely-guarded trade secret – of Blackberry's mobile phone software to make sure that it contains no hidden back doors that could be used by foreign spies.