Well I went to check the german original, and its not that broad.
The law makes it illegal to
* steal, sell, distribute passwords or other means to gain unauthorized access
* gain illegal access to computers or information
* use of software whose primary goal is to gain illegal access or sabotage computers. the law has an addendum covering the fact that many tools are also used for research, debugging, legitimate security testing etc.
It seems to me that many countries already have laws like this, but it seems germany didnt. WHich explains why so many hacker groups are based in germany
It might be a bit overkill but i understand the problem law enforcement has.
In our day of identity theft, people using palm computers to bypass car alarms or security systems, trojan malware being installed on peoples pc ad used to attack servers etc. you have the problem that if you catch someone in front of someone's house with security hacking tools there was nothig illegal with that. Neither was it illegal to own a laptop which had a list of 10000 credit card umbers, it seems... Neither was it illegal to by some device install spyware or backdoors on other people's pcs - no law covered these.
On the other hand there is something to be said for not-quite-legitimate use of tools to reverse engineer device communications (to create drivers for linux, make fixes or improvements the manufacturer should have done, test the security) - but i think in all those cases the difference would be you use the tools against systems you own or have legitimate use (contracted by work to do it etc)
It's a tricky act to balance