Home secretary Theresa May faced stern criticism when appearing before a special select committee of MPs and peers hearing pre-legislative evidence on the Draft Communications Data Bill.
The committee said her £1.8bn internet monitoring proposals will be a "honeypot for hackers and criminals around the world", according to the Guardian.
But the home secretary (pictured) revealed that she plans for the legislation to reach the statute book by 2014 before the next general election and be in effect within a few years.
The draft legislation, which is aimed at making it easier for authorities to spy on electronic communications, requires internet and other service providers to retain records of all communications for 12 months, including emails, web phone calls and use of social media.
The committee heard from senior police officers that the web monitoring plan was a vital operational tool in infiltrating criminal gangs and tackling security threats.
But the proposals have drawn widespread criticism from members of the technology industry, notably Wikipedia founder Jimmy Wales, and civil liberties groups such as Big Brother Watch.
More on the Draft Data Communication Bill
- Draft Data Communications Bill a security risk, says Jimmy Wales
- Draft Communications Bill will be ineffective, says ICO
- Wikipedia founder Jimmy Wales slams Draft Communications Data Bill
- Campaigners slam snooping Communications Data Bill
- Why the Data Communications Bill is proportionate, measured and necessary
Stored sensitive personal data could attract hackers
The parliamentary committee has now also raised concerns that the increase in the storage of sensitive personal data required could lead to invasion of privacy on a new scale, and be open to criminal attack.
Liberal Democrat peer Lord Strasburger described the proposals as a "honeypot for casual hackers, blackmailers, criminals large and small from around the world, and foreign states".
A former Labour minister, Nicholas Brown, said the public were frightened they "were going to be spied on" and that "illegally obtained" information would find its way into the public domain.
Brown supported a call by information commissioner Christopher Graham for the enactment of powers already on the statute book to impose prison sentences of up to 12 months, and not just heavy fines, for those who unlawfully obtain personal data.
In testimony to the Parliamentary committee in mid-October, Graham said the proposed legislation would catch only incompetent criminals and accidental anarchists, but would have little effect on terrorism and serious organised crime.
A week earlier, Jimmy Wales said the proposed Bill would constitute a security risk because it would force many relatively small companies to hang on to data that they would not otherwise retain.
The proposals will create a honeypot for casual hackers, blackmailers, criminals large and small from around the world, and foreign states
Lord Strasburger, Liberal Democrat peer
Access to data required to enforce the law
According to reports, the home secretary has now agreed to look at the detail of the custodial powers specified in sections 77 and 78 of the 2008 Criminal Justice and Immigration Act, and to reconsider a clause that would give her very widely drawn powers to make orders requiring internet and phone companies to hand over an individual's communications records to "relevant public authorities".
Ducking questions about the UK becoming the first democracy to use web monitoring so far only used in China, Iran and Kazakhstan, the home secretary insisted it was a myth that the state was going to read everyone's emails.
"There is a limited scope for the data we want to have access to. We have been very clear about that at every stage. The police would have to make a clear case for requesting access to data when there was an investigation that required it.
"The aim of this is to ensure our law enforcement agencies can carry on having access to the data they find so necessary operationally in terms of investigation, catching criminals and saving lives,” she said.
Police made urgent requests for communications data in 30,000 cases in 2011, and between 25% and 40% of them had resulted in lives being saved, which matters to the public, May told the committee.
Public lack trust in data security promises
Big Brother Watch had earlier published the results of a survey which revealed that only 6% of UK citizens think the government has made a clear and compelling argument for the proposed bill.
In contrast, 71% of more than 1,800 adults polled said they do not trust that the data will be kept secure.
“The public have seen through the scaremongering rhetoric and see the snoopers’ charter for the waste of money that it is,” said Nick Pickles, director of Big Brother Watch.
Instead of spending £2bn on another dodgy IT project, the Home Office should be making sure there are enough police officers with the right skills and equipment to investigate online crime, he said.
“While the real criminals take simple steps to hide their activity, the law would require every single person’s emails and messages to be monitored, and the public are right to be concerned that the data won’t be kept secure,” said Pickles.