Theresa May accused of launching 'major attack on privacy' amid plans to give access to citizen's internet usage without a warrant

Sign up for the View from Westminster email for expert analysis straight to your inbox

Get our free View from Westminster email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Theresa May was accused of overseeing a “breath-taking attack” on privacy as she set out plans to give the police and security services the power to access records of every Briton’s use of the internet without requiring a warrant.

The Home Secretary won praise from political rivals for abandoning elements of the “snooper’s charter”, which was blocked during the Coalition Government, and for giving judges a key role in approving surveillance exercises.

But she came under fire from civil liberties groups over moves to force communications companies to hold data about internet use for up to 12 months and to require them to help spies to hack into suspects’ smartphones and computers. Critics raised fears that the bulk collection could leave huge tranches of personal information vulnerable to attacks similar to the hacking last week of TalkTalk’s customer database.

The draft Investigatory Powers Bill will overhaul the existing legislation, putting all hacking and bugging by the state on a statutory basis. The move reflects widespread agreement that current laws are outdated because of technological advances. It is also a response to pressure for the Government to be more transparent about surveillance after Edward Snowden’s revelations about mass “data-mining” exercises by GCHQ.

Ms May told the Commons the proposed Bill would provide some of the “strongest protections and safeguards anywhere in the democratic world”. She said: “There should be no area of cyberspace which is a haven for those who seek to harm us, to plot, poison minds and peddle hatred under the radar.”

The measures were backed by the shadow Home Secretary Andy Burnham, potentially putting him at odds with Jeremy Corbyn. He agreed the proposed Bill was not “a plan for mass surveillance”.

Nick Clegg, who as Liberal Democrat leader blocked the snooper’s charter, said the revised proposals were much improved, but warned: “I have a feeling that under the bonnet it still retains some of the flaws of its predecessor.”

Ms May announced a new “double lock” approval system under which agencies are allowed to see the content of communications or bug telephone calls. Initial approval would be given by a Cabinet minister – usually the Home Secretary – but have to be approved by a “judicial commissioner”, a security-cleared senior judge. The only exception would be in operations deemed urgent because lives could be put at risk without rapid action. Web and phone companies would retain “internet connection records”, listing websites visited but not every page visited, for a year.

The security services, police and other public bodies – but not local councils – would be allowed to examine the information on the authority of a senior officer. There would be no need for ministerial or judicial approval.

The companies would also be legally required to assist the authorities in “giving effect to equipment interference”, such as hacking operations to download the contents of a mobile phone’s memory. All police forces will be permitted to use the tactic under the new regime, with a code of practice to regulate the “more sensitive and intrusive techniques”.

Liberty said the Bill gave extensive new powers to the authorities to track and hack private information with few privacy safeguards. It said the promise of judicial approval of surveillance warrants would in practice amount to a “rubber-stamping exercise”.Its director, Shami Chakrabarti, said: “This long-awaited Bill constitutes a breath-taking attack on the internet security of every man, woman and child in our country. We must now look to Parliament to step in where ministers have failed, and strike a better balance between privacy and surveillance.”

Anne Jellema, chief executive officer of the Web Foundation, said: “The Bill seeks to introduce mass surveillance of every Briton’s internet connection records without warrants, something which should be unthinkable in a modern democracy.”

She said the requirement for firms to store records of every citizen’s computer use was “deeply misguided and is neither necessary nor proportionate. It will hurt UK businesses, create new vulnerabilities for criminals to attack, and ride roughshod over the right to privacy.”

The Green MP Caroline Lucas said: “The cosy consensus on surveillance that appears to have taken hold in Westminster is troubling. Many of the aspects of this Bill need far more scrutiny.”