The government insists that it has added new privacy safeguards to its planned web surveillance legislation - but critics say the changes don't go anywhere near far enough.
The Investigatory Powers Bill published today sets out the powers available to UK police and spies to gather data online: among its most controversial elements is the requirement for tech companies to store the internet history of their customers for 12 months.
The draft version of the bill, published in November, met with stinging criticism from the three separate parliamentary committees for being unclear and lacking in privacy protections. They had also raised questions about the need for storing so much data about the web surfing of the general public - and the power of spies or police to commit mass hacking of IT infrastructure to get at information.
The Home Office said the bill has been revised to reflect the "majority of the committees' recommendations". It insisted the legislation is now clearer with tighter technical definitions and strict codes of practice setting out exactly how the powers in the bill will be used.
Home Secretary Theresa May said: "We have strengthened safeguards, enhanced privacy protections and bolstered oversight arrangements," and the legislation will now be examined by Parliament with the aim of it becoming law by the end of 2016.
"Terrorists and criminals are operating online and we need to ensure the police and security services can keep pace with the modern world and continue to protect the British public from the many serious threats we face," she said.
One change in the bill slightly clarifies the government's position on encryption, making it clear that companies can only be asked to remove encryption that they themselves have applied, and only where it is practicable for them to do so. "The government is not asking companies to weaken their security by undermining encryption," it noted.
However, privacy campaigners remain unimpressed. Gus Hosein, executive director of Privacy International said that while the Intelligence and Security Committee called for a new chapter consolidating and strengthening privacy in the bill, the Home Office has responded by adding one word in the title of part one of it.
"It would be shameful to even consider this change cosmetic. The bill published today continues to adhere to the structure and the underlying rationale that underpinned the draft IP bill, despite the criticism and lengthy list of recommendations from three parliamentary committees," he said.
Hosein said the continued inclusion of powers for bulk interception and bulk equipment interference - hacking - leaves the right to privacy dangerously undermined and the security of the UK's infrastructure at risk.
"Despite this, the Home Office stands by its claim that the bill represents 'world-leading' legislation. It is truly world-leading, for all the wrong reasons," he said.
Director of Liberty Shami Chakrabarti pointed out that less than three weeks ago, MPs advised 123 changes to the draft bill because the powers were too broad, safeguards too few and crucial investigatory powers entirely missing.
She said: "Minor Botox has not fixed this bill. Government must return to the drawing board and give this vital, complex task appropriate time. Anything else would show dangerous contempt for parliament, democracy and our country's security."
And Kate Allen Amnesty International UK's Director, said it "beggars belief" that the government is "blundering on with its snooping power-grab" completely disregarding the concerns raised by the parliamentary committees, the UN and tech firms like Apple.
"By rushing the supposed 'redraft' of this huge and complex bill through an impossibly short timetable, the government is showing contempt for parliament - every one of the three committees of parliamentarians who have considered their plans told them they needed serious work," she said.
Read more on web surveillance
- The government's encryption plans remain impossible to decipher
- The new art of war: How trolls, hackers and spies are rewriting the rules of conflict
- Inside the secret digital arms race: Facing the threat of a global cyberwar
- Surveillance laws need rethink, but bulk collection of web data will continue
- The undercover war on your internet secrets: How online surveillance cracked our trust in the web
- The impossible task of counting up the world's cyber armies
- Encryption: More and more companies use it, despite nasty tech headaches