Proposed new spying laws would ban councils from accessing internet records

Councils will be banned from accessing people's internet records under proposed new spying laws to be unveiled today.

The draft Investigatory Powers Bill is expected to place a requirement on firms to store data related to users' web and social media use for up to a year.

However, it has emerged that local authorities will be prohibited from obtaining internet connection records (ICRs), which include details of the communications services a computer or smartphone connects to, but not a user's full browsing history.

The ban is one of a number of safeguards against abuse of powers to be included in the Bill in a bid to allay privacy concerns.

It will also see a new criminal offence of "knowingly or recklessly obtaining communications data from a telecommunications operator without lawful authority".

It will carry a maximum sentence of two years in prison and will apply to all bodies who can acquire data under the Bill.

Officials stressed it is not intended to cover genuine mistakes or administrative errors, but added that it "makes clear that it is unlawful for councils to access communications data for trivial matters".

Communications data - the who, where, when and how, but not the content - can be requested by town halls to prevent or detect crime.

They are responsible for investigating a range of offences such as scams that target the elderly, rogue trading, environmental offences and benefit fraud.

Laws introduced last year meant council requests for communications data must be signed off by a magistrate.

It had previously emerged that authorities had used snooping powers to spy on dog walkers suspected of not clearing up after their pets and possible breaches of the smoking ban.

A Government source said: "Communications data is an essential tool for the full range of law enforcement activity, including serious offences investigated by local authorities like rogue traders and benefit fraud.

"Sometimes communications data is the only way to identify offenders, particularly where offences are committed online.

"But it is important that people understand that communications data is only ever used in a necessary, proportionate and accountable way.

"That is why the draft Bill contains strengthened safeguards making it clear under what circumstances local authorities can access communications data - and confirms they are banned from obtaining internet connection records."

ICRs are likely to be one of the most closely scrutinised elements of the legislation, which will attempt to bring tactics available to spies and police fighting terrorism and serious crime in the digital age under one legal umbrella for the first time.

Described as the internet equivalent of a phone bill, the ability to obtain the data is seen as crucial as communications increasingly shift online.

Sources insist they will be strongly controlled so authorities will not be able to obtain everyone's full browsing history, with any access "strictly limited and targeted".

ICRs would allow the police to see that a person has visited bbc.co.uk, google.co.uk or facebook.com, but not what articles they have read, searches they have made or profiles they have viewed.

Security services will retain the capacity to intercept the content of communications after obtaining a warrant.

Ministers have ruled out any proposal to restrict encryption or ban it, despite fears that advanced security measures risk leaving authorities locked out of some areas of cyberspace.

The Bill is expected to introduce a role for judges in the process for authorising the more intrusive capabilities, such as interception operations.

An overhaul of the oversight regime will also see a senior judge appointed in a newly created role of Investigatory Powers Commissioner to hold agencies and law enforcement to account.

Parts of the Communications Data Bill, which was torpedoed during the previous coalition government, have been ruled out.

They include sweeping powers to demand UK-based communications service providers (CSPs) should capture and store internet traffic from companies based in the US.