London

Essential surveillance or intrusive snooping? As governments around the world react to the attacks of 11 September and their aftermath with new anti-terrorism legislation, opinion is divided over whether they are striking the right balance between individual privacy and national security.

The United States, Britain, France and Canada have each prepared such laws, claiming they are needed to track down people who have already committed terrorist acts and to tighten up security. But privacy and other advocacy groups complain that the laws give police and intelligence agencies excessive power to monitor communications, such as use of the Internet, by the population at large.

The USA-PATRIOT Act, signed into law by President Bush on 26 October, for example, does not widen the range of techniques that intelligence agencies can use to intercept and monitor electronic communications — but it makes it easier for the agencies to get legal permission to use the existing techniques.

Under the act, agencies such as the Federal Bureau of Investigation need only show that reading e-mail or sifting through records of electronic traffic held by Internet service providers is “relevant to an ongoing criminal investigation” to obtain this permission from a judge. Previously, they had to convince the judge that the communication to be tapped was linked to actual criminal activity.

In a statement on 11 October, after an initial version of the bill had been passed, Bush said that the new law “respects our constitution” while giving law-enforcement agencies “essential additional tools to combat terrorism and safeguard America against future terrorist attacks”.

But some argue that the act lowers the legal barrier to electronic surveillance too far. “There is an obvious risk to privacy every time the standards for government access to personal data are weakened, and in this legislation standards are being substantially weakened, particularly in intelligence investigation,” says Jim Dempsey, deputy director of the Center for Democracy and Technology, a Washington-based group that advocates privacy on the Internet.

On 15 October, British home secretary David Blunkett outlined a series of anti-terrorism measures which the government intends to make law by the end of the year. They also include rules to allow easier access to records of electronic communication.

Blunkett's proposals would enable Internet service providers to keep extensive logs of e-mail traffic and Internet use, as they often do in the United States; this is currently prohibited by European data-protection laws. British police already have powers to access such records where they exist.

Similar laws just passed in France mean that records from Internet service providers will be made available to police. And the German Bundestag will debate new security legislation on 7 November, although it is not clear whether it will change the rules safeguarding Internet privacy.

A spokesperson for the British Home Office says that some concerns over the proposed powers are misplaced. “This does not mean that we are going to, or indeed want to, look at people's e-mails,” he says. “We're not talking about the content, we're talking about the actual dialogue itself, the record of who communicated with whom.”

Internet service providers also hold lists of the web pages (URLs) visited by individuals. Such data will now be more readily available to US and British law-enforcement agencies. British security agencies will only be allowed access to the 'stem' of the URL (such as www.nature.com), but US law enforcers will be able to identify the specific page.

Privacy advocates claim that the changes are equivalent to monitoring which library books someone borrows, and constitute an infringement of civil liberties. But others point out that this type of record can already be sold to commercial organizations to help them target their marketing.

“If companies are storing some of this data anyway for commercial use, then to argue that it's an imposition to provide it under proper authority to law-enforcement agencies strikes me as specious,” says James Lewis, director of technology policy at the Center for Strategic and International Studies, a Washington-based foreign-affairs think-tank.