[mortov]

Technicalities such as whether actions are 'legal' are of little concern to the UK Security Service (their real name - for some reason, they don't like to use their initials publicly as other departments do).

There is absolutely no possibility of any court review (not even in the new secret courts the UK has started for trials [1]) so debate about ensuring legislative cover is pure theatre probably to bolster the only press statement they ever release in response to questions which always states their actions are legally authorized and nothing else.

What this really looks like is a move to shift the data storage burden away from CGHC offices and place it onto ISPs, Telco's etc. Direct access can then be made to the data without any of the associated costs of maintaining multi-PB databases which grow at eye-watering rates every day.

Passing this legislation is a simple government way of saving them money and passing the cost on to business as a 'compliance requirement'.

They also get the added bonus of plausible deniability - 'don't be crazy - the Government does not store that sort of information on you!'. They don't - they force your ISP to keep if for them.

Sadly the UK seems a great starting point for such measures - experience is people are gullible and swallow the anti-terrorist cool-aid more easily than most.

[1] http://www.theguardian.com/law/2013/jun/14/what-are-secret-c...