Details of internet use in the UK will have to be stored for a year to allow police and intelligence services to access it, under government plans.
Home Secretary Theresa May said the change was needed to keep up with how criminals were using new technology.
But senior Tory David Davis said it was "incredibly intrusive" and would only "catch the innocent and incompetent".
The Communications Bill is to be published in draft form on Thursday - but the government faces a battle to get it through Parliament intact, with Lib Dem MPs and Conservatives such as Mr Davis calling for it to be watered down or abandoned altogether.
Local authorities are likely to be stripped of their current powers to access phone call data in an effort to win over critics but the proposals have still been branded a "snooper's charter" by civil liberties campaigners.
Rachel Robinson, policy officer for Liberty, said: "It's good that local councils won't be able to watch the entire population but even law enforcement should be targeting suspects - not all citizens.
"Just like the internet, any private home can be a crime scene, but should we install hidden cameras and microphones in every bedroom in the land?"
Under current legislation, communications companies must keep phone records and information about messages sent via their own email services for 12 months.
End QuoteIn the first instance, it is understood this could involve more than a dozen of the UK's biggest communications companies including BT, Virgin and Sky”
The new proposals would require UK communications companies to keep details of a much wider range of data including use of social network sites, webmail, voice calls over the internet, and gaming. Websites visited could be recorded, although pages within sites would not be.
Mrs May told BBC Breakfast: "It's not about the content, it's not about reading people's emails or listening to their telephone calls.
"This is purely about the who, when and where made these communications and it's about ensuring we catch criminals and stop terrorists."
The police and security services are concerned that criminals and terrorists are increasingly evading detection by using social media and online gaming sites to communicate with each other.
Officers would still need to obtain a warrant to gain access to the data.
But the government would be able to request any service provider to keep data about internet usage, although initially it will involve about a dozen firms including BT, Virgin and Sky.
The previous government was forced to abandon plans to store every citizen's internet data on a single, giant database following protests - and Mrs May says she has no plan to resurrect this idea.
Put simply, the police need access to this information to keep up with the criminals who bring so much harm to victims and our society”
Bernard Hogan-Howe Metropolitan Police commissioner
The proposals will be subject to scrutiny by a joint parliamentary committee before the legislative process begins in earnest.
Metropolitan Police commissioner Bernard Hogan-Howe, writing in the Times, said having greater powers to access data was essential in waging a "total war on crime" - and he warned that police risked losing the fight against crime unless MPs passed a law enabling them to collect more communications data.
He wrote: "Put simply, the police need access to this information to keep up with the criminals who bring so much harm to victims and our society."
Tory backbencher David Davis, a former shadow home secretary who fought a by-election in the last Parliament on the issue of civil liberties, described the proposals as "incredibly intrusive".
He said the ban on local authority officials accessing data was "important but minor".
He told BBC Radio 4's Today programme: "If they really want to do things like this - and we all accept they use data to catch criminals - get a warrant. Get a judge to sign a warrant, not the guy at the next desk, not somebody else in the same organisation.
"The only people who will avoid this are the actual criminals, because there are ways around this - you use an internet cafe, you hack into somebody's wi-fi, you use what's called proxy servers, and they are just the easy ways."