Details of internet use in the UK will have to be stored for a year to allow police and intelligence services to access it, under government plans.
Records will include people's activity on social network sites, webmail, internet phone calls and online gaming.
Home Secretary Theresa May said the change was needed to keep up with how criminals were using new technology.
But senior Tory David Davis said it was "incredibly intrusive" and would only "catch the innocent and incompetent".
The Communications Data Bill has been published in draft form - but the government faces a battle to get it through Parliament intact, with Lib Dem MPs and Conservatives such as Mr Davis calling for it to be watered down or abandoned altogether.
Restrictions are likely to be placed on the types of phone and internet data local councils can access in an effort to win over critics, but the proposals have still been branded a "snooper's charter" by civil liberties campaigners.
Rachel Robinson, policy officer for Liberty, said: "It's good that local councils won't be able to watch the entire population but even law enforcement should be targeting suspects - not all citizens.
"Just like the internet, any private home can be a crime scene, but should we install hidden cameras and microphones in every bedroom in the land?"
Under current legislation, communications companies must keep phone records and information about messages sent via their own email services for 12 months.
The new proposals would require UK communications companies to keep details of a much wider range of data, also including websites visited, although pages within sites would not be.
Mrs May told BBC Breakfast: "It's not about the content, it's not about reading people's emails or listening to their telephone calls.
"This is purely about the who, when and where made these communications and it's about ensuring we catch criminals and stop terrorists."
The police and security services are concerned that criminals and terrorists are increasingly evading detection by using social media and online gaming sites to communicate with each other. HM Revenue and Customs will also be able to access data under the proposed new rules.
Officers would still need to obtain a warrant to gain access to the content of the online communication.
But the government would be able to request any service provider to keep data about internet usage, although initially it will involve about a dozen firms including BT, Virgin and Sky.
Peter Davies, head of the Child Exploitation and Online Protection (CEOP) Centre, said his unit received 1,500 referrals a month from people concerned that children were being abused but investigators were being "stymied" by not being able to access the communications data they needed to see.
The Home Office estimates its plans for wider collection of data will cost £1.8bn over the next 10 years - but claims it will save up to £6.2bn over the same period through more efficient investigations and greater criminal asset seizures.
The previous, Labour, government was forced to abandon plans to store every citizen's internet data on a single, giant database following protests - and Mrs May says she has no plan to resurrect this idea.
The proposals will be subject to scrutiny by a joint parliamentary committee before the effort to bring the measures through Parliament and into law begins in earnest.
Metropolitan Police Commissioner Bernard Hogan-Howe, writing in the Times, said having greater powers to access data was essential in waging a "total war on crime" - and he warned that police risked losing the fight against crime unless MPs passed a law enabling them to collect more communications data.
The Met police chief wrote: "Put simply, the police need access to this information to keep up with the criminals who bring so much harm to victims and our society."
Tory backbencher David Davis, a former shadow home secretary who fought a by-election in the last Parliament on the issue of civil liberties, described the proposals as "incredibly intrusive".
He said the ban on local authority officials accessing data was "important but minor".
He told BBC Radio 4's Today programme: "If they really want to do things like this - and we all accept they use data to catch criminals - get a warrant. Get a judge to sign a warrant, not the guy at the next desk, not somebody else in the same organisation.
"The only people who will avoid this are the actual criminals, because there are ways around this - you use an internet cafe, you hack into somebody's wi-fi, you use what's called proxy servers, and they are just the easy ways."