Controversial new powers for the police and security services to snoop on all emails, web visits and phone calls will create a honeypot for hackers the world over, a Liberal Democrat peer has said.
Internet and phone companies will be required to retain records of all communications for a year, creating "a honeypot for casual hackers, blackmailers, criminals large and small all over the world and foreign states", Lord Strasburger said.
His concerns over the "woeful record" that the public and private sector has for protecting data came as the Home Secretary revealed she was considering extending the powers to the troubled UK Border Agency (UKBA).
"There are those (agencies) for which it is possible to make a case," Theresa May said.
"I would cite, for example, the UK Border Agency, and I've already mentioned the Financial Services Authority."
The under-fire UKBA has been heavily criticised by MPs over the last year for losing track of a population of asylum seekers and migrants the size of Cambridge, and for its six-figure backlog of cases involving missing foreign criminals, failed asylum seekers and others.
Lord Strasburger said: "If this Bill were enacted there would be a massive increase in the data being held by every citizen who uses the internet.
"This data would be a honeypot for casual hackers, blackmailers, criminals large and small all over the world and foreign states.
"Given the woeful record of public and private sector organisations in protecting the data they hold from loss or theft, why should the public have any confidence that their private and financial data will remain secure?"
The internet and phone service providers are concerned "about their ability to withstand attacks given the increase in the amount of data and the increase in the attractiveness of this data", Lord Strasburger added.
"The fact that this data is being expanded, and it's going to hold, arguably, some very private data, many people are concerned some of the data will get out there.
"Some experts have told us: 'This data will get out'."
But Mrs May said: "We will be doing everything we can to ensure that that data is held securely as the data is held today.
"CSPs (communications service providers) are holding significant amounts of data about people's communications as we speak, this is not a new concept."
But she admitted they "will be holding more data".
Mrs May went on: "The concept of the private sector holding data and whether that is secure for individuals is not changed by the nature of this Bill.
"Security of data is always a concern for people in their everyday lives in the way in which they use data today.
"It is not the case that suddenly people should start worrying when they don't need to worry today.
"One of my personal concerns is that a lot of people probably don't handle their data in as secure a way as it could be handled."
There will also be sanctions in place for any breaches in relation to the security of the data, she said.
The Home Secretary also said the terms of the Bill needed to be broad to give the police and security services flexibility in future against any advances in technology so they could continue to catch terrorists and serious criminals, saving lives.
But Baroness Cohen warned that in doing this the Home Office was "alarming, perhaps unnecessarily" civil rights groups.
Under the proposals, the records kept for a year will include details of emails, web phone calls and activity on social networking sites - but not their content. And real-time monitoring will not be introduced.
Police, the security services, the new National Crime Agency and HM Revenue and Customs (HMRC) will be able to access the data, but the draft Bill also gives the Home Secretary the power to extend access to others, such as the UKBA.
Ministers insist the reforms will enable law enforcement agencies to keep track with modern technology that is being exploited by terrorists and criminals.
But critics including civil liberty groups claim the move compromises privacy.
Nick Pickles, director of the civil liberties campaign group Big Brother Watch, said: "Assurances about safeguards will ring hollow with anyone who is familiar with the catalogue of data loss and abuse seen in recent years.
"As the committee rightly warns, this Bill would put Britain on a par with China and Iran, something the entire country should be deeply concerned by."
A Home Office spokesman said: "The ability for law enforcement agencies to obtain communications data - the who, when and where of a communication, not the content - as part of a criminal investigation saves lives, helps catch serious criminals and protects victims.
"The Home Secretary was clear today that tough controls will ensure that only those organisations who really need these powers will have them, ensuring the public can be confident they are being used only when really necessary.
"Democratic countries around the world use communications data because they know its vital in helping catch and convict criminals.
"Those countries know, as we do, that ensuring law enforcement agencies can access this information when necessary, helps protect their citizens."