The UK government has claimed it would be entirely legal for it to snoop on data from a range of social media sites including Facebook, Twitter and YouTube, although it has stopped short of admitting it does exactly this.
Rights group Privacy International gathered a detailed resonse from the Office for Security and Counter Terrorism after asking the government how UK laws make its Tempora mass-snooping program legal.
In response, a published statement from Charles Farr, the director general of the Office for Security and Counter Terrorism, says the UK government has the right to request information on its citizens wherever in the world that data might be saved.
Social networking chatter is called ‘external communications' and, according to the statement, all such communications are fair game under current rules because it is assumed that they happen between offshore servers.
"The distinction between ‘internal' and ‘external' communications is crucial. Under the Regulation of Investigatory Powers Act (RIPA) – which regulates the surveillance powers of public bodies – ‘internal' communications may only be intercepted under a warrant which relates to a specific individual or address," explains the statement from Farr.
"These warrants should only be granted where there is some suspicion of unlawful activity. However, an individual's ‘external communications' may be intercepted indiscriminately, even where there are no grounds to suspect any wrongdoing."
Farr did not confirm that Tempora programme exists though, sticking to the government's stock 'neither confirm nor deny' stance.
"I am not aware of any exceptional circumstances which would justify a departure from the neither confirm nor deny principle in relation to the alleged Tempora interception operation," he wrote.
"All I am able to confirm is that if the Tempora interception operation existed it would have been carried out [legally]."
The findings – gathered by Privacy International with support of other leading advocate groups including Amnesty International and the American Civil Liberties Union – are said to be the first time such admissions have been made public.
Michael Bochenek, senior director of International Law and Policy at Amnesty International, said the findings were staggering.
"British citizens will be alarmed to see their government justifying industrial-scale intrusion into their communications. The public should demand an end to this wholesale violation of their right to privacy."
Privacy International deputy director Eric King also voiced his outrage at the findings.
"Intelligence agencies cannot be considered accountable to parliament and to the public they serve when their actions are obfuscated through secret interpretations of byzantine laws," he said.
"Moreover, the suggestion that violations of the right to privacy are meaningless if the violator subsequently forgets about it not only offends the fundamental, inalienable nature of human rights, but patronises the British people, who will not accept such a meagre excuse for the loss of their civil liberties."
The UK is already under pressure from the European Commission (EC) over its Tempora programme, with Viviane Reding warning that any hint the scheme broke European laws would result in swift action.
Overseas things do not run quite the same, and the US agency equivalent must get a warrant to access overseas stored data. This is currently being debated in the courts.
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away