The government has shelved a controversial plan to force Australian telecommunications companies, internet service providers and sites such as Facebook to collect “metadata” from Australian users and store it for two years.

The government had run out of time to push the plan through before the election, but, after a powerful parliamentary committee raised concerns about it, the attorney general, Mark Dreyfus, confirmed more work was needed.

“The government will not pursue a mandatory data retention regime at this time and will await further advice from the departments and relevant agencies and comprehensive consultation,” he said in a statement.

As international debate rages about revelations in the Guardian regarding access by US and UK security agencies to the metadata of internet users, the joint intelligence and security committee report has urged any Australian government to exercise caution about plans to force metadata retention for potential use by security agencies.

It said there had been “a diversity of views” inside the committee about whether mandatory data retention was needed and concluded that it was “ultimately a decision for government”.

It urged any government considering the move to proceed with caution and said any data retention “should apply only to metadata and exclude content”, should “explicitly exclude … browsing data” and should exclude any material where data and content could not be separated.

The committee also recommended the ombudsmen and the inspector general of intelligence and security should oversee security agencies’ access to the data.

“A mandatory data retention regime raises fundamental privacy issues, and is arguably a significant extension of the power of the state over the citizen. No such regime should be enacted unless those privacy and civil liberties concerns are sufficiently addressed,” it said.

The committee also looked at the fact that Australian users’ metadata can be accessed by a huge number of federal and state government agencies, simply by filling out a form, and without any need for a warrant. This happened almost 300,000 times in 2011-12, with access granted to bodies as varied as the tax office and the RSPCA.

The committee recommended such warrantless access should be reined in.

It said the attorney general’s department should review “the threshold for access to telecommunications data” and that this review “should focus on reducing the number of agencies able to access telecommunications data by using gravity of conduct which may be investigated utilising telecommunications data as the threshold on which access is allowed”.

In a sharply-worded criticism, the committee said one reason it had been difficult to make clear recommendations about the data retention proposal was that the government had been so unclear about exactly what it had in mind.

“This lack of information from the attorney general and her department had two major consequences. First, it meant that submitters to the inquiry could not be sure as to what they were being asked to comment on. Second, as the committee was not sure of the exact nature of what the attorney general and her department was proposing it was seriously hampered in the conduct of the inquiry and the process of obtaining evidence from witnesses,” the committee wrote.

The shadow attorney general, Senator George Brandis, has said previously that “the public would accept a level of mandatory data retention in relation to telecommunications”. He said: “They would accept the logic of a regime being technology-neutral and reaching the internet, but my political judgment is that there is no way the public wouldn't react very strongly against a proposal unless they were absolutely guaranteed that their internet browsing history or use would not be subject of the mandatory retention regime.''

The committee was chaired by Labor MP Anthony Byrne. Brandis was a member.

It did not deal directly with the recent revelations from Edward Snowden.

Dreyfus said “the recent events in Boston and London highlight the ongoing threat of terrorism and the need to ensure our intelligence agencies have the tools they need to keep Australians safe and secure”.

Greens communications spokesman Senator Scott Ludlam said the committee’s findings meant the government should immediately abandon the mandatory data retention plan.

He said he was worried they meant Asio might get more powers to hack the computer information of people it was investigating.