British spy agencies may have more private information about its citizens than one may think, thanks to the U.K’s fairly opaque rules surrounding their regulation.

Recently disclosed documents reveal much about the British government’s contentious mass surveillance programs. Privacy International, an organization in London, received previously confidential files as part of their involvement in legally challenging the scope of British spies’ data.

As published in The Intercept, Millie Graham Wood, Legal Officer at Privacy International, said that the documents contain “your private medical records, your correspondence with your doctor or lawyer, even what petitions you have signed, your financial data, and commercial activities.”

“The agencies themselves admit that the majority of data collected relates to individuals who are not a threat to national security or suspected of a crime. This highly sensitive information about us is vulnerable to attack from hackers, foreign governments, and criminals,” she added.

The documents also reveal that the eavesdropping agency Government Communications Headquarters (GCHQ) and domestic intelligence agency MI5 obtained the bulk datasets years ago – GCHQ in 1998, and MI5 in 2005. The agencies argue that the data is essential in thwarting terror plots.

Last year, The Intercept exposed how GCHQ attempted to create “the world’s largest surveillance system,” that would horde about 50 billion records every day about people’s emails, phone calls, and internet habits.

This content was originally published by teleSUR.