Feeds

US civil liberties gang questions Obama cookie plan

Fed website 'sea change'

Choosing a cloud hosting partner with confidence

A proposal to loosen restrictions on the use of tracking cookies by federal government websites should be carefully scrutinized so they don't jeopardize the privacy of people who visit them, groups advocating civil liberties warned Monday.

The American Civil Liberties Union said the proposal, floated July 24 by the White House OMB, or Office of Management and Budget, was a "sea change" that could erode protections that for the past nine years have safeguarded the personal information of millions of people who visit federal websites.

"Without explaining this reversal of policy, the OMB is seeking to allow the mass collection of personal information of every user of a federal government website," Michael Macleod-Ball, the acting director of the ACLU's Washington legislative office, said in a statement. "Until the OMB answers the multitude of questions surrounding this policy shift, we will continue to raise our strenuous objections."

Under current rules, federal agencies are prohibited from using cookies and similar tracking technologies unless there is a "compelling need" and the agency head has approved their use. Under the new rules, the OMB would adopt a three-tier approach that would permit tracking under different circumstances. They include:

  • Single-session technologies, which track users over a single session and do not maintain tracking data over multiple sessions or visits;
  • Multi-session technologies for use in analytics, which track users over multiple sessions purely to gather data to analyze web traffic statistics; and
  • Multi-session technologies for use as persistent identifiers, which track users over multiple visits with the intent of remembering data, settings, or preferences unique to that visitor for purposes beyond what is needed for web analytics.

"The goal of this review is to develop a new policy that allows the Federal Government to continue to protect the privacy of people who visit Federal websites while, at the same time, making these websites more user-friendly, providing better customer service, and allowing for enhanced web analytics," federal CIO Vivek Kundra and Michael Fitzpatrick, associate administrator of the OMB Office of Information and Regulatory Affairs, wrote.

While the use of cookies on most websites has vastly increased over the past nine years, their use on federal websites have remained static, they added.

Two other privacy advocates also weighed in on the proposed changes. In comments (PDF) jointly submitted by the Electronic Frontier Foundation and the Center for Democracy and Technology said any change should include broad disclosures to visitors that include the fact that tracking technologies are being used, the reasons for their use, whether tracking is based on single or multiple visits to the site, and the identities of the third-party companies involved in the tracking.

They also said any information collected that is not relevant to the purpose of the tracking should be discarded as soon as possible.

"Federal agency Web sites will have a key role to play in making government more transparent, accountable and participatory," the groups wrote. "To succeed, the operation and improvement of Federal agency Web sites must be done through the lens of protecting citizen privacy." ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.