Swire: Making privacy a priority

Citizens should be able to browse federal sites without creating a permanent record

Recent investigations have uncovered Web cookies on the sites of the National Security Agency and other federal agencies, in violation of federal guidelines.

The guidelines limit federal Web sites' use of persistent cookies, pieces of code placed on the visitor's hard drive so the site can recognize the computer on

return visits. Cookies don't reveal the visitor's name.

A site has the cookie number and the user's name; however, the cookie does track an identifiable individual. That happens, for instance, if the visitor completes a transaction or fills out a form, linking the cookie to a name.

A lot is at stake in violating these rules. The guidelines date back to June 2000, when I was serving as chief counselor for privacy at the Office of Management and Budget. At that time, the press discovered that the White House Office of National Drug Control Policy's Web site placed cookies on users' computers, contrary to the site's privacy policy.

The cookies were reporting surfing behavior to DoubleClick, which could link a person to visits at private-sector sites. DoubleClick and the White House site were not collecting names, but they could find names if users identified themselves at any of the private-sector sites.

In response to the problem, OMB issued guidance on June 22, 2000, stating that federal Web sites should not persistently track their visitors. The rules allow tracking devices such as cookies, but only with notice to users and approval of a high agency official. Agencies' sites can also employ temporary "session cookies" because they expire when users close their browsers.

The logic behind the policy is that citizens should be able to browse federal sites without their visits becoming part of a permanent record. Citizen access to sites is vital to e-government. Tracking citizens at government sites can reduce trust and discourage access to e-government services.

OMB may be able to fine-tune the guidance to take advantage of advances in Web technology while still protecting citizen privacy. If it does, OMB should make the changes explicit and take responsibility for any new policy choices. However, the problem now is that agencies were caught violating the rules. That sends the message that protecting citizen privacy is not important. It also signals that following the OMB rules, which have been on the books for more than five years, is not a priority.

This concern about government snooping and rule-breaking is especially serious now. President Bush has acknowledged that the National Security Agency has used wiretaps on citizens without a warrant. His message has been, "Trust us, we're careful in how we do this."

Recent press accounts, however, show that agencies have violated privacy rules regarding cookies, and the public knows agencies are breaking the rules. If agencies are openly breaking cookie rules, they might also be breaking less-public privacy rules.

The Bush administration does not have a policy official to address privacy issues. Such an official would help convince the public that it should trust government to follow the rules.

Swire is the C. William O'Neill Professor of Law at the Ohio State University and a visiting senior fellow at the Center for American Progress.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group