OMB to reinforce agencies' cookie diet

GAO report: "Internet Privacy: Federal Agency Use of Cookies"

The Office of Management and Budget will take action to reinforce the administration's

Web privacy policies after a congressional report found several federal

agencies in violation.

A General Accounting Office review requested by Sen. Fred Thompson (R-Tenn.),

chairman of the Senate Governmental Affairs Committee, found that 12 agencies

still used "cookies" on their sites in September, contrary to administration


In a letter to GAO, Sally Katzen, deputy director for management at

OMB, said that OMB will contact the noncompliant agencies "promptly, to

reinforce administration policy."

Under a June 1999 memorandum from OMB, agencies cannot use cookies without

giving clear and conspicuous notice to visitors of their Web sites. Cookies

are small pieces of software placed on a user's hard drive by a Web server

that enable the server to track returning users.

OMB further defined this policy in a follow-up memo in June 2000 as

well as in September correspondence with the CIO Council's privacy subcommittee.

OMB stated that an agency must give notice if a Web site uses session cookies,

which are erased from a user's hard drive when a user leaves a particular


Additionally, OMB directed agencies not to use persistent cookies, which

stay on a user's hard drive for a specific amount of time, unless the agency

meets specific guidelines. The guidelines include clear notice that cookies

are being used; a compelling need by the agency to gather such data; safeguards

to handle any information collected; and personal approval from the agency


The GAO review found that 12 agencies still used cookies without giving

notice, and seven of those agencies used persistent cookies. When GAO checked

those sites again on Oct. 17, the cookies were still in place at 11 of the


In the June 2000 memo, OMB also required agencies to report to OMB on

the steps they have taken to comply with the administration privacy policy

as part of their fiscal 2002 budget requests. Those reports will be turned

in this December, and OMB will use them to make certain the policy is being

implemented, Katzen wrote.


  • Defense
    DOD photo by Senior Airman Perry Aston  11th Wing Public Affairs

    How DOD's executive exodus could affect tech modernization

    Back-to-back resignations raise concerns about how things will be run without permanent leadership in key areas from policy to tech development.

  • Budget
    cybersecurity (vs148/

    House's DHS funding bill would create public-private cyber center

    The legislation would give $2.25 billion to DHS' cyber wing and set up an integrated cybersecurity center with other agencies, state and local governments and private industry.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.