CIO site caught with 'cookies'
- By Christopher Dorobek (Moderator), Diane Frank
- Jun 08, 2001
CIO Council Web site
The redesigned Web site for the CIO Council had to be pulled off-line today
after Federal Computer Week notified officials the site was using persistent
cookies, a violation of government privacy rules.
"We do not use 'persistent cookies.'" It also violates the Office of Management and Budget's
much-publicized no-cookie rule issued late last year. (See snapshot, which shows the CIO Council's Web page stating its cookies policy along with the window that indicates a persistent cookie, set to expire in 2037.)
Cookies are packets of information that Web sites can put on a user's
computer, often to personalize a Web site. But cookies have become a privacy
concern because they potentially can be used to track how a person moves
through a site or even other Web sites.
OMB has allowed agencies to use temporary "session cookies," but has
prohibited permanent cookies unless they are completely necessary and are
approved by the agency's senior management.
Officials from the General Services Administration, which operates the
CIO Council's Web site, were surprised to find the site was using cookies,
and they said they were working to determine how such a privacy violation
Susan Hinden, a member of the GSA support staff, said that the contractor,
Midwest Total Internet Inc., was told several times "that the site can't
set persistent cookies."
GSA tested the site off-line for some time before going live, "and there
were no cookies," said Michelle Heffner, leader of the GSA team.
"If there's a persistent cookie, the site's coming down," she said this
afternoon. "We want this site to be an example of the standard across government."
The site was not even scheduled to go live until June 9 or 10 so that
GSA could conduct last-minute reviews, she said. "Had I known it was going
up, I would have tested it," she said.
The problem with the CIO Council's Web site appeared to be fixed by
late this afternoon, after GSA was notified about the problem.
OMB, which leads the CIO Council, had no specific comment today on the
council's Web site. However, OMB communications director Christopher Ullman
said that privacy is an important issue for President Bush and the administration
will continue to focus on this area.
Most observers and privacy advocates were struck by the irony that the
federal government's leading technology policy organization was caught with
its hand in the Web cookie jar.
Ari Schwartz, an analyst at the Center for Democracy and Technology,
said this is often a problem for an organization when it relaunches its
"It is problematic to have systems doing things that the policy people
don't know it is doing," he said.
Roger Baker, who recently retired as the Commerce Department CIO and
spearheaded privacy for the CIO Council, said the focus on cookies deflects
from more substantive privacy issues.
The CIO Council's faux pas comes as the President's Council on Integrity
and Efficiency is due to release a report compiling all 50 of the inspector
assistant inspector general for auditing at the Defense Department, which
is leading the report.
Christopher J. Dorobek is the co-anchor of Federal News Radio’s afternoon drive program, The Daily Debrief with Chris Dorobek and Amy Morris, and the founder, publisher and editor of the DorobekInsider.com, a leading blog for the Federal IT community.
Dorobek joined Federal News Radio in 2008 with 16 years of experience covering government issues with an emphasis on government information technology. Prior to joining Federal News Radio, Dorobek was editor-in-chief of Federal Computer Week, the leading news magazine for government IT decision-makers and the flagship of the 1105 Government Information Group portfolio of publications. As editor-in-chief, Dorobek served as a member of the senior leadership team at 1105 Government Information Group, providing daily editorial direction and management for FCW magazine, FCW.com, Government Health IT and its other editorial products.
Dorobek joined FCW in 2001 as a senior reporter and assumed increasing responsibilities, becoming managing editor and executive editor before being named editor-in-chief in 2006. Prior to joining FCW, Dorobek was a technology reporter at PlanetGov.com, one of the first online community centers for current and former government employees. He also spent five years at Government Computer News, another leading industry publication, covering a variety of federal IT-related issues.
Dorobek is a frequent speaker on issues involving the government IT industry, and has appeared as a frequent contributor to NewsChannel 8’s Federal News Today program. He began his career as a reporter at the Foster’s Daily Democrat, a daily newspaper in Dover, N.H. He is a graduate of the University of Southern California. He lives in Washington, DC.