DOD still misuses 'cookies'

DOD IG report: "DOD Internet Practices and Policies"

Many military Web sites still collect personal information from visitors because Defense Department officials remain unaware of privacy policies and the department fails to hold the site managers accountable for not complying, according to an inspector general report.

The audit, conducted between December 2000 and May 2001, found that more than 25 percent of the sites reviewed did not meet DOD or Office of Management and Budget policies regulating the use of "persistent cookies" and other information-gathering technology. Persistent cookies are small pieces of software a Web server stores on a user's hard drive and are used to identify the user on return visits to the site.

DOD and OMB policies prohibit using such technologies unless the site administrator has permission from the agency head, has an overriding need to use the technology and has posted notification within the site's privacy statement.

But the multitude of regulations issued by the Pentagon every year is not read by many people, from Webmasters to senior officials, said David Steensma, acting DOD assistant inspector general for auditing.

Although DOD Web privacy guidance is "adequate," the inspector general audit found that most Webmasters were unaware the cookies were there. And the fact that almost half of Webmasters were unaware of the DOD policy or how to comply shows "a lot of this is [related to] awareness," Steensma said.

Pentagon officials plan to hold organization leaders accountable for making their Web sites comply with DOD policy, wrote J. William Leonard, deputy assistant secretary of Defense for security and information operations. He also is requiring DOD components to report by Aug. 31 on what they are doing to educate Webmasters about meeting governmentwide policies.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected