FCW Insider

Blog archive

The Great Cookie Debate

The Web cookie and Web bug story seems to be making the rounds. Last week, I posted about other federal agencies that are also violating the no-cookie rule.

An update: This story from the Free Government Information blog that points to this AP story via ABCNews.com:

White House Says Web Site Counts Visitors [AP via ABCNews.com, 12. 30.2005]

The White House said Friday its Web tracking technology is consistent with federal rules because it only counts the number of visitors anonymously and doesn't record personal information.

My colleague, Susan Miller, posts on FCW.com's other blog that this is much ado about nothing and she points to a post on Jeff Jarvis's Buzz Machine, who contends that "this is a nonstory born of ignorance and paranoia and now hype."

With all due respect, this is not much ado about nothing. Web sites do not need permanent cookies to count visitors. Most violations of the Web cookie policy -- and yes, these sites are violating a policy here -- are usually just organizations that do not change the defaults on some system, and yes, most sites ask for cookies. Agencies already can also use session cookies.

Furthermore, the E-Government Act does make allowances for cookies, according to the Center for Democracy and Technology's Ari Schwartz. I will re-post Schwartz's comments from my original post on this subject:

I actually don't think that the current policy is overly onerous.

Agencies need only:

1) put a policy official in charge of cookies (this can be someone who is in charge of privacy, but it could also be a CIO or someone in the CIO's office) and
2) disclose their use of cookies in their privacy policy

and then they can use cookies however they want. Considering the history of agencies not realizing that they are (or purposely) allowing third-party commercial entities to set track visitors with no controls... this doesn't seem like too much to ask.

The fact is that agencies are not every other Web site. Agencies have higher standards. We all understand that. And if these things are only to track numbers of visits and visitors, why not at least disclose? What additional data do permanent cookies provide?

Posted by Christopher Dorobek on Jan 03, 2006 at 12:15 PM


  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.