FCW Insider

Blog archive

Another Congressional hand in the cookie jar

Late last year, we – and everybody else – went cookie crazy after the Associated Press found that the National Security Agency – yes, the agency that is doing the warrantless wiretaps – was also using permanent cookies on its Web site. So we all went on the great cookie hunt and, not surprisingly, found many sites that violated the government's no-permanent-cookie policy. [For more, see this link.]

But some of my favorite catches of cookie sites are Congressional offices. Congress doesn't have to follow the laws that they pass, of course -- so they can tell agencies that they cannot use permanent cookies, but then they can go ahead and use them. And then, even more tasty, lawmakers are the first ones to take agencies to task.

Well, turn on your cookie monitors and visit appropriations.senate.gov, because guess who uses permanent cookies.

Even more delicious is that the site has a link to the privacy policy at the bottom of the page, but it doesn't work. It took me here.

I did eventually get to the privacy policy, and here is what it says:

This web site does not use 'cookies' or other means to track your visit to the site in any way.

Here is the Senate's privacy policy, which doesn't mention cookies at all.

Anyway, I have a call in and I'll check back.

And yes, I do check back on these things. Earlier this year, I noted that one site –- NIST's National Vulnerability Database, which lists all the computer vulerabilities out there – which I noted earlier this year that it uses permanent cookies. I expected the cookies to be pulled, but when I checked yesterday, they were still there. I let the NIST folks know and they tell me it was an oversight and they will be gone soon.

So we're eating cookies one bite at a time!

I hate to repeat, but it is worth repeating that cookies are not the biggest privacy question out there. In fact, most people would never know and probably don't care, but it is a privacy issue that is easily rectified. In most cases, it is merely an oversight.

So we're back on cookie patrol, I guess.

Posted by Christopher Dorobek on Apr 11, 2006 at 12:15 PM


Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.