How the Cookie Crumbles

 
 
By Evan Schuman  |  Posted 2005-12-29 Email Print this article Print
 
 
 
 
 
 
 

Opinion: The National Security Agency, licking its wounds from reports of more warrantless data searches, publicly apologizes for using Web cookies. What's wrong with this picture?

The National Security Agency, whose NSA initials are typically preceded by "super secret" or a similar cool-sounding phrase, is known as the home for code-breakers extraordinaire. After 9/11, the NSA was given even more freedom to do whatever it takes to track terrorists and identify their plots. The New York Times recently reported about their efforts to conduct more domestic surveillance without warrants or any court authorization.
So it was a bit curious when the NSA this week was accused of violating federal government procedure and harboring cookies on their public Web site. More curious yet that the NSA leaped into action to remove the offending cookies and that the Associated Press covered this.
These cookies were not spyware (although if any site had a right to have spyware, it would be the NSA) or anything malicious. They didnt even pose a privacy threat, as the NSA site requires no passwords and seeks no registration. There is no newsletter to flag updated content because there isnt much content to update and that which is there isnt updated very often.
Privacy aficionado Daniel Brandt found the cookies on his machine after visiting the NSA site and contacted the agency, which apparently had the cookies because of a default ColdFusion setting. Brandt said the violation is not sexy in and of itself, but it is a violation of Clinton era government policy and it should be followed strictly. Fixed isnt good enough for payment protection. Click here to read more. "Its kind of a boring site," Brandt said. "But even if its a non-issue, as it appears to be in this case, you have to call them on it." Whats more interesting, though, is that the NSA complied and complied so quickly. Yes, the super-secret agency was freaked out by the bogeyman of Web sites: the misunderstood cookie. An innocuous piece of code (in this case at least) accidentally placed on the site merited national wire service attention along with stories in The Fort Wayne Journal-Gazette, Fort Worth Star-Telegram, The Kansas City Star, The Miami Herald, The Philadelphia Inquirer, The Atlanta Journal-Constitution and The San Jose Mercury News, among many others. What does this have to do with retail IT? Cookies are chronically misunderstood and are perceived as vaguely dangerous. Cookies are typically safe and not even especially intrusive. For the vast majority of sites, they are indeed conveniences allowing users to not have to re-register or repeatedly key in their password. Yes, they do have marketing value in knowing what pages customers look at, but few use that information, other than in aggregate. But, as this column has said many times, reality cant hold the proverbial candle to perception. Privacy policies are rarely taken seriously, but they should be. If for no other reason, take the privacy policies seriously and detail all cookie usage so that you can later say that all site visitors knew about the usage. After all, consumers routinely read privacy policy statements, dont they?, he asked cynically. Another important take-away from this NSA situation is consumer education. Most consumers that fully understand cookies and registration forms and whatnot dont have an issue with them. Those consumers generally want the information being offered and appreciate the convenience. They must appreciate the implicit trade-off: give us a little information instead of having to give us money. Privacy policy respect and consumer education are two decent ways to take the scare out of the cookie bogeyman. If they can scare an NSA spook, imagine what it will do to an uninformed consumer casually reading the local newspaper? Evan Schuman is retail editor for Ziff Davis Internets Enterprise Edit group. He has tracked high-tech issues since 1987, has been opinionated long before that and doesnt plan to stop anytime soon. He can be reached at Evan_Schuman@ziffdavis.com. Check out eWEEK.coms for the latest news, views and analysis on technologys impact on retail.
 
 
 
 
Evan Schuman is the editor of CIOInsight.com's Retail industry center. He has covered retail technology issues since 1988 for Ziff-Davis, CMP Media, IDG, Penton, Lebhar-Friedman, VNU, BusinessWeek, Business 2.0 and United Press International, among others. He can be reached by e-mail at Evan.Schuman@ziffdavisenterprise.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel