The Obama administration is considering reversing a nine-year ban on the use of tracking cookies on federal Websites. In a July 27 Federal Register notice, the White House Office of Management and Budget said the administration is considering a three-tiered approach to the use of tracking cookies.
“The goal of this review is for the federal government to continue to protect the privacy of people who visit federal government Websites while at the same time making these Websites more user-friendly, providing better customer service and allowing for enhanced Web analytics,” the notice stated.
Since 2000, the government’s policy on tracking cookies has been to simply ban the use of them. Under the proposed new policy, cookies would not be used at federal Websites-or by contractors when operating Websites on behalf of agencies-unless the site posts clear and conspicuous notice of the use of cookies and the following conditions are met: a compelling need to gather the data on the site; appropriate and publicly disclosed privacy safeguards for handling of information derived from cookies; and personal approval by the head of the agency.
“This past June, we blogged about ways to enhance citizen participation in government through basic policy changes, including revisions to the current policy on Web-tracking technologies. We heard a lot of informal comments on that blog, so we decided to pursue the more formal comment route through the Federal Register,” Federal CIO Vivek Kundra blogged July 24 on the White House’s Office of Science and Technology Policy Website.
Kundra further noted, “Cookies have become a staple of most commercial Websites, with widespread public acceptance of their use. For example, every time you use a ‘shopping cart’ at an online store, or have a Website remember customized settings and preferences, cookies are being used.”
According to Kundra’s blog, the proposed three-tier government approach to using cookies would involve: (1.) “Single-session technologies, which track users over a single session and do not maintain tracking data over multiple sessions or visits;” (2.) “multisession technologies for use in analytics, which track users over multiple sessions purely to gather data to analyze Web traffic statistics;” and (3.) “multisession technologies for use as persistent identifiers, which track users over multiple visits with the intent of remembering data, settings or preferences unique to that visitor for purposes beyond what is needed for Web analytics.”
“We expect that there would be more stringent restrictions or review of the technologies within the tiers that might have higher privacy risks,” Kundra wrote.
The OMB is seeking public comments on, among other things, “acceptable use and restrictions of each tier” and the “applicability and scope of such a framework on federal agency use of third-party applications or Websites.”
