Thread: Feds Consider Adding 'Cookies' to Web Sites; Will Privacy Cr

Feds Consider Adding 'Cookies' to Web Sites; Will Privacy Crumble?

The Office of Management and Budget is considering reversing a nine-year ban to allow the use of cookies on federal Web sites to track, among other things, users' preferences and interests.

By Joshua Rhett Miller
FOXNews.com
Wednesday, August 12, 2009

The Office of Management and Budget is considering reversing a nine-year ban on using "cookies" to track users' preferences and interests on federal Web sites.

The shift in policy is being billed as a way for government to enter the 21st century and for federal agencies to use the same technology utilized on news sites, retail sites and social media networks. Online retailers, for example, use cookies to suggest items of interest based on previous purchases. If you recently bought a New York Yankees jersey, a Web site might recommend buying a book about Alex Rodriguez the next time you visit.

But some privacy advocates say changing the policy for federal Web sites is troubling. If you check out the FBI's Most Wanted List, they say, the government would know. If you want information from the CDC about pregnancy or AIDS, the government would know. Big Brother could quite literally be watching you.

"Without explaining this reversal of policy, the OMB is seeking to allow the mass collection of personal information of every user of a federal government website," Michael Macleod-Ball, acting director of the American Civil Liberties Union's Washington Legislative office, said in a statement. "Until OMB answers the multitude of questions surrounding this policy shift, we will continue to raise our strenuous objections."

Robert Siciliano, an author and Internet security expert, described cookies as the "cousin" to spyware -- software installed on a computer that tracks information about users without their consent.

"Now, cookies aren't spyware, but they're very close," Siciliano told FOX News. "Spyware, as we know, can be malicious and track everything we do -- every username, password and Web site we visit. The problem here is privacy advocates are concerned if government enables cookies on federal Web sites, then they could now merge into spyware. What's next?"

But Vivek Kundra, the nation's chief information officer, says citizens' privacy will remain a top priority, and he points out that no change has been made yet.

"Our main goal in revisiting the ban on using persistent cookies on Federal websites is to bring the federal government into the 21st century," Kundra wrote on a blog explaining the cookie policy. "Consistent with this Administration's commitment to making government more open and participatory, we want federal agencies to be able to provide the same user-friendly, dynamic, and citizen-centric websites that people have grown accustomed to using when they shop or get news online or communicate through social media networks, while also protecting people's privacy."

Because of privacy concerns, federal agencies have been prohibited from using Web-tracking technologies like cookies since June 2000 unless approved by the head of an agency due to a "compelling need," Kundra wrote in an earlier blog post.

"In the ensuing time," he wrote, "cookies have become a staple of most commercial websites with widespread public acceptance of their use. For example, every time you use a 'shopping cart' at an online store, or have a website remember customized settings and preferences, cookies are being used."

Judge Andrew Napolitano, FOX News' senior judicial analyst, said the potential policy change could be a violation of the Privacy Act of 1974, which regulates the "collection, maintenance, use and dissemination" of personal information by federal executive branch agencies.

"It also prohibits the government from watching you while you browse a book in a library or getting copies of the books you take out of a library," Napolitano told FOX News.

"What is the Internet? It's a modern day library. It's the gateway to knowledge. Just as the government can't be over your shoulder with a camera when you're browsing for books in the library, the government cannot watch you as your browse through a Web site or browse the Internet. It's equally as prohibited by the Privacy Act."

OMB officials told FOXNews.com that any change to the federal cookie policy would be in "full compliance" with the Privacy Act, and they said no decisions have been made as to when -- if at all -- the change will take effect.

OMB is currently considering a three-tier approach that would track users over single and multiple Web sessions, either to analyze Web traffic statistics or to remember the data, settings and preferences unique to individual users.

A public comment period on the potential change ended on Monday, and a timeframe for a final decision has not been set.

http://www.foxnews.com/politics/2009/08 ... ie-policy/

Cookies link your online, offline identities

Posted 8m ago

Think about the websites you visited recently. You shopped, checked airfare prices and researched a medical condition.

How would you like marketers to trade this information, along with your name and address? They may very well have.

TECH TIPS: Ask Kim

Increasingly, online tracking is becoming more personal. Cookies used to be relatively harmless. Now, cookies can tie your surfing habits to your offline identity.

How cookies work

FIND MORE STORIES IN: Microsoft
A cookie is a small text file placed on your computer by a website. Some cookies are useful. They identify you to your favorite sites. With them, you can bypass site log-ins. The site remembers your preferences.

But advertisers and third parties also place cookies on your machine. For instance, you may see an Acme Widgets ad on one site. The ad places a cookie on your computer.

You visit a second site running an Acme ad. This time, Acme reads the cookie on your machine. It knows the content of the first page you visited. It knows the content of the second page you visited. It can now offer an ad better targeted to your interests.

Now, consider this. Acme ads are placed on sites via an advertising network. Goliath Advertising tracks and profiles you as you move from site to site. And it displays ads based on your interests.

Many people don't like the idea of online tracking through cookies. They find the targeted ads creepy and invasive. Well, that's not the half of it.

Online meets offline

Data companies like Acxiom and Datran have gotten in on the game. These companies gather information from public records. They know the value of your home and your net worth. They know how many kids you have.

Now, imagine that the offline data is used in conjunction with cookies. You click on a link in a marketing e-mail. Or, you register on a website. A cookie tying your computer to your offline data is set.

Targeted ads suddenly become more targeted. Retailers may customize prices to suit your income or buying habits. You end up paying more than those who shop online infrequently.

Even scarier, imagine researching an embarrassing medical condition online. A few days later, you open your mailbox. It is stuffed with information on products to cure the condition.

A murky situation

The flow of data between companies is murky at best. It isn't always clear who sets the cookies. Likewise, privacy policies are vague and complexly written. Sites eschew responsibility for the use of data gathered by third parties.

To stop the tracking, you must opt-out. This is easier said than done. And deleting cookies may not help. Deleted cookies can be reconstructed.

Your best bet is to block all cookies. Then, create an approved list for sites that can set cookies. This will be inconvenient at times. You'll need to add sites to the list occasionally.

In Firefox, click Tools, then Options and then Privacy. In the cookies section, deselect "Accept cookies from sites."

Next, click Exceptions. In the top box, enter addresses that should be allowed to set cookies. Click Allow after each one. When you're done, click Close and then OK.

In Internet Explorer, click Tools, then Internet Options. Open the Privacy tab and click Advanced. Select "Override automatic cookie handling." Select Block for first- and third-party cookies. Click OK.

Click Sites. In the top box, enter Web addresses that can set cookies. Click Allow after each one. Click OK, then OK.

One site you should approve is *.microsoft.com. Otherwise, you could have trouble installing updates from Microsoft for Windows, Office and other Microsoft software.

Kim Komando hosts the nation's largest talk radio show about computers and the Internet. To get the podcast or find the station nearest you, visit www.komando.com/listen. To subscribe to Kim's free e-mail newsletters, sign up at www.komando.com/newsletters. Contact her at

gnstech@gannett.com.

http://www.usatoday.com/tech/columnist/ ... kies_N.htm