The Public Eye with Eric Chabrow

Uncrumbling the Federal Cookie Policy

Uncrumbling the Federal Cookie Policy

And the Obama administration is doing just what any IT, security and privacy leaders should do: figure out how to provide both. In a White House blog posted Tuesday, federal CIO Vivek Kundra and Michael Fitzpatrick, Office of Management and Budget associate administrator for information and regulatory affairs, wrote that cookies - a small piece of browser software that tracks and authenticates web viewing activities by users - present a challenge the government is trying to navigate:

"Put in place in 2000 to protect the privacy of Americans, the federal cookie policy limited the use of persistent cookies by federal agencies. ... In the nine years since this was put in place, website cookies have become more mainstream as users want sites to recognize their preferences or keep track of the items in their online shopping carts. We've heard a lot of feedback on this area.

Persistent cookies are very useful as an indirect feedback mechanism for measuring effectiveness of government web sites. 

"One person put it all together. 'Persistent cookies are very useful as an indirect feedback mechanism for measuring effectiveness of government web sites...Cookies allow a greater level of accuracy in measuring unique visitors...Being able to look at returning visitors allows us to see what content is important to our citizens. We can use that data to improve the content and navigation of our sites.'"

Kundra and Fitzpatrick said OMB is reexamining federal cookie policy as part of the administration's Open Government Initiative.

Among those calling for a change in cookie policy is Dan Chenok, chairman of the federal Information Security and Privacy Advisory Board, housed at the National Institute of Standards and Technology, which late last month issued a report, entitled Toward A 21st Century Framework for Federal Government Privacy Policy, which noted that the 35-year-old federal Privacy Act hasn't kept up with technological advancements. Chenok, the one-time most senior, non-political appointee working at OMB, characterized federal cookie policy as "administratively burdensome" on government agencies in an interview with the Information Security Media Group, publisher of GovInfoSecurity.com.

It's encouraging to hear government officials seeing IT security and privacy challenges as just that: a challenge to conquer and not a barrier from exploiting the advantages technologies furnish.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.