From: "EPIC" Sent: Wednesday, August 12, 2009
E P I C A l e r t: Volume 16.15, August 12, 2009
Published by the Electronic Privacy Information Center (EPIC) - Washington, D.C.
http://www.epic.org/alert/EPIC_Alert_16.15.html [redacted headers & TOC - rfh]
Published by the Electronic Privacy Information Center (EPIC) - Washington, D.C.
http://www.epic.org/alert/EPIC_Alert_16.15.html [redacted headers & TOC - rfh]
=======================================================================
EPIC Urges Administration to Maintain Cookie Ban, Uphold Privacy
=======================================================================
EPIC submitted comments to the Office of Management and Budget recommending that the existing ban on the use of cookies at federal government websites be maintained. Such technologies typically use persistent identifiers. A White House policy memorandum of June 2, 1999, on "Privacy Policies on Federal Web Sites," directs agencies to post clear privacy policies on agency principal websites, as well as at any other known, major entry points to sites, and at any web page where substantial amounts of personal information are posted. The memo states that privacy policies must be clearly labeled and easily accessed when someone visits a web site.
EPIC Urges Administration to Maintain Cookie Ban, Uphold Privacy
=======================================================================
EPIC submitted comments to the Office of Management and Budget recommending that the existing ban on the use of cookies at federal government websites be maintained. Such technologies typically use persistent identifiers. A White House policy memorandum of June 2, 1999, on "Privacy Policies on Federal Web Sites," directs agencies to post clear privacy policies on agency principal websites, as well as at any other known, major entry points to sites, and at any web page where substantial amounts of personal information are posted. The memo states that privacy policies must be clearly labeled and easily accessed when someone visits a web site.
The memorandum directs that "cookies" should not be used at Federal web sites, or by contractors when operating web sites on behalf of agencies, unless, in addition to clear and conspicuous notice, the following conditions are met: a compelling need to gather the data on the site; appropriate and publicly disclosed privacy safeguards for handling of information derived from "cookies"; and personal approval by the head of the agency.
The OMB is now considering a policy change with the implementation of a three-tiered approach to the use of internet tracking technologies on Federal Government websites: The first tier consists of single-session cookies which track users over a single session; the second tier consists of using tracking technology to track users over multiple sessions to "gather data to analyze Web traffic statistics;" the third tier attempts to track users over multiple visits with the intent of remembering data, settings, or preferences unique to that visitor through the use of persistent identifiers. This change in framework will encourage tracking of users who visit government websites.
EPIC also proposed several safeguards if the new framework on persistent identifiers is ultimately adopted. EPIC's recommendations included not tracking users once they have left the government websites; prohibiting commercialization of information gathered from users; the application of meaningful rules for public participation; promoting open government and protecting privacy; availability of federal agency sponsored cookie data; respecting browser privacy and security settings; and prohibiting web-analytics or publishing the algorithm used.
EPIC also suggested that the OMB publish an annual survey outlining each federal government agency's use of Web tracking technology that should reflect the URLs, cookies, tracking technologies and processes adopted and their intended purpose. The placing of tracking technology for law enforcement, fusion center, national intelligence must conform to court oversight, and be subject to an annual reporting requirement to the appropriate Congressional Oversight Committees, EPIC urged.
The OMB had invited public comments on the framework that should govern Federal agency use of web-tracking technology including appropriate tiers, basic principles of use, degree of clear and conspicuous notice on each site, the applicability and scope of such framework on Federal use of third-party applications or websites.
In May, EPIC submitted comments to the President's Office of Science and Technology and urged the Government to not track users on Government websites. EPIC stated that since President Obama established the collaboration between executive departments and agencies and the public, tracking individuals who access government information would contradict these goals.
"Defend Privacy. Support EPIC." http://epic.org/donate
EPIC's Comments to the Office of Management and Budget: http://epic.org/privacy/cookies/comnts-to-OMB-cookie.pdf
Office of Management and Budget: http://www.whitehouse.gov/omb/
Federal register: July 27, 2009: Proposed Revision of the Policy on WebTracking Technologies for Federal Web Sites: http://edocket.access.gpo.gov/2009/E9-17756.htm
M-00-13, OMB Memorandum for the Heads and Executive Departments and Agencies: http://www.whitehouse.gov/omb/memoranda_m03-22/
EPIC's Submission to White House Open Government Initiative - Users Are Not Tracked on Government Sites: http://opengov.ideascale.com/akira/dtd/3544-4049
Proposed Cookie Policy: http://blog.ostp.gov/category/cookie-policy/
Office of Science, Technology and Policy: http://www.ostp.gov/
EPIC FOIA Request to the GSA: http://epic.org/privacy/socialnet/gsa_foia_4-30-09.pdf
EPIC Cookies: http://epic.org/privacy/internet/cookies/
=======================================================================
The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).
If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at:
http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support.
Subscribe/unsubscribe via web interface:http://mailman.epic.org/mailman/listinfo/epic_news
Back issues are available at:http://www.epic.org/alert
The EPIC Alert displays best in a fixed-width font, such as Courier.
------------------------- END EPIC Alert 16.15 ------------------------
No comments:
Post a Comment
Please, avoid posting advertisements. Content comments are welcomed, including anonymous. Posts with profanity will not be published.