January 23, 2009 | By Hugh D'Andrade

Obama's Quick Response to Privacy Concerns

The incoming Obama administration has impressed advocates of open government, first by making a clear commitment to answer FOIA requests with a presumption of openness, and now by responding quickly -- within 24 hours! -- to criticism from CNET blogger Chris Soghoian and others that the retooled WhiteHouse.gov is placing cookies on user computers via YouTube videos embedded on the site.

Soghoian's article discussed a problem raised by EFF last year: the fact that YouTube videos can place a cookie on the user's computer the moment the user visits a page with embedded video. This means that even before the user chooses to click the play button they have had their IP address shared with a third party. EFF developed a script, MyTube, that plugs this hole by using javascript to prevent the user's client from connecting with a third-party video-host until the visitor explicitly opts-in by clicking on the play button.

The day after Soghoian's article appeared, WhiteHouse.gov appears to have addressed the cookie problem by adopting a MyTube-like fix of their own. The Obama team should be commended for their responsiveness and their willingness to immediately implement solutions.

It is worth noting, however, that users who do choose to view YouTube videos on WhiteHouse.gov will still receive a cookie unless they have specifically configured their browsers to reject cookies. (And this may be trickier than some might think, since YouTube videos also use Flash cookies, which take special effort to delete.)

This is a complex issue that raises the question of third party involvement in government websites — cookies being only one example. EFF will have more to say on this subject in coming weeks. For now we'd like to congratulate the Obama team on their openness and flexibility, and we hope they continue to lead the way on issues of transparency, accountability, and privacy.

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Backdoors have been discovered in Arris cable modems. This is why we need a security research exemption to the DMCA. http://w00tsec.blogspot.com/2...

Nov 27 @ 2:15pm

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all: https://www.eff.org/deeplinks...

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter: https://globalvoices.org/2015...

Nov 25 @ 3:50pm
JavaScript license information