August 11, 2009 | By Tim Jones

Recommendations for Federal Web Privacy Policy

Today, EFF and the Center for Democracy and Technology submitted comments to the Office of Management and Budget in response to the agency's review of the policies governing the federal government's use of cookies and other web technologies.

The comments are an extension of recommendations we made in May, in which we suggested that the OMB permit cookie-based web analytics so long as the process was carefully overseen and met with specific strict safeguards. Today, we've expanded our recommendations to include the use of cookies for creating individualized web account logins and other common web practices that we understand government webmasters would like to be able to use. Overall, we continue to urge the government to limit the use of any data collected, to eliminate this data as soon as possible, and to seek third-party oversight.

To see the extent to which the current cookie policy creates confusion and allows invasions of citizens' privacy, one need look no further than the ongoing episode surrounding's use of embedded YouTube videos. In the current privacy policy, a waiver grants YouTube the right to use persistent cookies, but only "to help maintain the integrity of video statistics." In contrast, YouTube's privacy policy allows for much broader use, claiming license to permanently store data gleaned from for use in "marketing campaigns." (In June, Google privately told EFF that it had halted this practice and was ignoring cookies from visitors to — but, since then, we've been waiting for a clear, public statement from Google to confirm or clarify this.)

Today, we've proposed a new and better framework. We thank the OMB for the opportunity to suggest a solution to these problems and hope our comments will be taken into account.

You can read more about this issue in this morning's Washington Post.

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Backdoors have been discovered in Arris cable modems. This is why we need a security research exemption to the DMCA.

Nov 27 @ 2:15pm

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all:

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter:

Nov 25 @ 3:50pm
JavaScript license information