Despite a White House prohibition, 13
government agencies are secretly using technology that tracks the
Internet habits of people visiting their Web sites, and in at least
one case provides the information to a private company, a
congressional review has found.
The agencies range from the Federal Aviation Administration to the federal offices that provide disaster relief and administer Medicare, the General Accounting Office found in a study obtained by The Associated Press.
“How can this administration talk about protecting privacy when its own agencies jeopardize some of the public’s most private information?” asked Sen. Fred Thompson, R-Tenn., chairman of the Senate Governmental Affairs Committee..
Thompson’s committee has jurisdiction over the 1974 Privacy Act and other laws that dictate the government’s privacy practices.
At issue is the use by the 13 government Web sites of small text files called “cookies” that record information about an Internet user’s browsing habits when they visit a site.
All Federal Agencies Advised
In June, the White House Office of Management and Budget advised all federal agencies that they are not allowed to use such text files without approval from the agency head. If they are used, the OMB directive said, Web site visitors must be given “clear and conspicuous notice” of such use.
But the GAO, the investigatory arm of Congress, found that 13 agencies were using the technology to track visitors, although their formal Internet policy claimed they weren’t doing so, and none of the Web site visitors were advised the technology was being used.
The study found all 13 tracked consumers’ path during their visit to the site, and some were employing “persistent” text files that could be read for years after the initial visit.
In addition, the U.S. Forest Service’s International Programs site was found to be using so-called “third-party cookies” that transmit the visitors’ activities to a private company which had been hired to compile reports for the agency.
Forest Service Unaware of Cookies
Forest Service spokesman Joe Walsh said he was unaware of the use of the tracking technology until contacted for comment Friday. “We’re looking into it,” Walsh said. “We take this very seriously.”
The other agencies found to be using the “cookies” software were the U.S. Customs Service, Bureau of Labor Statistics, Federal Emergency Management Agency, Office of National Drug Control Policy, Bureau of Land Management, Central Federal Lands Highway Division, the Energy Department’s Ames Laboratory, National Park Service, Office of Personnel Management, the U.S. Trade and Development Agency and the Health Care Financing Administration, which runs Medicare.
In June, the White House confirmed that its drug policy office operated a Web site using the “cookies” technology. The discovery prompted the directive from the White House budget office.
The drug policy office did not return a call for comment.
Congress has begun to weigh in more heavily on the issue of government privacy.
A provision sent to the president last week as part of the Defense Department spending bill Congress approved directs the government to develop policies to increase computer security at all federal agencies.
In past months, the GAO has reported that several federal agency networks, including those of the Department of Veterans Affairs and the Environmental Protection Agency are easily prone to hacking.