The following is a summary of the sixteen Inspectors General reports filed so far in the investigation of violations of Internet privacy regulations on government Web sites:

Education Department: Four sites using unapproved persistent cookies found, 50 precent of pages collecting personal info lacked posted privacy policies, and nine pages were found to link to anonymous FTP servers collecting e-mail addresses without the user's knowledge.

Treasury Department: Six Web sites were found to set unapproved persistent cookies; 11 of 30 main Treasury Web sites did not have privacy statements; 19 Web sites weren't even on Treasury's inventory.

General Services Administration: Fifteen Web sites using unapproved persistent cookies found; on one site with a persistent cookie, there was a third-party agreement set up in which a private-sector contractor retained ownership all user data gathered.

Energy Department: Twelve percent of sites (11) used unapproved persistent cookies; 30 percent failed to satisfy Federal disclosure requirements.

Interior Department: Although the final report has not been completed, the Inspector General reported that two unapproved persistent cookies had been found so far on Interior Web sites.

NASA: Three sites using unapproved persistent cookies found. Due to NASA's failure to maintain Web site inventory, the Inspector General cannot determine the number of NASA sites, who owns which sites, or whether the sites are in compliance with NASA policy.

Transportation Department: The Inspector General identified 23 pages using unapproved persistent cookies (20 from FAA). Three DOT contractors were found to be collecting personal info on DOT sites.

The investigation was ordered by the Senate Governmental Affairs Committee Chaired by Sen. Fred Thompson (R-TN). Reports from the Inspectors General of all federal agencies are expected by July, 2001.

"Persistent" cookies last a fixed period of time, potentially for years. According to a September 5, 2000, OMB guidance, persistent cookies raise serious concerns because they can make it "technically easy" for the agency to learn the complete history of users' Web surfing. Agencies were prohibited by the Clinton Administration from using persistent cookies unless they (1) had approval from the agency head; (2) proved a "compelling need to gather the data on the site"; and (3) provided "clear and conspicuous notice."

View or download the entire preliminary results of the Internet privacy study. 
(This is a large pdf file. You will need the free Adobe pdf Reader to view it. You can get it here.)

Advertise on This Site