Federal Web Sites Tracking Usage

greenspun.com : LUSENET : Unk's Wild Wild West : One Thread

Federal Web sites tracking usage The practice, found in 64 sites, violates a policy adopted by the Clinton administration last year.

April 17, 2001

By NANCY ZUCKERBROD The Associated Press

WASHINGTON People who log onto dozens of federal government Web sites may be unknowingly tracked despite a privacy policy forbidding it, investigators say.

In one case, a government contractor was even given ownership of all the information collected from a Web site, said the congressional report, released Monday.

The scope of the problem hasn't been nailed down. For example, the report said NASA hasn't determined how many Web sites it operates, so officials don't know how many might be gathering the information.

The report, culled from audits of 16 agencies, found 64 federal Web sites used files that allow them to track the browsing and buying habits of Internet users.

The files, called cookies, allow a Web site to identify an Internet user's computer when that person returns to the site. While there is no evidence thus far that the information is being misused, the cookies allow site operators to determine when a user is online and in some cases track the user's activities elsewhere on the Internet, potentially exposing personal and private information about the visitor.

The technology can make browsing more convenient by letting sites distinguish user preferences, but it also has been attacked as violating privacy.

The U.S. Mint says it uses the software to operate an online shopping cart on its Web site, much like many private-sector e-commerce sites. But several of the agencies cited in the report said they did not even know the tracking technology was on their sites.

The departments of Education, Treasury, Energy, Interior and Transportation used such unauthorized files, as did NASA and the General Services Administration, the report said.

It did not estimate how many people may have visited the sites. But the company Jupiter Media Metrix, which tracks Internet usage, says government sites are popular. The company estimates that 3.5 million Internet users went to NASA's Web site in March, and 2.2 million people visited the Education Department's site.

Ari Schwartz, senior policy analyst for the Center for Democracy and Technology, which follows privacy issues, called the report troubling.

"Generally, when we think about privacy and the government, we want to make sure that the government is transparent and does protect privacy over and above the rest of the Internet and the rest of the private and nonprofit sector," Schwartz said.

His organization was one of several that signed a letter Monday urging the Bush administration to promptly fill a post created by President Clinton to see that agencies adhere to privacy policies.

The new report was released by Sen. Fred Thompson, R-Tenn., the chairman of the Senate Governmental Affairs Committee. He said he was upset by the findings and planned to introduce legislation that would establish a commission to examine government privacy practices.

Congress ordered all agency inspector generals to investigate the use of unauthorized tracking devices after the General Accounting Office reported in October that about a dozen agency Web sites were using the technology even though the Clinton administration issued a memo in June restricting the practice.

The only time agencies are supposed to be able to use such software is when there is a compelling need and agency heads say it is OK. In those instances, the Web sites must explicitly tell Internet users about the practice.

Contractors operating Web sites on behalf of the government also must abide by the policy.

The White House referred questions to the Office of Management and Budget, where spokesman Chris Ullman would say only that the policy remains in effect and the issue is "something that we certainly are keeping an eye on."

Eleven Energy Department Web sites used cookies, prompting Inspector General Gregory Friedman to say the department "cannot provide reasonable assurance" that the privacy of Web site visitors will be protected.

GSA Inspector General William Barton found that a contractor managed the business operations of an agency site that used the tracking technology. The agreement gave the contractor ownership of all the information about the Internet users who visited the site.

Of the agencies surveyed, the Transportation Department was most likely to use the tracking files, according to the report. It had them on 23 Web pages, but the devices have since been removed, according to John Meche, the agency's deputy assistant inspector general.

"Protecting Web privacy is an ongoing challenge because Web sites are constantly revised or reconfigured," Meche said in his report.

A survey taken in February by the Pew Internet & American Life Project found that 62 percent of those questioned supported new privacy laws and protections from government snooping. However, 54 percent supported new technologies that enable the FBI to monitor suspects' e-mail.

Critics charge that one such technology, initially named Carnivore and installed on the servers of Internet service providers, can also be used to collect data on Web surfers.

Carnivore, developed by FBI engineers in the late 1990s, consists of hardware and software that trolls for information after being connected to the network of an Internet service provider.

Once installed, it has the ability to monitor all of the e-mail on a network, from the list of what mail is sent to the actual content of the communications.

-- (as@i see.it), April 17, 2001

Answers

*A survey taken in February by the Pew Internet & American Life Project found that 62 percent of those questioned supported new privacy laws and protections from government snooping. However, 54 percent supported new technologies that enable the FBI to monitor suspects' e-mail.*

That's kinda scary

-- (oh@n.o), April 17, 2001.


Moderation questions? read the FAQ