Cookie Opt-Out Conundrum

One civil liberties group that worked closely with the administration to develop privacy guidelines on the use of cookies says it is not satisfied with the final policy on such web-tracking tools that was released today.

The Center for Democracy and Technology writes on its blog, "When we offered suggestions for a new policy around cookies and Web 2.0 services for the government, we highlighted principles to protect privacy while allowing agencies to use technologies available to measure and improve the user experience. Several of them are reflected in the new memos, but some are missing and the memo as a whole lacks the details we were hoping to see."

In particular, the organization objects to the memo's recommendation that agencies instruct visitors how to disable cookies themselves, if agencies cannot offer people a way to opt-out automatically. The memo provides a link to basic directions on how users may be able to change the settings on their Web browsers to deactivate common analysis and personalization tools.

"This is an entirely inadequate policy for OMB to be promoting, particularly when the explanation linked from the memo recommends disabling all first-party cookies (whereas a clear opt-out process would opt users out of only those tracking technologies employed by government agencies). A large majority of commercial websites rely on first-party cookies in order to function properly. Many of these sites instruct users to turn first-party cookies on if they are off. Thus, users who follow the guidance suggested by OMB will likely end up with no privacy protection at all."

Meanwhile, some website performance specialists have said OMB's opt-out approach makes the most sense for agencies.

Last month, Phil Kemelor, a vice president at Semphonic, a Web analytics consulting firm that has advised the National Institutes of Health, told Nextgov, the key is "to train people to perhaps take more responsibility for their own security. And I would like to see things move in that direction rather than just add more restraints on federal agencies. It constrains them in trying to improve their websites."