Illegal Government Cookies, Anyone?

Posted by wizeGurl (8427 views) Add this story to MyYahoo Add this article to Submit article to Reddit Add story to Furl Add story to StumbleUpon [E-Mail link]

It seems that in addition to the warrentless spying that the NSA has been doing on American citizens, in clear violation of U.S. law, isn't the only way they've been keeping an eye on us. There was also the illegal cookies.

In a posting on his website a privacy activist, Daniel Brandt, says he discovered that the NSA was using tracking devices when he logged on to the agency website on Christmas Day. He found the site was using two persistent cookies that would not expire until 2035, well beyond the life of most computers.

While the use of cookies is seen as a convenience at commercial websites, allowing a visitor access without laboriously retyping passwords, their utility for government websites--which do not typically have repeat visits--is uncertain.

US government agencies have been barred from using persistent cookies since 2000 because of privacy concerns. The regulations were imposed after disclosures that the White House drug policy office had been using cookies to monitor visitors to its anti-drug advertisements.

However, Mr Brandt and others have noted repeated violations of the ban. Three years ago, the CIA website was obliged to remove its cookies after Mr Brandt noticed that the devices were still in use. Following his latest discovery, Mr Brandt sent faxes to the NSA public affairs office and the contractor running the agency's website. The agency issued an apology on Wednesday.

Oh, well, if they apologized for the illegal invasion of privacy, that's okay, then. Next time you get busted for tax evasion or bank robbery, remember that an apology for the bad behavior is all you need. If it's good enough for the NSA, it's good enough for us.

Get more details from the Guardian article.


Posted by Pile on 2005-12-31 10:18:27
Well, this is an issue I know a bit about and it's overblown in terms of privacy violations. Cookies do not necessarily represent a privacy invasion.. they only tell the web site that the same person has come back... 99% of the information that these web sites can track on you, they don't need a cookie for. Everyone's IP address is also logged and that allows the same thing. So cookies are not really a security issue. It is humorous though, that the government has been barred from using them. As for the 2035 date, that's standard in the industry - setting an arbitrary expiration date that's way into the future.


Name: (change name for anonymous posting)

1 Article displayed.

Pursuant to Section 230 of Title 47 of the United States Code (47 USC § 230), BSAlert is a user-contributed editorial web site and does not endorse any specific content, but merely acts as a "sounding board" for the online community. Any and all quoted material is referenced pursuant to "Fair Use" (17 U.S.C. § 107). Like any information resource, use your own judgement and seek out the facts and research and make informed choices.

Powered by Percleus (c) 2005-2047 - Content Management System

[Percleus 0.9.4] (c) 2005, PCS