[Also noted by Ian Hopper and others, who cited: http://www.whitehouse.gov/omb/inforeg/cookies_letter72800.html http://www.whitehouse.gov/omb/inforeg/cookies_letter90500.html http://www.gao.gov/new.items/d01424.pdf --Declan] ******** Date: Tue, 23 Oct 2001 12:08:11 -0400 From: Robert Gellman <rgellmanat_private> To: declanat_private Subject: Re: FC: CDC.gov requires cookies, apparently in violation of WH order Two quick points. First, setting cookies does not violate the OMB policy if they are session cookies. Plain vanilla session cookies strike me as pretty far down on the list of things to worry about. Second, Twila objects to the need to identify yourself to use the website. Fair enough, but cookies are not necessarily identifiable. This story needs more facts before sounding an alarm. Bob -- + + + + + + + + + + + + + + + + + + + + + + + + Robert Gellman <rgellmanat_private> + + Privacy and Information Policy Consultant + + 419 Fifth Street SE + + Washington, DC 20003 + + 202-543-7923 (phone) 202-547-8287 (fax) + + + + + + + + + + + + + + + + + + + + + + + + ******** From: adminat_private (admin) To: <declanat_private>, <politechat_private> Cc: <twila@cchc-mn.org>, <smg0at_private>, <zxd2at_private> Subject: RE: CDC.gov requires cookies, apparently in violation of WH order Date: Tue, 23 Oct 2001 12:07:23 -0400 In-Reply-To: <5.0.2.1.0.20011023093327.02145160at_private> The orders put out by federal agencies as a result of the memo do not ban all cookies. It bans such things as tracking of individuals without telling them (such as using persistent cookies and tracking return visits). Session cookies may be used for functional reasons which are clearly nor "personal identification." in this case it is simply a session cookies that keeps track of your search so you can go from page 1 to page 2 of your search or perform subsearches for searches already completed. It is possible to make the site work without cookies but it would take some programming and would probably be a waste of time and money. The only problem with the CDC site is that they don't have a link to the privacy policy on the search page which should explain the use of cookies. Russ Smith http://consumer.net ******** ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Oct 23 2001 - 11:58:17 PDT