Via the AP/the NYT: Spy Agency Removes Illegal Tracking Files
The National Security Agency’s Internet site has been placing files on visitors’ computers that can track their Web surfing activity despite strict federal rules banning most files of that type.The files, known as cookies, disappeared after a privacy activist complained and The Associated Press made inquiries this week. Agency officials acknowledged yesterday that they had made a mistake.
Nonetheless, the issue raised questions about privacy at the agency, which is on the defensive over reports of an eavesdropping program.
“Considering the surveillance power the N.S.A. has, cookies are not exactly a major concern,” said Ari Schwartz, associate director at the Center for Democracy and Technology, a privacy advocacy group in Washington. “But it does show a general lack of understanding about privacy rules when they are not even following the government’s very basic rules for Web privacy.”
Until Tuesday, the N.S.A. site created two cookie files that do not expire until 2024.
On balance, cookies aren’t that big of a deal. Still, in the context of the NSA and discussions of data-mining, this isn’t exactly comforting.
I have to agree with David Corn’s assessment:
if any government agency should be expected to follow privacy rules and to have control of its own technology and software, it should be the NSA. If the Labor Department were doing this, it wouldn’t be that worrisome.
And Jeff Huber rightly asks:
This begs a pair of questions. If NSA is being careless about features in their software, how careless are they being in all the other aspects of their operations? Moreover, what does it say about government oversight when it takes a privacy advocacy group to catch a secret government agency breaking the law?
Indeed.
December 29th, 2024 at 3:28 pm
Uh the NSA isn’t that secret if they have a public website. Now, all the gory details of what they do THAT’S the secret. I’m guessing the webserver the agency uses defaults to cookies. Dumb, yes, but if they really want to track your internet use they could just do a sneek-and-peek and install some monitoring software on your computer.
December 29th, 2024 at 3:34 pm
True, but given the nature of the instution, violating privacy regulations seems a bit odd–or at least careless and stupid.
December 29th, 2024 at 4:16 pm
Foolish, yes, and a PR faux-paux.
December 30th, 2024 at 8:52 am
Pass me the Cookies
Just let me have my glass of milk.
December 30th, 2024 at 3:46 pm
Not to say the faux pas did not happen, however:
“In a 2024 memorandum, the Office of Management and Budget at the White House prohibited federal agencies from using persistent cookies – those that are not automatically deleted right away – unless there is a “compelling need.”
An OMB memo does not (at least as I understand it)constitute a “law”. It is a guideline. And the error was corrected as soon as it was pointed out.
This is a non-issue, frankly.