http://www.wired.com/threatlevel/200...e_tsas_tracki/

Are TSA’s Tracking Cookies Legal?

* By Ryan Singel Email Author
* February 14, 2007 |
* 9:50 am |
* Categories: Uncategorized
*

The Transportation Security Agency’s website is not only hosting a site that looks like a phishing attack designed to steal personal information from citizens, it’s also using cookies on its website — a practice that the government frowns on. The main TSA site sets two cookies — both of which expire in 2017.
One of the cookies is set to tsa.gov, while the other is served from a web analytics company called WebTrends.

Now the TSA does state on its privacy policy page that it uses cookies. But, that may not be enough to satisfy the government policy on the use of tracking cookies. In 2003, the White House’s Office of Management and Budget issued binding rules on the use of cookies by federal agencies and their contractors — stating:

Particular privacy concerns may be raised when uses of web technology can track the activities of users over time and across different web sites. [...] Because of the unique laws and traditions about government access to citizens’ personal information, the presumption should be that "cookies" will not be used at Federal web sites.

If cookies are going to be used, the rules require that the site include "clear and conspicuous notice" of the cookies, that there exists a "a compelling need to gather the data on the site," that there are "appropriate and publicly disclosed privacy safeguards" for cookie information, and that the head of the agency personally approves the cookies.



Read More http://www.wired.com/threatlevel/200...#ixzz0f6zv9zZy