Web Privacy "Bug" Bites White House Web Site
Page 1 of 1
At the same time that lawmakers have been getting more serious about privacy and the World Wide Web Consortium has been unveiling its P3P standard for protecting users of Web browsers, the White House, and its Office of National Drug Control Policy, have been setting "cookies" to track users on its Freevibe Web site.
When people visit the site, aimed at young people likely to be using and seeking information about drugs, a small file called a "cookie," is placed on the visitor's hard drive, which allows that person's activity on the site -- and possibly across the Web -- to be tracked.
"Cookies" have long been controversial, but what makes this even more of a hot-button issue is the fact that they are being placed by advertising giant DoubleClick Inc. The company has been the subject of inquiries by several state attorneys general, as well as by the Federal Trade Commission, because of its privacy practices.
When alerted to the situation, the White House disavowed any previous knowledge of the "cookies," saying the practice had been instituted by contractors for the Office of National Drug Control Policy (ONDCP).
Although Lockhart made the statement on Wednesday, the software code to set the "cookies" was still in place on Thursday morning.
Also on Wednesday, the White House released a statement praising the World Wide Web Consortium's P3P privacy standard. The P3P standard is aimed at enhancing Web browsers in such a way that consumers would better be able to control the release of their personal information, and be better aware of the privacy policies of various Web sites that they visit. Privacy advocates, though, criticize P3P as being too confusing, lacking any means of enforcement, and contend it may hinder other efforts to protect consumer privacy.
The White House reaction to the "cookies" on its Web site betrays a sensitivity to the issue that illustrates the mood in Washington with regard to Internet privacy issues. Politicians are eager to stake out the moral high ground on this issue, even though the "cookies" on the FreeVibe site are likely harmless.
"It was probably benign, what they were doing," said Richard Smith, an Internet security consultant that has found a number of technical "bugs" that raised privacy concerns. "But the potential is there for doing a lot more."
Smith's concern, which is shared by some privacy advocates, is that the collection of all of this data about Internet users' movements could be used to violate consumers' civil rights. DoubleClick, especially, comes under fire because its vast reach on the Internet means it has huge stockpiles of data.
"The concern is that law enforcement or lawyers will get interested in their databases," said Smith. This kind of "interest," like wiretapping, treads the line between the interest in law enforcement and the interest in protecting individual privacy.