Another Congressional hand in the cookie jar

Featured eBooks
Health Tech
Read Now

Next-Generation Computing

Read Now

Space Tech

Read Now
Insights & Reports
Stay Ahead of the Latest Threats with Intelligence-driven Security Operations
Presented By Google Cloud
Download Now
Strengthening cloud security for federal agencies
Presented By Wiz
Download Now
By Christopher Dorobek

By Christopher Dorobek

|
Here is the , which doesn't mention cookies at all.Anyway, I have a call in and I'll check back.And yes, I do check back on these things. Earlier this year, I noted that one site –- , which lists all the computer vulerabilities out there – which I noted that it uses permanent cookies. I expected the cookies to be pulled, but when I checked yesterday, they were still there. I let the NIST folks know and they tell me it was an oversight and they will be gone soon.So we're eating cookies one bite at a time!I hate to repeat, but it is worth repeating that cookies are not the biggest privacy question out there. In fact, most people would never know and probably don't care, but it is a privacy issue that is easily rectified. In most cases, it is merely an oversight.So we're back on cookie patrol, I guess.

Late last year, we – and everybody else – went cookie crazy after the Associated Press found that the National Security Agency – yes, the agency that is doing the warrantless wiretaps – was also using permanent cookies on its Web site. So we all went on the great cookie hunt and, not surprisingly, found many sites that violated the government's no-permanent-cookie policy. [For more, see this link.]

But some of my favorite catches of cookie sites are Congressional offices. Congress doesn't have to follow the laws that they pass, of course -- so they can tell agencies that they cannot use permanent cookies, but then they can go ahead and use them. And then, even more tasty, lawmakers are the first ones to take agencies to task.

Well, turn on your cookie monitors and visit appropriations.senate.gov, because guess who uses permanent cookies.

Even more delicious is that the site has a link to the privacy policy at the bottom of the page, but it doesn't work. It took me here.

I did eventually get to the privacy policy, and here is what it says:

This web site does not use 'cookies' or other means to track your visit to the site in any way.


Senate's privacy policy



NIST's National Vulnerability Databaseearlier this year





NEXT STORY: Officials seek info on lines of business