Future of Privacy Forum Letter to the White Office of Science and Technology Policy

Future of Privacy Forum Letter to the White Office of Science and Technology Policy

 

 

 

 

Following is the test of the letter we sent to the White House in response to the call for feedback on the President’s memo on Openness and Transparency

April 3, 2009

Dear Ms. Noveck:

The Future of Privacy Forum is providing the below suggestions to offer a roadmap for enabling use of analysis, site optimization and tracking technologies by government agencies.  Personalizing site content for users, enabling log term shopping carts and improving site usage are key to providing the public the best possible web experience and these functions are reliant on cookies and other technologies currently limited by various approval requirements.  As a result, agencies may end up either forgoing the use, or they seek approval but may not seek to establish additional necessary controls to ensure these technologies are used in the most privacy friendly manner.

We provide below practical guidelines that could enable the use of cookies to better serve the public as desired by many government web managers.  Some of these concepts are already in place at some of the most progressive private sector companies, and government leadership in this area would spur wider adoption of these practices that both optimize the user experience and ensure privacy and transparency in data use.

We propose that the current restrictions on cookies and similar technologies be abolished.  In their place should be requirements that establish leading practices for such technology practices.


Ensuring that Interactive Tools used by Government Provide Users with Enhanced Transparency and Controls for Data Collection and Retention


Analytics, Research or Others Using Cookies, Tracking Pixels or Other Tools


1. Delete log-files after a defined period of time.

a. Data retention periods for “non-personal” log-files vary widely across vendors, are not publicly disclosed and are rarely committed to contractually.

2. Cookies should have limited expiration periods and should not be used to store information unprotected.

3. IP addresses logged by vendors should be obscured or deleted as soon as possible.

a. Some vendors can use and then immediately scramble IP addresses as they log them.

4. The use of the tools and user options should be transparent and prominently explained.

5. Consider implications of use of “first party” White House domain for analytics, rather than “third party” domain, to avoid potential for unwanted correlation.

6. Contractual representations barring use of data for purposes other than services contracted, other than aggregate reporting.

We will be pleased to provide further detail about the above upon request.

Sincerely

Jules Polonetsky

Future Of Privacy Forum

www.futureofprivacy.org

Leave a Reply


Privacy Calendar

Sep
17
Wed
all-day IAPP Privacy Academy and CSA Con... @ San Jose Convention Center
IAPP Privacy Academy and CSA Con... @ San Jose Convention Center
Sep 17 – Sep 19 all-day
This fall, the International Association of Privacy Professionals (IAPP) and Cloud Security Alliance (CSA) are bringing together the IAPP Privacy Academy and the CSA Congress under one roof, giving you access to even more valuable[...]
Sep
19
Fri
The NSA, Privacy and the Global ... @ Georgetown Law Center
The NSA, Privacy and the Global ... @ Georgetown Law Center
Sep 19 @ 1:15 pm – 2:45 pm
WHAT The NSA, Privacy and the Global Internet: Perspectives on Executive Order 12333 WHEN Friday, September 19, 2014 1:15 – 2:45 p.m. WHERE Georgetown University Law Center McDonough Hall, Room 200 600 New Jersey Avenue,[...]
Sep
23
Tue
Mapping Issues with the Web: An ... @ Tow Center for Digital Journalism/Columbia Journalism School
Mapping Issues with the Web: An ... @ Tow Center for Digital Journalism/Columbia Journalism School
Sep 23 @ 5:00 pm – 6:30 pm
On the occasion of Bruno Latour’s visit to Columbia University, this presentation will show participants how to operationalize his seminal Actor-Network Theory using digital data and methods in the service of social and cultural research.
Sep
26
Fri
Yale Day of Data @ Yale University
Yale Day of Data @ Yale University
Sep 26 @ 8:30 am – 5:00 pm
This day-long event will focus on data science and partnerships across industry, academia, and government initiatives. The day will also include presentations by eight Yale faculty and researchers on issues specific to research data management,[...]
Oct
11
Sat
City by Numbers: Big Data and th... @ Pratt Institute
City by Numbers: Big Data and th... @ Pratt Institute
Oct 11 @ 9:30 am – 6:00 pm
Big Data—the exponential growth and availability of information—is one of the defining phenomena of our time. It affects us all on different levels – with far-reaching social, environmental, and governmental significance. To help make sense[...]
Oct
21
Tue
Consumer Action’s 43rd Annual Aw... @ Google
Consumer Action’s 43rd Annual Aw... @ Google
Oct 21 @ 6:00 pm – Oct 21 @ 8:00 pm
To mark its 43rd anniversary, Consumer Action’s Annual Awards Reception on October 21, 2014, will celebrate the theme of “Train the Trainer.” Through the power of individual and small group trainings, Consumer Action each year is[...]

View Calendar