Cookies are, in essence, small files that give users unique IDs for the website they are visiting. Government use of persistent cookies, which stay on the computer across different browser sessions, raised concerns almost a decade ago that they might be used to track citizens' Web browsing.
The new guidance wipes away those limiting requirements, and puts a new set of guidelines in place. Cookies can now be used, subject to certain limitations, such as a requirement for users to opt in for cookies used for anything but Web analytics or for use or collection of certain personally identifiable information. Government agencies also won't be allowed to track user activity on non-government sites and can't share data they collect without user submission.
That should open up new ways for agencies to interact with the public, OMB associate administrator Michael Fitzpatrick said in a conference call with reporters on Friday. "We think [this guidance] will allow the U.S. government to continue to improve its ability to be transparent and open and to be involved to a greater degree than they've ever been involved in government, while fully protecting people's privacy rights," he said.
In a related move, OMB also provided privacy guidance for the government use of third party websites, which has become much more prominent with the rise of social media like YouTube and Facebook. The new guidance requires agencies to review third parties' privacy policies to determine their appropriateness, inform visitors when they are being directed to non-government Websites, and apply branding to distinguish third-party activities from their own, among other things.