By ANICK JESDANUN, AP Internet Writer
The White House said Friday its Web tracking technology is consistent
with federal rules because it only counts the number of visitors
anonymously and doesn't record personal information.
The White House's site uses what's known as a Web bug -- a tiny
graphic image that's virtually invisible -- to anonymously keep track
of the number and time of visits. The bug is sent by a server
maintained by an outside contractor, WebTrends Inc., and lets the
traffic-analysis company know that another person has visited a
specific page on the site.
Web bugs themselves are not prohibited. However, under a directive
from the White House's Office of Management and Budget, they are
largely banned at government sites when linked to cookies, which are
data files that let a site track Web visitors.
Cookies are not generated simply by visiting the White House
site. Rather, WebTrends cookies are sometimes created when visiting
other WebTrends clients. An analysis by security researcher Richard
M. Smith shows such preexisting cookies have then been read when users
visit the White House site.
The discovery and subsequent inquiries by The Associated Press
prompted the White House to investigate. David Almacy, the White
House's Internet director, said tests conducted since Thursday show
that data from the cookie and the bug are not mixed - and thus the
2003 guidelines weren't violated.
"The White House Web site is and always has been consistent with the
OMB guidance," Almacy said, adding that the limited tracking is common
among Web sites.
Jason Palmer, vice president of products for Portland, Ore.-based
WebTrends, said Web browsers are designed to scan preexisting cookies
automatically, but he insisted the company doesn't use the information
to track visitors to the White House site.
Smith said the White House and WebTrends could have avoided any
appearance of a problem by simply renaming the server used at
WebTrends.
The Clinton administration first issued the strict rules on cookies in
2000 after its Office of National Drug Control Policy, through a
contractor, had used the technology to track computer users viewing
its online anti-drug advertising. The rules were updated in 2003 by
the Bush administration.
Nonetheless, agencies occasionally violate the rules -- inadvertently,
they contend. The CIA did in 2002, and the NSA more recently. The NSA
disabled the cookies this week and blamed a recent upgrade to software
that shipped with cookie settings already on.
Copyright 2005 The Associated Press.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html
For more news headlines and stories from Associated Press, please go
to: http://telecom-digest.org/td-extra/AP.html
Anick Jesdanun (ap@telecom-digest.org)