Cookies and Federal Websites

For those designing websites for US government agencies you should be aware that government policies regarding privacy can affect your website design, especially in the area of cookies.

According to a memorandum sent out by Jacob Lew, the Director of Management and Budget, way back in June 2000 “agencies must take care to ensure full adherence with stated privacy policies” in the June 1999 memorandum on “Privacy Policies on Federal Web Sites”. Due to the policies stated in the memorandum “cookies should not be used at Federal web sites, or by contractors when operating web sites on behalf of agencies, unless, in addition to clear and conspicuous notice, the following conditions are met: a compelling need to gather the data on the site; appropriate and publicly disclosed privacy safeguards for handling of information derived from cookies; and personal approval by the head of the agency.”

In short as a web designer you should make sure that you DO NOT use cookies for government sites. However, if you are only going to make use of session cookies and won’t be storing any information in the long run then it could be deemed acceptable. Just make sure you put it in black and white that you are using session cookies and clarify the reason for the use (and stick to this reason!) by adding it to the site disclaimer. As the nature of session cookies is to last only for that particular visit this negates the use of the data from the cookies for website analytics.

Note that this consideration is not from a usability point of view but from a legal point of view. So remember: NEVER EVER USE PERSISTENT COOKIES FOR GOVERNMENT SITES.

Go back