NZ doesn't share US cookie angst

Local policy for cookies on government websites is more liberal than in US

New Zealand does not appear to share US concerns about using cookies on government websites, but does set a number of controls about when they are used — and when they are not.

Last week, a potential change in US government policy to permit the broad use of cookies on government sites was greeted with concern by civil liberties groups. The change could “allow the mass collection of personal information” the American Civil Liberties Union said.

However, New Zealand policy allows cookies, provided agencies declare when they are used. Technical standards also require that if a user opts out of using cookies, agencies must ensure the site still works.

“Information or services in web pages or applications must be available without scripts, applets and other programmatic objects,” a Department of Internal Affairs spokesman says.

“The advice we provide under Web Standards 2, regarding cookies, is contained within the Privacy Statement Standard. We are not prescriptive about whether cookies should be used or not, but do require agencies to declare if cookies are being used,” he says.

The web standard requires all agencies to carry a privacy statement covering, as a minimum, the scope of the statement and the circumstances in which personal information is collected, by whom it is held and any choices users may have as to whether such information is collected.

Agencies must also state: the uses to which collected personal information may be put and the circumstances in which it may be disclosed; the collection and use of statistical information, including users’ IP addresses; a statement that cookies are used if that is the case and relevant implications of that (if any); users’ rights to request access to or correction of personal information; and contact details for such purposes.

The statement must be either in the “About this site” page or linked to from it.

In the US, the ACLU filed comments on a proposal by the White House Office of Management and Budget (OMB) to allow greater use of cookies on government websites. Since 2000, the OMB has permitted US government sites to use cookies in limited cases, when there’s a “compelling need” to gather the data backed by publicly disclosed privacy safeguards and personal approval by the head of the agency.

But the OMB and Vivek Kundra, federal CIO, proposed to broaden the use of cookies to “create a more open and innovative government,” Kundra and Michael Fitzpatrick, associate administrator of the OMB Office of Information and Regulatory Affairs, said in a blog post.

Kundra and Fitzpatrick blogged about the potential use and rules of using multi-session tracking cookies and persistent cookies. In their blog post, they asked for input on a new cookie policy.