The National Security Agency's Internet site has been placing files on visitors' computers that can track their Web surfing activity despite strict federal rules banning most files of that type.
The files, known as cookies, disappeared after a privacy activist complained and The Associated Press made inquiries this week. Agency officials acknowledged yesterday that they had made a mistake.
Sure. Sure it was a mistake. Uh-huh.
Ari Schwartz, associate director at the Center for Democracy and Technology (a privacy advocacy group in Washington) put it well when he said:
"Considering the surveillance power the N.S.A. has, cookies are not exactly a major concern but it does show a general lack of understanding about privacy rules when they are not even following the government's very basic rules for Web privacy."
So just what caused this "ooopsie" that the NSA broke strict federal rules? Why, it was software!
Don Weber, an agency spokesman, said in a statement yesterday that the use of the so-called persistent cookies resulted from a recent software upgrade.
Normally, Mr. Weber said, the site uses temporary cookies that are automatically deleted when users close their Web browsers, which is legally permissible. But he said the software in use was shipped with the persistent cookies turned on.
Because the NSA doesn't employ software engineers that (a) build custom stuff; or (b) aren't smart enough to know to check the upgrade for such things? Really? Seriously?
But it gets more twisted in that:
In a 2003 memorandum, the Office of Management and Budget at the White House prohibited federal agencies from using persistent cookies - those that are not automatically deleted right away - unless there is a "compelling need."
By the way, until Tuesday, the NSA site had created two cookies that don't expire until 2035. Damn software upgrades, they cause all sorts of "mistakes".