Follow Up on Privacy Concerns for Web Visitors
OIG found that DOT websites were using computer cookies to collect information from web visitors in violation of OMB and DOT policies. Our testing of 797 DOT websites identified (1) use of persistent cookies without the Secretary's approval and use of session cookies without proper disclosure by FAA, (2) use of persistent cookies by third-parties to which DOT web sites were linked, and (3) incidents of inadvertent use of persistent cookies as a result of improper software configuration on DOT web sites. FAA agreed to complete inspection of its 40,000 web pages. DOT's CIO agreed to strengthen controls over web configuration and linkage to third parties by January 31, 2001.