An Open Letter to President-Elect Obama

Dear President-Elect Obama,

I wanted to congratulate you on your victory in the recent election and let you know how proud I am to have witnessed the history you, your family, and your political machine have brought to America.  You ran a Presidential campaign the likes this country has never seen, and I sincerely hope that the honesty, humility, and integrity you showed will set the standard for all campaigns to follow.

When CNN called the election for you I was putting my five year old to bed; when she heard the fireworks going off in my neighborhood and asked, “Daddy, what happened?” I could only answer with a tear in my eye, “History, darling. Mr. Obama just changed America forever.”

Obviously you have your work cut out for you as you inherit stewardship over what can only be described as an “ugly” situation, but I wanted to make a suggestion and plant a seed for the future.

You have wisely announced that you will appoint a Chief Technical Officer inside your administration to bring our government into the 21st century.  On your own web site you state your intention to “use technology to reform government and improve the exchange of information between the federal government and citizens while ensuring the security of our networks” in an effort to open up government to all America’s citizens.

Your stated goal is to use technology to create “a new level of transparency, accountability and participation for America’s citizens” and will empower your CTO to “ensure that our government and all its agencies have the right infrastructure, policies and services for the 21st century.”

As a member of the digital measurement community with more than a passing familiarity with some of the policies imposed on web sites operated by the Federal Government, I wanted to offer up a proverbial “slam dunk” for you and your CTO to improve the quality of the digital relationship citizens have with our government:

Simply put, allow Federal Government web sites to deploy persistent, first-party cookies.

While I have no doubt about your knowledge of government or your commitment to the Internet as a communication medium, I’ll give you the benefit of the doubt and explain what I mean by “persistent, first-party cookies.” Using language taken directly from the GAO Report to the Chairman Committee on Governmental Affairs (GAO-01-424, published April 2001, PDF document):

“Federal agencies are using Internet “cookies” to enable electronic transactions and track visitors on their Web sites. Cookies are text files that have unique identifiers associated with them and are used to store and retrieve information that allow Web sites to recognize returning users, track on-line purchases, or maintain and serve customized Web pages. Cookies may be classified as either “session” or “persistent.” Session cookies expire when the user exits the browser, while persistent cookies can remain on the user’s computer for a specified length of time.”

The problem with cookies, as identified by the Office of Management and Budget, was that persistent cookies could be used to identify visitors and “learn about visitor’s browsing habits and keep track of viewed or downloaded Web pages.” From GAO-01-424:

“Although cookies help enable electronic commerce and other Web applications, persistent cookies also pose privacy risks even if they do not themselves gather personally identifiable information because the data contained in persistent cookies may be linked to persons after the fact, even when that was not the original intent of the operating Web site. For example, links may be established when persons accessing the Web site give out personal information, such as their names or e-mail addresses, which can uniquely identify them to the organization operating the Web site. Once a persistent cookie is linked to personally identifiable information, it is relatively easy to learn visitors’ browsing habits and keep track of viewed or downloaded Web pages. This practice raises concerns about the privacy of visitors to federal Web sites.”

While I do not debate the fact that a government agency could tie a persistent cookie to a name or an email address, the connection described here makes several assumptions:

1. That the agency in question is collecting personally identifiable information (PII);
2. That the agency in question is passing the PII to the measurement solution;
3. That the measurement solution provides the necessary functionality to tie anonymous sessions to the session containing the collected PII;
4. That the agency itself has assigned resources to monitor individual sessions, looking for PII;
5. That anything of interest can be learned by associating anonymous sessions with identified individuals.

Unfortunately, despite the number of assumptions associated with the theoretical abuse of personally identifiable information via persistent cookies, in June 2000 the Office of Management and Budget  issued guidance that unfortunately all but eliminates Federal sites ability to leverage digital measurement technology to improve the exchange of information between government and citizens.  Again, according to GAO-01-424:

“[OMB] guidance established a presumption that persistent cookies would not beused on federal Web sites. Further, it provided that persistent cookies could be used only when agencies (1) provide clear and conspicuous notice of their use, (2) have a compelling need to gather the data on-site, (3) have appropriate and publicly disclosed privacy safeguards for handling information derived from cookies, and (4) have personal approval by the head of the agency.”

While a few public sector web sites have satisfied these four requirements and have been granted permission to better leverage digital measurement technology, most are hamstrung by this guidance and thus struggle to provide the best-possible web experience.  And while several government web sites are wisely measuring consumer satisfaction using the American Consumer Satisfaction Index, satisfaction alone fails to provide the necessary depth required to identify the full breadth of opportunities available to most web sites operated by the U.S. Government today.

And while I don’t doubt that the OMB was acting in the best interests of the American public when issuing the guidance detailed above, the technology landscape has changed dramatically since 2000 and consumers have far greater personal control over how cookies are used when they browse the Internet.  Consider the following:

• Consumers have demonstrated repeatedly that they are capable of deleting cookies if they so choose, either using software or manually using their web browser;
• Great American companies like Microsoft and Apple, and brilliant start-ups like the Mozilla Foundation (FireFox) have announced support for anonymous browsing;
• Groups like the Network Advertising Initiative, the Interactive Advertising Bureau, and Web Analytics Association have taken a stand on the use of cookies and consumer privacy online.

Without going into spurious detail, preventing the use of persistent cookies on most government web sites has dramatically limited the breadth of technology available to better understand citizen preferences, stumbling blocks, and opportunities for improvement.  Because they are forced to choose between a limited set of applications that are hamstrung by OMB guidance, an uphill battle to gain approval to use persistent cookies, and doing nothing, many government agencies are sadly choosing the latter option.

Unfortunately, the “do nothing” option hurts everyone — Government employees who genuinely want to improve the sites they maintain on behalf of the public good, U.S. citizens who sincerely want to participate in government using the most convenient communication channel available, and the Federal Government as a whole because citizens are unlikely to continue to use sites that fail to provide a good and satisfying experience.

Consider the opportunity: The Social Security Administration predicts an estimated 78 million American Baby Boomers will be retiring over the next few decades.  According to my sources at SSA, the only way the agency will be able to successfully handle this volume of new applications will be electronically via SSA.gov.

Unfortunately, SSA.gov like so many sites does not yet have the level of detail required to understand where retirees suffer confusion, frustration, and anger during the complicated process of applying for retirement and disability benefits.  Without this information, online applications at SSA are essentially a black-hole for the well-meaning staff working under a mandate to process this unprecedented volume while creating satisfying experiences for our citizenry.

By asking your CTO to reverse the OMB guidance currently governing the use of persistent cookies, you will immediately give Federal web site operators the ability to deploy a far wider range of technology.  These applications include free solutions provided by your friend Eric Schmidt from Google (a very “budget friendly” approach) as well as market leading Software-as-a-Service solutions from great American companies like Omniture, Coremetrics, and WebTrends.

By allowing government sites to choose from a wider-range of measurement solutions, you allow each to select the most appropriate application for their specific needs.  Sites with less experience or fewer resources familiar with measurement can quickly deploy entry-level solutions like Google Analytics; sites with more experience and dedicated analysts can thoughtfully deploy higher-end solutions like Omniture, Coremetrics, and WebTrends.

Ironically your own site, Change.gov, briefly appears to have had Google Analytics deployed, hopefully so your own transition team could understand what those citizens committed to helping your administration are most interested in on the site.  Tragically the Google Analytics code has since been removed, likely because of the OMB guidance.  Fortunately you’re still running Google Analytics at BarackObama.com — hopefully someone on your team found the insights in Google Analytics useful as you redefined how a Presidential candidate campaigns via the Internet.

In fact, the privacy policy at BarackObama.com would serve as an excellent example of how the new Federal Government could talk about citizen privacy online.  In addition to great information about the use of IP addresses, cookies, and consumer choices regarding online privacy, your policy already states:

“We may use pixel tags (also known as web beacons or clear GIF files) or other tracking technology to help us manage our online advertising and to analyze and measure the effectiveness of online advertising campaigns and the general usage patterns of visitors to our Web site.”

I recognize that I may have not made the most clear case for your CTO to revisit OMB guidance on the use of cookies; hopefully my readers will add their comments and cover any ground that I missed.  And hopefully, as you work to resolve the litany of crises we face today, you’ll ask yourself “how we can improve citizen use of government web sites?” and when you do, someone will point out this post as one possible solution.

Suffice to say, if anyone in your administration would like a longer, more detailed explanation of my proposal, please don’t hesitate to call. Like the majority of my fellow citizens, I heard you loud and clear when you said “Yes, we can.” And like many, it was the “we” that resonated in your statement; the problems we face today are far too great for any man, woman, politician, or agency to solve alone.  Only by working together, by bridging the gap between the past and the future, and by leveraging the technology at our fingertips will we begin to appreciate the full potential of America and Americans.

Again, congratulations on your historic victory and thank you for renewing the confidence I have when I tell my son and daughter that no matter who they are or where they’re from, in America we all have the opportunity to be truly great.

Sincerely,

Eric T. Peterson
CEO and Founder, Analytics Demystified, Inc.
Portland, Oregon