This debate over the use of cookies on government websites is important, but it strikes me as an easily resolvable matter. The OSTP blog outlines the administration’s interest in updating the rules surrounding cookies…

Our main goal in revisiting the ban on using persistent cookies on Federal websites is to bring the federal government into the 21st century. Consistent with this Administration’s commitment to making government more open and participatory, we want federal agencies to be able to provide the same user- friendly, dynamic, and citizen-centric websites that people have grown accustomed to using when they shop or get news online or communicate through social media networks, while also protecting people’s privacy.

The concern over improper government use of cookies is legitimate. The solution, however, should be to regulate the harm, not the technology. In this case, it should be simple enough to amend the rules to prevent any of the problems. For instance, consider a rule such as this…

.Gov websites may use cookies to improve session usability provided data is never shared with any other organization, including other government agencies or offices.

Provided the data is not shared, I’m not sure there is much reason to object to single session cookies. Persistent cookies are another matter, but short expiration dates resolve some of that problem. It remains important that data is not shared across government agencies, and it seems to me that 3rd parties should also be limited to session cookies. The sole purpose of .gov cookies should be to improve the immediate usability of a .gov website for users, not to gain more information about user behavior beyond the session.