You can personalize Web info without breaking OMB's rule
Shawn P. McCarthy
Personalization has become the watchword of Web developers. They're rapidly customizing start pages, targeting banner ads, localizing news feeds and even sending maps to wireless phones' Global Positioning System coordinates.
Cookies store bits of information about you each time you visit. No cookie means no recognition next time you visit, or even when you jump to another page during the same visit.
Luckily, there are tricks to personalize content even without cookies. But first we need an open, public debate about whether government sites can at least use session cookies, as opposed to permanent cookies. Session cookies disappear once a browser session ends. If no personal information is collected, and if the cookie disappears after a session, a strong argument can be made that no privacy intrusion has occurred.May we have a cookie?
Such a judgment should not be arbitrary, however. The government needs to ask privacy advocates and the public whether session cookies are OK. If so, there should be strict rules governing how they're used.
Session cookies permit a degree of anonymous personalization. For example, Microsoft Site Server has a function called Automatic Cookie Authentication under which visitors can travel around a Web site without revealing personal data. No password is needed, and information is stored in a special anonymous member space.
Such visitors do not actually log on, they travel under a common name. But some personalization is possible based on information collected by forms the visitors fill out or by the paths they follow.
If OMB does disallow session cookies for government use, Microsoft Corp. has a workaround that essentially creates multiple sessions and sets some session variables for customization. Details about the concept appear at www.microsoft.net/technet/intranet/cookiewp.asp
It's not clear, however, that such a workaround could scale up to the level needed by a busy agency site.
Other personalization methods include so-called opt-in recognition via downloadable client software. For example, Web Incognito from Privada Inc. of San Jose, Calif., resides on the visitor's PC and encrypts shared information. Other solutions route visitors through a third-party site that handles identification and privacy protection. Visit www.privada.com
for more information.
BlueStreak.com Inc. of Newport, R.I., offers a product called Radar that customizes banner ad delivery without cookies. Radar uses machine learning technology, which observes generalized cycles and trends in deciding which ads to deliver. There's no reason this approach couldn't provide low-level customization of federal information.
The simplest way to enable customization might be to let users launch a Java window and log onto the agency system, establishing a session in which they register and become recognized users for that session only. When they've retrieved the customized data they desire, they log off, leaving no tracks.
Hewlett-Packard Co.'s Chai, a Java development language for commerce sites, is a likely candidate for building such interfaces. Also check out Blaze Advisor Rule Server and Advisor Innovator from Blaze Software Inc. of San Jose, Calif.Shawn P. McCarthy designs products for a Web search engine provider. E-mail him at email@example.com.