The incoming Obama administration has impressed advocates of open government, first by making a clear commitment to answer FOIA requests with a presumption of openness, and now by responding quickly -- within 24 hours! -- to criticism from CNET blogger Chris Soghoian and others that the retooled WhiteHouse.gov is placing cookies on user computers via YouTube videos embedded on the site.
Soghoian's article discussed a problem raised by EFF last year: the fact that YouTube videos can place a cookie on the user's computer the moment the user visits a page with embedded video. This means that even before the user chooses to click the play button they have had their IP address shared with a third party. EFF developed a script, MyTube, that plugs this hole by using javascript to prevent the user's client from connecting with a third-party video-host until the visitor explicitly opts-in by clicking on the play button.
The day after Soghoian's article appeared, WhiteHouse.gov appears to have addressed the cookie problem by adopting a MyTube-like fix of their own. The Obama team should be commended for their responsiveness and their willingness to immediately implement solutions.
It is worth noting, however, that users who do choose to view YouTube videos on WhiteHouse.gov will still receive a cookie unless they have specifically configured their browsers to reject cookies. (And this may be trickier than some might think, since YouTube videos also use Flash cookies, which take special effort to delete.)
This is a complex issue that raises the question of third party involvement in government websites — cookies being only one example. EFF will have more to say on this subject in coming weeks. For now we'd like to congratulate the Obama team on their openness and flexibility, and we hope they continue to lead the way on issues of transparency, accountability, and privacy.