NSA bugged website visitors despite ban

The intelligence service at the center of the dispute over eavesdropping tracked visitors to its website, despite US government regulations. Monitoring files, known as "cookies," were discovered by a privacy activist at a time when the White House is on the defensive about its use of the National Security Agency (NSA) to monitor the communications of US citizens. Although the cookies were dismantled this week and the NSA issued an apology on Dec. 28, the episode will add to pressure on the White House to engage in a national debate about its use of the agency, and its interpretation of the constitutional limits on George W. Bush's presidential powers. The chairman of the Senate judiciary committee, Arlen Specter (R-PA), confirmed this week that he intends to conduct hearings into Bush's secret order in 2002 authorizing the NSA to conduct email and telephone surveillance of US citizens without a court warrant. The hearings are expected to get under way next month. "There likely will be a national debate about whether the president really has the kind of power he's been using," Specter told reporters. In a posting on his googlewatch.org website, privacy activist Daniel Brandt says he discovered that the NSA was using tracking devices when he logged on to the agency website on Christmas Day. He found the site was using two persistent cookies that would not expire until 2035, well beyond the life of most computers. While the use of cookies is seen as a convenience at commercial websites, allowing a visitor access without laboriously retyping passwords, their utility for government websites–which do not typically have repeat visits–is uncertain. US government agencies have been barred from using persistent cookies since 2000 because of privacy concerns. The regulations were imposed after disclosures that the White House drug policy office had been using cookies to monitor visitors to its anti-drug advertisements. However, Brandt and others have noted repeated violations of the ban. Three years ago, the CIA website was obliged to remove its cookies after Brandt noticed that the devices were still in use. Following his latest discovery, Brandt sent faxes to the NSA public affairs office and the contractor running the agency's website. The agency issued an apology on Dec. 28. Although privacy advocates said the episode was of relatively limited concern given the scope of the NSA's surveillance capabilities, the tracking was viewed as an another example of unwarranted intrusion by the intelligence service. "This illustrates the principle that unchecked authority goes astray. In this case, it's a relatively trivial infraction," said Steven Aftergood, of the Federation of American Scientists. "But to me the point is that we need more aggressive and penetrating oversight than we have." Since the New York Times disclosed the domestic spying operation, the White House has worked strenuously to dampen public outrage, arguing that the surveillance was limited to those with known links to al-Qaida. However, that posture becomes increasingly difficult to maintain as new evidence surfaces on the range of the NSA activities. In a follow-up story, the New York Times reported last week that the NSA had monitored far larger volumes of telephone and internet communications than initially acknowledged by the White House. Some of the information was obtained after US telecommunications companies allowed backdoor access to streams of telephone and internet traffic.