Which brings me to two issues.

First, this is a rediculous story. The headlines especially. “AHHHHHHHHH, the NSA is installing illegal tracking systems on your computer, ZOMGWTF!?!” Good grief, it’s a cookie. It’s a useless cookie. I mean, utterly and completely useless. They can basically track your movement on their own site with it, and not much else. If they wanted to, they could just as easily track you by IP address, though obviously much less reliably.

And second, the legality of it. Ok, so yeah, a security whistle-blower type called them out about it. Great. Incidentally, he apparently did the same for several CIA-run sites awhile back. So we’re talking about someone who spends significant amounts of time being paranoid, visiting various federal intellegence agency websites, and hitting “View Source” a lot. A colossal waste of time of course, but as a “privacy advocate,” it does mean that he’s going to be a lot more familiar with what the agencies are, and are not, allowed to do on their websites. And I would guess, probably also a lot more familiar with that stuff than even the contractors who probably set the site up in the first place. Which of course brings me to the very interesting point that 95% of all Americans have, at some point in their lives, done something illegal enough to land them in jail, and of course, 95% of the population is not in jail. Just because a law has been broken does not mean it’s a big deal. And in this case, the law is silly. I mean, really, really silly. Do I think there should be guidelines in place suggesting that permanent cookies are a bad idea? Oh, absolutely. Permanent cookies have all sorts of undesirable side-effects, not the least of which is misidentification due to shared terminals. (For example, ever had a family member accidentally buy something off Amazon using your account and credit card instead of their own before?) But having a stupid law like this, that will inevitably get broken, is a terrible mistake. If the government, especially, cannot help but break its own laws, it will only serve to bring the law into contempt:

“A very wise father once remarked, that in the government of his children, he forbade as few things as possible; a wise legislation would do the same. It is folly to make laws on subjects beyond human prerogative, knowing that in the very nature of things they must be set aside. To make laws that man can not and will not obey, serves to bring all law into contempt. It is very important in a republic, that the people should respect the laws, for if we throw them to the winds, what becomes of civil government?”

– Elizabeth Cady Stanton

As for the partisan question, I think this may be a classic case of people (media/bloggers) smelling blood in the water and trying to go in for the kill. Except that they are, in this case, either incompetant (the NSA screwed up — hot story!), ignorant (illegal scary orwellian tracking system installed on your computer by the NSA!), or deceitful (well, this isn’t a real story, but publish it anyways, see if we can get some sensationalism going).

To the extent that people will try to link this incident in with the much more dangerous issue of the illegal wiretaps, yeah, I suppose it could be partisan. But privacy seems to be a privilege that most people on both sides of the argument believe that they are entitled to. So, as always, take what you hear with a grain of salt and be careful about making noise when technological subjects come up, because the Internet’s full of “experts” on the subject matter who love to disagree with you.

This question though, is the one that really concerned me:

“Should software companies be held accountable for matters such as insuring personal rights of their users?”

Absolutely, positively, holy frikken cow, NO!!!!!!!!!!!! The legal landscape for software companies is bad enough as it is already. If you erect a law like that you’ll put at least half the small guys (like myself — grain of salt time) out of business from shear overhead. It’s bad enough we have to do retarded things like ask people for their birthdays to make sure they’re not under 13. “Hi, are you under 13? Please be honest, because I’m supposed to boot you from my website if you’re not actually 13 yet.” I personally consider privacy policies to be a particularly bad idea when over-applied. It is my opinion that the false impression of anonymity so prevalent on the Internet is the single thing most likely to accomplish its early demise. People should know that every action they make on the Internet can be traced back to them unless they take deliberate measures to prevent it (for example, Tor). Instead of constantly trying to guarantee people’s privacy, we should be more clearly demonstrating the distinction between what should be private (e.g. Credit Cards) and what usually should not (real names). And all things not explicitly marked as private should always be assumed public.