All federal public websites* must comply with existing laws and directives that address the need to protect the privacy of the American people when they interact with their government. Some of the key requirements for federal public websites include:
Organizations should review the following laws and regulations related to privacy protections to ensure that their public websites meet the full range of requirements.
- OMB M-03–22, Guidance for Implementing the Privacy Provisions of the E–Government Act of 2002
- OMB M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies (PDF, 102 KB, 9 pages, June 2010)
- OMB M-10-23, Guidance for Agency Use of Third-Party Websites and Applications (PDF, 103 KB, 9 pages, June 2010)
- E–Government Act of 2002, Section 207(f)(1)(B)
- Privacy Act of 1974
- OMB Circular A–130, Appendix 1
- Children's Online Privacy Protection Act of 1998 (COPPA)
- Requirements for Accepting Externally-Issued Identity Credentials - memo from Federal CIO to Executive Branch Agency CIOs (PDF, 166 KB, 4 pages, October 2011)
Recommended Privacy Notice for Agencies Using Google Analytics Premium
U.S. federal government agency websites using Google Analytics Premium as part of the Digital Government Strategy may place the following information on their website:
This website uses Google Analytics Premium. Please refer to the following policies on Google’s website for more information:
See this notice on the HowTo.gov Site Policies page.
- Challenge.gov provides a concise explanation of their Use of Persistent Cookies policy.
- The National Institute of Health's My NCBI portal gives users a variety of ways to sign in, including via Google, or using IDs from affiliated partner organizations.
*These requirements apply to executive departments and agencies and their public websites. Check the specific law to see if it also applies to the judicial or legislative agencies or to intranets.