WhiteHouse.gov Violates Government Policy on Website Privacy

Visitors to the White House’s new website are greeted by a splash page that asks for their email address and zip code before they can proceed. It’s easy to understand why the new president might be eager to collect email addresses from visitors, but the Trump administration’s splash page violates a number of privacy norms and longstanding practices – it even violates the government’s own rules. The website doesn’t comply with guidance from the Office of Management and Budget.

For a decade now, there’s an expectation that websites collecting personally identifiable information, like a user’s email address, should offer a public link to their privacy policy. This has been longstanding government policy under both the Bush and Obama administrations.

Privacy policies on federal agency websites are governed by OMB Memo  17-06. The guidance explains that “agencies must post a link to that website’s Privacy Policy on any known, major entry points to the website as well as any webpage that collects PII.”

The WhiteHouse.gov’s splash page should comply with this guidance and post a visible link to its privacy policy. This is an unfortunate continuation of poor online privacy policies and practices from both the Trump campaign and his organization as president-elect. While it’s true that you can click through to the White House’s main page where a privacy policy is provided, the policy is difficult to read in full-caps. It’s also ripped from a much better formatted version offered on the archived Obama White House website.

We hope the White House moves quickly to improve the accessibility – and readability – of its privacy policy. While written privacy policies may not actually protect an individual’s privacy, the White House is the gateway to our federal government and as such has duty to lead on making its policies more readable and useful online. It can start by following its own rules.