MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS
FROM: Jacob J. Lew
SUBJECT: Privacy Policies on Federal Web Sites
This memorandum directs Departments and Agencies to post clear privacy policies on World
Wide Web sites, and provides guidance for doing so. As a first priority, you must post privacy policies
to your Department or Agency's principal web site by September 1, 1999. By December 1, 1999,
add privacy policies to any other known, major entry points to your sites as well as at any web page
where you collect substantial personal information from the public. Each policy must clearly
and concisely inform visitors to the site what information the agency collects about individuals, why
the agency collects it, and how the agency will use it. Privacy policies must be clearly labeled and
easily accessed when someone visits a web site.
Federal agencies must protect an individual's right to privacy when they collect personal
information. This is required by the Privacy Act, 5 U.S.C. 552a, and OMB Circular No. A-130,
"Management of Federal Information Resources," 61 Fed. Reg. 6428 (Feb. 20, 1996), and supported
by the Principles for Providing and Using Personal Information published by the Information
notice and choice about, and thus confidence in, how their personal information is handled when they
use the Internet.
New information technologies offer exciting possibilities for improving the quality and efficiency
of government service to the American people. Web sites are a powerful tool for conveying
information on topics relating to activities, objectives, policies and programs of the Federal
Government. Web pages provide a simple and speedy means of gaining access to information about
the Government, thereby increasing knowledge and understanding of what Government is doing on the
people's behalf. Looking ahead, as contemplated for instance by the Government Paperwork
Elimination Act, people will conduct more and more business and other activities with the Government
electronically. We cannot realize the full potential of the web until people are confident we protect their
privacy when they visit our sites.
policy, I have attached guidance and model privacy language for several different information practices
that may apply to your web sites. You can use the model language verbatim, or as a starting point in
crafting a policy tailored to meet your own requirements and needs.
For any questions about this guidance, contact Peter P. Swire, Chief Counselor for Privacy,
Office of Management and Budget, phone (202) 395-1095, fax (202) 395-5167, e-mail
Peter_Swire@omb.eop.gov. To provide assistance to Agencies and Departments in implementing
web privacy policies, Mr. Swire will form a Steering Committee for Federal Agency Privacy Policies.