Privacy and security policy

The Privacy Program at the FEC is overseen by Co-Chief Privacy Officers Gregory R. Baker (Deputy General Counsel-Administration) and Wenchun Jiang (Chief Information Security Officer).

The FEC’s Privacy Act regulations are codified at 11 CFR 1.1, et seq. The Commission's current systems of records notices may be found in Volume 73, No.1 of the Federal Register.

If you would like to make a Privacy Act records request, or have any privacy-related complaints, comments, questions or concerns, please contact the Privacy Program:

The Commission's Website Privacy and Security Policy is as follows:

The privacy of our customers has always been very important to the FEC. Our concern for your privacy continues in the electronic age. When you visit the FEC website, we do not collect any personally identifiable information (PII) about you, unless you choose to explicitly provide it to us.

You do not have to give us personal information merely to visit our site. We only collect detailed information about you (more than your internet address), like your name, email address, affiliation with a political committee, etc., if you specifically and knowingly provide it to us. Email is not secure. Therefore, we suggest that you not send personal information to us via email, especially social security numbers.

Information is collected for statistical purposes, and we sometimes perform analyses of user behavior to measure customer interest in the various areas of our site. We only disclose this information to third parties in aggregate form or as may be required by law, such as an organization conducting a civil or criminal law enforcement investigation.

We may share information you give us with contractors acting on our behalf or with another government agency if your inquiry relates to that agency. We do not sell any personal information to a third party and do not collect or use information for commercial marketing. However, information retained by us may be subject to requests under the Freedom of Information Act (FOIA), though PII contained in the information won’t be disclosed under FOIA.

Electronically submitted information is maintained and destroyed according to the requirements of the Federal Records Act and the regulations and records retention schedules approved by the National Archives and Records Administration, and in some cases may be covered by the Privacy Act and the Freedom of Information Act. A discussion of your rights under these laws can be found at www.USA.gov.

If you do nothing during your visit except browse through the website, read pages or download information, we will gather and store certain information about your visit automatically. This information does not necessarily identify you personally. We automatically collect and store only the following information about your visit:

• The site from which you linked to our site
• The date and time you access our site
• The type of browser you’re using
• The internet domain —such as xcompany.com, yourschool.edu or agency.gov)
• The pages you visit on our site
• Whether you successfully received the document or image file you requested
• The size of the document you received
• Your IP address — an IP address is a number that is automatically assigned to your computer whenever you are surfing the web

We use this information to help us make our site more useful to visitors: to learn about the number of visitors and the types of technology our visitors use. We do not track or record information about individuals, organizations, or their visits.

To better serve our visitors, we use technology to track new and returning visitors’ actions while on the website. These small files are commonly referred to as “cookies.” When you visit any website, its server may generate a piece of text known as a “cookie” to place on your computer. The cookie allows the server to “remember” specific information about your visit while you are connected. The cookie makes it easier for you to use the dynamic features of web pages.

The Office of Management and Budget (OMB) Memorandum M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies allows federal agencies to use session and persistent cookies. Requests to send cookies from the FEC’s webpages are designed to collect information about your browser session only; they do not collect personal information about you.

There are two types of cookies: temporary (“session”) and multi-session (“persistent”). Session cookies last only as long as your web browser is open. Once you close your browser, the cookie disappears. Persistent cookies are stored on your computer for longer periods. OMB Memorandum M-10-22 defines conditions under which federal agencies may use session and persistent cookies, and categorizes them in “tiers” to identify their characteristics.

How are temporary Tier 1 “session” cookies used?

We use Tier 1 session cookies for technical purposes such as improving navigation through our website. These cookies let our server know that you are continuing a visit to our website. The session cookie is not permanently stored on your computer. The cookie and the information about your visit are automatically destroyed shortly after you close your browser to end the session.

How are Tier 2 “persistent” cookies used?

We use Tier 2 persistent cookies to help us recognize new and returning visitors to the FEC website. Persistent cookies remain on your computer between visits to the FEC website until they expire. We do not use this technology to identify you or any other individual website visitor. For example, we use persistent cookies to enable the Google Analytics tool to measure how new and returning visitors use our website over time. These persistent cookies do not collect any PII, and the information that is collected is only used to improve our website.

We also use an HTML 5 feature called local storage, which creates a storage file on a user’s local hard drive to let you know when a data export you requested is ready for download and to remember if you closed announcements and alerts. Your local storage data will only be read by the browser you are currently using, and it can be cleared at any time by clearing the local storage cache of the user’s browser. This information is not recorded by FEC servers and is not accessible by other sites.

How to opt out or disable cookies

You may control permissions for cookies on this or any other website by adjusting your individual browser settings for customized privacy protection – read https://www.usa.gov/optout-instructions for guidance. Please note that by following the instructions to opt out of cookies, you will disable cookies from all sources, not just those from the FEC’s website. You can still use the FEC’s website if you do not accept the cookies, but you may be unable to use certain cookie-dependent features.

If you contact us by email, we may forward the message to appropriate staff or contractors acting on our behalf in order to review it and respond. We may retain messages for a period of time to ensure responses and we may delete them when action has been completed.

If you use an online form to receive filing software or register for a conference or for other purposes, information you provide may be retained so that information about changes, upgrades, etc., may be provided where appropriate.

When submitting a question to the Reports Analysis Division via the contact webform on “Submit a question to RAD,” this data is transmitted to the FEC via a third-party called ServiceNow.

When submitting feedback via the feedback tool at the bottom of the page, your messages are sent to a publicly available repository on GitHub including your message, information about the browser you used to submit the form and the URL of the page you were viewing when you submitted the form. We capture information about your browser in order to help troubleshoot any bugs that may be reported.

The site search uses a service called DigitalGov Search, which is provided by the General Services Administration. When you enter search terms into the DigitalGov Search engine, certain information will be collected and used by GSA in accordance with the DigitalGov Search Terms of Service.

When using other search boxes and filters to browse data, the text you enter is anonymously recorded by Google Analytics.

If you use the FECLoad component of FECFile, the FEC’s free electronic filing software, we collect your username (FEC committee ID), time and date you connected and your email address. If you use our software, you accept our data collection and privacy policies.

If you use our e-filing web services, Web Print, Web Check and Web Upload, we collect your IP address, time and date of your visit, the URL requested and the user-agent coming from the browser. If you use our web services, you accept our data collection and privacy policies.

If you use the Password Self Assign System, we collect your IP address, time and date of your visit, the URL requested, the user-agent coming from the browser, your email address and the phone number you use for two-factor authentication. If you use our password system, you accept our data collection and privacy policies.

If you subscribe to FEC Notify, we collect your email address. We use your email address to create your account and to send you filing notifications. We will never sell or distribute your information. If you subscribe, you accept our data collection and privacy policies.

The FEC currently maintains official FEC accounts on third-party websites (for example, YouTube and Twitter). Your activity on third-party websites is governed by the security and privacy policies of the third-party sites. You may want to review the privacy policies of the sites before using them in order to understand how the information you make available on those sites will be used. Please note that the FEC does not collect or maintain information posted to these third-party websites.

For security purposes and to ensure that the website services remain available to all users, our website also employs software programs:

• To monitor network traffic
• To identify unauthorized attempts to upload or change information, or otherwise cause damage.

Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and The National Information Infrastructure Protection Act of 1996.