This section of the Website is divided into several topics. You can scroll through the entire section. Or you can go directly to one of the topics listed below and on the navigation bar above.

TOPIC 1. Office of the Attorney General Website and NYOpenGovernment PRIVACY POLICY

This section describes the Office of the Attorney General's online information practice regarding the information collected from visitors to our Website and ways in which the office uses and maintains this information.

When you voluntarily disclose personally identifiable information (PII) to the OAG, it means that you consent to the collection and use of your information by the office as described in this policy.
The OAG Website has two main purposes:
  1. Provide useful information, including tips for New Yorkers, legal rights and remedies, and a description of the work of the Attorney General's Office.
  2. Provide a means to communicate with the Attorney General's Office. You can use this Website as a convenient alternative to mail or telephone communication.

The OAG Website collects two kinds of information:
  1. Information you decide to give us; and
  2. Nonpersonal information your computer automatically provides to every Website you visit. This is sometimes referred to as "navigation" information. The OAG retains this information only for a short time. Click here for details on information your computer automatically transmits.
  Information you decide to give the OAG Information your computer automatically transmits to all Websites
Click here for details
How the OAG uses information you provide The OAG Website provides a convenient way to communicate with the Attorney General's Office in addition to more traditional means such as the mail, phone or in-person visits. For example, you can
  • send the OAG messages that may include text, audio, video and picture files
  • request information
  • file consumer complaints
  • apply for employment
The OAG retains this information to fulfill the purposes for which you disclosed the data and for OAG authorized duties. The OAG protects it just as if you had sent it by mail.
The OAG temporarily retains the information automatically sent by your computer to evaluate the traffic through the OAG Website to help make the site more user-friendly.
Personally Identifiable Information (PII) Personally identifiable information ("PII") is information about you, such as your name, address, or Social Security number, that someone could use to identify or locate you.
The OAG acquires PII online when a visitor voluntarily sends it.
When browsing the OAG Website -Website - reading, printing, or downloading information such as consumer brochures or press releases ? you do not have to provide nor do you transmit PII. However, to receive certain services and resources the OAG offers (e.g., a report), you will need to provide your PII.

The OAG only uses PII for authorized government purposes.
Click here for details on PII.
Automatic information typically does not personally identify you. Even when it might, the OAG does not try to discover or use your identity.
Click below for details on:
  1. identifiability of domain names and IP addresses.
  2. OAG use of information your computer automatically transmits.
Sensitive Information There may be particular privacy concerns with certain kinds of information such as financial or medical records. The OAG uses such information only for authorized government purposes. Automatic information typically does not include any sensitive information about you.
Click on the following topics for details on:
  1. information your computer automatically transmits.
  2. OAG use of information your computer automatically transmits.
Information practices the OAG does not use The OAG does not have a profile database of all online visitors. The OAG does not use cookies, clear GIFs ("Web bugs"), or any kind of anonymous identifier to try to track or recognize you during your visit, or from visit to visit.
Click here to learn more about cookies and "Web bugs."
The OAG does not draw conclusions about you based on pages you view or search terms you enter.
Data sharing and transfer
  1. The OAG does not sell or rent information provided by online visitors.
  2. The OAG may share or disclose certain information you provide if necessary to fulfill government functions, such as mediating a complaint.

Click here for details on sharing information you provide the OAG.
The OAG does not sell or rent the automatic navigation information your computer transmits.
Data security, integrity, and retention
  1. The OAG does not store information submitted by all our visitors in an office-wide, master database.
  2. The OAG retains data related to complaints that members of the public file and requests for information. Each bureau maintains a document retention schedule. Consistent with the provisions in the General Retention and Disposition Schedule for Governmental Records issued by the State Archives and Records Administration pursuant to the Arts and Cultural Affairs Law, records that may be used for legal action are retained until the legal action concludes and the records are deemed obsolete.
  3. The OAG takes appropriate technical measures to protect the security and integrity of information the OAG receives. Such measures have been integrated into the design, implementation and daily operations of this Website.
  4. Access to information provided by visitors online is limited to OAG personnel who have authorization to the data. Personnel with access are made aware of the need to adhere to appropriate security procedures.
  5. The same rules of confidentiality that apply to information you might send the OAG offline apply to information provided online.
  1. The OAG temporarily stores the automatic navigation information in a computer database. After six months, it purges this information from the OAG databases.
  2. The OAG takes appropriate technical measures to protect the security and integrity of this information. Such measures have been integrated into the design, implementation and daily operations of this Website.

The following notices apply generally to any information the OAG receives:

  1. Legal obligations to disclose information: The OAG may disclose information to comply with a court order, authorized law enforcement request, subpoena, or a request under federal or state "freedom of information" law.
  2. Emergency exceptions: If necessary to protect health or safety in an emergency situation, the OAG may use, share or disclose information other than outlined in this policy.
  3. If there are other exceptions or special needs for handling information in a specific case, the OAG will provide notice as appropriate.
Notice of changes
in this Privacy Policy
If any of the information in this section changes in a material way, the OAG will post 30 days advance notice on every page of this Website, with the effective date of the change. Where a page is affected specifically by a change in policy, the OAG will post a clear and conspicuous notice.
Links to other Websites This Privacy Policy applies to the Website of the Office of the Attorney General of the State of New York. While the OAG offers links to other Websites that may be of interest, the OAG disclaims any responsibility for their content, accuracy or services and cannot vouch for their information practices. Once you link to another Website from this site, you are subject to the terms and conditions of that site.

Security Disclaimer This privacy policy should not be construed as giving any legal or other advice or guaranteeing the security of the information provided through this Website.

Back to Top

TOPIC 2. Details on OAG Online Information Practices

Personally identifiable
information you
give the OAG
Many visitors to the OAG Website provide personally identifiable information for a particular purpose. For example -
  1. If you send the OAG a message and want a reply, the OAG needs at least your name and your e-mail address or telephone number.
  2. If you request a publication, the OAG needs your name and street address to send it to you.
  3. Regarding requests for information, please note: If you request a particular brochure or report, we will send you the document you requested and updated related information as it becomes available. If you want other publications or additional unrelated information, please request it, i.e. opt-in on the OAG's Information Request Form.
Back to Top
Sharing information you
give the OAG
The OAG may need to share your information to perform government functions, just as if you had sent the OAG the information by mail. For example -
  1. If you request that the OAG mediate a consumer complaint against a merchant, the OAG must tell the merchant the details of the transaction, which may include your identity. The OAG does not control and cannot vouch for the information practices of these businesses.
  2. If you apply for employment, the OAG may need to contact your references and perform other appropriate verification.

Back to top

Access to personally identifiable information you give the OAG

Access to PII is limited to OAG personnel who have authorization to the data.

Except as otherwise provided by law, the OAG will provide you with access to your PII which has been collected through this Website. Access to the data and the opportunity to request correction or amendment of such information is provided under the procedures set forth in section 95 of the Public Officers Law. Reasonable proof of identity will be required.

Back to top

Information your computer
automatically provides
to all Websites
While you are browsing, your computer automatically provides certain "navigation" information to every Website you visit, including the OAG Website. The navigation information includes:
  1. The address (also known as URL, short for "uniform resource locator") of any Web page you visited before you linked to an OAG Web page.
  2. Your Internet Protocol address (or "IP address"). This is the Internet's address for your particular computer. A Website's computer must know your IP address so the site can send the Web page you ask to view.
    Click here for more details on domain names and IP addresses.
  3. The Web-browsing software you are using.
  4. Whether your computer is configured to display English or some other language.
  5. Your online service provider.
  6. The date and time you visited this site.
  7. Note: Your computer does not automatically provide your e-mail address.
For example, if you have an AOL account, were visiting a page on the Yahoo site, and clicked on a link to the OAG home page, your computer would transmit to the OAG Website that:
  1. You are an AOL subscriber;
  2. You use a particular browser software version such as Internet Explorer 5.0.
  3. You were just visiting a particular page on
  4. You linked to on a particular date at a particular time.
Back to top
Use of information
your computer automatically
provides to all Websites
The OAG Website uses automatic navigation information for internal, site-monitoring purposes.
  1. This data allows OAG staff to measure visitors' interest in different sections of the Website, so the OAG can make the site more useful to visitors.
  2. The OAG generates internal reports that identify the number of web users on a given day who requested pages through particular online service providers. This information may report the volume of requests originating from a service provider associated with a particular school or company or from foreign countries. The OAG does not:
  3. analyze our visitors' automatic navigation information to attempt to identify unique or repeat visitors
  4. routinely retain permanent records of automatic navigation information
  5. attempt to identify individual visitors by analyzing their IP (Internet Protocol) addresses

Click here for details on identifiability of domain names and IP addresses.
Back to top
Identifiability of domain
names and IP addresses

  1. Identifiability of your domain name: If you access the Internet through facilities provided by an organization such as your school or business, your automatic navigation information may reveal the name of your organization. For example, a student's navigation information might let a Website know that the student accesses the Internet through
  2. Geographic area: Similarly, if you access the Internet through an Internet Service Provider (ISP) located in a particular geographic area, a Website may be able to use the ISP's identity to infer that to be your geographic location.
  3. Identifiability of your IP address: Whether your IP address is identifiable depends on whether it is dynamic or static. If it is dynamic, your ISP (Internet Service Provider) assigns a different IP address for each online visit that does not identify any person or machine.

In contrast, if you access the Internet through an ISP that assigns you a static or fixed IP address (for example, DSL or cable modem service), your IP address will always be the same, and will identify your computer.
Back to top

TOPIC 3. General Information about Fair Information Practices

The information practices of the Office of the Attorney General incorporate a set of principles that have become known as Fair Information Practices. The OAG follows these principles in handling information about visitors to the OAG Website in the following manner:

Notice and disclosure The OAG provides notice and disclosure of its information practices by posting its privacy policy.
Choice/ Consent The OAG receives your online information only when you choose to disclose it, for example, by submitting an online complaint form or request for information. The OAG only uses this information for the purpose for which you disclosed it, except when the law or emergencies require the OAG to do otherwise.
Access Because the Attorney General's Office is a law enforcement agency, it must carefully safeguard information. The office monitors access to its information on a case-by-case basis. If you need information you previously gave the OAG, please contact this office, and, if known, the bureau working on your initial request. Access to the data and the opportunity to request correction or amendment of such information is provided under the procedures set forth in the Public Officers Law.
Security The OAG takes reasonable measures to protect the security and integrity of information received. Such measures have been integrated into the design, implementation and daily operations of the Website. The OAG periodically purges its computer files that log activity on the OAG Website. The OAG implements procedures to safeguard the integrity of its information technology.

Back to Top

TOPIC 4. General Information about Cookies and Clear GIFs ("Web Bugs")

Although the OAG does not use cookies or clear GIFs ("Web beacons") on this Website, many sites do use this technology. Here is some helpful information.
A cookie is...
  • A cookie is a small data file placed on your hard drive by a Website so it can "remember" information about you or your computer.
  • A Website may assign you an ID and create a cookie with that ID number on your computer. The Website then can create a profile with your ID number on the Website's server.
  • In your profile, the Website can store information about your interests and other characteristics. For example, a site that carries news and weather might record your zip code so it can display local weather and news each time you visit the site. A credit card or bank site might use your profile to store your password, so that it has a way to recognize you and display your account information.
  • A cookie can be read and updated only by the Website that created it. One Website cannot "peek" at another Website's cookies.
A cookie is not...
  • A cookie is not a program. It is a data file.
  • A cookie is not a spy device that can read files on your computer.
  • A cookie is not a way for a Website to secretly discover your personal information.
Cookies on your computer
  • To learn more about cookies on your computer and what you can do about them, consult your browser's help or tutorial feature.

Clear GIFs or "Web beacons"

A clear GIF is...
  • Another common way that web sites collect information about you is by using technology called clear GIF or "Web beacons" (also referred to as a "1-by-1 GIF," "pixel tag," or "Web bugs").
  • A clear GIF is an invisible image that can be imbedded in a Web page or certain kinds of e-mail. ("GIF" stands for "graphical interface format," which is one of the technologies used to show pictures in a Web page.)
  • As with cookies, a Website can use clear GIFs to collect data about you.
  • Unlike cookies, clear GIFs are not stored on your computer.
  • Unlike cookies, most browsers do not have built-in features to explain or help you detect clear GIFs.

Back to Top

TOPIC 5. General information about the privacy of your online information

Learn how websites are
collecting information about you.
  • Anytime you are online, the site you are visiting may collect information about you. In a world where users regularly access information online or make online purchases, it is important to know how to safeguard your privacy.
  • All internet users should understand a Website's information practices, especially if you disclose your name, address, or e-mail address.
  • Some Websites keep profiles on their visitors, and even purchase information about you from other marketers.
  • Websites may maintain information profiles about you so that they have a list of subscribers to the site. Or a site may profile you to send you a targeted advertisement matched to your interests. Your profile can be sold to other marketers (including businesses that market by sending unwanted, "spam" e-mails).
When Websites collect
consumer information, consumers
may benefit in important ways.
  • An online business may monitor visitors' activities to determine which of its Web pages are the most interesting, or to make sure that its computers can handle the volume of visitor traffic.
  • An online business may design its Web pages to display different information - such as local weather reports or sports articles - to match the interests of its visitors.
  • The online advertisements you see may be targeted to items more likely to appeal to you. An online merchant may store your credit card and mailing address to make online purchasing more convenient for you.
Online collection of
consumer information can also pose risks.
  • Increasingly, businesses are collecting, and even buying, selling, and combining information about consumers. With more computerized information about consumers, consumers are exposed to greater risk that someone may misuse that information.
  • For example, there have been cases of hackers stealing and selling credit card numbers. Identity theft crimes are on the rise, such as where someone falsely obtains credit and makes unauthorized financial transactions in the consumer's name. Some businesses acquire e-mail addresses in order to send unwanted marketing solicitations or even "spam" e-mail messages. There have even been cases of malicious individuals obtaining other people's personal information to embarrass, blackmail or stalk them.
  • These acts can have serious consequences for the victim who unexpectedly suffers from a negative credit rating and must spend hours or even months dealing with merchants and financial institutions to repair the damage. Also, many consumers are simply concerned that the businesses gathering and sharing information simply know too much personal information.

Back to Top

TOPIC 6. General Information about Children's Online Privacy

The OAG does not solicit information from children under the age of thirteen. If the OAG receives information submitted by children under the age of thirteen, those communications are accorded the same protections as if the information had been submitted offline.
The Children's Online Privacy Protection Act of 1998 ("COPPA") imposes restrictions on commercial Websites, not government agency websites. Although COPPA does not apply to the OAG Website, the OAG practices are consistent with its mandates. If you would like more information about COPPA, please visit the FTC's official COPPA page at:
Back to Top

TOPIC 7. OAG Privacy Links


If you have questions about The OAG Website privacy statement or this Website, please contact the OAG by e-mailing the Webmaster at

You can also write the OAG at:

Attorney General
The Capitol
Albany, New York 12224

You can also click here to view contact information for regional offices.

Back to Top

Home | Contact | Privacy | Disclaimer | API | About