The White House and National Security Agency have been caught tracking visitors to their websites in ways that may violate official US guidelines.
The organisations have been using different techniques to spot return visitors and monitor what they are looking at.
Although widely used on commercial websites, US federal guidelines prohibit official use of such tools.
Cyber rights activists said cookies could be used to track surfing habits.
News agency Associated Press broke the story about the NSA's use of so-called "persistent cookies" to log who visits its website.
Cookies are small text files placed on users' computers when they visit a website. They are usually used to record preferences, such as native language, so the next time that user visits the page they see it in the tongue they usually speak.
Federal rules do allow government agencies to use session cookies that exist only as long as a visit to a particular website. Many online stores use them to remember the contents of a visitor's virtual shopping trolley.
However, persistent cookies that are never deleted are prohibited following guidelines first issued in 2000 and subsequently updated in 2003 by the White House's Office of Management and Budget.
The persistent cookies used by the NSA expire in 2035.
A spokesman for the NSA said a software upgrade had inadvertently left it using persistent cookies. It has now stopped using this sort of text file.
At the same time the White House website was found to be using a combination of cookies and tiny image files known as web bugs to track users.
The combination of cookies and web bugs are typically used to identify repeat visitors or track them as they move around the net.
Web bugs are not specifically prohibited by the rules on monitoring visitors to official websites.
The web bugs were reportedly used by net firm WebTrends which oversees the White House site. A spokesman for the company said it did not use the information generated by the web bugs and cookies to track users or spot repeat visitors.
A White House spokesman said it would investigate to find out if the combination of web bugs and cookies broke official guidelines.