ICF

ICF

ICF is an information consulting and technology company serving government and enterprise sectors. Digital properties may use ICF infrastructure for web hosting, analytics measurement, and content delivery. Scripts typically operate as backend infrastructure without independent behavioral tracking.

Back to Vendor Library

Overview

ICF (formerly ICF International) is a global consulting and technology services company headquartered in Fairfax, Virginia. The firm provides advisory, digital transformation, technology implementation, and program management services predominantly to US federal government agencies, state and local governments, and enterprise organisations in sectors including public health, energy, transportation, and social services. ICF's digital properties host government-adjacent informational websites, public health campaign portals, research report repositories, and programme microsites built and operated on behalf of government clients.

ICF scripts appear on websites where ICF is providing web hosting, content management, or digital service delivery on behalf of a government or institutional client.

What This Script Does

ICF's script presence varies by the specific digital service being delivered. Common implementations include:

Web hosting and infrastructure delivery: Many ICF-operated websites serve content through ICF's managed hosting infrastructure. Scripts may include content delivery optimisation, uptime monitoring agents, and server-side session management. These operate as essential infrastructure components.

Government web analytics (DAP / GSA Digital Analytics Program): ICF-built US federal government websites commonly include the GSA Digital Analytics Program (DAP) tag — dap.digitalgov.gov/Universal-Federated-Analytics-Min.js. This is a federal mandate for .gov websites and collects anonymised, aggregate page view and session data. The DAP tag is configured to not collect personally identifiable information and to disable advertising features. IP addresses are anonymised before storage.

Accessibility and content management scripts: ICF deploys accessibility overlay scripts and CMS-driven component scripts on government websites for standards compliance (Section 508, WCAG 2.1 AA).

Cookies set:

  • Session management cookies for authenticated portals (e.g., JSESSIONID, __RequestVerificationToken) — Strictly necessary for authenticated application sessions. Expiry: session.
  • DAP analytics cookies — Anonymised page view tracking with no persistent user identification. Expiry: session or short-duration.
  • No advertising, retargeting, or cross-site tracking cookies in standard ICF government website deployments.

Consent & Compliance

Consent category: Essential

ICF scripts on government and institutional websites typically serve infrastructure, session management, and mandated analytics purposes. The DAP tag used on US federal government sites operates under OMB directive M-17-06, which mandates participation while prohibiting collection of personally identifiable information, advertising features, and data sharing with third parties.

Under GDPR and ePrivacy, essential infrastructure cookies and session management cookies do not require consent. If ICF deploys analytics beyond the DAP minimum, those components should be evaluated separately. Government websites operating under Section 508 and WCAG compliance requirements may deploy accessibility scripts that qualify as essential.

Under CCPA, government agencies and their service providers handling data solely for government service delivery are subject to specific exemptions.

Should You Block This Without Consent?

No. ICF scripts on government and institutional websites serve infrastructure, session management, and mandated analytics purposes that are essential to the operation of the hosted service. If a specific ICF deployment includes optional analytics or tracking beyond core infrastructure, evaluate those components separately.

Visit website

Consent Categories

Essential

Also Known As

ICFICF consultingICF technologygovernment site analyticsenterprise consulting tracking

Industries

Business and Consumer ServicesComputers Electronics and TechnologyBusiness ServicesHeavy Industry and Engineering

Tracked Domains (1)

nsimg.netEssential

Frequently Asked Questions

Does ICF require consent on government websites?

No. ICF scripts on government and institutional websites serve infrastructure, session management, and mandated analytics purposes classified as essential. The GSA Digital Analytics Program tag used on federal sites collects only anonymized aggregate data under OMB directive.

What does ICF collect on the sites it operates?

ICF government sites typically set session management cookies for authenticated portals and deploy the GSA DAP analytics tag. DAP collects anonymized page view and session data with IP anonymization, no personal identification, and advertising features disabled.

How does ConsentStack classify ICF?

ConsentStack classifies ICF infrastructure as essential, meaning its session management and mandated analytics scripts are permitted without a consent gate. If optional analytics beyond the DAP minimum are present, ConsentStack evaluates those components separately.

Related Vendors

Firebase
Firebase
Firebase is Google's mobile and web application development platform offering authentication, real-time database, cloud functions, and analytics. Web SDK scripts initialize Firebase services and may track app events via Firebase Analytics, which is powered by Google Analytics 4. Widely used in single-page apps and PWAs for backend infrastructure and usage tracking.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Google Tag Manager
Google Tag Manager
Google Tag Manager is a tag management system that lets marketers deploy and update analytics and marketing scripts without code changes. The GTM container script loads synchronously in the page head and injects configured tags, triggers, and variables on behalf of other vendors. No data collection of its own — acts as a loader for other scripts.
Google Fonts
Google Fonts
Google Fonts is a free font hosting service that serves hundreds of typeface families via a global CDN. Stylesheets and font files load from fonts.googleapis.com and fonts.gstatic.com to deliver web fonts to visitors. No advertising or tracking functionality is included.
reCAPTCHA
reCAPTCHA
Google reCAPTCHA is a bot detection and spam prevention service protecting web forms, login pages, and checkout flows. Scripts analyze user behavior, mouse movements, and browser fingerprints to distinguish humans from bots. The invisible reCAPTCHA v3 scores interactions without requiring user challenges.
Sign in with Google
Sign in with Google
Sign in with Google is an OAuth-based authentication service that enables users to log into websites using their Google account credentials. Scripts load the Google Identity Services library, display sign-in buttons, and handle token exchange for secure authentication. Stores session tokens and authentication cookies to maintain login state across page visits.

Manage consent for ICF

ConsentStack automatically detects and manages ICF trackers so your site stays compliant with global privacy regulations.

Get started free