US Military -v- Internal blogging & Access to WWW

[zenpundit]

Hi Dr. Marc

"I suspect he is fully "in touch" with himself - or, possibly, just touching himself."

Heh - unfortunately it's the grunts that he's jerking around.

"Am I right in believing that there are "journalists" who are deemed as such by virtue of their blogs and/or web sites? If so, then wouldn't a blog be considered a "newspaper"?"

I believe that is a question before the courts right now. It's hard to legally square the idea that corporations that sell information to make a profit somehow have greater or more first amendment rights than actual, breathing, citizens who intend to express political opinions.

[Merv Benson]

This is buried in a Washington Post story on milbloggers.

...

... Army OPSEC Program Manager Maj. Ray Ceralde, who helped author the revision, said bloggers shouldn't be concerned.

According to Ceralde, the new regulation does not require bloggers to have each post approved by officers, but rather instructs bloggers to alert commanders and OPSEC officers when they initially create a blog. This is similar to the policy already put in place in Iraq, he said. "Soldiers have the right to express themselves as long as they don't reveal information that will subject their unit or personnel to harm," Ceralde said.

...

This is just a small part of a very long article and there still appears to be a great deal of uncertainty caused by the new reg. If Maj. Ceralde is right then the regulation as written is not a model of clarity based on all the educated people who thought it was a big change.

[Dr Jack]

A closer review of the new regulation:

1–5. Definitions
c. Sensitive information.
(1) Sensitive information (formerly known as sensitive but unclassified (SBU) information) is information requiring special protection from disclosure that could cause compromise or threat to our national security, an Army organization, activity, family member, Department of the Army (DA) civilian, or DOD contractor.
----
(3) Examples of sensitive information include, but are not limited to:
----
(e) Unclassified information designated For Official Use Only (FOUO) … Examples include but are not limited to: force protection, movement and readiness data, tactics, techniques, and procedures (TTPs), proprietary information and information protected by copyright, pre-decisional documents, draft publications, and information concerning security systems.

As I read this, just about everything that relates to the military can fit in the category of FOUO in this definition -- particularly when it includes the key phrase tactics, techniques, and procedures. In my view, this includes doctrine, lessons learned, and any discussion of current operations.

2–1. All Army personnel
Operations security is everyone’s responsibility. Failure to properly implement OPSEC measures can result in serious injury or death to our personnel, damage to weapons systems, equipment and facilities, loss of sensitive technologies and mission failure. OPSEC is a continuous process and an inherent part of military culture and as such, must be fully integrated into the execution of all Army operations and supporting activities. All Department of the Army (DA) personnel (active component, reserve component to include U.S. Army Reserve, Army National Guard, and DA civilians), and DOD contractors will—
----
b. Protect from disclosure any critical information and sensitive information to which they have personal access.
----
c. Prevent disclosure of critical and sensitive information in any public domain to include but not limited to the World Wide Web, open source publications, and the media.
----
g. Consult with their immediate supervisor and their OPSEC Officer for an OPSEC review prior to publishing or posting information in a public forum.
(1) This includes, but is not limited to letters, resumes, articles for publication, electronic mail (e-mail), Web site postings, web log (blog) postings, discussion in Internet information forums, discussion in Internet message boards or other forms of dissemination or documentation.
(2) Supervisors will advise personnel to ensure that sensitive and critical information is not to be disclosed. Each unit or organization’s OPSEC Officer will advise supervisors on means to prevent the disclosure of sensitive and critical information.

This part of the regulation states that Army personnel (all categories) may not disclose any sensitive data (including the broad definition of FOUO above) in -- letters, resumes, articles for publication, blogs, etc...

The policy is written so broadly that I don't know how anyone in the Army can participate in this forum... or write home... or write for publication. Just about everything I do and write about is included in this regulation.

I don't know how Military Review, Parameters, Armed Forces Journal, or any other publication that is available on the web (or in libraries) will be able to exist under these rules -- unless all of the authors will be those who are completely out of the system.

I'm grateful that LTC Yingling got his article out before this regulation hit the streets...

[Cori]

You cannot imagine the difficulties surrounding that issue as it concerns civilian bloggers, before you even get into the distinctions between military and civilian law. I don't myself buy into the argument that bloggers are de facto journalists, although it is possible that on occasion they may be performing or engaging in a process that is akin to journalism. This has primarily come up as concerns shield laws (do bloggers have the same protections afforded journalists -- to the extent they have them -- when it comes to the right to not reveal sources or give up documents, video tape, etc. to govt. officials.) Here's the problem with that one: if everyone is a potential "journalist," then how does a society enforce some kind of norm that says everyone has an obligation to testify when called upon to do so?

Well, if military members are journalists, what does that do to their obligations to not publish information, footage, photographs, etc? Wouldn't their first amendment protections trump any other obligations?

Don't think so.

Bloggers, it seems to me, are press critics involved in a larger community conversation.

For all sorts of reasons, the larger military benefited from having its members' voices being heard, even when those voices were critical, in part because those voices were sometimes critical, because it was precisely the fact that those voices were sometimes critical that gave them credibility.

[Cori]

One of the best known "portal" bloggers makes an interesting point -- since this is only an Army reg, other services' milbloggers will continue uninterrupted. If the Marines end up getting more attn for what their troops are doing in the combat zones, again?

http://instapundit.com/archives2/004774.php

[Jimbo]

I know where I am working right now, we have had some huge secuirty problems, at levels above FOUO. so realistically, I can't see every blogger getting fired, but who knows. We have had some big OPSEC issues come to light. Hell, go to the warden thread.

[Ender]

I just caught wind of this thread and must admit I am shocked... I want to read the whole thing and check out all of the links before I say anything more but this is the exact opposite of what I would have expected.

Can someone from USMC higher please smooth my ruffled feathers and assure me we aren't going to see a parallel response from the Corps? This kind of crap is an initiative KILLER.

[selil]

Can someone from USMC higher please smooth my ruffled feathers and assure me we aren't going to see a parallel response from the Corps? This kind of crap is an initiative KILLER.

Initiative? Who issued you that?

[Cori]

With respect, the Warden didn't get into the deserved troublehe's in for blogging.

I don't think anyone's suggesting OPSEC not be taken seriously, only that there had to be a less drastic measure available. Allowing all the bloggers free rain carries the risk that someone will make a mistake or do something stupid, but shutting them all down is not cost free either.

Here's a question -- while I understand there are reasons why the military might not want to advertise particular cases, you'd think we'd of heard at least one story explaining this decision.

So -- who's heard at least the bare bones of a story explaining what someone did to get everyone shut down?

[Rob Thornton]

From Zen Pundit:

It is my expectation that such an effect was the primary purpose behind these regs as the international Islamist movement is not going to be inconvenienced in the slightest.

I think this is a large part of our problem - while the enemy is focused on offensive Info Warfare we are focused on more body armor & damage control . While the enemy is focused on finding ways to connect, share, grown, & leverage in its use of communications- we seem to be investing time and energy in truncation, stove piping and compartmentalization.

Hermetically sealing the military off from the world ( which won't succeed anyway) is the sign of siege mentality in the officer corps and a harbinger of decline.

I'm reading "The Starfish & the Spider" - while I recognize we must have some degree of centralized struture, the decentralized nature of our enemy requires we adapt certain levels of decentralization (arguably beyond what is currently doctrinally acceptable) to compete & win. This not only applies to IO but operations in general.

Zen Pundit had also mention OPSEC education, how about one step further and make an IO course available online that discusses how the enemy uses IO and how Soldier bloggers can combat it by reporting, blogging, etc.? I think if we were to empower and encourage we could leverage service members who want to be part of the solution. No, your not going to be able to micro-manage - just issue some guidance - "What not How" and accept that it will be executed in a decentralized manner. Get the word out through the chain of command about an awesome opportunity and start issuing some rewards for effective IO operations by individuals - could be recognition (AAMs, ARCOMs - depends on the effect believed to have on a target audience) - could be monetary. This way you get a three-fer - you get reporting, you get self-policing and you get massive IO by talented individuals relatively cheap that adpats faster then the enemy.

[milesce]

From Zen Pundit:
Get the word out through the chain of command about an awesome opportunity and start issuing some rewards for effective IO operations by individuals - could be recognition (AAMs, ARCOMs - depends on the effect believed to have on a target audience) - could be monetary. This way you get a three-fer - you get reporting, you get self-policing and you get massive IO by talented individuals relatively cheap that adpats faster then the enemy.

Nice idea. I spend a lot of time reading milbloggers on the ground in Iraq and Afghanistan, along with a lot of Iraqi bloggers. It's astonishing sometimes how different the picture is between the folks on the ground and the reporters sitting in the Green Zone.

It'll be a huge loss in the political battle back home if the milbloggers are shut down, given how shaky public support for continuing the venture in Iraq is already. Those guys (and gals) are the best PR the military has ever seen, partly because its much more trusted than anything that comes from a news release. Even reading the really critical ones, I come away with a feeling of confidence that the troops on the ground are doing everything they can to make it a success in Iraq. The credibility level for that is far higher than any political pronouncements I've seen from behind a podium in DC.

[John T. Fishel]

When I was a young officer woking Army current intel, nothing would anger me more that the tendency to overclassify. Things that should never have been classified were, and those that should have been were classified often at levels higher than necessary or desireable. There was also the pernicious tendency (see current rules) to try to use FOUO - an administrative protection designed to protect privacy or FBIS violation of copyright laws - as a cheap substitute for proper classification. As Dr. Jack's post shows, this is still the case since some of the examples of FOUO he lists fall under the formal definitions of CONFIDENTIAL, SECRET, and TOP SECRET.
Then there is the ludicrous briefing posted by Marc - FOUO for no good reason other than it is embarrasssing ... often another improper reason for classification - that he, an obvious foreign security risk from that oh so foreign country (is it our ally?) Canada, found openly published on the web in violation of its stupid administrative protection.
Note that classification and administrative protections derive from Presidential Executive Orders and are not (unless things have changed more than I am aware) matters of legislation but only of regulation. Indeed, there is only classified material and unclassified for national security purposes. Sensitive (formerly SBU) is another attempt to get around the rules for clasification. Nevertheless, Article I, Sec 8 of the US Constitution vests Congress with the regulation of the land and naval forces of the US. This seems to me to be one of those moments when we, as individuals who range from liberal to conservative, can call on our elected representatives to do their duty and change, by legislation or its threat, a totally idiotic regulation. Ike Skelton and Carl Levin and our individual Reps and Senators would love to hear from us. I will be writing my Rep, Tom Cole (on the Armed Services Committee) along with his sole Democratic colleague from Oklahoma, Dan Boren (also a committee member).

[marct]

Zen Pundit had also mention OPSEC education, how about one step further and make an IO course available online that discusses how the enemy uses IO and how Soldier bloggers can combat it by reporting, blogging, etc.? ... This way you get a three-fer - you get reporting, you get self-policing and you get massive IO by talented individuals relatively cheap that adpats faster then the enemy.

It'll be a huge loss in the political battle back home if the milbloggers are shut down, given how shaky public support for continuing the venture in Iraq is already. Those guys (and gals) are the best PR the military has ever seen, partly because its much more trusted than anything that comes from a news release. Even reading the really critical ones, I come away with a feeling of confidence that the troops on the ground are doing everything they can to make it a success in Iraq. The credibility level for that is far higher than any political pronouncements I've seen from behind a podium in DC.

That's a really good point, Miles. Credibility is a crucial element and, to be honest, I have a feeling that most politicians have a pretty low credibility when it comes to the war.

I have been trying to figure out why I reacted so strongly to this reg since I'm not really affected by it per se (except as a researcher). My tentative conclusion is that it stems, in part, from being a Canadian. On the whole, while we do tend to get on well with the US, we also tend not to trust the US government that much. Or, to be more accurate, we trust them to be rather short-sighted and throw their weight around while disregarding their own political and philosophical rhetoric in favour of short term political gains. At the same time, we also have an immense reserve of trust in the American people to act as a rein on their government, and freedom of speech, usually via the press but more recently via blogs, boards, etc., is at the core of this.

I have often felt, although I have little concrete proof, that this dichotomous image of the US is one of the crucial components of the "love-hate" relationship many non-Americans feel towards the US. I feel that this reg, if taken to the extremes that are certainly potential within it, will have a very damaging effect on international perceptions.

As John rightly notes

Then there is the ludicrous briefing posted by Marc - FOUO for no good reason other than it is embarrasssing ... often another improper reason for classification - that he, an obvious foreign security risk from that oh so foreign country (is it our ally?) Canada, found openly published on the web in violation of its stupid administrative protection.

If we - aka "obvious foreign security risk[s] from that oh so foreign country (is it our ally?) Canada," - can find and talk about the silliness of this type of "briefing" (), we can a) help to counter it thereby trying to strengthen US endevours and b) laugh it off as the obvious work of some bureaucratic REMF. If we can't find it, then we will start to wonder. Personally, I think that the fact that it was available so quickly was a good sign; a sign that the American people think that this is bunk.

Marc

[VinceC]

I will counter the let them blog line of IO with one incident:

ABU GHRAIB

Those pictures hitting the internet were probably the biggest IO defeat we have suffered in Iraq.

My recollection is that the Abu Ghraib photographs were leaked to the public by a whistleblower who contacted news organizations. That is somewhat different than posting battlefield gore-porn on blog boards.


The Army regulation strikes me as an unenforceable morale-buster and out of touch with today's information realities. Well-intended people will be reluctant to even email home, while those who disregard or flout regulations will continue to post anonymously and recklessly. All this will be against a background of uncertainty and paranoia at the MWR computer tents.

[sgmgrumpy]

STORYhttp://www.usatoday.com/news/washing...s-report_N.htm

WASHINGTON — Government and community leaders aren't doing enough to counter multimedia-savvy terrorists from using flashy websites, provocative video games, hip-hop music and gruesome images of bloodied Muslim children to recruit young people online, according to a new report that says the Internet may be extremists' most powerful frontier.

"There's only one side on the battlefield, and it isn't us," says Frank Cilluffo, director of George Washington University's Homeland Security Policy Institute, who will testify on the institute's Internet-Facilitated Radicalization report in the Senate today. "We've created this global village — the Internet — without a police department."


"The Internet is a weapon in the hands of our extremist enemies," says Sen. Joe Lieberman, I-Conn., chairman of the Senate Homeland Security Committee, which investigates ways to combat radicalization at prisons, universities and on the Internet.

Among Web-based tactics terrorists use, according to the report:

•Hacking into legitimate websites and posting training manuals deep in subdirectories where no one is likely to notice them.

•Developing video games that spread "a simple but seemingly compelling message: Islam is under attack and young Muslims have a personal duty to fight."

•Using hip-hop and rap musicians "whose catchy, melodic messages contain calls to violence."

The content is typically developed abroad, but it is being placed on U.S. servers and is targeting domestic audiences, Cilluffo says.


Terrorist tactics on the Internet:

•Downloadable video games, such as Quest for Bush, in which players can advance to levels called "Jihad Growing Up" and "Americans' Hell."

•YouTube and MySpace videos, such as underground rapper "Sheikh Terra" singing with a gun in one hand and a Quran in the other, set against images of Iraqis being killed by U.S. troops.

•Graphic images on websites that show injured Muslim women and children, depicted as victims of Western attacks.

[marct]

From the same story...

Homeland Security Department spokesman Russ Knocke says officials are working with intelligence officers, Muslim leaders and police to address the problem. But "it is something that is going to require the vigiliance of local authorities," he says. "They are going to be more likely than the federal government to detect the preliminary signs of radicalization."

For now, the report says, "a nation that gave rise to Silicon Valley, Hollywood and Madison Avenue (has been) outplayed in the realm of ideas, effectively communicated in the new media."

I would argue that the reason why the US/West is getting hammered is contained in the first paragraph - a reliance on "Big Brother" to "solve" the problem. Cyberspace combat is based around "militias" and "hunter-killer teams (aka hackers)", not around Industrial Age conventional armies. Something that many Industrial Age mentalities just don't understand is that the Internet empowers individuals and networks, not organizations.



Marc

[sgmgrumpy]

Among Web-based tactics terrorists use, according to the report:

•Using hip-hop and rap musicians "whose catchy, melodic messages contain calls to violence."

We cannot even control this problem in our western culture so what makes them different? Alot of the rappers referencing killing cops come to mind. I blame the contract holders since they are the ones who controls what song/s gets published or produced? THE RECORD LABELS. It's all about money, nothing else. For a wakeup call, lets play a few dozen of them at 6:00PM on major NBC/CBS/ABC for 1 hour and let the people decide

[ilots]

Here is a copy of the report in question:

http://www.gwumc.edu/hspi/reports/NE...20Strategy.pdf

[Rob Thornton]

Marc,

Something that many Industrial Age mentalities just don't understand is that the Internet empowers individuals and networks, not organizations.

Your quote squarely frames how we place ourselves at a disadvantage. The networked individual has the agility and initiative - he is a "cyber - Geronimo" to steal some from The Starfish and the Spider

[wm]

So -- who's heard at least the bare bones of a story explaining what someone did to get everyone shut down?

You probably need to be aware that the previous Army Chief was raised as a Spec Ops guy and, as a result, was extremely operations security conscious. He probably also motivated the Vice Chief (unless the Vice was already of a similar mind set, which would not surprise me) to take a similar position. I know that security issues related to eelctronic files, computers, email and the internet has been a big issue to Army leadership since at least late 2003. Based on the new policy and other security regulations), however, I am not at liberty to discuss details in this medium, especially without verifying everyone's need to know.