US Military -v- Internal blogging & Access to WWW

[120mm]

We had a very good discussion on BCKS about this very issue, until the web-nazis shut it down. (Insert heavy irony, here.)

There is a blog by a Navy-type who shows how the military is "alarmed" by relatively minor OPSEC violations, while PAO officers and O-6 and above types publicly "sell out the farm" in their idiotic press releases and public statements.

1AD's Division Commander advertised a public call in show that talked about specifics regarding the 5 Ws of their deployment. He revealed IN THE ADVERTISEMENTS the When and Where portions of DIV HQs and HHC's deployment. He also discussed what I would consider sensitive information during the call-in show.

PAO routinely releases photographs and articles which include units, locations, individual names and home towns of soldiers in combat zones, to include the names of operations, etc..

I'm thinking maybe the military needs to "heal themselves" prior to coming down hard on individual servicemembers.

[Spud]

PAO routinely releases photographs and articles which include units, locations, individual names and home towns of soldiers in combat zones, to include the names of operations, etc..

I'm thinking maybe the military needs to "heal themselves" prior to coming down hard on individual servicemembers.

It's an interesting argument and also (unfortunately) one that leaves me so frustrated that I want to punch something (or more often someone).

OPSEC is a measure to protect EEFI from enemy ISR (in simple generic terms). The correct application of OPSEC means taking measures to protect those EEFI from enemy ISR knowing the various forms of collection they will/are likely to/or possibly could undertake (stay with me here I know I'm probably preaching to the converted).

Yet how much time do we put into actually developing our EEFIs? Everyone has seen a published and approved EEFI along the lines of "weapons systems employed by XXX" ... how in the hell are you meant to protect an EEFI that has been dreamed up by some 2 shop guy on a sugar and caffeine hit that is so generic that simply walking outside the armoury breaches it.

EEFIs must be specific ... generic just don't cut it as it leaves too much open to interpretation (although I will admit it makes the staff work a hell of a lot easier). The 2 guys need to provide the threat, the IO/PA guys need to provide the info IPB as to just what is out there officially and what isn't and the 3 guys and the commander need to make a call about what they want to protect (and the associated impacts of applying that EEFI). More importantly the EEFIs need to be reviewed and not just staffed at the beginning of a operations and 6 years later soldiers are still trying to use the same info.

Of course this doesn't just apply to weapons, personal ID is another great one. If we want to protect the identities of our soldiers for OPSEC reasons why do we all wear name tags, unit identifiers and rank on our uniforms when deployed? And then we complain when PA guys use that detail? (Admittedly I've seen so many examples of the PA guys going above and beyond in working out the names of a soldier's first born there is some issues on their behalf as well.) Good OPSEC is more than just what appears in the papers and on the web … it’s a completely cultural thing.

We've been through the mill on this and in reality unless an OPINST has an extremely comprehensive EEFI list (that is based on reality i.e. what can be easily found on official/authorative sites in the public domain already) that is signed by the operational commander it can't hold water. Importantly though to be comprehensive the EEFI list must be highly classified as it essentially details all of those specifics you are trying to protect. In our case the PA guys actually have something to work to in support of the operation and actively seek to be part of the EEFI development process. I would go so far as to say make the PA guys responsible for the staff work to develop the EEFIs (with the J3 as the immediate approving authority). Nothing makes you apply a policy like having some ownership over it.

However my greatest frustration stems from the belief of some of our Coalition partners that our EEFIs are perishable (usually after an operation concludes and everyone wants to pat themselves on the back). If it is an EEFI it remains an EEFI until such point that a commander deems that information no longer requires protection! Thankfully I don't operate in an environment where "the first amendment" seems to be the trump card over good information environment policy.

[Cliff]

Of course this doesn't just apply to weapons, personal ID is another great one. If we want to protect the identities of our soldiers for OPSEC reasons why do we all wear name tags, unit identifiers and rank on our uniforms when deployed? And then we complain when PA guys use that detail?

I've wondered what the Army did about this... pretty much SOP in the AF to "sanitize" and remove all identifying information/patches/nametages prior to flying in combat... most folks have a nametag with just their nickname/callsign on it and that's it... Seems a little silly but I guess we learned the hard way back in Vietnam.

-Cliff

[Schmedlap]

There is a blog by a Navy-type who shows how the military is "alarmed" by relatively minor OPSEC violations, while PAO officers and O-6 and above types publicly "sell out the farm" in their idiotic press releases and public statements.

In OIF V, we had an incident where a PAO issued a press release, giving a very accurate battle damage assessment of a mortar attack. He more or less stated, "on d day at h hour, x mortars were fired from y location and hit such and such location, resulting in xyz damage." Coincidentally, two days later, we saw a video of the attack on an insurgent website and saw a video of the insurgents reciting the battle damage put out by the PAO. That part of that particular FOB got hammered with mortars at that same location numerous times for several weeks. Many wounded, lots of damage, thank you very much, may I have another?

However, I would add that the average rank-and-file servicemember (and possibly civilian) commits plenty of OPSEC SNAFUs that often go unnoticed by many of us. I have seen some of the stuff intercepted by the CI folks and it is amazing to behold what information people think is okay to email to everyone on their personal distro ("check out these photos of the latest rocket attack - good thing they didn't fire this 2 hours later or 200 meters to the east"), or post on their blogs ("here are detailed photos of our patrol base and its vulnerabilities"), or on Google Earth ("this map is outdated - here is where we're really at!")

[Spud]

In OIF V, we had an incident where a PAO issued a press release, giving a very accurate battle damage assessment of a mortar attack. He more or less stated, "on d day at h hour, x mortars were fired from y location and hit such and such location, resulting in xyz damage." Coincidentally, two days later, we saw a video of the attack on an insurgent website and saw a video of the insurgents reciting the battle damage put out by the PAO. That part of that particular FOB got hammered with mortars at that same location numerous times for several weeks. Many wounded, lots of damage, thank you very much, may I have another?

A perfect example of why the artificial firewall that the US places between its uniformed PA staff and the people that actually conduct operations in the global information environment can only result in information fratricide. The sooner PA moves away from being a command support function and becomes and ops function the better. In simple terms the US military's PA capability performs the same function during ops as it does during peacetime ... that is look at us we're good neighbours. You can't criticise the PA guys when your own doctrine and leadership keeps them off to one side, completely silo'd and tells them all day every day that they're losing the information war ... do something to get on the front foot. in 04 when MNF-I STRATCOM was formed and the PA, IO and PD guys all worked in the same room it was completely undercut by cap badge rivalry and politics ... the information lessons learned in Al FAJR continue to to be ignored.

[davidbfpo]

Following the theme and from a different viewpoint. There has been much concern, including public comments by the Director-General of the (UK) Security Service (MI5), on the apparent leaking of information to the media in relation to counter-terrorism operations.

Within the "Whitehall village", akin to within the Beltway, RUSI had a session at a CT conference on the subject of the press and CT (will have to check if now published in their journal).

To illustrate a TV camera crew were in situ for a live CT arrest operation, in which a police SWAT team was involved. Under UK convention, the D Notice system, SF activity is covered, but not the police.

Some suspect "leaks" come from within the "Whitehall village" and have more to do with "spin".

davidbfpo

[Culpeper]

This is the Air Force. This has less to do with OPSEC and more to do with deniability. The latter would be just fine if it pertains strictly to small war doctrine but it doesn't. Shameful opportunists don't want anything with an exchange of ideas on solving problems that are outside of the Air Force box. "Meet the new boss. Same as the old boss". Read "Flying though Midnight". That is the Air Force. Nothing has changed. The Air Force is not like other branches. The Marines train and fight with ability to improvise as necessary right down to a private knowing he may find himself squad leader. The Air Force has no such doctrine. Each position is compartmentalized due to its mission and structure. There are those that do the work and those whose only motivation is self preservation and protection of the Church as an entity. Personally, the Air Force should have remained the Army Air Corps. Ever since then the adage is to get out as soon as you can or you might find yourself doing all the work or even worse become one of the high priests that get the workers killed. You can't apply typical small wars doctrine to what the Air Force makes up as it goes along.

[Cliff]

This is the Air Force. This has less to do with OPSEC and more to do with deniability.

What does a Comm Squadron guy blocking certain addresses have to do with deniability? Pretty sure that was not an Air Staff level decision...

The latter would be just fine if it pertains strictly to small war doctrine but it doesn't. Shameful opportunists don't want anything with an exchange of ideas on solving problems that are outside of the Air Force box. "Meet the new boss. Same as the old boss". Read "Flying though Midnight". That is the Air Force. Nothing has changed.

Haven't read that, who is it by?

The Air Force is not like other branches. The Marines train and fight with ability to improvise as necessary right down to a private knowing he may find himself squad leader.

I would strongly disagree with this. Our doctrine and tactics emphasize the fact that at any moment the wingman may have the tac lead or the flight lead, and it can (and does) often change rapidly. Improvisation occurs all the time. Even with the technology becoming closer to the CAOC being able to fly your jet, you are still typically out there on your own with you and three other guys, trying to not get you/them/the grunts killed... Not a very good environment for ironclad "do as I say" doctrine. As a famous man once said, "Flexibility is the key to airpower".

I have been on very few flights where in the debrief we came up with only one right way to skin the cat - it's an art form, not a science. Has been this way since the late 70s when we canned the "welded wingman" tactics... Are you referring to USAF doctrine as a whole, or USAF Small Wars doctrine?

The Air Force has no such doctrine. Each position is compartmentalized due to its mission and structure. There are those that do the work and those whose only motivation is self preservation and protection of the Church as an entity.

I think you can make an arguement that the AF has/is stovepiped/tribalized, but the current Chief is doing a lot to fix that - part of why anyone who isn't deployable is getting cut, and small unit tactics are being added into Basic. Most folks in the Air Force know more about working with the other services and other aircraft than say, a typical Army aviator. My point is that so much of our job is working with the other services, we have no choice but to think outside the "AF Box" as you refer to it. Every major event I have flown in I have worked with USN and USMC folks, and several of them with Army, USCG, and even "other" government agencies.

Personally, the Air Force should have remained the Army Air Corps. Ever since then the adage is to get out as soon as you can or you might find yourself doing all the work or even worse become one of the high priests that get the workers killed. You can't apply typical small wars doctrine to what the Air Force makes up as it goes along.

Sounds like you have had some bad experiences. I don't agree that that is the adage though. While not everyone wants to be a general (thank goodness!), that doesn't mean that folks don't want to serve.

And just what is "small wars doctrine" in the context of airpower?

I have to ask, why is there such rampant Air Force bashing every time it comes up? The AF has changed a lot since Vietnam... informed criticism is helpful and what makes us good, name calling doesn't help you build a better joint team.

V/R,

Cliff

[Culpeper]

I can appreciate your response but I didn't have any bad experience with the Air Force other than Desktops getting in the way of learning how to survive. I just know how the organization operates using its own brand of company language. I can tell you one thing. I was glad my job required being out in the field with the Army and away from desktop officers that make stupid decisions like trying to figure out why web logs are a bad thing. And I did take the advice of the more experienced and got out as soon as I could. My friends that stayed in and retired were like deer in headlights when they came into the world. So much for the 9 to 5 recruitment poster.

Listen, there has always been a lot of criticism about other branches in this current conflict; i.e. mistakes et al. But very little about the Air Force in general. Why should [they] be any different? Like I intimated earlier, this story about blogs is just a symptom of the overall ineffective decision making on the part of the Air Force. The Air Force has made its share of mistakes since 911 and gets a bye because of what? The Air Force even gets a bye for their culpability on losing the Vietnam Conflict. Desktop officers in the Air Force make sure of that by keeping all their dirty little secrets in the box. Thinking or communicating outside the box under any circumstance is heresy. Trust me, no small part of the USAF decided that blogs were bad for airmen. That is is a fairy tale and just an example of the compartmentalization of the organization as a whole. It has been structured since its inception to protect itself and a select few, which it does an excellent job. Thus, it is probably the most dysfunctional branch of the military. Why do you think so many Air Force people that do the work believe the Air Force eats its young?

Next time you are replying to someone that is criticizing the Army or the Marines for mistakes or policy try to avoid assuming that a "bad experience" or resentment is the motivator. That is not part of the company language of the forums.

EDIT:

I forgot the book. I used to think I was the only one that thought something just wasn't right about he USAF until I read this book. This guy is super cool and responds to messages.

http://flyingthroughmidnight.com/

...

[120mm]

A perfect example of why the artificial firewall that the US places between its uniformed PA staff and the people that actually conduct operations in the global information environment can only result in information fratricide. The sooner PA moves away from being a command support function and becomes and ops function the better. In simple terms the US military's PA capability performs the same function during ops as it does during peacetime ... that is look at us we're good neighbours. You can't criticise the PA guys when your own doctrine and leadership keeps them off to one side, completely silo'd and tells them all day every day that they're losing the information war ... do something to get on the front foot. in 04 when MNF-I STRATCOM was formed and the PA, IO and PD guys all worked in the same room it was completely undercut by cap badge rivalry and politics ... the information lessons learned in Al FAJR continue to to be ignored.

I have to agree, wholeheartedly, with you on this one. PA functions share a lot of similarity with the G6 functions as well....

Too much being done "in a vacuum" or in a parallel system, which leads to the "fratricide" I mention.