Thursday, May 03, 2007

OPSEC Regulations

I wrote a piece yesterday about the new OPSEC Regulations and asked for responses via email or comment section, I am still going through my emaills from this but this one stuck out above the rest, as I finish going through them and receive more I will continue to update this post with them.

It was a two part piece, one portion of it being about miliblogging and one about our media now being treated as al-Qaeda or enemy moles, I also showed examples of CNN and NYT doing exactly that.

Here are a couple examples:

CNN posted a sniper video, admittedly obtained from the enemy, of one of our soldiers getting shot, we called it enemy propaganda then and it was. Then they offered it on their on demand channel for pay!!!!!

NYT has a nasty habit of reporting leaked "classified" informations as well as crossing the line when they posted a video of a US soldiers dying BEFORE his family had even been notified of his death.


Now that we are caught up, here is one of the emails I received from an Army wife:

I am an Army wife. I do believe in OPSEC, anything to protect my husband is okay with me. I have never understood why so much information is put out by MSM and our government. They give out military strength and readiness information. They gave out information on the surge, number of Army And Marine personnel being sent. They even gave out the months they would be sent.

While debate on issues are healthy for our nation and a transparent government is a must, we must remember that we are at war and there are certain things that should never be made public. There have been comments made that have done nothing but demoralize our guys and make the enemy happier than a pig in you know what.

We found out about our new 15 month deployment through the media. They said they released it this way because there had been a leak. How about if MSM would of man upped and said to the Army, we'll sit on this information until you can tell your soldiers the right way, through the command, for that is the way it should be done.

How about if MSM waits to report on the number of soldiers, marines, sailors and airmen until their families are at least notified. How about if MSM would report on the villages in Iraq that have never had water, electricity and so on. There are a number of them. Never saw the story about the area in Baghdad where the sewers were over flowing into the streets since Saddam's time that are now being replaced. Nope, never saw that on MSM.

I do not want MSM censored, I however would like them to start showing some respect, compassion and decency. Not only to the military and their families but also to the American public. They are doing all a great disservice.

I want our government to be transparent but I also want them to remember to choose their words carefully, and to choose carefully where they choose to speak these words. There are lives on the line.

If congress feels they must debate the war, by all means do so, but do it behind closed doors, so that the enemy may not know how divided our country is. It does nothing except give them more information then they need. It's gotten to the point where the enemy doesn't need to put out any propaganda, our government and MSM does it for them.

Thanks for letting me rant.
Just another Army wife.

Yes, you may use my letter if you find it acceptable.


I have redacted the email address because although she gave permission to use the letter she did not mention using her real name, therefore I will not.

Here is the OPSEC Regulations:

WASHINGTON (Army News Service, April 20, 2007) - Changes to the Army's operations security regulation address accountability, new technology and the inclusion of all Army personnel in OPSEC practices.

The revised Army Regulation 530-1, "Operations Security," provides updated definitions; aligns the Army's policies, terms and doctrine with the Defense Department; and brings Army Contractors into the fold while addressing the role Army Family Members have in OPSEC.

"The change includes Army Civilians and Contractors, who are not subject to the Uniform Code of Military Justice," said Maj. Ray Ceralde, the Army OPSEC program manager and author of the revision. "The reason we included Contractors in the regulation is they're more involved in operations today than ever before. If you have all your Soldiers and DA Civilians practicing OPSEC and your Contractors - who are an integral part of your operations - aren't ... well, you have a gaping hole in security that could affect everyone's lives."

Maj. Ceralde said OPSEC is a "total Army concept" and includes Families and friends though he acknowledged they aren't subject to a commander's orders.

"We felt it necessary to actively encourage those demographics," he said. "Much of the practice of OPSEC will be conveyed from the commander down to the Soldier who we hope will pass on the importance that what a Family Member or friend puts up on the Web can unwittingly be used against us."

Regulation changes also address how technology, specifically the Internet, has changed the face of OPSEC since the last major revision to the regulations in 1995. A 2005 revision addressed new technology, but the new revision addresses technological concerns not covered in the 2005 revision.

"The Internet, personal Web sites, blogs (Web logs) - those are examples of where our adversaries are looking for open-source information about us," said Maj. Ceralde. "Open-source information isn't classified and may look like nothing more than innocuous bits of information, a piece here, a piece there, like pieces of a puzzle. But when you put enough of the pieces together you begin to realize the bigger picture and that something could be going on."

Outside of technology, Maj. Ceralde cited an example of how "innocuous" bits of information can give a snapshot of a bigger picture. He described how the Pentagon parking lot had more parked cars than usual on the evening of Jan. 16, 1991, and how pizza parlors noticed a significant increase of pizza to the Pentagon and other government agencies. These observations are indicators, unclassified information available to all, Maj. Ceralde said. That was the same night that Operation Desert Storm began.

While Army personnel may maintain their own Web sites or post information on blogs, Maj. Ceralde said they have to be careful about what they write and what they post because even unclassified information can provide significant information to adversaries.

"For example, photos of deployed Soldiers to share with Family and friends are acceptable. However, when the photo includes a background of the inside of their camp with force protection measures in plain view, an adversary who is planning to attack their camp and sees a photo like this on the Internet now knows how to counter their force-protection measures," Maj. Ceralde said.

The regulation also puts a greater emphasis on commanders' responsibilities to implement OPSEC.

"We tell commanders what they must to do to get their people to understand what's critical and sensitive information and how to protect it, but commanders have to make that perfectly clear in the form of orders and directives," Maj. Ceralde said. "The other part of this tells Soldiers that if they fail to comply they may be punished under article 92 of the Uniform Code of Military Justice for disobeying a lawful order."

Other key changes to the regulations include the addition of punitive measures for violations of specific directives, the designation of "For Official Use Only" as a standard marking on all unclassified products that meet at least one exemption of the Freedom of Information Act, directing encryption of e-mail messages that contain sensitive information on unclassified networks, and emphasizing operations security in contracts and acquisitions.

"OPSEC is not traditional security, such as information security like marking, handling and classifying information; it's not the physical security of actually protecting classified information though they're all related and part of OPSEC," Maj. Ceralde said. "OPSEC is different from traditional security in that we want to eliminate, reduce and conceal indicators, unclassified and open-source observations of friendly activity that can give away critical information."


Here is one Milibloggers take on it, from Dadmanly:

It wasn’t the primary point of the post, but in one of my recent profiles I warned:
They were on such a mission recently when Insurgents carried out a deadly complex attack against U.S. forces. I can’t share details about this attack, because to do so would:

• Aid an enemy making a Battle Damage Assessment (BDA) of the success of their attack;
• Spread knowledge of the tactics, techniques and procedures (TTP) to other cells that otherwise might not learn of new methods;
• Jeopardize operations security (OPSEC) for the Scouts, Quick Reaction Force (QRF) and other first responders to Jihadist attacks; and
• Open up specific unit and leader decision-making to inappropriate public scrutiny. This can create situations where information necessarily incomplete due to immediacy, preservation of individual Soldier rights, and classification, would otherwise distort how the overall information might be received and interpreted.

These are not trivial concerns. I cast no aspersions against my fellow MILBLOGGERS, in no way should this be interpreted as criticism of those whose very graphic and exciting stories provide vivid detail to an information starved public.
In an even earlier post, I explained why I thought this issue was so important:
OPSEC is an important concept in modern military operations, one easily misunderstood and often underestimated. All reconnaissance efforts, if successful, exploit weak or failed OPSEC of the other side. Good OPSEC means denying your enemies an opportunity to gather all the small bits of information that eventually leads to a partial but highly suggestive picture of overall plans and operations.

In Iraq, that might mean force disposition, capabilities, weaknesses and targets of opportunity. We greatly underestimate our enemy's capabilities to exploit essential elements of friendly information (EEFI).

Americans as a rule are terrible at keeping secrets, we love to talk, we like to connect with those around us, and we love to tell stories. When soldiers are entirely segregated from civilian populations (loved ones, family or otherwise), they are clearly unhappy, but they are unable to violate OPSEC with as much ease or regularity.

The greatest difference in lifestyle and living conditions between today's soldier in Iraq and any in previous conflicts, is also one of our greatest vulnerabilities in terms of OPSEC. Soldiers have ready and immediate access to the Internet and cheap telephone service to their friends and families back home. When anything happens on the Forward Operating Base (FOB), chances are, linked in families back home hear all the details within hours, if not minutes. (Local commanders in many cases wisely invoke Internet and telephone blackouts for short periods in the event of significant injuries or deaths.)

Frankly, much of the most popular ("live action") combat reporting on the web makes me nervous. Many of these young men (and women) are not at all careful or discrete about their identities, unit compositions, and even very minute operational details. All of us understand how popular such accounts are, people back home and even fellow soldiers are really hungry for knowledgeable front line reporting. But this same accuracy and realism may be providing our enemies -- who gain some advantage they wouldn't otherwise have if we ignore their collection or reconnaissance capabilities -- with useful information for planning more effective attacks (and by the way, allowing them at least some useful battle damage assessment (BDA) information).
I would hate to think that good OPSEC might interfere with what is some of the best reporting available on our great efforts in Iraq. But I likewise think that MILBLOGGERS need to carefully (and prayerfully) consider if, in the interest of feeding a hungry audience, we likewise satisfy an avaricious enemy. This is an enemy who knows how and where to get information vital to making his efforts against us more deadly and effective, and knows how and where and to whom to get this information into the hands of those who would harm us.

If we ignore this responsibility, aren’t we doing the same as the big media we so frequently criticize? In the interest of “hits” and traffic (equivalent after all to ratings or circulation), we go for the gritty detail, and disregard real and significant concerns about whether this in some way increases the danger to our soldiers?

Sure, most of the more biased media pander to an anti-war agenda, and that’s destructive too, but any reporter or editor will tell you, “If it bleeds it leads.” There is a very strong profit motive to everything they do. If we broaden the meaning of profit to include that which benefits us or end results that we desire, if we seek that at the exclusion of any threat or risk considerations, we have put our own benefit above the soldiers we would claim to support.


Read the whole thing, it isn't as black and white as it may seem on first glance, but once again, since it is our soldiers who are most affected by this, I will keep bringing you their words as I can on this issue.

Miliblogging is my major source to find out the actualities on the ground in Iraq, but the media issue I am right on board with, until the media stops spreading the enemies propaganda like the sniper video from CNN, then CNN's crossing the line and offering that video for on demand or the New York Times showing a video of a soldier dying, against the military guidelines that the NYT signed, before the family had even been notified, or the many "leaked classified informations" pieces the NYT reports about without thought to how it could endanger our men and women in the field, until they stop deliberately working for the enemy, I hope they ARE treated as enemy moles.

There is a huge difference between freedom of speech or the press and "using" freedom of speech as a guise to hurt our country and until the liberals understand that difference they will continue to put our men and women in more danger than they are already in and THAT is unacceptable.

[Update] Hewitt interviews Alabama Senator Richard Shelby and asks about the miliblogging OPSEC regulations:

HH: The story I’m going to cover, the story I’m going to cover a lot today, Senator Shelby, has to do with the troops. You’re on the Defense Appropriations, so I’ll ask you. You obviously know about blogging, and how people use the internet.

RS: Sure.

HH: And how soldiers have been blogging from the front lines, and how it’s been very useful to keeping the public informed, et cetera. Today, the Army banned soldiers from blogging, just out and out banned them. What do you make of that?

RS: Oh, I don’t believe I would have done that. I think as long as they’re not giving away positions, and stuff like that, I’ve heard from a lot of our soldiers, and they’re very upbeat. You know, they say support the troops, that we’re doing well, and I believe them. I have some friends over there right now. I had one young man who is a Marine officer, and the head of a rifle company, as we speak, and I spoke to him, and I’ve visited with his family and so forth, and he’s very upbeat. And I think a lot of these troops have been. I think that we’ll have to see what happens. But to undermine our troops is just something I wouldn’t ever want to be a part of.

HH: Now I get e-mails from a colonel in Ramadi, and a colonel in Baghdad, they’re buddies of mine. I post them on my blog, and I want to continue to do that, because it’s first-hand information. Is that an appropriate subject for Defense Appropriations to look into?

RS: Well, I don’t…I’m sure this will probably be brought up when we get into this, or we have a hearing on something that’s relevant to this. But at the end of the day, I guess the commanders issued some order for some reasons unknown to me. I think if you’ve got good morale, which I believe they send the message back, we will do it.

HH: And so I hope you do support them getting their rights back…

RS: Oh, I would. I think we ought to hear from the soldiers. We should not try to shut up our soldiers. They’re in harm’s way, they’re carrying the brunt of this, and their families, and we should support them, and we should listen to them. But the ones I’ve been listening to are upbeat.

HH: That’s why I want to keep the information flowing.

RS: I think it’s good.

HH: These blogs…yeah, they paint a very different picture from what the media does. Last question, Senator Shelby. When do we get this money bill through Appropriations? When do you expect to have to be back there working? You guys have been, not you, but the Democrats have been taking their time.

[Update] Hat Tip to Snooper from Take Our Country Back: Original at Townhall from Hugh Hewitt.

ARMY CLARIFICATION ON MILITARY MEMBER BLOGS.

The Army has issued the following clarification, which makes it sound like the new new policy is the old policy. Fine by me:

Fact Sheet
Army Operations Security: Soldier Blogging Unchanged

Summary:
o America's Army respects every Soldier's First Amendment rights while also adhering to Operations Security (OPSEC) considerations to ensure their safety on the battlefield.
o Soldiers and Army family members agree that safety of our Soldiers are of utmost importance.
o Soldiers, Civilians, contractors and Family Members all play an integral role in maintaining Operations Security, just as in previous wars.

Details:
* In no way will every blog post/update a Soldier makes on his or her blog need to be monitored or first approved by an immediate supervisor and Operations Security (OPSEC) officer. After receiving guidance and awareness training from the appointed OPSEC officer, that Soldier blogger is entrusted to practice OPSEC when posting in a public forum.

* Army Regulation 350-1, "Operations Security," was updated April 17, 2007 - but the wording and policies on blogging remain the same from the July 2005 guidance first put out by the U.S. Army in Iraq for battlefield blogging. Since not every post/update in a public forum can be monitored, this regulation places trust in the Soldier, Civilian Employee, Family Member and contractor that they will use proper judgment to ensure OPSEC.
o Much of the information contained in the 2007 version of AR 530-1 already was included in the 2005 version of AR 530-1. For example, Soldiers have been required since 2005 to report to their immediate supervisor and OPSEC officer about their wishes to publish
military-related content in public forums.
o Army Regulation 530-1 simply lays out measures to help ensure operations security issues are not published in public forums (i.e., blogs) by Army personnel.

* Soldiers do not have to seek permission from a supervisor to send personal E-mails. Personal E-mails are considered private communication. However, AR 530-1 does mention if someone later posts an E-mail in a public forum containing information sensitive to OPSEC considerations, an issue may then arise.

* Soldiers may also have a blog without needing to consult with their immediate supervisor and OPSEC officer if the following conditions are met:
1. The blog's topic is not military-related (i.e., Sgt. Doe publishes a blog about his favorite basketball team).
2. The Soldier doesn't represent or act on behalf of the Army in any way.
3. The Soldier doesn't use government equipment when on his or her personal blog.

* Army Family Members are not mandated by commanders to practice OPSEC. Commanders cannot order military Family Members to adhere to OPSEC. AR 530-1 simply says Family Members need to be aware of OPSEC to help safeguard potentially critical and sensitive information. This helps to ensure Soldiers' safety, technologies and present and future operations will not be compromised.

* Just as in 2005 and 2006, a Soldier should inform his or her OPSEC officer and immediate supervisor when establishing a blog for two primary reasons:
1. To provide the command situational awareness.
2. To allow the OPSEC officer an opportunity to explain to the Soldier matters to be aware of when posting military-related content in a public, global forum.

* A Soldier who already has a military-related blog that has not yet consulted with his or her immediate supervisor and OPSEC officer should do so.

* Commands have the authority to enact local regulations in addition to what AR 530-1 stipulates on this topic.


Thanks Snooper!!!!



More to come...



.