Army moves to contain, maybe kill, military blogs

The Army has issued revised regulations that set stringent new limits on soldiers' ability to participate in blogs on the Internet. The regulations are so strict that they even set limits on the ability of families and contractors to contribute their writings ' even though the Army regulations are off-limits to them.

Wired News first reported the policy change on May 2. The revised Regulation 530-1, 'Operations Security (OPSEC),' was issued April 19.

In the second chapter of the regulation, which spells out the responsibilities of Army personnel at all levels, the Army has decreed its personnel 'will ' consult with their immediate supervisor and their OPSEC Officer for an OPSEC review prior to publishing or posting information in a public forum. ' This includes, but is not limited to letters, resumes, articles for publication, electronic mail (e-mail), Web site postings, Web log (blog) postings, discussion in Internet information forums, discussion in Internet message boards or other forms of dissemination or documentation.'

The regulation applies to 'military and civilian personnel of the Active Army, the Army National Guard of the United States/Army National Guard, the United States Army Reserve and related activities of those organizations. Contractors must comply with contractually imposed Operations Security requirements. This regulation applies during all phases of operations, including training, readiness and mobilization.'

Family members also are included in the definition of 'Total Army,' which defines the community over which the Department of the Army has jurisdiction. Army personnel are told to 'actively encourage others (including family members and family readiness groups ') to protect critical and sensitive information.'

But the regulation has been labeled 'For Official Use Only,' or FOUO, which means family members ' and many contractors ' are not supposed to have access to the new standards.

The regulation does not limit itself to the broader military community, however, but extends its policing further afield.

Designated commanders of the 'Army Web Risk Assessment Cells' are tasked with 'conduct[ing] routine checks of Web sites on the World Wide Web for disclosure of critical and/or sensitive information that is deemed a potential OPSEC compromise. Web sites include, but are not limited to, Family Readiness Group ' pages, unofficial Army Web sites, soldiers' Web logs ', and personal published or unpublished works related to the Army.'

These commanders are expected to ensure that suspected data found on the Internet is reviewed and analyzed, and to 'recommend actions to remove inappropriate security and personal information from publicly accessible Web sites on the World Wide Web.'

The information to which the regulation applies is not limited to classified data, but covers anything that could be considered 'critical information' ' any specific data about capabilities, activities, limitations and vulnerabilities, which an adversary could analyze to take hostile action.

'Critical information that is unclassified especially requires OPSEC measures because it is not protected by the requirements provided to classified information,' the regulation stated.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group