DOD aims to curb geolocation data spills
- By Lauren C. Williams
- Aug 07, 2018
Geolocation features available in phones, smart watches, fitness trackers and other devices may no longer be used by Defense Department personnel while in areas designated for military operations, according to a DOD policy memo released Aug. 6.
DOD Deputy Secretary Patrick Shanahan said in the memo that all devices, applications and services with geolocation capabilities -- both personal and government issued -- pose a significant risk to military operations and to personnel both on and off duty.
“These geolocation capabilities can expose personal information, locations, routines, and numbers of Department personnel, and potentially create unintended security consequences and increased risk to the joint force and mission,” Shanahan wrote.
The policy is effective immediately. It covers operational areas where military operations are conducted, as designated by combatant commanders. The memo instructs commanders to conduct comprehensive, threat-based operations security surveys before designating operational areas and ensure personnel receive appropriate training regarding the ban.
In May, DOD restricted the use of personal mobile devices inside secure areas of the Pentagon. The policy prohibited personal and unclassified government-issued mobile devices in secure spaces, with the devices must be turned off and stored in lockers outside the secure space.
"Interim mitigations" would be applied to government-issued unclassified laptops that included disabling the camera, microphone and Wi-Fi. The ban excluded approved medical devices and mobile devices with limited storage or data transmission capabilities, such as key fobs for automobiles or home security systems. It did, however, allow fitness trackers as long as they didn't have a camera, microphone, cellular or Wi-Fi capabilities.
In January, the Central Command press office in Kuwait told the Washington Post that it was revising its guidelines on the use of wireless devices after service members' workout routes around military bases were shown in a heat map published online by Strava, the maker of a fitness tracking app.
The Defense Information Systems Agency will release the new geolocation risk management guidance and training at https://iase.disa.mil.
Portions of this article were first posted to FCW, a sibling site to GCN.
Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.