DOD cracks down on geolocation devices and services

geospatial app (dolphfyn/

Defense Department personnel can no longer use geolocation features on any device -- personal or government issued -- in areas used for military operations, according to a DOD policy memo released Aug. 6.

In the memo, dated Aug. 3, DOD Deputy Secretary Patrick Shanahan wrote that devices, applications and services with geolocation capabilities pose a significant risk to personnel both on and off duty.

“The rapidly evolving market of devices, applications, and services with geolocation capabilities presents a significant risk to the Department of Defense personnel … and to our military operations globally,” Shanahan wrote.  “These geolocation capabilities can expose personal information, locations, routines, and numbers of Department personnel, and potentially create unintended security consequences and increased risk to the joint force and mission.”

The policy is effective immediately.  It covers operational areas where military operations are conducted, as designated by combatant commanders. The memo instructs commanders to conduct comprehensive, threat-based operations security surveys before designating operational areas.

Commanders can, however, authorize geolocation use on government-issued devices, applications and services if the mission calls for it. Leadership for DOD components must “consider the inherent risks associated with geolocation capabilities on devices, applications, and services, both non-government and government-issued, by personnel both on and off duty,” the memo states.

Additionally, commanders must ensure personnel receive appropriate training regarding the ban. DOD's annual cybersecurity awareness training will also be updated to help personnel identify and understand geolocation risks.

The memo didn’t specify how DOD will handle enforcement or potential violations, but department spokesperson Maj. Audricia Harris told FCW via email that it would be handled on the case-by-case basis.  The policy, she said, is meant to enhance operational security “in support of the broader mission in a balanced way that accounts for legitimate official and personal uses of geolocation technology that do not present an undue security risk.”

Harris said the policy was developed in response to “recent publicized demonstrations” that emphasize the need for “constant refinement of policies and procedures to enhance operations security and the protection of information.”

The memo directs DOD's CIO and the undersecretary for defense intelligence to jointly develop geolocation risk management guidance and training to inform commanders and heads of other DOD components when making risk decisions regarding these devices.

The Defense Information Systems Agency will release the new geolocation risk management guidance and training at

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.