Army severely restricts military blogs

The Army has issued revised regulations that set stringent new limits on soldiers’ ability to participate in blogs on the Internet. The regulations are so strict that they even set limits on the ability of families and contractors to contribute their writings — even though the Army regulations are off-limits to them.Wired News first reported the policy change May 2. The revised Regulation 530-1, “Operations Security (OPSEC),” was issued April 19.In the second chapter of the regulation, which states the responsibilities of personnel at all levels, the Army has decreed its personnel “will…consult with their immediate supervisor and their OPSEC officer for an OPSEC review prior to publishing or posting information in a public forum. …This includes, but is not limited to letters, resumes, articles for publication, electronic mail (e-mail), Web site postings, Web log (blog) postings, discussion in Internet information forums, discussion in Internet message boards or other forms of dissemination or documentation.”The regulation applies to “military and civilian personnel of the Active Army, the Army National Guard of the United States/Army National Guard, the United States Army Reserve and related activities of those organizations. Contractors must comply with contractually imposed Operations Security requirements. This regulation applies during all phases of operations, including training, readiness and mobilization.”Family members also are included in the definition of “Total Army,” which defines the community over which the Army Department has jurisdiction. “Actively encourage others (including family members and family readiness groups…) to protect critical and sensitive information,” the regulation states.But the regulation has been labeled “For Official Use Only,” which means family members — and many contractors — are not supposed to have access to the new standards.The regulation does not limit itself to the broader military community, however, but extends its policing further afield.Designated commanders of the “Army Web Risk Assessment Cells” are tasked with “conduct[ing] routine checks of Web sites on the World Wide Web for disclosure of critical and/or sensitive information that is deemed a potential OPSEC compromise. Web sites include, but are not limited to, Family Readiness Group …pages, unofficial Army Web sites, soldiers’ Web logs…and personal published or unpublished works related to the Army.”These commanders are expected to ensure that suspected data found on the Internet is reviewed and analyzed, and to “recommend actions to remove inappropriate security and personal information from publicly accessible Web sites on the World Wide Web.”The information to which the regulation applies is not limited to classified data, but covers anything that could be considered critical information — any specific data about capabilities, activities, limitations and vulnerabilities, which an adversary could analyze to take hostile action.“Critical information that is unclassified especially requires OPSEC measures because it is not protected by the requirements provided to classified information,” the regulation states.