Cheryl Pellerin
DOD News
August 10, 2016
WASHINGTON, Aug. 10, 2016 — The Defense Department has released an update of procedures, first published in 1982, that govern the conduct of DoD intelligence activities.
The boundaries between traditional cyber threats and traditional electronic warfare threats have blurred. The Integrated Cyber and Electronic Warfare program at the Army Research, Development and Engineering Command’s Communications-Electronics Research, Development and Engineering Center looks to leverage cyber and electronic warfare capabilities as an integrated system to increase situational awareness of commanders. Army illustration
DoD Manual 5240.01, “Procedures Governing the Conduct of DoD Intelligence Activities,” is put into effect following Executive Order 12333, which authorizes certain members of the intelligence community to collect, retain or disseminate information about U.S. persons.
“The procedures set out rules governing how DoD intelligence elements will conduct activities supporting their missions while safeguarding legal rights and protections guaranteed by the Constitution to all U.S. persons,” Michael Mahar, the DoD senior intelligence oversight official, told DoD News in a recent interview.
The manual defines U.S. persons as U.S. citizens, lawful permanent resident aliens, and unincorporated associations substantially composed of U.S. citizens or permanent resident aliens, and U.S. corporations.
“The procedures were carefully and methodically developed in 1982 and they’ve served us well for the many years since then,” Mahar said. “But we’ve reached the point now that, due to changes in technology, law, and intelligence-collection practices, we were compelled to do a significant overhaul.”
Mahar, who is also deputy director for oversight and compliance in the Office of the Deputy Chief Management Officer, said similar guidelines are being updated across the IC.
In accordance with EO 12333, Defense Secretary Ash Carter and Attorney General Loretta Lynch have approved the updated manual after consultation with the director of national intelligence.
Interagency Process
The effort to update the 1982 DoD manual’s procedures was an interagency process, Mahar explained.
“We went line by line, procedure by procedure,” he said, working with senior representatives of all defense intelligence components as the updated guidelines were finalized.
DoD officials included representatives from the military services, the Joint Staff and several defense and combat support agencies, including the Defense Intelligence Agency, the National Geospatial-Intelligence Agency, the National Reconnaissance Office, the National Security Agency, and the Joint Improvised-Threat Defeat Agency.
“We worked closely with the Justice Department and the Office of the Director of National Intelligence because EO 12333 requires approval by the attorney general after consultation with the DNI,” he said, noting that the process was a good example of interagency collaboration.
“We took a very complex set of procedures and effectively updated them to deal with current and near-future operating practices and capabilities,” he said.
Updated Procedures
The manual’s procedures govern the collection, retention and dissemination of information concerning U.S. persons, including collection techniques such as electronic surveillance, concealed monitoring, physical searches and physical surveillance.
Mahar said some of the major changes included updated procedures for collecting, retaining and disseminating information about U.S. persons, updated procedures enabling defense intelligence components to conduct vital activities while protecting the privacy and civil liberties of U.S. persons, and updates based on changes in EO 12333, the Foreign Intelligence Surveillance Act and other recent laws and policies.
Army and Air National Guardsmen operate as blue team defenders in the Cyber City area of operations during exercise Cyber Shield 2016 at Camp Atterbury, Ind., April 20, 2016. Cyber Shield 2016 is an Army National Guard cyber training exercise designed to develop and train cyber-capable forces including members of the National Guard, Army Reserve, Marine Corps and other federal agencies. Army photo by Sgt. Stephanie A. Hargett
The updated procedures also make clear that information is “collected” – a key term that triggers protections in the guidelines – when it is received by a DoD IC component.
The definition will ensure that the framework in the guidelines will apply clearly and consistently, including retention periods and mandatory deletion requirements for information on U.S. persons that has not been determined to meet the standard for retention, and provisions governing sharing and retaining the information within the intelligence community, Mahar said.
The revised manual also provides a framework of distinct rules for information about U.S. persons that was intentionally or incidentally collected, or that was voluntarily provided to an intelligence community component.
The framework requires the prompt evaluation of USP information for permanent retention where the information was intentionally collected or voluntarily provided. For other information, it provides a longer period but enhances protections for the information, including new access and query rules.
It also creates a new framework governing “special circumstances” collection of information on U.S. persons. Special circumstances collection requires that an accountable senior intelligence official makes specific decisions about the intelligence value of collecting certain information on U.S. persons, Mahar said.
The senior official makes such decisions based on the volume, proportion and sensitivity of the information, and the intrusiveness of the collection method. The senior official must also consider adding enhanced handling safeguards.
The framework also adds specific roles for civil liberties and privacy officials.
Automating Access
The changes also include rules that govern data repositories shared among intelligence organizations, and expanded procedures for disseminating U.S. persons information inside and outside DoD to meet intelligence community data-sharing requirements.
Mahar said the revised procedures will enable the development of a common platform where the intelligence community can easily and securely share technology, information, and resources. This is consistent with the Intelligence Community Information Technology Enterprise, known as IC ITE (pronounced ‘eye site’), the strategy to further the DNI’s vision of intelligence integration by changing the intelligence community information technology operating environment, he said.
No comments:
Post a Comment