Feeds

US surveillance of soldiers' blogs sparks lawsuit

Rock the Kasbah

Choosing a cloud hosting partner with confidence

The US Army is being sued by a privacy group that wants the military to come clean about how it monitors websites and soldiers' blogs for potential military leaks.

The Electronic Frontier Foundation (EFF) lawsuit (PDF) against the Department of Defense comes after the Department of Defense and Army failed to respond to Freedom of Information Act (FOIA) requests about the blog monitoring programme.

According to news reports cited by the EFF, an Army unit called the Army Web Risk Assessment Cell (AWRAC) reviews hundreds of thousands of websites every month, notifying webmasters and bloggers when it finds "sensitive information". Some bloggers complain the unit's remit extends beyond a legitimate attempt to restrict the disclosure of military secrets, effectively forcing them to censure posts about their feelings about the conflict or shut down sites altogether.

"Soldiers should be free to blog their thoughts at this critical point in the national debate on the war in Iraq," EFF staff attorney Marcia Hofmann said. "If the Army is colouring or curtailing soldiers' published opinions, Americans need to know about that interference."

EFF's suit demands records on how the AWRAC operates, as well as any orders to soldiers about revision or deletion of web posts. "Of course, a military effort requires some level of secrecy. But the public has a right to know if the Army is silencing soldiers' opinions as well. That's why the Department of Defense must release information on how this program works without delay," Hofmann added.

Gordon Van Vleet, public affairs officer for the Army's Network Enterprise Technology Command, which oversees AWRAC, declined to comment on the lawsuit but furnished Computerworld with an explanation of the unit's work. AWRAC, founded in 2002, is tasked with looking for operational security violations, a task that extends to monitoring online posts using various search tools to look for potentially sensitive information.

According to an Army statement: "AWRAC notifies webmasters and blog writers when they find documents, pictures, and other items that may compromise security. AWRAC reviews for information on public websites which may provide an adversary with sensitive information that could put soldiers or family members in danger. AWRAC assesses the risk the information poses to the military and determines if the next step is to request the information be removed."

The unit has no legal authority to insist on changes to postings, much less for a site to be taken down, but it does have influence, not least because a soldier's superiors get informed of its potential concerns. AWRAC's also has an educational role in guiding soldiers on the use of blogs and monitors public websites for postings made by soldiers that might include security breaches.

The EFF's attempt to force the government's hand on blog monitoring comes as part of the privacy group's FLAG Project, which uses FOIA requests and litigation to expose the government's perceived invasions of privacy. Previous lawsuits have demanded information about the FBI's database of personal information and the Department of Homeland Security's controversial "No Fly" programme, which assigns secret "risk assessment" scores to American travellers. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.