Feeds

US surveillance of soldiers' blogs sparks lawsuit

Rock the Kasbah

High performance access to file storage

The US Army is being sued by a privacy group that wants the military to come clean about how it monitors websites and soldiers' blogs for potential military leaks.

The Electronic Frontier Foundation (EFF) lawsuit (PDF) against the Department of Defense comes after the Department of Defense and Army failed to respond to Freedom of Information Act (FOIA) requests about the blog monitoring programme.

According to news reports cited by the EFF, an Army unit called the Army Web Risk Assessment Cell (AWRAC) reviews hundreds of thousands of websites every month, notifying webmasters and bloggers when it finds "sensitive information". Some bloggers complain the unit's remit extends beyond a legitimate attempt to restrict the disclosure of military secrets, effectively forcing them to censure posts about their feelings about the conflict or shut down sites altogether.

"Soldiers should be free to blog their thoughts at this critical point in the national debate on the war in Iraq," EFF staff attorney Marcia Hofmann said. "If the Army is colouring or curtailing soldiers' published opinions, Americans need to know about that interference."

EFF's suit demands records on how the AWRAC operates, as well as any orders to soldiers about revision or deletion of web posts. "Of course, a military effort requires some level of secrecy. But the public has a right to know if the Army is silencing soldiers' opinions as well. That's why the Department of Defense must release information on how this program works without delay," Hofmann added.

Gordon Van Vleet, public affairs officer for the Army's Network Enterprise Technology Command, which oversees AWRAC, declined to comment on the lawsuit but furnished Computerworld with an explanation of the unit's work. AWRAC, founded in 2002, is tasked with looking for operational security violations, a task that extends to monitoring online posts using various search tools to look for potentially sensitive information.

According to an Army statement: "AWRAC notifies webmasters and blog writers when they find documents, pictures, and other items that may compromise security. AWRAC reviews for information on public websites which may provide an adversary with sensitive information that could put soldiers or family members in danger. AWRAC assesses the risk the information poses to the military and determines if the next step is to request the information be removed."

The unit has no legal authority to insist on changes to postings, much less for a site to be taken down, but it does have influence, not least because a soldier's superiors get informed of its potential concerns. AWRAC's also has an educational role in guiding soldiers on the use of blogs and monitors public websites for postings made by soldiers that might include security breaches.

The EFF's attempt to force the government's hand on blog monitoring comes as part of the privacy group's FLAG Project, which uses FOIA requests and litigation to expose the government's perceived invasions of privacy. Previous lawsuits have demanded information about the FBI's database of personal information and the Department of Homeland Security's controversial "No Fly" programme, which assigns secret "risk assessment" scores to American travellers. ®

3 Big data security analytics techniques

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.