Because The Defense Department's Secure Communications Options Don't Work For Everyone, Soldiers Are Turning To Signal And WhatsApp
from the breaking-the-rules-to-stay-in-touch dept
The military has an obvious need for secure communications. It offered its support of encryption even as the NSA tried to find ways to undercut to make its surveillance ends easier to achieve.
The problem is the military doesn’t have a great plan for securing communications between personnel. Due to tech limitations the Defense Department has yet to overcome (despite billions in annual funding), soldiers are turning to third-party messaging services to communicate orders and disseminate information.
The use of the encrypted messaging app Signal is ubiquitous within the Department of Defense. Service members have received briefings about operational security (OPSEC) and information security (INFOSEC) and have taken the dangers of living in a digital world seriously by making sure that the work-related text messages they send on their cell phones are encrypted. The contradiction is that using Signal for official military business is against regulations.
Securing communications apparently means breaking the rules. The DoD forbids the use of non-DoD-controlled messaging services to handle the distribution of nonpublic DoD information. The Defense Department insists personnel use its services, but those services can’t be accessed by employees who don’t have military-issued cell phones. And everyone has a cell phone, so it’s often easier to use third-party platforms to communicate.
When this happens, it raises the risk that unauthorized access or sharing of information could occur. It also puts many communications beyond the reach of public records requests, which often cannot access communications between privately owned devices.
And there appears to be no fix on the immediate horizon. The Defense Department is quick to point out the use of Signal and WhatsApp violates regulations. But it has nothing in place that would allow the many military members not in possession of government-issued cell phones to communicate when out in the field.
This is what the Secretary of Defense’s Public Affairs Officer (Russell Goemaere) told Audacy when asked about how military members were expected to use DoD-approved communications platforms they didn’t actually have access to on their personal devices.
“DoD365 provides a messaging capability that is approved for CUI and use on DoD mobile devices. The Services are in the final stages of testing Bring Your Own Approved Device (BYOAD) and Bring Your Own Device (BYOD) solutions that provide access to the DoD365 collaboration capability on service member’s personal devices,” Goemaere said.
It’s 2022 and the Defense Department is only at the “final stage of testing” for solutions it needed years ago. Cell phone usage has been ubiquitous for nearly two decades at this point. For the Department to still be weeks or months away from a solution should be considered unacceptable. Denying soldiers access to third-party options means cutting them off from communications that can often have life-or-death implications.
This also means the Defense Department is still weeks or months away from ensuring communications subject to FOIA law are being captured and retained. The priority should still be personnel safety, but this is another downside of the Defense Department’s slow roll into the 21st century.