Thanks to Secrecy News for posting the new DEPARTMENT OF THE NAVY POLICY FOR CONTENT OF PUBLICLY ACCESSIBLE WORLD WIDE WEB SITES.
After briefly reading through this 16 page document, I came across this interesting note on Navy blogging on page 14 of the PDF file:
5. Interactivity. DON commands/activities may maintain interactive Web sites to the extent that they allow visitors the ability to query the command via electronic mail (e-mail). Commands/activities are cautioned that establishing and maintaining this interactivity can be extremely labor-intensive.
a. DON commands may not operate unmoderated news groups, bulletin boards, or any other unrestricted access posting services. This specifically prohibits a publicly accessible, interactive site that supports automatic posting of information submitted by personnel other than those authorized by the command to post information. Some Web logs (blogs) may fall into this category. This does not, however, prohibit the command from posting frequent messages from the commanding officer or messages from the commandâ€™s constituents. There is also no prohibition on blogs operated by individual members as private citizens. The DON recognizes the value of this communication channel in posting current information and supporting the morale of personnel, their family and friends. As long as personnel adhere to specific restrictions on content, the DON encourages the use of blogs and recognizes this free flow of information contributes to legitimate transparency of the DON to the American public whom we serve.
Good to see that they don’t think all blogs are evil, but it is interesting to see an endorsement of free flow of information along side the instruction “As long as personnel adhere to specific restrictions on content.”
The Navy policy allows for persistent cookies and so-called “web bugs” under certain circumstances described on page 15 under “collecting personal data”:
6. Collection of Personal Data. Command Web sites shall not collect any personal data (name, address, phone number, etc.) about a visitor. Network identification and Internet protocol addresses are not considered personal data.
a. The use of persistent cookies or any persistent
identification element is prohibited on publicly accessible Web sites unless all of the following four conditions are met:
(2) There is a compelling need to gather the data on the site,
(3) Appropriate and publicly disclosed privacy safeguards exist for handling any information derived from the cookies; and
(4) The Secretary of Defense approves the use of persistent cookies. Requests for approval to use persistent cookies on public Web sites should be submitted to DON CIO at least 90 days prior to operational requirement date, via the appropriate chain of command. The request shall describe the need and the safeguards to be used to protect data, provide an explanation of why other technical approaches are inadequate, and include a copy of the privacy advisory proposed for use.
b. Web Bugs (i.e. tiny and/or invisible graphics on Web pages linked to third-party advertising, marketing, or eavesdropping entities or the like) and other automated means of collecting personally-identifying information without the express permission of the user requires the same approvals as described in paragraph 5d (above)
Other sections of the document are interesting too. Some quick stops:
- There are restrictions (sensisble to me) about posting family details or detailed contact information for all be senior officers (several parts of doc)
- Information on “navy.mil” or “marines.mil” must reflect official Navy policy (p. 2), but an except is made for unclassified dissertations or professional papers that meet an educational mission and carries a disclaimer.(pages 13-14)
- Commander Naval Network Warfare Command (NETWARCOM) and United States Marine Corps, Director, Command, Control, Communications, and Computers and Marine Corps CIO (C4/CIO) are charged to “ensure all information currently residing on the command/activity Web site is reviewed by the command/activity public affairs representative, is accurate, and is appropriate
for viewing by a worldwide audience, friend and foe alike. Information not suitable for a publicly accessible Web site must either be removed or placed on a restricted-access site.”
While I don’t believe that the military should put EVERYTHING on their web sites, I worry about putting the Network Warfare folks in charge of deciding what is not appropriate information.
If FGI readers out there are aware of other official DoD/branch web/blogging policies, please make a note of them in the comments section.