Defense Office Protects Privacy, Liberties of Troops, Civilians

WASHINGTON — A small and lit­tle-known Defense Depart­ment office has the big task of pro­tect­ing ser­vice mem­bers’ and civil­ian employ­ees’ per­son­al infor­ma­tion in the dig­i­tal world, while also get­ting accus­tomed to its new charge of pro­tect­ing their civ­il lib­er­ties.

The Defense Pri­va­cy and Civ­il Lib­er­ties Office is work­ing to reduce offi­cial uses of Social Secu­ri­ty num­bers and to edu­cate the work­force about appro­pri­ate uses of social net­work­ing and the need for encrypt­ing work­place email, the office’s direc­tor, Michael E. Reheuser, said dur­ing a recent inter­view with Amer­i­can Forces Press Service. 

“We want to make sure that every­thing we do across the depart­ment, we’re doing the best we can to pro­tect people’s pri­va­cy inter­ests, and their civ­il lib­er­ties inter­ests,” he said. 

The pri­va­cy side of the office began in the 1970s post-Water­gate era over con­cerns about gov­ern­ment intru­sions. It car­ried out its charge of giv­ing advice, train­ing and fil­ing offi­cial reports for decades, while evolv­ing into the Infor­ma­tion Age with its added poten­tial for wide­spread mis­use of per­son­al infor­ma­tion online, said Reheuser, a retired Marine Corps colonel who served as DOD’s asso­ciate deputy gen­er­al coun­sel before head­ing up the pri­va­cy and civ­il lib­er­ties office. 

Con­gress added the civ­il lib­er­ties com­po­nent in DOD and sev­en oth­er depart­ments and agen­cies two years ago at the rec­om­men­da­tion of the 9/11 Com­mis­sion, which focused on the need for bet­ter infor­ma­tion-shar­ing among fed­er­al agen­cies to pre­vent ter­ror­ist attacks. As part of its civ­il lib­er­ties work, the office is charged with ensur­ing that agen­cies don’t share infor­ma­tion that infringes on civ­il lib­er­ties, Reheuser said. 

The office, which reports to Michael L. Rhodes, direc­tor of admin­is­tra­tion and man­age­ment in the Office of the Sec­re­tary of Defense, must file quar­ter­ly reports to Con­gress regard­ing DOD pri­va­cy and civ­il lib­er­ties mat­ters. It filed its first report on civ­il lib­er­ties in the last quar­ter, Reheuser said. 

The office focus­es pri­mar­i­ly on inter­nal issues � those of ser­vice mem­bers and DOD civil­ians — which range from pro­tect­ing Social Secu­ri­ty num­bers and Inter­net-based infor­ma­tion on the pri­va­cy side, to ensur­ing First Amend­ment pro­tec­tions of reli­gion and free speech on the civ­il lib­er­ties side, Reheuser said. 

Exam­ples of com­plaints referred to the office include that of a ser­vice mem­ber who drove his car on base bear­ing a bumper stick­er crit­i­cal of the com­man­der in chief, and those from ser­vice mem­bers who said their reli­gious-based dietary restric­tions were com­pro­mised by room­mates. The office also may look into exter­nal issues, such as pos­si­ble rights vio­la­tions of civil­ian vis­i­tors to mil­i­tary prop­er­ties, but those are rare, Reheuser said. 

The office does not adju­di­cate cas­es, Reheuser stressed, but rather inves­ti­gates whether the prop­er rules and reg­u­la­tions are in place to safe­guard against prob­lems, then reports its find­ings to Congress. 

“We’re try­ing to avoid dupli­cat­ing what’s already in place,” he said. “We have lots of great mech­a­nisms for peo­ple con­cerned about issues to report those, and we don’t want add a new lay­er to that. What we want to do is make sure we gath­er the infor­ma­tion about those com­plaints and report it to Congress.” 

With only 20 employ­ees, Reheuser said, the office reviews every DOD instruc­tion and pol­i­cy to make sure all fol­low pri­va­cy and civ­il lib­er­ties laws. Because of its small staff, the office relies on the mil­i­tary ser­vices and oth­er DOD offices to inform its work, and share infor­ma­tion about the office, he said. 

The office’s pri­or­i­ties now are on reduc­ing offi­cial uses of Social Secu­ri­ty num­bers and train­ing employ­ees on breach man­age­ment on the pri­va­cy side, and on stand­ing up the civ­il lib­er­ties side, Reheuser said. 

With Social Secu­ri­ty num­bers, he said, “We want to make sure that, as a depart­ment, we are not unnec­es­sar­i­ly using Social Secu­ri­ty num­bers because we know that if that infor­ma­tion is stolen, it can lead to iden­ti­ty theft very quickly.” 

Reheuser said he has received reports of unnec­es­sary uses of Social Secu­ri­ty num­bers, such as ser­vice mem­bers hav­ing to present them to check out a vol­ley­ball at a gym. The office is assist­ing in the review of all forms used to col­lect Social Secu­ri­ty num­bers and elim­i­nate all for which the num­bers aren’t essen­tial to busi­ness, he said. 

The office also is work­ing to train and edu­cate ser­vice mem­bers and employ­ees that they need to encrypt all email that con­tain per­son­al­ly iden­ti­fi­able infor­ma­tion, and to send to peo­ple on a need-to-know basis only. 

With more than 7 mil­lion com­put­ers and hand­held devices in the depart­ment, “there are lots of ways that peo­ple inad­ver­tent­ly share per­son­al­ly iden­ti­fi­able infor­ma­tion,” Reheuser said. 

“If you’re rely­ing sole­ly on the fire­walls, you prob­a­bly should be more care­ful than that,” he said. “Encryp­tion safe­guards beyond firewalls.” 

The pri­va­cy and civ­il lib­er­ties office does­n’t have the lead on social net­work­ing, but does mon­i­tor poli­cies and prac­tices, and offer train­ing and advice. Most­ly, Reheuser said, peo­ple just need to be more cautious. 

“Social media is becom­ing more of a threat as more and more peo­ple use it, and they’re slop­py about it,” he said. “If you watch what peo­ple tweet, and what they blog, and what they post to Face­book, you won­der, ‘Did you real­ly want to say that? Did you real­ly think it through?’ 

“Our big catch phrase is, ‘Think before you post,’ ” he con­tin­ued. “Think to your­self, would I put this on a sign in my front yard? If not, then you might not want to put it on the Inter­net, because once you put it up there, you can’t get it back.” 

With more than 1,500 offi­cial DOD web­sites, there is no real way to mon­i­tor even offi­cial sites, Reheuser acknowl­edged, so the office is work­ing to edu­cate every­one on good Inter­net prac­tices whether they work on offi­cial sites or for their own use. 

“We rely a lot on the indi­vid­ual judg­ment of our sol­diers, sailors, air­men and Marines, and we’re try­ing to edu­cate them and let them know that some­thing that might be appro­pri­ate for a civil­ian to post, is not appro­pri­ate for a ser­vice mem­ber,” he said. 

“Peo­ple real­ly do think, ‘This is mine, and I can say what­ev­er I want on it,’ and of course we want to encour­age free­dom of speech,” he added. “But in the mil­i­tary, we don’t have as much free­dom of speech as we do out­side the military.” 

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)