I am working on what may end up being a multi-part piece on Mexican DTO’s, but that research (in addition to my graduate work and…uhh… work) will take bit.
In the meantime, I got some requests to discuss OPSEC. OPSEC is a serious subject and it is thrown around a lot, sometimes correctly and sometimes incorrectly. So let us start with defining it. According to DoD Directive 5205.02 (DoD Operations Security (OPSEC) Program) OPSEC is:
E2.1.3. Operations Security (OPSEC). A process of identifying critical information and analyzing friendly actions attendant to military operations and other activities including:
E18.104.22.168. Identify those actions that can be observed by adversary intelligence systems.
E22.214.171.124. Determining indicators that hostile intelligence systems might obtain that could be interpreted or pieced together to derive critical intelligence in time to be useful to adversaries.
E126.96.36.199. Selecting and executing measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to adversary exploitation.
This is a DoD wide instruction, however, there are similar instructions for agencies outside the DoD including but not limited to: The Department of Commerce, CIA, and FBI.
Part of the aforementioned regulation requires that all commands develop an OPSEC program that requires the following:
The respective organizations are expected to conduct an OPSEC survey and an assessment, which is typically conducted annually (although the periodicity varies based on the threat). This is a command-coordinated program usually directed by the Special Security Office (SSO); however, OPSEC is everyone’s responsibility. Leaders have a tendency to enforce this vigorously. So you say, “Great…this is an awesome system to protect our guys on the ground!”
I agree – conditionally.
OPSEC is a program like communism, works great in theory, but the program has the same problem communism does. Someone is always more communist than you. Particularly in the SOF world. Someone is always the OPSEC Nazi.
So you say “But…but…but Coriolanus…how can someone be TOO concerned about security?” I will provide two good examples and give you a citation so you can look it up.
According to James Adams, Operation Eagle Claw and Operation Urgent Fury were both examples where OPSEC was so stringent that it actually interfered with the ability of the respective units involved to communicate effectively with each other.
Prior to the execution of Operation Eagle Claw, the Joint Chiefs of Staff put together a team of personnel who had never worked together before and this team was not fully aware of the situation for which they were training. During Operation Urgent Fury, the Marines aboard the USS Guam were issued a “radio silence” order while they were parked off the coast of Grenada. This in essence prevented them from communicating effectively and the amphibious readiness group (ARG) was reduced to using semaphore to communicate with each other.
So let me say this: OPSEC is good…but not better than common sense. Practice OPSEC, but stay aware of when it begins to impact operations. In fact the cited version of the directive states:
5.1.4. Coordinate and deconflict OPSEC matters affecting more than one DoD Component and identify other U.S. Government department or agency policies that may adversely affect DoD OPSEC posture.
OPSEC and Intelligence: What is the difference?
Intelligence covers a specific number of subjects as defined in Executive Order 13526, specifically:
(a) military plans, weapons systems, or operations;
(b) foreign government information;
(c) intelligence activities (including covert action), intelligence sources or methods, or cryptology;
(d) foreign relations or foreign activities of the United States, including confidential sources;
(e) scientific, technological, or economic matters relating to the national security;
(f) United States Government programs for safeguarding nuclear materials or facilities;
(g) vulnerabilities or capabilities of systems, installations, infrastructures, projects, plans, or protection services relating to the national security; or
(h) the development, production, or use of weapons of mass destruction.
Anything not covered by these topics fits under OPSEC auspices. Both have a penalty associated with them if violated, but I assure you that disclosing classified information is significantly greater than an OPSEC violation. It is a violation of United States Title Code, a fancy way of saying you broke the law. Both will get people killed, but unauthorized disclosure of classified information has tendency to get a LOT of people killed. The only three levels of classification within the US government are:
(1) “Top Secret” shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security that the original classification authority is able to identify or describe.
(2) “Secret” shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security that the original classification authority is able to identify or describe.
(3) “Confidential” shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to the national security that the original classification authority is able to identify or describe.
You will note that the unauthorized disclosure of TS material is expected to cause “exceptionally grave damage to the national security…” It is not just our troops that could die, but also our sources, and even other affiliated personnel. It is why you need to undergo a Single Scope Background Investigation (SSBI) to get access.
For the record, I have had Uncle Sam’s thumb up my ass for about ten years. I always remember a clearance is a privilege not a right, and requires a great deal of responsibility to maintain. The clearance can be pulled for any reason the government sees fit. For an intelligence analyst, that is a death sentence. “No clearance, no workie.” So the analyst is governed by both OPSEC and classified information.
Frequently our shooters will have a SECRET; this means they are also responsible for both, but may not indoctrinated effectively into what that really means or how to distinguish.
The author of “No Easy Day” likely retained a TS/SCI, but may not have worked with TS/SCI data daily. He stands accused of violating the law, not a DoD Directive. Unauthorized disclosure of classified information is a violation of the law. The penalties are stiff.
He probably had the clearance to receive briefings (and participate in some SAPs or STO’s), but that was 30 minutes of his day (if he was lucky it took only that long). After that, he goes out into no man’s land and does his business. Analysts work daily with this type of information. Thus, frequently there is a disconnect between a shooter and analyst. It is up to the analyst to mitigate that, not the shooter. It’s a tricky symbiosis and not easily achieved. It needs trust and rapport to live.
Hard to do.
Adams, James. Secret Armies: The Full Story of S.A.S., Delta Force, & Spetsnaz. London: Hutchinson, 1988
Department of Defense. “DoD Operations Security (OPSEC) Program“. Department of Defense, March 6, 2006.
United States Army. “Army Regulation 530-1 Operations Security (OPSEC)“. Department of Defense, April 19, 2007. .
White House. “Executive Order 13526- Classified National Security Information“. White House, December 29, 2009. .
(Featured Image Courtesy: DVIDSHub.net)