The MoD and WikiLeaks

Discussion in 'Staff College and Staff Officers' started by alfred_the_great, Dec 30, 2010.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. As a result of the wikileaks saga, is it time for the MoD and Armed Forces to be much more proactive in publishing information that we hold?

    I know the Int Corp board has discussed this, and I don't mean that we should be releasing TS stuff, but, for example, how much of the SDSR supporting paperwork can be released? Or nearly all of our J1 process related documentation, including all of our discretionary spending (with appropriate notes) could be released without the world falling in our heads. I've no doubt there are other documents that could be released (i.e. why not make all of ArmyNet free for the Internet to see? Does it really matter if MS's process are revealed?)

    I know there are some very real, and appropriate, concerns over OpSec, however much we might think that we are immune to a Bradley Manning type of situation, the truth is, we are not. Would it not be better to be proactive rather than wait for yet another problem to hit the MoD, and continue to be on the defensive?
     
  2. meridian

    meridian LE Good Egg (charities)

    interesting, there is a theory that says over classification and restriction is bad for information security
     
  3. Yep - and I bet it's never made it into the MoD.

    How much of the stuff we call RESTRICTED and PROTECT actually need that classification? Part of the Defence Clothing catalogue is not available on ArmyNet - I can guess the reason why, but do we really need to protect that information? It's not like it's going provide any kind of help to people who may face that capability.
     
  4. I agree with the idea that we over-classify to our own detriment, but you haven't really given an adequate "to what end?"... why should it be done? what would the benefit be?
     
  5. What if the Yanks saw it? Couldn't possibly go into battle wearing the same outfit!
     
  6. Why not? (is the glib answer)

    The longer answer is prompted by this pronouncement by the Information Commissioner:

    Ministers must 'wise up not clam up' after WikiLeaks disclosures | Politics | The Guardian

    set me thinking. We are nearly always on the back foot over this type of thing, and react to a story in the press that is hyped up to something that doesn't bear scrutiny. However, it does us reputational damage, and we can't control the story.

    Moreover, how much stuff have we all seen that crosses our desks that doesn't need to be RESTRICTED or PROTECT? Lets get it out there - we could probably overwhelm the media with the sheer quantity of it, and the next time they try to stick a "leak" story on us, we can point to the fact that actually we've already released it. This has the additional advantage of actually focusing on properly protecting the information that needs protecting, and getting rid of much of the b*llocks surrounding the lower classifications.

    I also think we should be much more proactive in publishing the expenses of every 1* and above. The expenses scandal is still swirling around, and we have nothing to hide. If we can put it out there, with the appropriate explanation and context we'll stop any scandals happening.

    [Just to re-iterate, I do think there is lots of information we need to keep secret (and SECRET), and that doesn't need releasing!]
     
  7. Short answer "Yes we should but no we won't".

    I'd suggest that information is power and therefore if I restrict access to the information I have I am more powerful because people have to come to me to ask instead of just reading the information. Thus people restrict access to improve their position within an organisation. Further if access to information I generate is restricted the number of people who can point out that what I wrote is a load of twaddle is reduced.

    Given that I've seen this happen in commercial private companies, I'd take it as axiomatic that the civil service does this to excess and where more so than in the MoD where the argument "National Security" trumps all objections.
     
  8. Guns

    Guns LE Moderator Book Reviewer
    1. The Royal Navy

    PROTECT information shouldn't be published because by its nature it is Data Protection Act style material. The other classifications are over used and sometimes under used so CONF can be done on DII (I know none of you would ever dream of doing that).

    It is a hard one, an area I have worked in and trust me at the highest levels it is discussed. There are many factors, the main one being the unintentional release of sensitive or classified work due to a system error.

    Interesting debate to have.
     
  9. Alfred, fair enough, as far as it goes.

    I enjoyed the comment a few years ago... a Texan and a Brit chatting away and the Texan said "you know I think you could fit Britain into Texas 10 times", to which the Brit answers, "indeed but to what end?"

    I am happy with the idea of it all coming out in the end, but surely we have to accept that there are some things we do not want people to know. A lot of stuff that has PROTECT status is usually under the PROTECT gambit because of the aggregation of information and dare I say it Data Protection (I say dare I say it, because everyone is in an awful tiz about it at the moment: recently cited to me was a council which faxed details of a member of the public to the wrong lawyer and were fined a ridiculous amount of £ under the DPA).

    I am looking at the things on my desk which are not PM but should be: a report which details a soldier's marital breakdown, the age and sex of his children, his performance, his DOB and home address, the role his family have in the case and allegations of marital infidelity. It was sent to me by unclass email as a document entitled Doc1.doc !!!! I think that sort of information should be rather less casually handled.

    I have another document which details TTPs and TOs for ops which is not PM!

    I think that because we over-classify we are too casual with it.

    We are too casual with the information we are responsible for, we need to tighten up our management of data and information. The current PM system may just be the way to impose good managamenet practices, until we are confident in the information we have. Much of the stuff that we create is needlessly created, or would be needless if we had appropriate MIS rather than the half-breed which is JPA.