Cultural Understanding in U.S. Army Doctrine

“Understanding culture is essential in conducting irregular warfare.”

That is the opening sentence in the introduction to a new U.S. Army publication on Cultural and Situational Understanding.

“Irregular warfare requires a deliberate application of an understanding of culture due to the need to understand a populated operational environment, what specifically is causing instability, the nature of the threat, and the ability to work with host-nation governments and security forces.”

The new Army doctrine on cultural understanding emerges from and builds upon existing Army counterinsurgency doctrine. It is “outward looking” and does not pause to contemplate the cultural foundations of the Army itself. See Cultural and Situational Understanding, Army Techniques Publication (ATP) 3-24.3, April 2015.

Battle of the Bands: Army Music Doctrine

Updated below

The U.S. Army issued new doctrine this month on the role of music in military operations.

“The mission of Army music is to provide music supporting unified land operations and instill in our forces the will to fight and win, foster the support of our citizens, and promote America’s interests at home and abroad,” the Army doctrine states.

“Army music stands ready to provide flexible, relevant, and targeted music support where civilian entertainers cannot go.”

“Music instruments in the form of horns, trumpets or drums were a part of military strategy dating to ancient times. Archeology gives us stone reliefs from 3,000 years before Christ depicting Assyrians and Babylonians parading brass instruments in military victory. Bands of musical instruments were included in formations throughout the centuries.”

The new Army doctrinal publication “provides key guidance pertaining to the mission, organization, and operation of music performance units (MPUs)” — otherwise known as Army bands. “This manual should serve as a guide for training and operations based on the tenets of music supporting unified land operations.”

See Army Music, ATP 1-19, February 2015.

Update: Relatedly, see Missions, Functions and Tasks of the U.S. Navy Band, OPNAVINST 5450.346A, February 23, 2015.

Military Terms and Symbols

The U.S. Army has updated and doubled the size of its lexicon of military terminology. This is a fluid and rapidly evolving field. In fact, “changes to terminology occur more frequently than traditional publication media can be updated.”

The new Army publication extends beyond words to the use of symbols, including “hand drawn and computer-generated military symbols for situation maps, overlays, and annotated aerial photographs for all types of military operations.”

Though intended primarily for military personnel, this work is also useful for others who are seeking to understand and interpret Army records and military culture.

A “clandestine operation,” the Army document explains, is “an operation sponsored or conducted by governmental departments or agencies in such a way as to assure secrecy or concealment. A clandestine operation differs from a covert operation in that emphasis is placed on concealment of the operation rather than on concealment of the identity of the sponsor.”

However, “In special operations, an activity may be both covert and clandestine and may focus equally on operational considerations and intelligence-related activities.”

An “unauthorized commitment,” which surprisingly merits its own entry, is defined as “An agreement that is not binding solely because the United States Government representative who made it lacked the authority to enter into that agreement on behalf of the United States Government.”

See Army Doctrine Reference Publication (ADRP) 1-02, Terms and Military Symbols, February 2, 2015.

DoD Updates Doctrine on “Detainee Operations”

When it comes to Department of Defense doctrine on military treatment of detained persons, “unlawful enemy combatants” are a thing of the past. That term has been retired and replaced by “unprivileged enemy belligerents” in a new revision of Joint Publication 3-13 on Detainee Operations, dated November 13, 2014.

Among other changes, the revised Publication adopts Article 75 of the First Additional Protocol to the Geneva Conventions which provide minimum standards for humane treatment of detained persons. It also presents expanded discussion of biometric capabilities that are applicable to detainees.

The previous edition of Joint Publication 3-13, published in 2008, is available here for comparison.

Joint Doctrine: Counterterrorism, and Countering WMD

New military doctrine from the Joint Chiefs of Staff “narrows the definition of counterterrorism” to focus on activities designed to neutralize terrorist networks. It excludes actions to “counter root causes” of terrorism, which have now been removed from the definition.

The new publication also “describes the activities of the global special operations network as it relates to CT [counterterrorism],” though without providing much detail. See Joint Publication 3-26, Counterterrorism, 24 October 2014.

Another Joint Chiefs publication introduces a revised framework for “Countering Weapons of Mass Destruction,” replacing the former “combating weapons of mass destruction”. See Joint Publication 3-40, 31 October 2014.

Defense Intelligence Mission Expands

On October 24, the Pentagon issued an updated version of DoD Directive 5143.01 defining the role of the Under Secretary of Defense (Intelligence), the Department’s principal intelligence advisor and manager of military intelligence programs.

The new directive is about 30% longer than the 2005 version that it replaces.

The differences between the two directives reflect changes in the global environment as well as in the intelligence mission, and in the role of the USD(I) in particular.

Cybersecurity. Insider threats. Unauthorized disclosures of classified information. Biometrics. None of these terms and none of these issues were even mentioned in the 2005 edition of the DoD intelligence directive.

But all of them and more are now part of the expanded portfolio of authorities and responsibilities of the Under Secretary of Defense for Intelligence, who also serves as Director of Defense Intelligence and principal advisor to the DNI on defense intelligence matters.

Meanwhile, intelligence spending has been on a downward slope for the past few years, and the FY2015 request for the Military Intelligence Program was about $1.3 billion below the request for the previous year, which was $18.6 billion. (The FY2014 intelligence appropriations for national and military intelligence programs are due to be disclosed this week.)

“Intelligence is a major source of U.S. advantage. It informs wise policy and enables precision operations. It is our front line of defense. The challenges we face, however, are increasing and becoming more complex, and our resources are declining,” said Michael G. Vickers, the current USD(I), at an April 4 hearing of the House Armed Services Committee.

“We have five defense intelligence operational priorities: countering terrorism, particularly countering the threat posed by al-Qaida; countering the proliferation of weapons of mass destruction and associated delivery systems; countering the actions of repressive governments against their people, such as in Syria; countering state-on-state aggression; and countering cyberthreats,” he said then.

“To address the intelligence gaps that exist within these operational priority areas, we are focused on enhancing defense intelligence capabilities in five areas: enhancing global coverage; improving our ability to operate in anti-access/area denial, or A2AD, environments; sustaining counterterrorism and counterproliferation capabilities; continuing to develop our cyberoperations capabilities; and strengthening our counterintelligence capabilities and reforming our security clearance processes to minimize insider threats,” Mr. Vickers testified.

The position of Under Secretary of Defense (Intelligence) was established by the defense authorization act for FY 2003 to improve management and coordination of defense intelligence programs. The office has previously been occupied by Stephen Cambone and James R. Clapper, Jr., the current DNI.

The new DoD directive authorizes the Under Secretary to “communicate with… members of the public… and non-governmental organizations.” However, “communications with representatives of the news media” are to be conducted through the Office of Public Affairs, the directive said.

Offensive Cyber Operations in US Military Doctrine

A newly disclosed Department of Defense doctrinal publication acknowledges the reality of offensive cyberspace operations, and provides a military perspective on their utility and their hazards.

Attacks in cyberspace can be used “to degrade, disrupt, or destroy access to, operation of, or availability of a target by a specified level for a specified time.” Or they can be used “to control or change the adversary’s information, information systems, and/or networks in a manner that supports the commander’s objectives.”

However, any offensive cyber operations (OCO) must be predicated on “careful consideration of projected effects” and “appropriate consideration of nonmilitary factors such as foreign policy implications.”

“The growing reliance on cyberspace around the globe requires carefully controlling OCO, requiring national level approval,” according to the newly disclosed Cyberspace Operations, Joint Publication 3-12(R).

That publication was first issued by the Joint Chiefs of Staff as a SECRET document in February 2013 (as JP 3-12, without the R). But this week it was reissued as a public document. It is unclear whether the public document has been redacted or modified for release.

The discussion of “offensive cyberspace operations” in the original, classified version of JP 3-12 led to adoption of that term in the official DoD lexicon for the first time in March 2013, where it has remained through the latest edition.

Offensive cyberspace operations (OCO) are “intended to project power by the application of force in and through cyberspace. OCO will be authorized like offensive operations in the physical domains, via an execute order (EXORD).”

The DoD document is fairly candid about the challenges and limitations of cyberspace operations.

“Activities in cyberspace by a sophisticated adversary may be difficult to detect” and to attribute to their source. Yet such detection and attribution capabilities are “critical” for enabling offensive and defensive cyberspace operations.

By the same token, “first-order effects of [US cyberspace operations] are often subtle, and assessment of second- and third-order effects can be difficult,” requiring “significant intelligence capabilities and collection efforts” to evaluate.

Not only that, but US cyberspace operations “could potentially compromise intelligence collection activities. An IGL [Intelligence Gain/Loss] assessment is required prior to executing a CO to the maximum extent practicable.”

In any event, offensive cyber operations are to be used discriminatingly. “Military attacks will be directed only at military targets. Only a military target is a lawful object of direct attack.” But military targets are defined broadly as “those objects whose total or partial destruction, capture, or neutralization offers a direct and concrete military advantage.”

Meanwhile, there are persistent vulnerabilities inherent in DoD information systems, DoD said. “Many critical [US] legacy systems are not built to be easily modified or patched. As a result, many of the risks incurred across DOD are introduced via unpatched (and effectively unpatchable) systems on the DODIN [DoD Information Network].”

The risks are increased because “DOD classified and unclassified networks are targeted by myriad actions, from foreign nations to malicious insiders.”

“Insider threats are one of the most significant threats to the joint force,” the DoD document said.  “Whether malicious insiders are committing espionage, making a political statement, or expressing personal disgruntlement, the consequences for DOD, and national security, can be devastating.”

Overall, “Developments in cyberspace provide the means for the US military, its allies, and partner nations to gain and maintain a strategic, continuing advantage,” the Cyberspace Operations publication said.

But “access to the Internet provides adversaries the capability to compromise the integrity of US critical infrastructures in direct and indirect ways.”

These features represent “a paradox within cyberspace: the prosperity and security of our nation have been significantly enhanced by our use of cyberspace, yet these same developments have led to increased vulnerabilities….”

Insider Threat Program Advances, Slowly

Nearly two years after President Obama issued a National Insider Threat Policy “to strengthen the protection and safeguarding of classified information” against espionage or unauthorized disclosure, the effort is still at an early stage of development.

Only last week, the U.S. Air Force finally issued a directive to implement the 2012 Obama policy. (AF Instruction 16-1402, Insider Threat Program Management). And even now it speaks prospectively of what the program “will” do rather than what it has done or is doing.

The new Air Force Instruction follows similar guidance issued last year by the Army and the Navy.

The Air Force Insider Threat Program includes several intended focus areas, including continuous evaluation of personnel, auditing of government computer networks, and procedures for reporting anomalous behavior.

“Procedures must be in place that support continuous evaluation of personnel to assess their reliability and trustworthiness,” the AF Instruction says.

Such continuous evaluation procedures may eventually sweep broadly over many domains of public and private information, but they are not yet in place.

“There are a number of ongoing pilot studies to assess the feasibility of select automated records checks and the utility of publicly available electronic information, to include social media sites, in the personnel security process,” said Brian Prioletti of the Office of the Director of National Intelligence in testimony before the House Homeland Security Committee last November.

The Air Force directive also encourages reporting of unusual behavior by potential insider threats.

“Insider threat actors typically exhibit concerning behavior,” the directive says. But this is not self-evidently true in all cases, and the directive does not provide examples of “concerning behavior.”

A Department of Defense training module recently identified expressions of “unhappiness with U.S. foreign policy” as a potential threat indicator, the Huffington Post reported last week. (“Pentagon Training Still Says Dissent Is A Threat ‘Indicator'” by Matt Sledge, August 4.) If so, that criterion would not narrow the field very much.

The “CORRECT Act” (HR5240) that was introduced last month by Rep. Bennie Thompson and Sen. Ron Wyden would require any insider threat program to meet certain standards of fairness and employee protection, and “to preserve the rights and confidentiality of whistleblowers.”

That message may have been partially internalized already. The terms “civil liberties” and “whistleblowers” are each mentioned four times in the eight-page Air Force Instruction.

Identity Intelligence and Special Operations

“Identity intelligence” is a relatively new intelligence construct that refers to the analysis and use of personal information, including biometric and forensic data among others, to identify intelligence targets of interest and to deny them anonymity.

The term began to appear a few years ago and was included, for example, in a 2012 Defense Intelligence Agency briefing package. Since then it has quickly propagated throughout U.S. military and intelligence operations.

Identity intelligence (or I2) was included for the first time in published U.S. military doctrine in the October 2013 edition of Joint Publication (JP) 2-0 on Joint Intelligence, which elaborated on the concept. Identity intelligence is used, JP 2-0 said, “to discover the existence of unknown potential threat actors by connecting individuals to other persons, places, events, or materials, analyzing patterns of life, and characterizing their level of potential threats to US interests.”

(“Identity intelligence” also appeared in an undated Top Secret document that was disclosed by Edward Snowden and published in excerpted form by the New York Times on May 31, 2014.)

Most recently, an updated U.S. Department of Defense publication on special operations noted this month that “Identity intelligence products enable real-time decisions in special operations worldwide.”

The new DoD doctrine on Special Operations — Joint Publication 3-05, dated 16 July 2014 — includes further discussion of identity intelligence (I2) in the special operations context:

“I2 is the collection, analysis, exploitation, and management of identity attributes and associated technologies and processes. The identification process utilizes biometrics-enabled intelligence (BEI), forensics-enabled intelligence (FEI), information obtained through document and media exploitation (DOMEX), and combat information and intelligence to identify a person or members of a group.”

“I2 fuses identity attributes (biological, biographical, behavioral, and reputational information related to individuals) and other information and intelligence associated with those attributes collected across all intelligence disciplines….”

“USSOCOM [US Special Operations Command] exploits biometric, forensic, document and media data collections and integrates the data with all-source intelligence to locate and track unattributed identities across multiple or disparate instances. Intelligence collections are processed through the appropriate DOD and interagency databases, exploited to produce intelligence, and then disseminated to deployed SOF and throughout the interagency. I2 products enable real-time decisions in special operations worldwide.”

*    *    *

Identity intelligence aside, the new Joint Publication 3-05 provides an informative account of the role of special operations, along with some notable changes from previous special operations doctrine.

“Special operations require unique modes of employment, tactics, techniques, procedures, and equipment. They are often conducted in hostile, denied, or politically and/or diplomatically sensitive environments, and are characterized by one or more of the following: time-sensitivity, clandestine or covert nature, low visibility, work with or through indigenous forces, greater requirements for regional orientation and cultural expertise, and a higher degree of risk,” JP 3-05 says.

The previous edition of this publication (dated 2011) had identified 11 core activities for special operations: direct action, special reconnaissance, counterproliferation of weapons of mass destruction, counterterrorism, unconventional warfare, foreign internal defense, security force assistance, counterinsurgency, information operations (IO), military information support operations (MISO), and civil affairs operations.

The new edition adds a 12th mission that up to now had not been considered a core activity: hostage rescue and recovery.

“Hostage rescue and recovery operations are sensitive crisis response missions in response to terrorist threats and incidents. Offensive operations in support of hostage rescue and recovery can include the recapture of US facilities, installations, and sensitive material overseas,” the new JP 3-05 states.

Army Doctrine on Geospatial Engineering

Those who are involved (or merely interested) in the field of geospatial intelligence will want to know about a new Army doctrinal publication on the subject.

“Geospatial intelligence is the exploitation and analysis of imagery and geospatial information to describe, assess, and visually depict physical features and geographically referenced activities on the earth. Geospatial intelligence consists of imagery, imagery intelligence, and geospatial information.”

The new publication provides a comprehensive introduction to the theory and practice of the field. See Geospatial Engineering, ATP 3-34.80, June 2014 (very large pdf).