February23, 2007:
The U.S. Department of Defense is quietly introducing a censoring
system for email. Or trying to. Internet security is not just about keeping
hackers out, but also about keeping an eye on what normally goes out. In a
word, watching what's contained in email. Corporations, worried about losing
valuable information via innocent, or deliberate leaks, plus exposure to
lawsuits from "inappropriate" comments, want to screen outgoing email. And that
they have been doing that, with increasing success, over the past few years. So
the Department of Defense is testing commercial email filtering programs, to
find those that can screen email for information that should not be in the
email. This is tricky stuff, because email tends to be chatty, with lax
spelling and grammar. The trick to making filtering work is to set up a list of
words and, especially, phrases, to watch out for. Context is important as well.
For years, the military has been monitoring all military email, but mainly to
detect hostile espionage activities. But the new products allow automatic
"reading" of email for more subtle misbehavior.
While
testing of these products over the last few years has produced better and
better results, it's not quite there yet. Unlike commercial firms, military
units in combat zones don't have many people with extra time available for
double checking the email filtering. And it has to be someone local doing the
double checking. The U.S. Air Force is taking the lead in testing new products,
apparently because air force bases have the manpower to monitor filtering
systems, and lots of high tech secrets to keep inside. But army and marine
commanders suggest that the Department of Defense just back off on this stuff
until there is evidence of a real problem to be solved.