User talk:Olivamos/sandbox

US DoD Guidance: Counter-Intelligence-5240.02

Executive Summary This directive is to notify the improvements to the directive for establishing policy and assigning responsibilities for conducting Counterintelligence (CI) as well as reporting said CI actions/activities to Congress, the Defense Secretary, and the Undersecretary of Defense for Intelligence.

Table of Contents Abbreviations & Acronyms Definitions DoD 5240.04 • Purpose • Applicability • Policy • Responsibility • Procedures • Information Collection Requirements • Releasability • Effective Date References External Links

Abbreviations & Acronyms • CCMD: Combatant Command • CCDR: Combatant Commander • CI: Counter-Intelligence • DIA: Defense Intelligence Agency • DIRNSA/CHCSS: Director, National Security Agency/Chief, Central Security Service • DoDD: DoD Directive • DoDI: DoD Instruction • DTRA: Defense Threat Reduction Agency • FIE: Foreign Intelligence Entity • FPD: Force Protection Detachment • IDSRS: Integrated Defense Source Registration System • MDCO: Military Department Counter-Intelligence Organization • MTA: Mission Tasking Authority • NCIX: National Counter-Intelligence Executive • NGA: National Geospatial-Intelligence Agency • OIG DoD: Office of the Inspector General of the Department of Defense • OFCO: Offensive CI Operations • U.S.C.: United States Code • USD(I): Under Secretary of Defense for Intelligence

Definitions • CI: Information gathered and activities conducted to identify, deceive, exploit, disrupt, or protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or on behalf of foreign powers, organizations, or persons or their agents, or international terrorist organizations or activities • CI Activity: One or more of the CI functions of analysis, collection, functional services, investigations, operations, and production o CI Analysis: The process of examining and evaluating information to determine the nature function, interrelationships, personalities, and intent regarding the intelligence capabilities of an FIE o CI Collection: The systematic acquisition of intelligence information to answer CI collection requirements o CI Functional Services: CI activities conducted to support the four missions of CI and that enable one or more of the other CI functions o CI Investigations: Formal investigative activities undertaken to determine whether a particular person is acting for or on behalf of, or an event is related to, a foreign power engaged in spying or committing espionage, sabotage, treason, sedition, subversion, assassinations, or international terrorist activities, and to determine actions required to         neutralize such acts.  Full-Field CI Investigation: An investigation in which there is a reasonable belief a member if the U.S. military; a civilian employee or contractor of DoD; or an individual having access to DoD installations, personnel or information, is engaged in spying or has committed or attempted to commit espionage, sabotage, treason, sedition, subversion, assassination, or international terrorist activity or otherwise poses a threat to national security.  Preliminary CI Investigation: An investigation that does not meet the reasonable belief standard of a full-field CI investigation but requires an examination of the facts to             determine if a full-field CI investigation is required. A preliminary CI investigation must be completed within 6 months of its initiation. o CI Operations: Proactive activities designed to identify, deceive, exploit, disrupt, neutralize, or deter FIE activities o CI Production: The creation of finished intelligence products incorporating CI analysis in response to known or anticipated customer CI concerns • CI Element: An organization, unit, office, or other group that conduct CI activities • CI Information: Knowledge or intelligence regarding CI activities. This includes knowledge or intelligence regarding CI programs, budgets, and trends • CI Insider Threat: A person, known or suspected, who uses their authorized access to DoD facilities, personnel, systems, equipment, information, or infrastructure to damage and disrupt operations, compromise DoD information, or commit espionage on behalf of an FIE • Contractor: Any individual, firm, corporation, partnership, association, or other legal non-Federal entity that enters into a contract directly with the Department of Defense to      furnish services, supplies, or both, including construction. The term “contractor” may include U.S. nationals, local citizens, or third-country nationals. • Defense CI Manager: The official responsible who provides for the centralized management of defense CI enterprise-wide activities • FIE: Any known or suspected foreign organization, person, or group (public, private, or governmental) that conducts intelligence activities to acquire U.S. information, block, or      impair U.S. intelligence collection, influence U.S. policy, or disrupts U.S. systems and programs. The term includes foreign intelligence and security services and international terrorists • FPD: A CI element that provides CI support to transiting and assigned ships, personnel, and aircraft in regions of elevated threat • Functional Management: Enterprise-wide guidance and direction to improve effectiveness and efficiency of a specific CI activity. Functional management provides the means for collaboration, coordination, and support to the activity. • Functional Manager: An individual appointed to lead the effort for DoD or a particular DoD Component • MDCO: A CI element, within Military Department, that is authorized to conduct CI investigations. The MCDOs are Army CI, Naval Criminal Investigative Service, and the Air Force Office of Special Investigations • MTA: the authority to task a DoD Component’s organic CI element, through appropriate command channels, to execute a specific CI mission or conduct a CI activity within that Component’s charter.

DoD Directive 5240.02: Counter-Intelligence - Purpose o This directive provides updated policies and assigns responsibilities for conducting CI activities and reporting CI activities to Congress, the Secretary of Defense, and the Under Secretary of Defense for Intelligence (USD(I)). This directive also cancels the memorandum published by the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence. - Applicability o This directive applies mainly to the United States military which includes: the Office of the Chairman of the Joint Chiefs of Staff and the Joint Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense (OIG DoD), the Defense Agencies, the DoD Field Activities, and all other organizational entities within the DoD (which will be referred to as DoD Components). - Policy 1. Actions undertaken by DoD elements are to either identify, assess, exploit, penetrate, deter, deny, detect, degrade, and counter/neutralize activities by individuals representing foreign powers, organizations, or persons. These activities are espionage, intelligence collection, sabotage, sedition, subversion, assassination, and terrorist activities. 2.	The four CI activities to support the CI mission are:  Countering the following threats: insider, espionage, and international terrorism  Provide support to directed force protection  Provide support to the defense of the critical infrastructure program  Provide support to the research, development, and acquisition pertaining to CI     3. These activities are conducted in accordance with: Executive Order 12333, DoDD 5240.01, DoD 5240.1-R, DoDD 5400.11, DoD Instruction (DoDI) 1000.29  CI activities conducted on American soil must be approved by the Department of Justice and work with the Federal Bureau of Investigations  CI activities conducted outside American soil are coordinated with the Central Intelligence Agency 4. Activities pertaining to CI are integrated and appropriate in accordance with all operations, programs, systems, exercises, planning, doctrine, strategies, policies, and information architectures. 5. There is a CI presence with all CCMDs to detect and warn of threats to in-transit and assigned personnel or resources in overseas stations as Force Protection Detachments (FPDs). 6. DoDI 1100.22 restricts contractors from controlling or directing CI activities or any government functions. 7. DoD Components are to be notified of any CI elements conducting activities within the Components area or affecting the Component’s responsibilities. 8. Reporting to Congress falls under section 2723 of Title 10, USC, section 3092 of Title 50, U.S.C., Intelligence Community Directive 112, and DoDI O-5100.94. 9. The military departments are to maintain control over their CI investigations for their designated CI elements. Combatant Commander or a joint force commander can assume control of the CI element if relinquished by their DoD Components. 10. CI elements must successfully complete CI training that is approved by the USD(I), Secretaries of the military departments, or the director of the DIA. 11. DoDI 3025.21 and DoDI 1000.17 allows CI elements to assist or be assigned to conduct CI activities with other DoD Components, federal task forces, joint-terrorism taskforces, or        other federal agencies. 12. The DIA director and the Office of the USD(I) will coordinate CI elements with non-DoD organizations in accordance of the memorandums of agreement or memorandums of understand. 13. Components of the DoD will use USD(I) approved CI information systems and architectures for managing and reporting CI. 14. DoD Components will not disclose planned, ongoing, or previous CI activities without the authorization from the CI element/s conducting the activity. 15. Regardless of rank or position, DoD personnel will not inappropriately interfere with CI activities. Interfering includes, but not limited to, unauthorized disclosure of        information or actions that would compromise CI investigations, inquiries, operations, sources, or methods. Nothing in this directive is intended to limit the authority of the OIG DoD pursuant to the Inspector General Act of 1978. - Enclosure 1: References 1. References to DoDD 5240.02 March 17, 2015 are included in the reference section - Enclosure 2: Responsibilities I. USD(I) i. Oversees, develops, and coordinates CI policy and activities ii. Notifies OSD senior officials on planned releases of CI information to Congress and other information in accordance with Enclosure 3 of this directive iii. Tasks the DoD Component heads when necessary to accomplish CI objectives iv. Offensive CI operations are conducted through DoD Components but authorization is through USD(I))       v. Approves DoD CI strategies        vi. Serves as the U.S. National CI Policy Advisor to the Supreme Headquarters Allied Powers Europe for consultation and coordination of policy issues        vii. Designates and approves information systems for CI management and reporting        viii. Resolves CI issues that can’t be resolved among DoD Components        ix. Represents the Secretary of Defense to the National CI Policy Board in accordance with section 3381 of Title 50, U.S.C.     II. Director, DIA: under the authority, direction, and control of USD(I) and in addition to responsibilities outlined in section 6 of this enclosure        i. The Director is the Defense CI Manager and provides centralized management of DoD CI activities            1. Can exercise mission tasking authority (MTA) over DoD CI entities 2. Publishes guidance, standards, and procedures to support DoD policy ii. Appoints functional managers to be DoD leads and conduct functional management for specific CI activities in line with the appropriate CI policy iii. Conducts CI analysis and production on FIE threats iv. Validates, registers, publishes, and reviews national and DoD CI collection requirements v. Validates CI production requirements and distributes to DoD Component production offices vi. Develops, coordinates, and recommends DoD CI strategies to the USD(I) for approval vii. Coordinates with appropriate DoD Components, develops, manages, and maintains the information systems used for CI management and reporting. viii. Maintains a system to identify and share CI lessons learned, best practices, and proactive CI initiatives ix. Maintains a process to gather, prioritize, and index CI requirements: monitors completion of the requirements x. Collects the DoD Component responses and provides the consolidated response to the National Counterintelligence Executive (NCIX). DIA coordinates the DoD response with the appropriate DoD Components xi. Coordinates with the DoD Components on proposed training content, programs, and advanced joint CI training within the DoD. xii. Recognizes outstanding DoD CI personnel through an annual DoD CI awards program. xiii. Recommends CI policy changes to the USD(I) xiv. Manages the Integrated Defense Source Registration System (IDSRS) to include name checks upon request. xv. Reviews CI training materials proposed for the release to foreign nationals and periodically assesses the impact of these releases upon the DoD xvi. Provides CU staff support to the Chairman of the Joint Chiefs of Staff in accordance with DoDD 5102l.21 III. Director, NSA/Chief, CSS i. The Director/Chief provides signals intelligence support to CI activities outlined in section 6 of this enclosure under the direction, authority, and control of the USD(I). IV. Director, NGA i. The Director provides geospatial intelligence support to CI activities under the direction, authority, and control of the USD(I) and areas outlined in part with section 6 of           this enclosure. V. Director, Defense Threat Reduction Agency (DTRA) i. The Director of DTRA provides CI functional support services and analysis, as appropriate, in support of international arms control agreements and regimes regarding weapons of           mass destruction. This is authorized, directed, and controlled through the Under Secretary of Defense Acquisition, Technology, and Logistics of the office of the Assistant Secretary of Defense of Nuclear, Chemical, and Biological Defense Programs and in conjunction with section 6 of this enclosure. VI. DoD Component Heads i. Establish and resource CI elements to conduct CI activities as authorized or request CI support in accordance with DoDI 5240.10 ii. Integrate CI into the DoD Component insider threat program iii. Follow guidance established in section 2 of Enclosure 3 of this directive when providing CI information to Congress iv. Respond to mission taskings from DIA Director v. Conduct CI awareness training in accordance with DoDD 5240.06 vi. Register CI sources that are compatible with IDSRS vii. Coordinate with the DIA director on proposed DoD Component advanced and joint CI training viii. Provide CI personnel with the necessary language skills and regional expertise prior to assignment, deployment, or travel to foreign countries to the greatest extent practicable ix. Provide the DIA director with CI training materials proposed for release to foreign nationals x. Notify the USD(I) of CI information in accordance with section 3 of enclosure 3 xi. Notify the DIA director upon receipt of NCIX requests for information and if multiple components are tasked, send responses to the DIA director for consolidated DoD response xii. Develop potential requirements for offensive CI operations with coordination for organic or supporting CI organizations xiii. Index CI needs and monitor completion of the requirements to participate in the DIA process to gather and prioritize VII. Secretaries of the Military Departments i. This is in addition to responsibilities outlined in section 6 of this enclosure ii. Provide administrative, logistical, and other support designated by FPDs as needed iii. Designate CI elements under command authority of the CCDRs and retain administrative control and control over CI investigations iv. Provide conduct, direction, management, coordination, and control of CI activities in accordance with sections 3013, 5013, and 8013 of Title 10, U.S.C.     VIII. Secretary of the Army i. The Secretary of the Army will provide for the conduct, direction, management, coordination, technical control and oversight of CI activities that are conducted by the 650th Military Intelligence Group in support of the Supreme Allied Commander—Europe in conjunction with responsibilities outlined in sections 6 & 7 of this enclosure. IX. Chairman of the Joint Chiefs of Staff i. The Chairman of the Joint Chiefs of Staff serves as a member of the National CI Policy Board in accordance with section 3381 of Title 50 of U.S.C. and section 6 responsibilities outlined in this enclosure. X. CCDRs i. This is in support of the responsibilities outlined in section 6 of this enclosure and Chairman of the Joint Chiefs of Staff ii. Analyze and distribute FIE threat information to meet CCMD requirements and to contribute to national products iii. Exercise command authority of designated CI elements, except for CI investigations when authorized by the Secretary of Defense. iv. Coordinate with military department CI sections to synchronize activities and assure unity of effort v. Appoint a CI staff officer to serve as a CI coordinator for the CCMD in accordance with DoD Instruction 5240.10 - Enclosure 3: Notification of CI Activities 1. The USD(I) will be notified of CI activities described in sections 2 & 3 of this enclosure. This is in accordance with the senior DoD CI official below the Secretary and Deputy Secretary of Defense in accordance with section 137 of Title 10 of U.S.C. and DoDD 5143.01 2. Before providing any CI information to Congress, Components to the DoD must notify the USD(I) through the USD(I) congressional activities. This includes notifying as soon as        possible not to exceed 24 hours prior to the release of information  Notifications are mandatory regardless of the manner in which CI information is passed to Congress whether it is formal, informal, oral, or written  Releases include but not limited to legislative proposals, testimony, briefings, meetings, and responses to request information 3. Components of the DoD will notify the USD(I) through the USD(I) CI staff of the following issues:  Anything not listed in this section warrants notification in regards to the DoD Component heads  CI activities that can be reasonably expected to result in media coverage or diplomatic actions against the U.S. government CI failures relating to any defense operation, system, or technology of the United States that will likely to cause significant harm or damage to the national security interests pursuant to section 2723 of Title 10 of U.S.C        CI activities involving measures requiring approval of the Office of the General Counsel of the Department of Defense, the Attorney General of the United States, or the Foreign Intelligence Surveillance Court in accordance with DoDD 5143.01  DoDD 5240.06 and DoDI 5240.04 notify the DIA director regarding investigations involved with spying, espionage, sabotage, treason, sedition, subversion, assassination, and international terrorism directed against the DoD - Releasability: The directive is available on the Internet from the DoD Issuances website at http://www.dtic.mil/whs/directives - Effective Date: The directive is effective March 17, 2015.

References 1. DoD Directive O-5240.02, “Counterintelligence,” December 20, 2007 2. DoD Directive 5143.01, “Under Secretary of Defense for Intelligence (USD(I)),” October 24, 2014 3. Assistant Secretary of Defense for Command, Control, Communications, and Intelligence Memorandum, “Congressional Notification of Significant Counterintelligence Activities,” April 17, 1998 4. Under Secretary of Defense for Intelligence Memorandum, “Reporting Significant Counterintelligence Activity,” July 18, 2003 (Cancelled) 5. Under Secretary of Defense for Intelligence Memorandum, “Mission Tasking Authority,” October 24, 2005 (Cancelled) 6. Executive Order 12333, “United States Intelligence Activities,” December 4, 1981, as amended 7. DoD Directive 5240.01, “DoD Intelligence Activities,” August 27, 2007, as amended 8. DoD 5240.1-R, “Procedures Governing the Activities of DoD Intelligence Components That Affect United States Persons,” December 7, 1982 9. DoD Directive 5400.11, “DoD Privacy Program,” October 29, 2014 10. DoD Instruction 1000.29, “DoD Civil Liberties Program,” May 17, 2012, as amended 11. Memorandum of Agreement Between the Attorney General and the Secretary of Defense, “Agreement Governing the Conduct of Defense Department Counterintelligence Activities in        Conjunction with the Federal Bureau of Investigation (U),” April 5, 1979 12. Supplement to the 1979 Federal Bureau of Investigation and Department of Defense Memorandum of Understanding, “Coordination of Counterintelligence Matters Between FBI and DoD (U),” June 3 and June 20, 1996 13. Annex 3 to the Memorandum of Agreement Between the Central Intelligence Agency and the Department of Defense, “Procedures,” December 6, 2007 14. DoD Instruction 1100.22, “Policy and Procedures for Determining Workforce Mix,” April 12, 2010 15. Title 10, U.S.C    16. Title 50, U.S.C    17. Intelligence Community Directive 112, “Congressional Notification,” November 16, 2011 18. DoD Instruction O-5100.94, “Oversight, Coordination, Assessment, and Reporting of DoD Intelligence and Intelligence-Related Sensitive Activities,” September 27, 2011, as amended 19. DoD Instruction 3025.21, “Defense Support of Civilian Law Enforcement Agencies,” February 27, 2013 20. DoD Instruction 1000.17, “Detail of DoD Personnel to Duty Outside the Department of Defense,” October 30, 2013 21. Inspector General Act of 1978, as amended, title 5, U.S.C., Appendix-v 22. DoD Directive 5105.21, “Defense Intelligence Agency (DIA),” March 18, 2008 23. DoD Instruction 5240.01, “Counterintelligence (CI) in the Combatant Commands and Other DoD Components,” October 5, 2011, as amended 24. DoD Directives 5240.06, “Counterintelligence Awareness and Reporting (CIAR),” May 17, 2011, as amended 25. DoD Instruction 5240.04, “Counterintelligence (CI) Investigations,” February 2, 2009, as amended

External Sources Homeland Security Digital Library: Digital library for homeland security related issues such as policy, strategy, and organization. Department of Defense Directive: Digital PDF of DoDD 5240.02

Olivamos (talk) 14:38, 21 April 2018 (UTC)