[Federal Register Volume 62, Number 145 (Tuesday, July 29, 1997)]
[Notices]
[Pages 40507-40508]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-19828]
-----------------------------------------------------------------------
DEPARTMENT OF DEFENSE
Office of the Secretary
Privacy and Security on Publicly Accessible DoD Internet Services
AGENCY: Department of Defense, Office of the Secretary of Defense
(Public Affairs).
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: This is a voluntary notice by the Department of Defense to
inform those who use publicly accessible defense information on the
Internet what measures are being taken to gather information about
visits and to protect the integrity of Department of Defense Internet
systems. Effective immediately, the DoD changing its notice to users to
notify them of what we are doing and why.
FOR FURTHER INFORMATION CONTACT: Mr. Richard Silva, OASD(PA), Room
2E791, 1400 Defense Pentagon, Washington, DC 20301-1400 or on-line via
the DefenseLINK message form at http://www.dtic.mil/defenselink/faq/
comment.html.
SUPPLEMENTARY INFORMATION: In its ongoing efforts to provide open,
honest and accurate information to the public, the Department is hereby
notifying those who use publicly accessible defense information on the
Internet what measures are being taken to gather information about
visits and to protect the integrity of Department of Defense Internet
systems and why it is necessary to do so.
First, most World Wide Web services record information about web
site visits for site management purposes. DoD uses industry-standard
software to gather basic data about web site visits. This data is used
for site management purposes, such as assessing what information is of
most and least interest to users, determining technical design
specifications, and identifying system performance or problem areas.
Second, computer vandalism has become an ever increasing problem
over the past few years. These attacks can lead to the alteration of
information that is used and trusted by millions of people. It is
becoming more and more important for the Department to take a more
proactive role in protecting its computer systems from these attacks.
Therefore, to insure that the DoD public web services remain available
to all users and to protect them from fraudulent, unlawful or abusive
use, the Department is employing industry-standard methods to monitor
network traffic to identify unauthorized attempts to upload or change
information, or otherwise cause damage.
No other attempts are made to identify individual users or their
usage habits. Raw data logs are used for no other purposes and are
scheduled for regular destruction in accordance with National Archives
and Records Administration General Schedule 20.
Third, the Department is publishing the attached ``privacy and
security notice'' on its publicly accessible Internet systems to inform
users what we are doing and why.
DefenseLINK (http://www.dtic.mil/defenselink/) is the official
World-Wide Web Information Service from the Department of Defense and
is the starting point for locating U.S. defense information around the
world. The purpose of DefenseLINK is to provide the public with a
single, unified starting point for information about the Department of
Defense, its organization and its functions. DefenseLINK provides
direct access to the Information Services established by each military
service. These Defense World Wide Web services contain many Defense
publications, answers to frequently asked questions about the
department, news releases and photographs. Information within these
public access services may be distributed or copied. Use of appropriate
byline/photo/image credits is requested.
Below is the new privacy and security notice being implemented on
all DoD publicly accessible Internet systems.
Link from Index.html pages--``Please read this privacy and security
notice.''
( )--indicates sections to be tailored at the installation level.
[ ]--indicates hyperlinks.
*--indicates information located at the hyperlink destination
indicated.
Privacy and Security Notice
1. (DefenseLINK) is provided as a public service by the ([Office of
the Assistant Secretary of Defense-Public
[[Page 40508]]
Affairs] and the [Defense Technical Information Center]).
2. Information presented on (DefenseLINK) is considered public
information and may be distributed or copied. Use of appropriate
byline/photo/image credits is requested.
3. For site management, [information is collected] * for
statistical purposes. This government computer system uses industry-
standard software to create summary statistics, which are used for such
things as assessing what information is of most and least interest,
determining technical design specifications, and identifying system
performance or problem areas.
---------------------------------------------------------------------------
* Link from above--``information is collected''
---------------------------------------------------------------------------
4. For site security purposes and to ensure that this service
remains available to all users, this government computer system employs
industry-standard methods to monitor network traffic to identify
unauthorized attempts to upload or change information, or otherwise
cause damage.
5. No other attempts are made to identify individual users or their
usage habits. Raw data logs are used for no other purposes and are
scheduled for regular destruction in accordance with [National Archives
and Records Administration General schedule 20].
6. Unauthorized attempts to upload information or change
information on this service are strictly prohibited and may be
punishable under the Computer Fraud and Abuse Act of 1986 and the
National Information Infrastructure Protection Act.
7. If you have any questions or comments about the information
presented here, please forward them to (us using the DefenseLINK
[Comment Form]).
Example: Information Collected From DefenseLINK for Statistical
Purposes
Below is an example of the information collected based on a
standard request for a World Wide Web document:
pm2e-1-678.afbdsop.com--[28/Jan/1997:00:00:01-0500]
``GET/defenselink/news/nr012797.html HTTP/1.0'' 200 16704
Mozilla 3.0
pm2e-1-678.afbdsop.com--this is the domain and IP address of the
requester (you as the visitor). In this case, (....com) the requester
is coming from a commercial address instead of a military or
educational institution address.
[28/Jan/1997:00:00:01-0500]--this is the date and time of the request
``GET/defenselink/news/nr012797.html HTTP/1.0''--this is the location
of the requested file on DefenseLINK
200--this is the status code--200 is OK--the request was filled
16704--this is the size of the requested file in bytes
Mozilla 3.0--this identifies the type of browser software used to
access the page, which indicates what design parameters to use in
constructing the pages.
Requests for other types of documents use similar information. No
other user-identifying information is collected.
Dated: July 22, 1997.
Patricia L. Toppings,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
[FR Doc. 97-19828 Filed 7-28-97; 8:45 am]
BILLING CODE 5000-04-M
