Social Media Guidelines to Safeguard Personal & Unit Information

Exercise caution in offering personal opinions that could be interpreted as an official position. Clearly indicate the separation by using a disclaimer. DoDI 5400.17, Figure 2 provides a sample disclaimer for personal social media accounts that states:

"The views and opinions presented herein are those of the author and do not necessarily represent the views of DoD or its Components. Appearance of, or reference to, any commercial products or services does not constitute DoD endorsement of those products or services. The appearance of external hyperlinks does not constitute DoD endorsement of the linked websites, or the information, products or services therein."

Refer to the OGE Legal Advisory LA-14-08 for more information.

Avoid any area of expertise where you do not have first-hand experience or knowledge. Also, acknowledge the existence of different perspectives. Do not guess or assume information. Refer any questions outside your expertise to your Public Affairs Office or Communication Specialist.

Avoid stating personal opinions on politics or policy matters related to your unit. Also, do not comment on work-related legal matters. Your office should be resourced with the industry standard equipment, training and personnel to manage social media accounts, especially over multiple social media platforms, including public web activities, pursuant to DoDD 5122.05.

The Office of the Secretary of Defense (OSD) and DoD Component heads, in consultation with PA, will review and determine the criteria for establishing an external official presence (EOP) for elements within their responsibility to operate and execute their PA activities. PA representatives should assess establishing an EOP based on mission or operational needs, and support approved communication plans and campaigns.

EOPs at all levels must follow the procedures, policies and guidelines outlined in this issuance. Organizations that establish an EOP will guide social media managers to effectively direct activities and properly maintain the organization’s public presence.

Reference Section 4 of DoDI 5400.17 for more information on establishing an official DoD presence online.

Avoid personal opinions on politics or policy matters related to your unit. Know that there are actual policies and directives that help you distinguish what you must operate by and what you should operate by. The policies and directives are provided, but the onus is on the member to appropriately follow them.

For more information, refer to:

• Hatch Act
• DoD Directive 1344.10
• Article 88
• Guidance on Political Activity and DoD Support (2020)
• DoDI 5400.17

When you see misrepresentations about your unit in social media, you may identify and correct the error but always do this courteously and with facts. Avoid heated arguments and be respectful.

Section 3f of DoDI 5400.17 has specific guidance regarding transparency on social media. You must never remove social media content from your official DoD accounts unless there is a factual/typographical error, a violation of law, policy, or user service agreement, or an operations or security concern.

Removing content from an official DoD account must be publicly acknowledged to your audience and followers while providing additional information about why the content was removed. You should never remove content to avoid embarrassment or shut down a discussion about a controversial topic, as this can reflect negatively against the DoD brand.

Remember Operational Security (OPSEC)! Don’t post classified, sensitive, ‘For Official/Internal Use Only’ information or anything on a Critical Information and Indicators List (CIIL). Make sure information is releasable.

Additionally, DoD personnel must exercise caution in preventing unauthorized disclosure of non-public and unclassified information that aggregates to reveal classified information.

Don’t post anything infringing on the proprietary, privacy or personal rights of others.

Members should avoid doing anything that discredits themselves or their unit, including using inappropriate language or content. Members should avoid posting any defamatory, libelous, hazing (demeaning initiation rituals), bullying, stalking, vulgar, obscene, abusive, profane, threatening, racially or ethnically hateful or otherwise offensive or illegal information or material.

Think about potential consequences, and how the post would be received by others. Reference the Uniform Code of Military Justice (UCMJ) for more information and to ensure compliance.

Do not use your unit to endorse or promote products, companies or political or religious affiliations and refrain from any appearance of a DoD endorsement or sanction.

Misrepresentation through manipulating identifiers in an attempt to disguise, or impersonate your identity, is prohibited.

Respect copyrighted and trademarked material. Posting or sharing music, logos, songs or other information protected by copyright, trademark or any other restriction is illegal. Follow national/federal law, service direction, instructions and unit policy.

• Uniformed military members fall under the UCMJ.
• Civilians would fall under the Hatch Act.

You should also familiarize yourself with the most recent Fair Use policies and procedures. Understand that Fair Use is a legal doctrine that has to be argued in court and decided on by a judge. The proper application of Fair Use promotes freedom of expression by permitting the unlicensed use of copyright-protected works in certain circumstances.

Additionally, reviewing and understanding the terms of service agreements for any platform you have an EOP is extremely important. For example, you cannot move sound libraries from one platform to another (YouTube to DVIDS). If the file you are moving carries that platform's terms of service, you violate the terms of service and the copyright.

Once something is out there, you can’t take it back. Be careful and cautious when posting to keep from saying/posting something you shouldn’t. You bear the responsibility for what you post.

As DoD ambassadors, it is permissible to post pictures while in uniform. However, it is extremely important that if you post a picture of yourself or another service member in uniform, the picture does not accidentally or intentionally imply an endorsement of a product or service. You should never post pictures of uniformed service members at or near any political event or rally. A best practice is to keep politics out of it!

Check out DoDI 5400.17 to learn more about maintaining a clear distinction between personal and official DoD accounts.

Talk to your family and friends about what they should and shouldn't post. You can restrict your own settings but not theirs. Make sure they know what they can post.

Reference Section 8 of DoDI 5400.17 for more information on personal social media use by DoD personnel.

Restrict privacy settings and don’t add people you don’t know or haven’t met in person. Be circumspect in the information you share.

Carefully consider requests and permissions. Don’t share logins or passwords, and change passwords frequently. Ensure you are using passwords that cannot be cracked easily, and when available, set up two-factor authentication.

It is a best practice to create a "Hacked Account Plan" to implement if adversaries or bad actors breach any official DoD accounts. This plan could also be known as "Cyber-Hijacking Procedures" or "Social Media Brand Recovery Procedures" and should be documented in your social media strategy. This plan should include:

• Recovery email information,
• Standard, templated messages for quick dissemination on social streams and additional mediums and
• Checklists for different types of adversarial situations on social streams.

Additionally, if you use a phrase as a password, ensure it is not a commonly used phrase throughout your office and substitute symbols for letters where appropriate.

Don’t publicly post your full name, rank, position, date or place of birth, addresses or ID information. There may be some situations where this information is necessary, but consider the risks and the possible combination of public information from multiple sources that could be used on standard password reset questions.

Restrict location settings on your devices and understand the impacts of what you are posting. It is best not to post your specific location in real-time or geotag your photos.

Geotagging is prohibited in certain situations like deployments, areas of responsibility and other sensitive location-related data. This helps prevent adversaries from taking advantage of this information.