Mobile Secrecy: The DMCC-S, Public Records and Commercial Phones

Stacy Wood

Abstract

On February 13, 2013, President Barack Obama issued Executive Order 13636, “Improving Critical Infrastructure Cybersecurity.” The text of this Executive Order extended and solidified practices and policies concerning the working relationships between private sector entities and the United States government that in the past thirty years have become increasingly inseparable and incredibly lucrative for individuals and corporations alike. Expressing great urgency, Obama stressed the dire need for cooperation between the federal government, intelligence agencies and the corporations that create, own or maintain cyber and communications infrastructure in order to both defend and gain access to sensitive and critical information. A subsequent proposed framework to be adopted by “agencies with responsibility for regulating the security of critical infrastructure,” asserted the inextricability of such rhetorically and politically hefty concepts as Homeland Security, Counterterrorism, Economic Affairs, National Security and private information infrastructure.

Three years later, the Defense Information Systems Agency (DISA) has begun to roll out one part of the Pentagon’s Joint Information Environment Plan, mobile devices for use in the field by persons with Secret clearance so named Department of Defense Mobility Classified Capability – Secret or DMCC-S. These devices and their related software, apps, standards and protocols will replace the now defunct Secure Mobile Environment Portable Electronic Device System. Reliant upon private infrastructure and contracts for the program’s success, this transitional moment offers a window into understanding how the what, where, when and why of a classified record is shifting dramatically in the face of new socio-technical configurations. This presentation focuses on this transition to think through these questions, situating this program within a longer history of contracts between the federal government and the private sector and analyzing the transition from identifying security as protocol to security as device.