The concept of information operations (IO) has entered into our everyday lexicon without a precise definition.
Any stated definition of information operations is relative to the context. IO remains a complex subject, and the field is evolving. This article hopes to provide greater insight and clarity into the definition of IO, and also identify existing and potential shortfalls.
Regardless of context, information operations maintain some nearly-universally-agreed-upon characteristics. An information operation is a campaign that is dedicated to obtaining a decisive advantage in the information environment. Some conflate IO with mere cyber or influence operations, but these are one of many capabilities that IO practitioners—both civilian and military—use to gain an edge in the information environment.
This messaging effort has multiple components to ensure the desired effects are delivered in the most advantageous way possible—sometimes using influence and other times the intention is solely to send a direct, clear, and concise message. Take, for example, a scenario involving displaced persons. The influencing elements are sending out pamphlets intended to induce the displaced persons to return home, but civil liaison elements are building permanent structures that will incentivize displaced individuals to remain. It is the IO practitioner’s job to de-conflict this disjointed message. An IO practitioner should be working in tandem with other capabilities to shape the information environment.
The Russian interference in the 2016 presidential election was a strategic use of IO.
The Russian government sought to both influence the U.S. presidential election, and undermine the Democratic systems. State-sponsored Russian actors hacked into Democratic National Committee servers and gained access to a key Democratic advisor’s emails. These hackers than used third-party intermediaries to release derogatory or potentially damaging information through WikiLeaks. Furthermore, Russian actors focused on psychological operations disseminated propaganda and disinformation via social media. An IO practitioner would, typically, be the one that coordinated this effort.
However, the definition of IO can change based on the context in which the term is used. According to a Congressional Research Service (CRS) report from 2018, a government entity, IO is sometimes conflated with Information Warfare (IW). The report says that “Information warfare takes place at the strategic level, while information operations (IO) involve using various information-related capabilities to implement the strategy.” However, unlike IO, IW is not defined in any contemporary U.S. military doctrine, nor does the U.S. military doctrine specify IW “takes place at the strategic level.” Surprisingly, no recent U.S. Government publication specifies there is a distinction between IO and IW; the U.S. Government should clarify the difference—if one exists.
The U.S. military has its own distinct view of information operations.
The 2016 U.S. military doctrine defines IO as “The integrated employment, during military operations, of information-related capabilities in concert with other lines of operation to influence, disrupt, corrupt, or usurp the decision-making of adversaries and potential adversaries while protecting our own.” Per this doctrine, IO is focused on coordination and synchronization “during military operations.” IO is absent real deliverables, it relies on other capabilities to deliver effects. As previously stated, influence and cyber operations are just two of many information-related capabilities.
The more antiquated IO doctrine distinguished between information warfare and information operations. In a military publication from 1999, IO is defined as “…actions taken to affect adversary information and information systems while defending one’s own information and information systems.” The publication addresses IW as “Information warfare (IW) is IO conducted during time of crisis or conflict (including war) to achieve or promote specific objectives over a specific adversary or adversaries.” While these definitions appear to be out-of-date, they provide substantially greater clarity and understandability than contemporary military doctrine (IW was removed from military doctrine in 2006).
In the private sector, the definition differs from the military with actual deliverables. Facebook Security defines “as actions were taken by organized actors (governments or non-state actors) to distort domestic or foreign political sentiment, most frequently to achieve a strategic and/or geopolitical outcome.” Facebook’s definition appears to conflate IO with mere influencing instead of producing a specific desired effect.
The nonprofit global policy think tank Rand Corporation defines IO as the following: “Information operations and warfare, also known as influence operations, includes the collection of tactical information about an adversary as well as the dissemination of propaganda in pursuit of a competitive advantage over an opponent.” This definition poses a number of challenges because—again—much like the private-sector Facebook definition, it is focused on “influence operations,” which are, in actuality, only part of a true IO campaign that is synchronizing and coordinating a range of influence, cyber, and psychological elements. RAND’s definition also conflates IW with IO. For its part, the CRS report attempts to distinguish IW from IO, something U.S. military doctrine fails to do.
The absence of a clear definition could lead to a strategic disaster.
Making things even more complicated is the fact that these nuanced definitions also face international interpretation, and the United States’ foreign competitors may define or conceptualize information operations differently. This means matching their capabilities that much more difficult, making any discussion over a strategic competitor’s (e.g. Russia) IO capabilities an apples-to-oranges comparison.
It is now more important than ever to develop a clear and concise understanding of information operations as a concept. Unfortunately, this paper may fall short because of the complexity and evolving nature of IO. In the short-term, the U.S. Government could re-adopt the out-of-date, yet more concise definitions for IO and IW.
Updating these definitions would ensure that IO is properly understood, conceptually and practically speaking. Until then, with each new IO definition, there will be a nuanced complexity that only serves to confuse rather than clarify the ever-changing nature of information operations.
The views expressed in this report are those of the author and do not necessarily reflect the official policy or position of the Department of the Army, the Department of Defense, or the U.S. Government.