Moving can be a stressful event. Whether you have moved once or several times, it is an event that upends the lives of the entire family. SSG Alex Kallus, an Army logistics NCO, had just received orders to PCS (Permanent Change of Station) from Fort Novosel, AL, to his new joint assignment in DLA at Fort Belvoir, VA. His spouse, Kay, and their two kids were ready for the move and were busily making plans for the new location. As any military family knows, PCS moves meant chaos, checklists, and lots of internet searches.
Once on the road, the family kept things simple: Apple CarPlay for their car, Google Maps for directions, Spotify for road trip music, and documenting their road trip on their family's Instagram account. They posted several pictures of the Auburn Buc-ee's, the giant Peach in Gaffney, the Marine Corps Museum, and several other fun sights along the way.
As they approached Washington, DC, things began to happen on the family’s phones.
Scrolling through Facebook, Kay started to see ads for DC at-night tours. On Instagram, posts were appearing about military relocation support and child activities in the Fort Belvoir area. Local moving businesses filled her internet with ads.
Kay turned to Alex, "Okay…how do they know we're moving here? I haven’t even posted that yet!?!?"
Suddenly, the family's social media feeds were filled with local ads and targeted marketing from packers and movers, pediatricians, auto shops, and home improvement stores near their new home.
This story is all too familiar in today's world of data aggregation and data brokers. It's not magic, but it's something we all need greater awareness of the mechanics behind it.
— In the application customer agreement, Google and Facebook both can collect location access by default. As soon as the family enters the National Capital Region, their phones register a location change.
— The family searched for military housing, BAH rates, and Fort Belvoir schools weeks before. Their device's advertising ID linked this online activity to their advertising profile. Depending on whether the family searches on their laptop, phone, or another device will affect companies' ability to consolidate user profiles. Companies can also use the login information to tie devices back to a family or user, consolidating user data.
— SSG Kallus and his family stopped at a military-friendly hotel, which shared location data via Wi-Fi or ad trackers in apps Kay uses.
— Across various internet searches and cookies on computers, the websites Zillow, Instagram, Facebook, Amazon, and Google all shared signals about keywords, combining interests like "military move," "school-age," and "new location."
Behind the scenes, data brokers and ad networks updated the family's digital profile with information from new geolocation data, transition efforts, various searches, and other websites that tracked cookies.
This information, or the digital dust you leave behind and the collection of it to better understand you, is called the Internet of Behavior (IoB). This information trail of data, created by individual behavior, system interactions, and devices, is reshaping big data and how it is utilized across multiple industries, including commercial, marketing, and business, as well as defense and military applications. For DLA, big data, along with its associated technologies, presents increased risks to the operational landscape, balanced by meaningful advantages for effective support. Still, the degree to which we take advantage of this technology should be considered in light of the risk landscape it presents. DLA leads the DoD in revolutionary logistics technologies, which hold huge potential to reshape supply chain management.
DLA serves as the Department of Defense's combat logistics support agency, ensuring readiness through secure, responsive, and resilient supply chains. Mission assurance requires continuous oversight of supply chain integrity, particularly in light of an evolving digital and geopolitical threat landscape. According to 10 USC 481911, DLA must streamline and digitize its approach for identifying and mitigate risks to the defense industrial base. This modernization effort requires the identification and aggregation of specific data to build visibility and insights for decisions.
The IoB involves the collection, analysis, and application of data about human or company behavior. This is often drawn from social media, IoT devices, communication patterns, and purchasing behaviors. The use of this data collection is then used to inform decision-making and operations.2
Opportunities
By leveraging data collection and behavioral analytics on suppliers, DLA can identify patterns of concern using advanced AI methods. These patterns include financial stress, foreign influence, supplier reliability, reputational issues, and many more.
The use of IoB in defense and government settings offers unique advantages beyond conventional risk management. In contested logistics environments, where supply chains are threatened by peer adversaries, cyber-attacks, or kinetic disruptions, IoB can provide early warning indicators through anomalous digital behavior, shipment patterns, or emerging misinformation trends. It enables defense planners to make preemptive decisions and adapt posture dynamically in operational theaters.
Government-wide behavioral data can contribute to resilience planning, fraud detection, public health responses, and emergency management. Behavioral patterning is becoming normalized in federal analytics through commercial partnering and national security contexts. As technologies mature, these tools offer the potential to identify not only bad actors, but macro-level trends that might otherwise evade traditional surveillance.
For example, on September 17, 2024, thousands of pagers used by Hezbollah personnel detonated almost simultaneously across Lebanon, followed on September 18 by explosions of handheld radios, causing dozens of deaths and upwards of 3,000 injuries. This completely disrupted the organization’s command-and-control and ability to conduct operations. Reporting and subsequent analyses described the incident as a supply-chain infiltration in which devices were tampered with or counterfeited prior to delivery and detonated by coded signals.
By using IoB and the integration of DoD systems with publicly available data, we can identify emerging risks quickly through anomalies and linked data points. Individual signals are subtle but when linked together in an ecosystem with IoB analytics, it can form a high-confidence early warning system or identify potential compromises in the supply chain.
IOB-Derived Early Warning Indicators:
|
Signal Class
|
Observable
|
Detected Anomaly
|
Potential Threat
|
|
Procurement Path Irregularities
|
Sudden shift to new intermediary/vendor for pagers; with extended dwell in transit/storage.
|
Diverges from prior procurement behavior; long layover creates tampering window.
|
Supply-chain compromise risk; initiate technical inspection & trusted-path sourcing review.
|
|
Asset On-boarding Surges
|
Compressed device provisioning to cadres shortly hours/days before use.
|
Unusually synchronized issuance pattern.
|
Heightened risk that a coordinated trigger could maximize impact.
|
|
RF & Messaging Pattern Anomalies
|
Short, uniform burst traffic across paging network; rare codes seen across disparate cells.
|
Not typical of organic operational traffic; suggests test pings or trigger rehearsal.
|
Flag as possible remote-detonation C2 prep; escalate for network interdiction.
|
|
Device Integrity Variance
|
Weight/thermal signatures or battery pack construction inconsistencies in random-sample QA.
|
Indicates non-OEM modifications.
|
Quarantine lot; conduct disassembly/X-ray; suspend distribution.
|
IoB can be used, as in the example, primarily for security, however, its uses can be applied to many different applications. DLA can leverage IoB for synchronized forecasting of demand, movement tracking, and contractor stability, particularly in areas with poor physical access but strong digital visibility, allowing DLA a digital presence on the battlefield. Our understanding of industry behavior, combined with government data, also enables us to target vendors that are prime investment opportunities, allowing us to build out industrial capabilities during periods of surge. Bad actors are routinely discovered in pre- and post-award relating to ownership provenance, regulatory compliance, and other concerns.3 DLA’s ability to operationalize IoB requires breaking down silos of information within the Agency. Through the integration of people, technology, and governance across divisions, job series, and supply chains, DLA can harness this type of solution. DLA will have to embrace the type of change required to empower lower echelons with decision authority through governance, allowing a more agile and responsive workforce informed by information and utilizing a common data picture through various lens such as logistics, acquisitions, legal, intelligence, cyber, and so many others.
Risks
The aggregation of data and its use to proactively target identified risks, as well as monitor supply chain threats, raises several concerns and a threshold of risk that leaders often lack the appetite for. Several DoD instructions and manuals, as well as numerous discussions, outline the laws, guardrails, and expectations for using data in this area.4
Privacy and Civil Liberties remain top concerns, as risks of overreach in both data collection and application of data analysis exist in this space. Data aggregation and big data analysis are not a new problem to corporate America, but the discussion takes a different turn when the Defense Department discusses the application and use of the IoB.5 There is a critical responsibility in handling big data, with numerous ethical implications related to personally identifiable information (PII) or the aggregation of data that can reveal other pieces of information through digital footprints.
Adversarial targeting and behavioral spoofing, utilizing the same techniques and data that DLA currently uses, are of grave concern. It is already apparent that social media companies are capable of customizing streams for individual users and tailoring content to their online behavior. What does the weaponization of digital dust look like, and are we sophisticated enough to detect it? DLA currently employs numerous bots to assist with automation and efficiency. Inherent risks lay in corrupting bot automation to cripple supply chain activities. We can employ currently available technologies to mitigate this type of risk; however, we must ensure that we are fully leveraging them to protect critical areas. Additionally, generative AI and LLMs become more sophisticated, DLA employees are the first-line guardians to many of these attacks. Threat actors continue to conduct penetration testing and sophisticated attacks to gain access to information and people within DLA, it is imperative to recognize and intercept the bad actors at the gates.
Additional risks lie within data volume and with the analysis that is underway. We must be cautious as we recognize that refining data poses challenges along the knowledge continuum. Often, this process will stop at the information stage. Leaders are left overwhelmed by data that merely informs but does not provide the necessary knowledge or perception for practical decisions. An environment of decision fatigue can creep in with too many tools, too much data, and a wall of dashboards that all have volumes of information yet provide no real ability to affect change. There must exist clear leadership that integrates strategic information-type operations via a disciplined framework that filters priorities with perceptions appropriately.6
Excessive monitoring with data collection on trusted partners is a potential area for risks not often explored. DLA values industry partnerships, yet it also has a duty to watch the supply chain for weaknesses and dangers. While vendors have a tolerance for most of the data collection conducted, there is ultimately a threshold crossed as either issues are uncovered, or concerns are raised. There is significant potential for misuse or misinterpretation of collected commercial data during vendor reviews. With guidance from the Department of Defense and the Intelligence Community, DLA continues to collaborate with General Counsel, Intelligence and Security (DI&S), and others to ensure the appropriate handling and analysis of data for informed decision-making.7 Discussions are currently ongoing with both industry and the Department of Defense on their contractual relationships and safe haven clauses to allow for greater data sharing and communication of issues.
The Moral Gray
Today’s data environment forces us to confront a deep ethical tension between protecting civil liberties and fulfilling the government’s duty to secure the nation. As adversaries grow increasingly sophisticated in exploiting digital behavioral data, the U.S. cannot afford to stand idle while others weaponize information. However, the tools and partnerships used to harvest that data—particularly when outsourced to commercial platforms—must be examined critically.
Private sector technologies now play a central role in enabling government surveillance and behavioral analysis.8 While these tools are indispensable for national security, they are often developed outside the realm of democratic oversight. As a result, the lines between defense analytics and commercial surveillance are increasingly blurred. The same datasets that enable proactive risk detection can also allow for manipulation, discrimination, or mission creep when not governed properly.
There is a clear imperative for the defense community—including DLA—to employ advanced data analytics to detect foreign influence, fraud, and supply chain vulnerabilities. Behavioral signals can uncover otherwise hidden threats: financial distress, compromised ownership, adversarial ties, or fraud indicators. Ignoring these insights cedes strategic ground to bad actors. However, embracing invasive analysis must not mean abandoning ethical restraint. Oversight must evolve alongside technological capability.
The moral challenge is not whether to collect and analyze behavioral data—but how to do so without replicating the very systems of authoritarian control we oppose. Just as resistance movements in fiction and history have used intelligence techniques for survival, so too must we adopt proactive surveillance responsibly. The goal is not omniscience, but resilience. Defense agencies must ensure that their data strategies are guided by legal guardrails, internal checks, and a clear moral compass anchored in democratic values.
Conclusion
As DLA expands its ability to harness the Internet of Behavior for supply chain risk management, it must simultaneously reinforce its commitment to transparency, accountability, and public trust. The increasing reliance on behavioral analytics in national defense demands a more developed ethical and operational framework. It is not merely a question of what is possible — it is a question of what is just, necessary, and sustainable.
DLA should collaborate with legal counsel, the intelligence community, and trusted industry partners to build frameworks that support invasive analytics where required but within clearly defined limits. Safe haven clauses, responsible data-sharing agreements, and audit-ready oversight mechanisms must be implemented. At the same time, the agency must resist the drift toward opaque or overly privatized surveillance infrastructure that may operate without adequate public scrutiny.
Policies must enable analysts to detect threats quickly and decisively, but within an environment that values civil liberties and constitutional norms. Oversight boards should evaluate analytic models for fairness and proportionality and ensure that data collection aligns with both mission relevance and ethical boundaries.
The Internet of Behavior offers transformational potential for mission assurance and supply chain security. But its power must be exercised with intention. The success of national defense depends not only on the precision of our insights—but on the principles that guide how we obtain and use them.
1 10 US Code 4819, 2021 Modernization of Acquisition Processes to Ensure Integrity of Industrial Base
2 Gartner. (2021). Top Strategic Technology Trends for 2021.
3 Department of Defense. (2023). Instruction 3000.16. Vendor Threat Mitigation Procedures.
4 RAND Corp. (2023). Cybersecurity and Supply Chain Risk Management are Not Simply Additive.
5 Department of Defense. (2023). Instruction 3115.18. DoD Access to and Use of Publicly Available Information.
6 GAO. (2021). GAO-21-525. Information Environment: DoD Operations Need Enhanced Leadership and Integration of Capabilities.
7 Department of Defense. (2023). Manual 8910.01 Vol 2. DoD Information Collections Manual.
8 The Conversation. (2024, July 18). Tech giant helps the US government monitor its citizens — its CEO wants Silicon Valley to find its moral compass. https://theconversation.com/tech-giant-palantir-helps-the-us-government-monitor-its-citizens-its-ceo-wants-silicon-valley-to-find-its-moral-compass-260824.