Jonathan Couch, Chief Operating Officer, ShadowDragon
After living through a global pandemic and then Russia engaging in a war on Ukraine in early 2022, Elon Musk purchasing Twitter shouldn’t have felt like such a surprise. But something about this turn of events related to a major social media platform has me mulling over new questions about the future of open source intelligence (OSINT). Publicly available information and intelligence on humans from various websites and online sources that anyone could access, is a cornerstone of investigative research for law enforcement and global militaries.
When Musk’s deal with Twitter first went through, I was interested to see if the platform would open up further or become more locked down. Would he find some new way of doing business that will prove as revolutionary as Tesla was when it first came out? Will the face of social media as we know it completely change? The actual fate of Twitter will play out in due time. But heading into 2023, there is a lot of anticipation around social media apps. To me, this anticipation is tied to the unique role of social media platforms as a source of OSINT for investigators.
If we’re being honest, OSINT is a bit of a misunderstood beast. Its benefits as an investigative tool that quite literally keep the public safer are widely unknown, and OSINT programs are still in their infancy in environments such as government organizations and military branches. I believe raising awareness of what OSINT is and how it is leveraged for good are key pieces to addressing valid privacy and ethics concerns from the general public.
Data for Public Interest vs. Investigations
In what has been described by others as a “sudden war on open source information gathering”, in mid-December 2022, Musk banned the ADS-B Exchange Twitter account, which is a site that uses open source data to track flight patterns. Twitter’s terms of service were also updated to state that any live tracking is considered an abuse of the platform.
On the surface, this change speaks to Musk’s shoot-from-the-hip approach of using overarching rules to deal with individual situations. However, open source flight tracking data is a tool used in multiple scenarios, from members of the media working on reporting critical stories and events, to OSINT analysts tracking wanted criminals. This information can still be accessed in other forms, but its availability via Twitter had made it more accessible for those sample use cases that the public looks to for information.
The reality of today’s internet is that app companies are out there to make money; they are profit motivated and can control the data users willingly give them. And these companies are not typically thinking, how could the information that we’re collecting be used for good or bad? This is important for everyday people to recognize. That being said, social media platforms are balancing the line of privacy vs. giving users more personalized experiences, which means collecting more data.
Instead of finding it creepy, people can’t wait for their “Spotify Wrapped” to drop at the end of the year, and they certainly enjoy the suggested music to listen to within the app. We also tend to prefer ads that are relevant to us, opposed to ads that leave us scratching our heads and feel totally out of left field. This is thanks to ad tech, which all comes back to the data and publicly available information each of us feeds into social media platforms.
The Importance of Ethical OSINT Investigations
There are many advocacy groups working to prevent ad tech data – which is often included into OSINT and publicly available intel classes – from getting into the wrong hands; for example, some would prefer governments not be able to use ad tech data. Concerns include spying on its own citizens, or more narrowly, targeting of ethnic or minority groups.
I am in favor of asking hard questions and exploring solutions. Is certain data being misused? Who should legally be allowed to use this kind of information, and for what purposes? When it comes to OSINT from an investigative standpoint, the key is starting with a target and having a reason to be looking at the data. Anyone leveraging publicly available information should know what they are trying to do and be looking for information that applies to their investigation. Where I believe ethical lines get crossed is when we start with the data.
There is a distinct difference between spying, stalking, or labeling someone because of behavioral patterns (such as tracking and shaming celebrities for the carbon footprint of their excessive private jet use) vs. having reason to believe an individual is involved in criminal activity and trying to figure out exactly what that looks like. For example, the National Security Agency is not allowed to just pull anything off any satellite that's out there. They must have a reason for looking, and very specifically state what information they are looking for; and if any information comes across their desk that doesn't meet that standard they have to report and destroy it.
OSINT is a tool, and like any tool, can be used for good or bad. At the end of the day, everyone’s online activity leaves behind a digital footprint; most of which you have either completely forgotten about or have no idea even exists. It may be of little consequence to you in your daily life, but investigators can benefit from these “invisible breadcrumbs” every day. Bad guys, whether foreign or domestic, have an online presence too. It’s up to the OSINT community to help build bridges with law enforcement and the public to ensure ethical standards are established and met for the collection of publicly available information.
About the Author
ShadowDragon Chief Operating Officer, Jonathan Couch has 20-plus years of experience dealing with military and government computer network operations, offensive operations, commercial security consulting, cyber threat intelligence and intelligence-led security program startup and maturity. Specifically, he has a background in information warfare and cyber threat intelligence collection as an Air Force network engineer for the Joint Task Force at the NSA, as well as co-founding iSight Partners.
