Following the rise in ‘offence archaeology’, where an individual’s digital past is examined in order to unearth any ill-advised (and possibly, youthful) statements, I worked in open source intelligence gathering, on a self-employed basis, for private clients, providing a professional, confidential service designed for both individuals and organisations — who want to minimise their exposure to risk. I utilised open-source intelligence (OSINT) in order to conduct these screenings. Due to my insolvency background, some local business people were interested in me vetting new customers to reduce the risk of bad debts.
Clients requested my services for a variety of reasons including:
- Recruitment: The information about a subject found online can provide more intelligence than any interview or reference check.
- Business: Preparing for business meetings — By knowing as much as possible about the person the client is going to meet with.
- Privacy: Tune-ups for people concerned about their personal and professional presence online.
- Parent/Guardian: Online intelligence search techniques for locating social media content posted by children, reducing their vulnerability to faceless predators.
- Pre-Nuptial and Pre-Date Screening: Understanding who people are meeting from a personal safety point of view and preventing costly and ill-advised marital mistakes.
There has been a rise of digital evidence, with large data sets generated by communications service providers, cloud service providers and smartphones, Internet of Things (IoT) devices, as well as the skyrocketing volume of video and photographic evidence. Crime is moving indoors and online and digitisation has brought with it a type of criminal activity that is hidden and borderless. Data and technology are enabling societal behaviours, with new crime types emerging.
Digital media is increasingly resident on the smartphone, embedded in social media posts, text messages, emails, videos and photographs, as well as the phone’s geolocational data, metadata and transaction-generated information. Large-scale incidents, such as terrorist attacks at concerts, highlight the need to quickly and legally collect, extract, process and analyse data on the scene from hundreds of smartphones to uncover relationships, resolve identities and understand how the incident unfolded.
It is not just policing that benefits from online screening and research. It has benefits for debtor tracing, for wills and probate purposes (beneficiary tracing), and for checking that dinner date does not have a spouse and five kids stashed away.
Ethically, smartphone vendors like Apple and Samsung; technology vendors like Microsoft, Facebook, Google, Salesforce and Amazon Web Services; and privacy advocates have all expressed concern about technology-enabled surveillance, particularly if personal data protections like password protections, advanced locking solutions, and encryption, are bypassed.
Other challenges to consider, would be:
- To what extent can we agree that the internet should be policed? There is a lack of clarity about the respective roles of internet service providers, social media companies, the manufacturers of digitally enabled devices, public services and the public themselves.
- The dissolution of geographical borders breaks apart the traditional criminal investigation triangle of local victim, local offender and local police.
- In a digital age, crime is increasingly occurring both on the internet and simultaneously behind the closed doors of people’s homes, bedrooms and offices. This makes crime harder to detect and more complex to investigate.
- Given the scale of cyber-crime, which offences should we investigate?
- What does consent mean in a digital age? How can we act legitimately in this new world?