Statistical OSINT

Open source intelligence (OSINT) is sort of the flip side of privacy. That’s why you sometimes find people who work both sides, doing investigations for some clients and helping other clients resist being investigated.

Our work in data privacy is adjacent to OSINT. We need to be aware of publicly available data that could undermine the privacy of individuals in our client’s data. For example, we have had to tell clients that they cannot link medical data with real estate data because the latter is publicly available. If someone knows your approximate location and a few details such as the size of your house or how much it is appraised for, they can find out who you are.

There are usually creative ways around such privacy policies. Often companies don’t want identifiable data per se; they want to know things that can be inferred from private data. And maybe these inferences are not a risk to individual privacy. It all depends on context.

An OSINT professional is often trying to find out information about a specific individual who is the target of investigation. Our work is more focused on populations than individuals, e.g. data that might allow some percentage of people to be identified.

Usually we are not trying to identify people; we’re trying to keep people from being identified. But sometimes we work the problem from the other side to see what is possible. Sort of a Red Team exercise.

OSINT professionals often have a background in law enforcement, but not statistics. A law enforcement background is very useful, but a statistical perspective is complementary.

Statistical OSINT lets you pick up on subtle clues. Statistical techniques let you decide a priori what evidence will satisfy a certain likelihood threshold, which makes judgments easier to justify and to automate. A statistical approach can let you evaluate what is likely to work, or not work, before you put in the effort.

If you’d like to discuss how a statistical techniques can augment your OSINT research, let’s talk.


Trusted consultants to some of the world’s leading companies

Amazon, Facebook, Google, US Army Corp of Engineers, Amgen, Microsoft, Hitachi Data Systems