Involved Organisations:Police Germany
Deutsche Hochschule der Polizei (DHPol)
Crowdsourcing, Social Media
- Collecting and Analysing Information from SMCS
- Ensuring Credible Information
- Making Information Accessible
- Mobilising Citizens
Disaster Management Phase
After, Before, During
The term OSINT is the acronym of ‘Open-Source Intelligence’ and refers to the collection and evaluation of publicly available data for a certain purpose. Originally, the term was associated with the work of secret services. Today, with the ubiquity of (big) open data, OSINT is also applied in a variety of other fields, companies perform OSINT e.g., for the purpose of market research (so-called Business Intelligence). One increasingly relevant subfield of OSINT is SOCMINT (Social Media Intelligence).
German Law Enforcement had long limited its OSINT endeavors by solely concentrating on organized crime, terrorism, and cybercrime, whereas in the Netherlands OSINT was already integrated into every-day mission control work back in 2012. There, OSINT was applied by so-called ‘intel officers’ in terms of ‘real-time intelligence’ (RTIC) to provide the colleagues out in the streets with as much relevant information as possible for them to perform their duty.
Such OSINT-backup becomes particularly relevant when there is only limited time to assess a situation, foresee potential dangers and how events might unfold. Focused research in open-source data can for instance provide valuable information such as
- pictures showing the current appearance of a person,
- hints on connections to potentially dangerous milieus (e.g., the Rocker scene),
- hints on relevant hobbies (long-time boxer, sporting marksman, owner of an attack dog etc.), or
- updates on the location and potential escape routes (traffic situation, construction sites etc.).
THE PILOT PROJECT 'SENTINEL‘
To investigate if such a targeted collection of additional information would also improve the work of mission control centers in Germany and thus increase the safety of patrol of-ficers and the public, the German Police University launched the pilot project 'SENTINEL - Sicherheit im Einsatz durch Open-Source-Intelligence (OSINT) in Einsatzleitstellen‘ jointly with the local police departments of Dortmund, Osnabrück, and Munich. During a phase of six months within this project (which was funded by the Stüllenberg Foundation from January 2018 until October 2019) intel officers were implemented in the mission control centers of the three cities and should perform OSINT research upon incoming emergency calls. This means, every time an intel officer encounters relevant hints, he or she sets a marker and copies the relevant information into the computer-aided dispatch system, whereupon they will be communicated via messenger, radio, or phone to the officers at (or on the way to) the scene. If necessary, those publicly available data can be combined or checked against database records (e.g., from the INPOL data-base or the firearms registry).
RESULTS & AFTERMATH
The evaluation of this pilot phase was based on quantitative and qualitative methods and could follow-up on a total of 1282 emergency-call-triggered police operations. It could be documented that in about 80 percent of the operations intel officers were able to come up with additional information and that for 72 percent of the cases this additional knowledge was rated as crucial to actually support the police work of the colleagues at the scene. Most of that information consisted in pictures, hints on communication devices used, and contact persons. Thus, after the ‘SENTINEL’ project was able to affirm the relevance of OSINT to assist every-day police missions, 13 new intel officers were hired in Lower-Saxony alone (to support mission support centers in Hannover, Braunschweig, and Osnabrück on a 24/7 basis). To archive a high degree of specialization and profit from synergy effects, those positions were primarily not filled with police officers but rather with ‘externals’ that could provide a background in communication studies or the like.
In 2021 more Intel officers were hired in Lower-Saxony to provide state wide coverage, enabling the mission support centers in Lüneburg, Göttingen and Oldenburg to imple-ment this capacity as well. In Lower Saxony the intel officer unit has access to the Social Media accounts administrat-ed by the public relations (PR) unit. The unit is able to monitor incoming messages and mentions outside of the working hours of the PR unit. Hereby the intel officers are able to monitor this channels on a 24/7 basis, to run a OSINT search about people involved or mentioned on such messages and share relevant information within the mission control center.
In the event of a larger scale incident with social media virality, intel officer are also able to scan incoming messages for relevant information where the police has been tagged as an effort of the crowdsourcing community to flag important information. Intel Officers are also able to create messages and posts directed at single users or the community as well in order to ask for assistance (e.g. missing persons) or give guidance in certain situations (e.g. keeping windows and doors closed in the event of a fire).
Another aspect of social media in combination with incidents and police investigations is the direct communication of police organisations with the platforms. In this case during the project and afterwards workflows were developed in order to ensure that emergency data requests (EDR) are used adequately in the mission control centers enabling to receive relevant information about users and accounts in a timely maner. By the end of 2021 NRW followed Lower Saxony as well implementing so called GMKC (Gemeinsame Monitoring- und Kommunikationscenter) on every regional mission sup-port center (§4 Behörden).
The quality and pace with which intel officers can assist police missions are of course to a great deal depending on the software tools they have available.
To date, several quite exhaustive lists referencing OSINT tools for various applications ex-ist, such as the ‘Awesome OSINT’ list curated on GitHub (https://github.com/jivoi/awesome-osint) or the ones featured in the ‘Open Source Inelli-gence Tools and Resources Handbook (https://i-intelligence.eu/uploads/public-documents/OSINT_Handbook_June-2018_Final.pdf).The work of German intel officers usually incorporates a great variety of such tools. Yet most mission control centers have developed their own unique workarounds and imple-mented (or developed) different software solutions throughout Germany – some which are kept confidential for tactical or contract reasons, some which are regularly demon-strated publicly. One of the more prominent examples is for instance „hessenDATA“ (in use in the state of Hesse) which among other things can automatically compare search results with inputs from three police databases and internal notification, integrate tele-phone service data, forensic data, and information retrieved from social networks.
What was the overall goal of the Use Case?
This use case was intended to introduce terms such as OSINT, RTIC, intel officers because those relate to relatively novel developments within the German police that actively build upon social media data, feature the development and testing of software to assist it and have intersections with crowdsourcing.One of the main focus of the project was enhancing the safety of the officers on site as well as the safety from the subjects involved in an incident.
What limitations were identified?
The implementation of OSINT within law enforcement units bears several technical as well as legal challenges.
1) Intel officers need at least two workstations, one with internet access and one standalone PC without because following the security protocol, computers that can access the internal police network must never be connected to the public internet. To overcome the resulting problems regarding data exchange and integration, some mission control centers provided additional smartphones and/or messengers, so that some information could at least be shared as screen-capturing photos.2) German police personnel are not allowed to gather, store, or evaluate personal data from any citizen unless they can make a justified claim that someone is or will be potentially in harm or danger. Moreover, OSINT is not explicitly covered in the German code of criminal procedure (Strafprozessordnung, StPO) which puts its applications a bit into a legal grey area where a lot to date is still a matter of interpretation and a great variety of other laws might as well need to be considered [such as e.g., the constitution (Grundgesetzt, GG), the General Data Protection Regulation (GDPR), or the Act on Copyright and Related Rights (Urhebergesetz, UrhG)].
- most of the SM plattforms used in Europe
- Public Sonar
- most of the SM plattforms used in Europe