OSINT & the SENTINEL Project – Open-Source Investigations to Assist Police Operations

From LINKS Community Center
Jump to: navigation, search
As the result of a focused research project, Germany implemented so-called ‘intel officers’ in several states in 2019 who assist police operations through the application open-source intelligence.
Police Work in General



Crowdsourcing, Social Media

  • Collecting and Analysing Information from SMCS
  • Ensuring Credible Information
  • Making Information Accessible
Disaster Management Phase



The term OSINT is the acronym of ‘Open-Source Intelligence’ and refers to the collection and evaluation of publicly available data for a certain purpose. Originally, the term was associated with the work of secret services. Today, with the ubiquity of (big) open data, OSINT is also applied in a variety of other fields, companies perform OSINT e.g., for the purpose of market research (so-called Business Intelligence). One increasingly relevant subfield of OSINT is SOCMINT (Social Media Intelligence).

German Law Enforcement had long limited its OSINT endeavors by solely concentrating on organized crime, terrorism, and cybercrime, whereas in the Netherlands OSINT was already integrated into every-day mission control work back in 2012. There, OSINT was applied by so-called ‘intel officers’ in terms of ‘real-time intelligence’ (RTI) to provide the colleagues out in the streets with as much relevant information as possible for them to perform their duty.

Such OSINT-backup becomes particularly relevant when there is only limited time to assess a situation, foresee potential dangers and how events might unfold. Focused research in open-source data can for instance provide valuable information such as

- pictures showing the current appearance of a person,

- hints on connections to potentially dangerous milieus (e.g., the Rocker scene),

- hints on relevant hobbies (long-time boxer, sporting marksman, owner of an attack dog etc.), or

- updates on the location and potential escape routes (traffic situation, construction sites etc.).

The Pilot Project ‚SENTINEL‘

To investigate if such a targeted collection of additional information would also improve the work of mission control centers in Germany and thus increase the safety of patrol officers and the public, the German Police University launched the pilot project ‚SENTINEL - Sicherheit im Einsatz durch Open-Source-Intelligence (OSINT) in Einsatzleitstellen‘ jointly with the local police departments of Dortmund, Osnabrück, and Munich. During a phase of six months within this project (which was funded by the Stüllenberg Foundation from January 2018 until October 2019) intel officers were implemented in the mission control centers of the three cities and should perform OSINT research upon incoming emergency calls. This means, every time an intel officer encounters relevant hints, he or she sets a marker and copies the relevant information into the computer-aided dispatch system, whereupon they will be communicated via messenger, radio, or phone to the officers at (or on the way to) the scene. If necessary, those publicly available data can be combined or checked against database records (e.g., from the INPOL database or the firearms registry).

Results & Aftermath

The evaluation of this pilot phase was based on quantitative and qualitative methods and could follow-up on a total of 1282 emergency-call-triggered police operations. It could be documented that in about 80 percent of the operations intel officers were able to come up with additional information and that for 72 percent of the cases this additional knowledge was rated as crucial to actually support the police work of the colleagues at the scene. Most of that information consisted in pictures, hints on communication devices used, and contact persons. Thus, after the ‘SENTINEL’ project was able to affirm the relevance of OSINT to assist every-day police missions, 13 new intel officers were hired in Lower-Saxony alone (to support mission support centers in Hannover, Braunschweig, and Osnabrück on a 24/7 basis). To archive a high degree of specialization and profit from synergy effects, those positions were primarily not filled with police officers but rather with ‘externals’ that could provide a background in communication studies or the like.

OSINT Software

The quality and pace with which intel officers can assist police missions are of course to a great deal depending on the software tools they have available. To date, several quite exhaustive lists referencing OSINT tools for various applications exist, such as the ‘Awesome OSINT’ list curated on GitHub (https://github.com/jivoi/awesome-osint) or the ones featured in the ‘Open Source Inelligence Tools and Resources Handbook) https://i-intelligence.eu/uploads/public-documents/OSINT_Handbook_June-2018_Final.pdf

The work of German intel officers usually incorporates a great variety of such tools. Yet most mission control centers have developed their own unique workarounds and implemented (or developed) different software solutions throughout Germany – some which are kept confidential for tactical or contract reasons, some which are regularly demonstrated publicly. One of the more prominent examples is for instance „hessenDATA“ (in use in the state of Hesse) which among other things can automatically compare search results with inputs from three police databases and internal notification, integrate telephone service data, forensic data, and information retrieved from social networks.
What was the overall goal of the Use Case?
This use case was intended to introduce terms such as OSINT, RTI, intel officers because those relate to relatively novel developments within the German police that actively build upon social media data, feature the development and testing of software to assist it and have intersections with crowdsourcing.
What limitations were identified?

The implementation of OSINT within law enforcement units bears several technical as well as legal challenges.

1) Intel officers need at least two workstations, one with internet access and one standalone PC without because following the security protocol, computers that can access the internal police network must never be connected to the public internet. To overcome the resulting problems regarding data exchange and integration, some mission control centers provided additional smartphones and/or messengers, so that some information could at least be shared as screen-capturing photos.

2) German police personnel are not allowed to gather, store, or evaluate personal data from any citizen unless they can make a justified claim that someone is or will be potentially in harm or danger. Moreover, OSINT is not explicitly covered in the German code of criminal procedure (Strafprozessordnung, StPO) which puts its applications a bit into a legal grey area where a lot to date is still a matter of interpretation and a great variety of other laws might as well need to be considered [such as e.g., the constitution (Grundgesetzt, GG), the General Data Protection Regulation (GDPR), or the Act on Copyright and Related Rights (Urhebergesetz, UrhG)].