Open Source Intelligence (Osint) : An Oxymoron?: International Journal of Intelligence and Counterintelligence
Open Source Intelligence (Osint) : An Oxymoron?: International Journal of Intelligence and Counterintelligence
Open Source Intelligence (Osint) : An Oxymoron?: International Journal of Intelligence and Counterintelligence
CounterIntelligence
Bowman H. Miller
To cite this article: Bowman H. Miller (2018) Open Source Intelligence (OSINT): An
Oxymoron?, International Journal of Intelligence and CounterIntelligence, 31:4, 702-719, DOI:
10.1080/08850607.2018.1492826
BOWMAN H. MILLER
DEFINING INTELLIGENCE
If today’s intelligence is comprised of upwards of eighty percent open source
information, can OSINT be disqualified as an intelligence discipline? If so,
how and why? What, after all, is intelligence? Former intelligence official
Mark M. Lowenthal begins his book Intelligence: From Secrets to Policy with
that question. His first answer is:
Some aspects of MASINT also amount to open source data. Such can be
found in seismometers routinely measuring earthquakes and in sensors
measuring airborne radiation, indications of nuclear tests, or reactor
calamities. Much of this data is available from the National Weather Service
and National Oceanographic and Atmospheric Administration (NOAA).
Indeed, in a sense every device able to communicate and to access the
Internet has become a sensor for the person using it. Democratization in
access to technology gives every user the power to create information, make
news, and shape opinions as never before. Most journalists carry out a form
of public HUMINT as they acquire and make use of sources, some of them
most useful when anonymous, while others are openly named.
Taken together with the broad range of other public sources of
information, the OSINT phenomenon shows itself to be a hyper-federated
reality,11 spanning untold sites and methods. Knowing few bounds, it also
reflects a speed that is often spell-binding: the rapidity of posting something
on the Internet coupled with the ability to remove it in an instant. But do this
ubiquity, rapidity, and variety provide the basis for characterizing open
source as a distinct INT?
coverage, via social media, or otherwise. That kind of open reporting, often
instantaneous, also comes without authentication. OSINT demands attention
to denial and deception measures every bit as much as do traditional
collection disciplines. Any astute Internet user is vigilant when it comes to
phishing, hacking, fake data, scams, and the like—an ever-present cyber
security concern in the OSINT arena.
The cueing function of open sources often proves of great value. Examples
include the global ubiquity of social media and peoples’ ability with their
cellphones to photograph in real time such events as a protest in progress, a
terrorist incident, or a natural disaster. That same information can be relayed
to geospatial collectors, whether governmental or commercial (e.g.,
DigitalGlobe), for them to examine and report on, using their unique, often
wider-ranging, and proven credible capabilities. This kind of information
gathering symbiosis holds in many other areas—tracking human and drug
trafficking routes, detecting hostile efforts at denial and deception, identifying
cyber intrusions and distortions, and more. Often the process of validating
the trustworthiness of an open source’s data requires scrutiny using classified,
sensitive collection and targeting methods. If the two conflict, analysts must
find ways to decide which to believe and use in making their judgments.
The reverse in the pointing context also occurs, when clandestinely
acquired information helps direct, target, locate, and/or sort open source
information or communication. Purposely concealed traffic on the Internet
that cannot be accessed without special or concealed techniques remains in
the domain of clandestine collection, e.g., in the “dark web,” but the public’s
open tweets, blog entries, published journals, and such qualify as accessible
open sources. The world of information, massive and molten as it now is,
requires advanced data analytics, adroit human screening, and schooled
analytic judgment in order to determine what is to be sought out, believed,
included in analysis, or discredited and discarded.
intelligence analysts, but rather to know who is, where the trustworthy
sources are to be found, and how to make good use of them as the needs
arise. While most people have abandoned their paper Rolodexes crammed
with notes and business cards, the electronic equivalent is now the sine qua
non in both intelligence and business.
Instant analysis by television’s talking heads, the 24-hour news cycle, and
competing purveyors of ideologically grounded and selected news and
commentary now crowd the field and often seem to displace intelligence-
based analysis and reporting. Decisionmakers and their spokespersons play
catch-up with the news feeds, be they factual, biased, or simply bogus.
Speedy coverage, instant commentary, and live video have overtaken
seasoned expertise and thoughtful assessment. Nonetheless, these major
sources of information competition for the intelligence world are now well-
established and growing.
To establish the credibility of many open sources is extremely difficult.
Those tasked with trying to exploit foreign news coverage and reportage
must know where the sources of such reporting lie, the editorial and selection
biases of news managers, and the relationship between news organs and those
in power, both politically and economically. Published news is not
intelligence and is not the intent or yield of collection. “It is the particular
organization of the material for the decision maker that may turn publicly
available news into intelligence.”17 Knowing the difference in, say Germany,
between the tabloid Bild Zeitung’s orientation and that of the more
intellectual Die Zeit is critical. The challenge is to know which news sources
spout the government line and which routinely voice an opposition
perspective.
Even that is easier to do than to rate the accuracy and utility of self-
appointed news sources and commentators. “News” reporting is no longer
the sole or privileged purview of trained (and preferably objective)
journalists. But how and by whom are the credibility and utility of blogs
rated? Some are insightful; many are trashy or vitriolic. Blogs are not static,
and seldom do they have a reliability record that can be relied upon with
confidence. That said, regardless of the veracity or logic of content, the
size of a blog’s receptive audience can be every bit as important as its
messaging per se. That is why the users and follower numbers for Twitter
and the like are tracked. Impact is as important as content, and sometimes
more so. Journals, books, public speeches and interviews, policy
pronouncements, propaganda, blogs, and tweets are in the public domain.
Much in the news and the other sources can alert, inform, warn,
and contextualize, as well as trigger and point to requirements for
enhanced or new intelligence collection and coverage. And therein lies a true
treasure trove of analytically useful open source information—if it can
to block Internet access. Since the Internet and the social media that ride on
it can be means to incite and coordinate protests, to convey opposition
complaints and accusations, and to generate calls to action, regimes that
abhor being challenged attempt to silence the net. Given the tendency of
authoritarian regimes to try isolate their publics from outside news and
connections, as did the Soviets during their years in power, can the
Intelligence Community contribute to efforts to counteract such
electronic blockades?
While the U.S. and its partners are ill-equipped to enforce Internet
openness, “freedom of information,” or “sunshine laws” in foreign states, one
aim of U.S. foreign policy, and of the Department of State, is to foster an
open Internet environment worldwide. Those efforts range from issues of
advocacy of Internet access (a passive action) to actually enabling Internet
rights (an active ability to facilitate usage of the Internet for communication
and information). In other instances, governments and their surrogates use
the Internet to distribute their own propaganda, as well as false and distorted
accounts of events, and manipulated and deceptive information, making
analysis perhaps more important but also more difficult. In the most extreme
cases, the issue is not distortion but actual denial of service. Estonia
experienced this from Russia in April 2007 after removing a Soviet-installed
monument from the center of Tallinn, the capital.18
Another flaw in the exploitation of open sources has to do with published
strategies, intentions, and visions. Too often published opinion is dangerously
ignored or overlooked. Many a leader has telegraphed his/her beliefs and
intentions. Had the world read and taken heed of Adolf Hitler’s Mein Kampf
or made more of Osama bin Laden’s stated strategy of forcing the West to
spend itself into oblivion to pay for counter-terrorism and security
protection, some terrible historic events might have been either averted or
diminished.19 Those malevolent intentions had been both telegraphed and
openly accessible, even if largely discounted.
requires non-disclosure except to those with an authorized need for it, lest it
become known to the subject of the assessment. What is said about or to
others in public is open and free; what analysts say about others to
decisionmakers is not. The confidential, intelligence-informed judgments that
analysts share with their consumers are no one else’s business.
Michael Warner has noted that any definition of intelligence must include
“a consideration of secrecy, … [the potential that it could] mean life or
death, … [and] both clandestine activity as well as information.”21 Indeed,
the word “intelligence” in modern usage has taken on a semantic meaning
connoting confidentiality, if not espionage, at least in the United States,
France, Russia, and Germany.22 That negative connotation of the word
“intelligence” has long prompted the United Nations (UN) to strenuously
avoid its use. Collecting furtively against fellow UN member states is deemed
a major taboo. Likewise, the Japanese have had an aversion to calling some
things intelligence. For years, Japanese officials have labeled their array of
intelligence satellites “information gatherers.”23 Yet, what, if anything, about
OSINT needs to be concealed? For foreign government analysts and
“collectors,” one caution is the fact that information intended for one
audience, their own, might be exploited by another, namely, the U.S.
Intelligence Community. For example, the study by outsiders of published
Chinese research endeavors that are posted in that country’s professional and
scholarly journals offers a case in point. Any apparent U.S. official interest in
a foreign information source, by agencies or individuals using government
computers for the on-line inquiry, can prove detrimental. Suddenly, what
once appeared in the public space goes dark.
Among the most closely held secrets in the United States are not only the
launch code for nuclear missiles but also the formula for the syrup used in
making Coca Cola. That formula is stored in a Fort Knox–style vault at
corporate headquarters in Atlanta, Georgia, to be accessed by only those few
with a validated “need to know.” To underscore the example, some years
back two Coke employees with such purported access offered to sell the syrup
formula to the competitor, Pepsi Cola, for millions of dollars. Pepsi reported
their treacherous offer to police, who then ran a sting operation. Subsequently
tried and convicted of a felony theft attempt,25 the pair were sentenced to five-
and eight-year federal prison terms.26 This was clearly a case of attempted
industrial espionage, reminiscent of convictions for national security violations
in espionage or leak cases. And Coke’s “secret formula” is still secret.
Since at least 2014, the U.S. National Security Agency (NSA) has been
under intense scrutiny and pressure concerning its reported collection and
retention of e-mails and other correspondence generated by and for U.S.
persons. Much of that turmoil was the result of claims by whistleblower
Edward Snowden, a one-time NSA contractor. Rumors abounded that the
NSA was vacuuming up every e-mail sent and storing it for analysis and
retention, perhaps at its mammoth data center in Utah.27 While such extreme
government collection was routinely denied and never validated, it illustrated
another complicating, ethical aspect of dealing with open source information.
Acquiring gray literature, from newsletters to blogs to underground
publications, is one thing. Scooping up private correspondence and snooping
upon Americans is, of course, quite another matter, and U.S. and publics
elsewhere were upset by such allegations of NSA excess.
Two related issues involving open sources are their occasional nefarious
use and the justified concern over the erosion of privacy in this Internet age.
Groups of all kinds engage in unlawful, often violent activities; they also use
the Internet to recruit, train, motivate, communicate, and propagandize.
Those actions are of keen interest to the Intelligence Community in serving
national security, law enforcement, and public safety. Moreover, the Internet,
World Wide Web, and an ever-expanding array of social media, from
Facebook and Instagram to Linked.in and others, are channels of
information that afford little (and, in some cases, no) protection from peering
eyes, hackers, and malicious actors.
The public’s trust in privacy protection is now thin and rightly so. As
Amanda Hess noted in a New York Times Magazine article, “Our ‘privacy’
has become a key currency in online life—traded away in return for
convenient services and cheap thrills. … It is increasingly seen not as a right
but as a luxury good. … Data-mining companies know everything about us,
but we know very little about what they know.”28 “Friending” on Facebook
is a supposedly protected activity, if users set their privacy protections
properly, but “tweeting” to the world, even if done by the President of the
United States, is not. Moreover, the prevalence of “fake news,” deceptive
schemes and scams, spam e-mails, spear-phishing efforts, “monetizing” users’
information and purchase trends, and other obscured and and/or malevolent
actions make the sorting of good data from the huge volume of useless
garbage found in open sources a demanding, if not often impossible, task.
REFERENCES
1
See John C. Gannon, “The Strategic Use of Open-Source Information,”
Studies in Intelligence, Vol 45, No. 3, 2001, p. 67.
2
Mark M. Lowenthal, Intelligence: From Secrets to Policy, 4th ed.
(Washington, DC: CQ Press, 2009), p. 1. In this context, recall that in the
practices of the United Nations, there is a profound inclination to shun
“intelligence” by that name (implying the UN condoning spying among
member states) in favor of the more anodyne “information.”
3
Mark M. Lowenthal, “Open-Source Intelligence: New Myths, New Realities,”
in Intelligence and the National Security Strategist: Enduring Issues and
Fox, German General Erwin Rommel, with the assertion: “I read your
damn book!”
20
It is useful to note that, unlike U.S. intelligence, British intelligence—
particularly foreign intelligence—remains resistant to incorporating much, if
any, open source information in its multi-agency assessments.
21
Michael Warner, Comments re “What is Intelligence Theory?” in Toward a
Theory of Intelligence: Workshop Report (Conference Proceedings), Gregory F.
Treverton et al., eds. (Santa Monica, CA: The RAND Corporation, 2006),
pp. 2–3.
22
Ibid.
23
In January 2017 Japan launched the “twelfth member of the Information
Gathering Satellite (IGS) series of optical and radar observation platforms … ,”
“Japan pursues military satellite deployment,” available at http://www.
aircosmosinternational.com/japan-pursues-military-satellite-deployment-91901,
accessed 21 March 2017. Mainichi headlined: “Japan Successfully Launches
Intelligence-Gathering Satellite,” available at http://mainichi.jp/english/articles/
200170317/p2g/00m/0dm/069000c, accessed 17 March 2017.
24
For reasons quite unclear to me, Intelligence Community contract personnel
are not required to swear the oath to protect and defend the U.S. Constitution.
25
Author visit to Coca Cola Headquarters, Atlanta, March 1996.
26
“Two Ex-Coke Workers Sentenced in Pepsi Plot Deal,” CNN on-line, 23
May 2007.
27
“NSA Utah Data Center,” Facilities Magazine, 14 September 2011, available at
http://facilitiesmagazine.com/utah/buildings/nsa-utah-data-center, accessed 24
April 2013, and https://www.theblaze.com/stories/2013/07/01/seven-stats-to-
know-about-nsas-utah-data-center-as-it-nears-completion, accessed 4
October 2017.
28
Amanda Hess, “Open Secrets,” The New York Times Magazine, 14 May 2017,
pp. 11, 13.