Using OSINT to support law enforcement

Media Thumbnail
  • 0.5
  • 1
  • 1.25
  • 1.5
  • 1.75
  • 2
This is a podcast episode titled, Using OSINT to support law enforcement. The summary for this episode is: <p>Ritu Gill, Intelligence Analyst, joins Harry and Sean to discuss the practical use of OSINT to support law enforcement. Ritu discusses it’s use in supporting risk assessments and classified or closed sources of intelligence. She also discusses the tools used to make the most of the open-source intelligence available to analysts.</p>

Speaker 1: Welcome to the World of Intelligence, a podcast for you to discover the latest analysis of global military and security trends within the open source defense intelligence community. Now onto the episode with your host, Harry Kemsley.

Harry Kemsley: Hello and welcome to this episode of World of Intelligence by Janes. I'm Harry Kemsley, as usual as your host, and my co- host, Sean Corbett. Hello, Sean.

Sean Corbett: Hello, Harry.

Harry Kemsley: Sean, how long has it been that we've been talking about trying to get somebody to come and talk to us about open source intelligence in law enforcement?

Sean Corbett: Probably about two years.

Harry Kemsley: Yeah. Too long, too long. Well, I am absolutely delighted today that we've actually achieved two milestones, Sean. We have with us a guest that is not only a prior listener to our podcast and has reached out to us as I know some people like to do, she's also an OSINT practitioner with some experience in law enforcement, and I'm delighted therefore to introduce the listener to Ritu Gill. Hello, Ritu.

Ritu Gill: Hey there. Thanks Sean and Harry, I appreciate having me on the podcast and I'm excited to get into this conversation.

Harry Kemsley: Yeah, me too. It's very, very good of you to reach out to us, but also to join us, particularly once we got to know a bit more about you. Ritu Gill is an intelligence analyst with 17 years of experience working in open source intelligence. After a 12- year career with the Royal Canadian Mounted Police, Ritu set up a consulting business providing OSINT training and research to law enforcement and related entities across North America. In 2023, Ritu co- founded Forensic OSINT, a screen capture tool. She holds a bachelor's degree in criminology and is actively involved in the OSINT community. So Ritu, with a background like that, you'll not be surprised to learn I'm interested initially to find out what you consider to mean the words OSINT. When we say OSINT, what do we mean? We'll talk about that in just a second, but also how did you get into the world of open source intelligence? This is a interesting area, Sean and I believe, but not everybody thinks that. So first of all, what do you think open source intelligence is? How do you define it? And then secondly, how did you get into it?

Ritu Gill: A great start, a great question. Open source intelligence, what is it? It is when we use publicly available information to further investigations, that's kind of an example, I can put it in short words, depending on, again, who is using open source, but really it is using publicly available sources, so information that's available to everyone.

Harry Kemsley: Okay. So how did you first get into the world of open source intelligence and find it interesting enough to want to stay doing it? Because you've been doing it for a while now, as we said in your bio, but how did you get into it?

Ritu Gill: So I stumbled into the world of open source intelligence through a series of opportunities while working for the RCMP. So initially, some of those opportunities, they were little tasks and projects that I was assigned to, but it required me to look at open sources to gather some information. And so that was the starting point. But once I got into it, I got to dive into some tasking, some projects. I began to realize, I'm like, wow, there's a lot out here. There's a lot of potential here. And really that's when I started seeing the value in OSINT and how that could enhance investigations and support investigations in different ways.

Harry Kemsley: Well, I'm ready to dig a little bit further into that'cause as we said in my introduction, it's one of the areas that we've not really covered as much as we would like to in terms of how does the open source environment help the practitioner in the law enforcement environment. So we're definitely going to spend a bit of time talking about that in just a second. Sean, I know that my exposure to open source intelligence started well before technology made it useful. In other words, I knew that there was things out there in the open source world that I wish I could understand or even reach and collect, but I just didn't really have the means of doing so. And then technology started to break open that opportunity. What about yourself, Sean? When did you first become aware that open source was a potentially valuable resource?

Sean Corbett: I think I've mentioned a few times actually. Some of the early applications that we had to develop very, very quickly in terms of, the first one was the Ebola crisis, which was a challenge, a security challenge, which was at the unclassified level, but we had no information to support it, and then more latterly the Libyan challenge. But in those days, it was literally as simple as Googling, if you like, seeing what's out there. But it wasn't so long before we were able to start looking at things like open source imagery and trying to interpret those, things like the cap badges on people's shoulders and that sort of thing to give us that insight. But really it's only been the last probably five to 10 years that we've developed that to such a sophisticated level where we can use really some advanced techniques that were previously the purview of the intelligence community and the law enforcement community at some ways to scale it up and start using data in the way that we need to.

Harry Kemsley: So I think what I've heard there then is we've got, Ritu, you are starting to find things in the open source environment thinking, hey, this is really helpful to my investigative work in the Royal Canadian Mounted Police, and Sean, in your intelligence life, you're also starting to find things that you couldn't find from classified sources because there just wasn't anything in the classified environment about, I think the example you used was Ebola. So let me pivot it back then into the law enforcement arena, Ritu, with yourself. Can you give us some examples of where you started to develop your understanding of the utility of open sources, publicly available sources as you define them for your investigative work in the police?

Ritu Gill: Yeah, the first thing that I think of is I think of how can OSINT be used? So I think of risk assessments. There's certain situations that need that information from the internet. I mean, I can name certain events, but really when you're doing things like risk assessments and looking at open sources and whether that's social media or other places that open source will take you, it can allow investigators or law enforcement to make informed decision making or decisions in general. It can also provide a lot of information about people behind some of these events, about who they are, more information about their history, and maybe the potential of, is this a real threat? Is this something that's happened before? I think all those pieces of information can be really important to, again, provide those decision makers with accurate information.

Harry Kemsley: So Sean, that sounded like persons of interest. That sounded like you're looking at the risk assessments from the context available to us in the open source environment. Of course, alongside that open source context, from your background, Sean, in the military intelligence environment, you're also going to have classified. So it's bringing those two together, isn't it, that really starts to develop the utility of open sources?

Sean Corbett: Yeah, absolutely. And one thing open source intelligence can do, as Ritu just said, is provide that context, as you said as well, provide the context. But for me, certainly going back to the early days, it also found a starting point. So again, going back to Libya using commercial satellite imagery, and that's another aspect that's certainly developed is the technology's such that some of the classification stuff that was really classified is no longer the case. So that's available. But finding a starting point for which you can then have a look at the more exquisite or sensitive sources. And that does include on the people side of things, if you are able to monitor organized crime organizations or at least individuals from them, you can quite quickly actually develop a network analysis to say there's key nodes and key people here there that you clearly need to focus on. And then you can use the warranted stuff if you like, the classified stuff to then actually go after these particular networks or individuals. So it is very much a tipping and cueing and then to a certain extent, TRIOS.

Harry Kemsley: Is that your experience, Ritu, that you get these sort of indicators and warnings almost out of the social media, the other publicly available information, and then from that you're going to drive some warranted, some very explicitly authorized activity to focus in on it? Is that your experience that you would actually see something in the social media or rather publicly available and then you would focus the other means available to you into them?

Ritu Gill: It can be, yes. So I can see it from that point of view. I also just see it as generally open source being used to support those traditional methods of investigative techniques, because I always tell people that there's a number of different traditional investigative techniques that officers use. OSINT is on that list as well. And of course when we're looking at something like somebody's social media, we will make decisions on what we see. We will do a background or a lifestyle on what we see there, and we can take that information and whether we apply it in, say you're interviewing somebody from the law enforcement side of it, now you have additional information perhaps about that person, some insight into who they are, what they post about, and other indicators that might show up as you're scrolling and looking through some of their posts.

Harry Kemsley: Right. As a matter of interest, Ritu, if you had to put a percentage on the information used in your investigative experience that was closed source, and open source, when you're investigating an event or a potential event or an individual, in your routine work, how much do you think you use open versus closed sources as a percentage? Just give me a guess about how much you are using open source.

Ritu Gill: I would say open source is quite high. I'm just going to say 80%, just throwing out a number. But at the same time, when you ask that question, as someone who does have access to closed sources, we often use them together. So some people might actually answer that and be like, oh, it's 50 and 50 because you want to make full use of both, especially when you have access to that, some kind of information, that can be helpful. For sure, I would say I do spend a lot of time on open sources. That's kind of my expertise as well. So I do focus on that as much. But at the same time, I always say to people that, hey, if you do have access to closed sources, we want to use them to the best of what they can give us. It might give you a pivot point, it might give you more information that you can use when you're conducting your open source research.

Harry Kemsley: Yeah, for sure. And Ritu, I want to come back to you in a second. I'll let Sean take his view of that question Because it's fascinating you said 80% because Sean's going to talk about the 80/20, 20/ 80, I'm sure, but before I let Sean loose on that, I'll come back to you in just a secondary, Ritu, about the culture, the culture of the investigative environment, the individuals doing in the investigations, their view of open source versus closed source. I'll come back to you in terms of that cultural aspect in just a second, Sean. So the 80/20, 20/ 80, go.

Sean Corbett: Yeah, that was the whole interesting piece. I'll probably end up diverging there somewhat, but we have a saying really at the moment that probably 80% of what in the military intelligence world we have is probably classified and 20% is unclassified. I'm definitely seeing a cultural shift that is enabled by technology, but also an understanding of the value and how much is out there and the technological revolution that really we're looking to shift that the other way. In fact, I actually had quite a preeminent person say to me the other day, actually, you're probably near a 10%, 90% is where we need to get to and heading that way. And of course it depends on where you are, which is why I'm fascinated by the law enforcement piece. So on the military perspective, if you don't have the assets because you're not prioritized, then you're going to use open source a lot more. But what I was going to, and I'm not the inquisitor here, but what's interesting is that blurring I think between what is sensitive but unclassified and what is classified, particularly in your world where you'll be used to getting information at the individual level, which sometimes will be volunteered, sometimes won't be, and I guess that understanding the sensitivity and therefore the source of what you've been told will dictate therefore when you can and how you use that information to get more sources and more information. So it kind of as a virtuous circle, but that must be quite challenging.

Harry Kemsley: Yeah, I imagine to that point, Ritu, as you unlock one door and you walk into the investigative space you've created for yourself, you doubtless found additional doors you need to go through, metaphorically speaking, and I'm sure that must as you're going along, collect people, persons of interest, all the time around you and therefore spread ever further your network, right?

Ritu Gill: Yeah, it can look like that in some situations. Again, depending on where you're starting from, sometimes the objective is to keep it really focused and keep it focused on that one person. But at the same time, there are taskings or things out there when an investigator needs to see what the network is and actually needs to pick out like, hey, these are the five different individuals linked to this one person. So yeah, it does depend.

Harry Kemsley: Just before we go back to that culture question, I'll talk about a gentleman that I saw recently who's a very senior commander of a combatant commander in the United States military. He said, " that he felt that on an average day when he's working with intelligence colleagues, about 90 to 95% of what they're bringing to him by way of assessment and forecast is coming from open source. And that only when he's got to the place where he has seen what he thinks is a matter of great interest or threat or whatever it might be, does he then roll in the exquisite capabilities that are at his disposal." So I think what's in my experience, the culture of the intelligence community that I've only really ever been a recipient of rather than deeply involved indirectly, is that previously if I'd said that 90% of an assessment was coming from open sources and that 10% would come from a classified or closed source, they would've not believed me. They probably were scoffed and called me an idiot. But interestingly, this very, very senior general that I spoke to earlier last week was very, very clear, adamant in fact, that now 90% of what he is seeing by the way of assessment is coming from open sources first and tipping and cueing accordingly. So I'm therefore swinging the question back to you, Ritu, you've been in a world where as you described, open source has become a revelation to you in its utility and is very regularly used alongside your closed sources. What's the culture? What's the view of open sources in your law enforcement environment?

Ritu Gill: I find it does depend on who's looking at it and what law enforcement agency, because some people are at different levels. If you could explain the importance of open source by actually giving live example, real examples, that's when I feel people that do make decisions that see the value in it when they see those actual examples, that's when they'll see like, oh wow, open source provides a lot of Intel. We can gather a lot of Intel, and you can apply it to certain situations. You could say, " Hey, this is how I use some closed sources maybe. I use majority open source, and this was the outcome." So if you can lay out that starting point and then the end point I find that's when you can win people over, I like to say. When you connect the dots for people, that's really helpful for them to see the value in OSINT.

Harry Kemsley: Yeah, demonstrating the value, Sean, that's got to be one of those things we've talked about several times in one way or the other over the last couple of years we've been doing this. The ability to see the value, see it, smell it, taste it, that's really key, isn't it? Getting the decision maker to trust the support being offered from an open source alongside closed source, that's the key, isn't it?

Sean Corbett: Absolutely, a hundred percent. And the trust word was about to come out of my mouth actually, as you expect, but that takes time as well. So they've got to see the value of it. And there's a little bit of sometimes leading the prosecution because you've got to be very careful that you are objective, but equally that you've considered all options. Now, I'm not saying that you do in the classified world at all, but because the likelihood is certainly in some cases anyway, there will be an understanding because people read a lot, and particularly decision- makers and conceptually have an understanding that you have to make sure that you have considered all the sources on which open source in this case will be a really important one. And it doesn't undermine the credibility because instantly people think, oh, it's classified, therefore it must be good stuff. And my views on that, that does not mean that at all in all cases. So as long as you're applying similar tradecraft, the similar checks and balances, then quite often it's like, oh, I can get all this without going behind what I euphemistically call the green bay's door and have to have lots of clearances, et cetera, and that suddenly becomes more accessible.

Harry Kemsley: So let me push the conversation on there, Ritu, to the tools of the trade. I work in an organization that's all about data. We have our own tools, but we don't sell tools. We're not in the business of software even as a service. And yet when I'm amongst our customers globally, one of the things that I detect is an enormous amount of effort going into tool sets, trying to find the perfect tool, the tool that's going to make open source or indeed closed sources highly, highly effective. So in your experience in law enforcement, what are the kind of lessons you've learned from the use of open sources about the tool sets that you've used and where does that take you in terms of the tool that you need?

Ritu Gill: I think there are tools for everything in open source and often multiple tools out there. I'm really big on documentation because often we say what we see online at one point might be gone when you go visit it the next day, and this is why capturing what you see at the time when you see it is so important. Something that I was involved in late last year, I co- founded a tool called Forensic OSINT, so it's an OSINT documentation tool and really the thought process behind that was we created a tool to fill a gap, something that was missing that isn't available currently from my experience at least. And really just supporting myself and my investigations and research and being able to do things that I see a gap and I'm like, " Hey, how can we fix this?" This is where Forensic OSINT comes in.

Harry Kemsley: What kind of tools have you used in your experience across open source? You talk about the tool that you've created, which captures the documentation you were saying, but what other kind of tools have you used in the open source environment? I mean, are you a fan of the freeware, the shareware that's out there, or do you think really those are mostly just opportunities for malware to be pumped into our systems? I'm being obviously a little bit flippant, but there is enormous amount of tool sets out there. What's your experience of the tool sets that are out there and which ones have you generally gravitated to? The freeware, the shareware or something slightly more commercial?

Ritu Gill: Yeah, I honestly am huge on free tools because I know people have limited budgets and OSINT people love free stuff. So it is awesome to be able to, whether you're looking for a username enumeration tool or an email address search engine, there's a tool for each one of those things and many, many more. So for me, really, I always tell people, do your research, find out who's behind a tool because you don't want to be entering all your target information into something that's owned by somebody who's a little shady. So for me, first thing is do your research, find out who's behind it. Find out what's collected. Every time you put in a search, is it added to their database? So these things are really important when it comes to OpSec, operational security, and that's kind of what I always say. But that said, majority of the tools I use to are free. Of course, there are some paid ones that I would stand by and say they're great and they're more commercial, but typically people are looking for those free tools and I'm always open to discuss more of that.

Harry Kemsley: Yeah, I guess some people would say, Sean, that open source intelligence is free intelligence because publicly available. How hard can it be? And I'll come back to you in just a second, Ritu, again about the tools side of things in terms of the kind of tools that you've used behind the firewall or the green bay door as Sean like to call it, and those that you've used on the open side. But Sean, is there something to be learned here from our open source analyst friends who like the free stuff to try and get some of this closer to where the agencies that you know, is there something to be learned there in terms of that compendium of tools that are available?

Sean Corbett: No question. And without going down the particular rabbit hole of defense procurement, I mean there is a staggering array of pretty good high quality tools out there. And of course they're developing all the time. So just the competitive nature of it tends to make sure that the good ones stick around and the other ones, but I think that the general population would be staggered at some of the tools that you can do things like network analysis on. So if somebody's using a phone, you put the phone number in and they'll tell you exactly how many people or how many times they're phoning different numbers and you build up a network... And that is all legally available, which will come as a shock to a lot of people. But I think back to your question, I think there's a reticence or has been a reticence in the defense world because there's this sort of gray area, are we legally allowed to do that? Is it ethical? Because of course, particularly the military wraps itself round quite rightly actually about the legal issues and the ethical issues as well. So there's a risk aversion there. And then when you do start getting into the law enforcement thing, okay, what can use as evidence and what can use as intelligence? And that's a debate we might get into in a moment. But what that also brings us to discuss is the difference between commercially available intelligence and publicly available intelligence, which I would argue that OSINT is both, but to what extent, for example, would Ritu use commercially available? I was at an academic event just a couple of weeks ago actually at Exeter University, and we had law enforcement officials there in the more interesting world, and I think it was fair to say they were pretty surprised that the quality and the granularity they go to with commercially available stuff, but then the next sentence was, but it's so expensive, we couldn't afford it anyway. So there is definitely some balance between there because it's easy for the commercial sector to price itself out the market with organizations that are resource strapped anyway.

Harry Kemsley: I won't name the person nor the agency, nor indeed the country they work in, but I do know on reasonably good authority that a colleague, an acquaintance of mine, is known to step outside the green bay's door to pick up their mobile device in order that they can use a tool that they simply cannot get access to inside the green bay's door to find a piece of information that they need that they then store in their minds and walk back in. And lo and behold, the information is transferred. Not recommended, by the way, just quoting a war story. Ritu, if I were a person interested in getting more savvy, more educated about what could be done in the open source environment for my own interest or for intelligence purposes, where would you start? What would be the step you would take in the open source environment to get you started?

Ritu Gill: To get started, and I get this question a lot, I always say to people, if you're starting fresh, starting new, you need to go do some reading. You need to get into some of the blogs out there. There's some really detailed blogs, there's some summarized blogs out there just about how to get into OSINT, even" Googling" how to get into OSINT, it will point you in the right direction of some of those blogs. There's other ones, I mean really there's so many different people talking about OSINT. You'll have so much information to kind of go through, but that will be the starting point to wrap your head around what OSIN is, how it's used, who uses it, just give you some of that basic, some of the foundations so you can go continue on that journey. I always say people do learn in different ways, so some people need to read, which I recommend, but some people need to actually do. And sometimes there are places you can go to participate in some OSINT, some challenges out there that you can participate in and exercises that you can join. And that will help, whether it's even things like geolocation, there's lots of geolocation challenges out there, and it really does help you, and it wraps someone's mind around those little breadcrumbs that we see. You are looking at a photo, but you might look at that photo differently after reading some of the things you do out there and you're like, " Oh, I never thought of that." Whether it's the language on a stop sign or on some kind of street sign and you're like, oh, okay, this might indicate what location it is or something else in the background that wouldn't stick out to you right away.

Harry Kemsley: Yeah, Sean, I'm immediately reminded of that story you told of a person looking at some video of, I think there were Russian armored vehicles allegedly heading home, heading east, and then somebody pointed out, well, at that time of the day, the sun must be at the wrong side of the world'cause the shadows are the wrong side of the lamppost for them to be going east, they're heading west. And I, as a layman would look at that image and say, there's tanks. And then this caption says they're heading east. And I say, okay, they're heading east. And then to Ritu's point, the analyst is saying, " Well, look at this shadow, Harry, that's clearly not heading east." But I'm curious to just take that one step further though, this idea that we've got, you said you've been asked many times, Ritu, by people who've tried to get into it, that tells you that there's a burgeoning market out there, people who want to get into open source. And Sean, I'm going to let loose the tradecraft word for you on today's podcast. How do people begin to build tradecraft, the combination of judgment, basic processes, access to good data? How do they build that? How do they get started, Sean, in your experience. I recognize you're coming from a military background, but how do people get involved in understanding tradecraft? And then I'll come back to you, Ritu, in terms of building up that tradecraft from an open source perspective. Sean?

Sean Corbett: Well, so I mean, the short answer in terms of within the military is you get taught and you get taught in a very rigid manner.

Harry Kemsley: You get taught and you get taught.

Sean Corbett: Exactly that. " No, do it this way. Do it that way." And I was going to come on that it might be stealing some of your thunder here, Ritu, but analysts are by nature inquisitive beasts. And so if you give them a start, they will just head on. And particularly in the open source world, I mean a lot of them are introverted, I do know'cause I am one, but it kind of gets itself feeds and then you start going off piece, again, that phrase and sort of like, "Well, what about this? And then what about that?" And as long as you're doing it a lot, it's quite addictive as well, is that you can take yourself all over the place and do some things that people go, how on earth did you do that? But it becomes second nature by then. The art is to, particularly the military, is to give people boundaries and frameworks in which to work, but then not constrain them. And that's really difficult within the military. And I must admit, I haven't spoken to a military open source intelligence analyst for a little while, but I'll be really interested to see how much they are allowed to, certainly in the UK anyway, that how much they're allowed to be imaginative. Not very much I don't think.

Harry Kemsley: Yeah, I am reminded Sean that in the military, of course, everything is captured eventually in doctrine, the book of best practice, and we are force- fed a diet of doctrine when we start out in any new part of the military, whether it's logistics or intelligence or operations. And I have to tell you, in my experience, doctrine is a good place to start because it gives you the handrail through a darkened room. You get a sense of what you need to do next. But is there such a thing, Ritu, in your experience in the open source world for the person sat in their own room driving a conversation for themselves on open source channels, is there a manual that you can pick up? You mentioned that there were various blogs you can go to, but where do I go and start to find the blogs? How do I get in? Where do I find the tradecraft?

Ritu Gill: Yeah, there are places you could go to find this information. There's different groups creating different content. There is an analyst network out there, different analyst network out there where even if you want to go read about some of the analytical techniques that are used, you can go learn that. Of course by nature, similar to what Sean's saying is analysts have that critical mindset, but I can also add that they are very tenacious when it comes to doing some of their research and analysis. I always recommend there's organizations out there that will provide some of the courses that will help you along the way. So there's two different sides to it'cause I feel like there's being an analyst and how to be an analyst, there's courses that help you with critical thinking or it will test some of those skills and then talk about some of those specific techniques that are used. And then there's also the open source side. So how to be a good researcher? How do you dig into some of those resources? That might be a different group of people doing that. I just call them the OSINTers out there, whether you see them on LinkedIn or on Twitter or other places, lots of different platforms where there's groups within and they're talking about this and they're talking about like, " Hey, have you heard about this? Have you used this new technique?" So when you can get both and you can figure out how to be a good researcher by reading, doing, and then also taking some of those analytical courses, I think those two together help you build up a strong foundation.

Harry Kemsley: So Ritu, I'm going to come back to you in just a second, and probably the last question for this podcast, as time now starts to get short about the ethics around the open source environment. As a person who's been involved in law enforcement, I'm sure you've encountered a matter of ethical debate about what we can and can't, should and shouldn't do. But before I come back to you on that point of ethics, both in terms of the open source and the law enforcement area, Sean, you and I have talked about ethics and indeed empathy amongst other things around the open source environment. What's your recollection of that question about ethics though? How do we govern ourselves in terms of the ethical considerations around intelligence generally and then specifically the open source environment?

Sean Corbett: And as we have done, that's a podcast all in itself, but an ethics is to an extent subjective. It is, do the ends justify the means in terms of it can be legal, but is it the right thing to do? And there's several elements of that. The first is that are we collecting the data in an ethical way where we're not trapping people and using their personal data in ways which they wouldn't wish us to use? That said, everybody clicks on, " I'm okay with terms and conditions" whenever they click on anything. So is that fair game? Sometimes it may be, sometimes it may not be. And then really what you do with that information afterwards, the intelligence. So obviously in our world through open sources, we can find anything up to even stuff that could target individuals or at least give a competitive advantage to an adversary we wouldn't want to do so. Now, of course we wouldn't do that, but there has to be some boundaries with which analysts, certainly within the commercial sector work. And that's my concern, the wild west of open source intelligences and Ritu will know more than I do, but there's a lot of them out there that are good and using tools. How can we know whether they're using them in an ethical way or they're feeding what you and I would know as the bad guys and using those in an inappropriate way? And then of course, there's the other side of the ethics in terms of protecting the analyst as well. So if you produce stuff that's hypersensitive, A, putting yourself potentially in harm's way, but also if you are accessing data that is, I mean, there's some really unsavory data out there, but if you end up in the dark web and all the rest of it, that is going to potentially affect mental health. So again, how would you protect against that? Again, particularly in the commercial sector, I mean, you might say that an individual doing it out of just interest, it is their lookout, therefore they need to protect themselves. But I mean, that is one element of ethics that we do need to think about.

Harry Kemsley: Yeah, for sure. So Ritu, turning back in to the law enforcement, I'm sure like in the military environment for intelligence, law enforcement has to consider the ethics of what they're doing. How is that governed in your experience? How do we think about ethics in the law enforcement world, whether that's open source or not, but how do you deal with the ethics issues?

Ritu Gill: Yeah, the way I look at ethics is it is really important when it comes to OSINT because the question I ask sometimes is, yes, there's a lot we can do, but should we do it? There's a lot we can do, but should we be doing all that? That includes things such as there's some controversial topics such as, or techniques like the use of breach data because it is stolen information. Sometimes we have to stop and say, especially, and I'm speaking from the law enforcement perspective, should we be using that information in our investigations as research tools? So those are the things that come up when it comes to ethics from the law enforcement side, because again, there's a lot we can do, but we don't want to be using everything out there that's just out there without asking the right questions.

Harry Kemsley: Is that something that's governed or is that something that's left to the analyst in your experience to make that judgment?

Ritu Gill: I would say it's left to the analyst, so it is more subjective, as Sean mentioned, I believe as well, because again, depending on what organization or agency somebody works for and it might look a little different, sometimes there are those dos and don'ts. But I would say for some of the places that I've been involved with, it's not always written, but it's more of a, " Hey, this is how you've been trained and this is what you should and shouldn't do."

Harry Kemsley: Right, right. Okay. Well, look, as ever time evaporates before we want it to. So I'm going to ask you in just a second, Ritu, to give the listener one thing to take away, one thing you'd like to remember from this podcast that they can think about as they go forward in their own journey with open source. And the same for you, Sean. But to get things started mine for this conversation is the power of open source that's now available in open source tools. You've alluded to a couple of times in this conversation, Ritu, that there's almost nothing I couldn't find a tool for. And if that's true and I can build a compendium of tools that can do almost anything I want it to in the open source, that's really powerful because tools are very much the key that unlocks the door to the potential that's waiting on the other side. And I think that if what you've alluded to is even half true, then there's probably millions of tools out there. If I knew how to find them and use them, I could become a very, very powerful analyst. That's my takeaway from today. Tools are everywhere. Use them wisely. Ritu, what about you? What's your one takeaway for the listener?

Ritu Gill: I would say stay curious. Keep an open mind with what's out there with OSINT and take it one step at a time and learn what you can as you go through your journey, because each step, use it as a stepping stone to build on what's out there.

Harry Kemsley: I Love that, curiosity. Sean.

Sean Corbett: Mine is, I'm going to reverse type now and say it's got to be all about the tradecraft because in the wild west that we've just described about the richness of data, but also the tools, I mean, they are astonishingly good, that can be used by and accessed by anybody. It means it makes anybody an OSINTer. Therefore, when stuff is being done for disinformation and misinformation, well, predominantly disinformation, you have to be able to take an objective view and come up with assured intelligence and be able to backbrief it because we've all seen stuff out there and go, " Oh, this looks really interesting." And you've had somebody who is, for the right reasons even sometimes, just got completely the wrong end of the stick, whether they've done a really bad imagery analysis, which I've seen lots of, or whether they've made two and two equals seven. And so there's got to be a mechanism. It's called tradecraft in terms of making sure that what you are saying is assured, but being cognizant that not everybody's going to follow that tradecraft and it is somewhat the wild west.

Harry Kemsley: Yeah. Very good. Well, Ritu, thank you for joining us today, not least because you've engaged with the podcast and you've come on as a guest, but also because you've shed some light for us on a topic we've been waiting to cover for some time, law enforcement. I think if the listener were to take anything away from this podcast, the three things we just left, I think curiosity should be the one. I think that should be the one that everybody should hold because by the way, curiosity is the source of many things, innovation, finding out information that we want to find and so on. So Ritu, thank you very much indeed on all counts. It's very, very good of you to join us today.

Ritu Gill: Thank you so much for having me on today.

Harry Kemsley: Thank you. Sean, as ever, good to see you. And thanks to the listener for taking the time. If any other listeners would like to engage with us or indeed join us on the podcast, do let us know. Thanks again. Bye- bye.

Speaker 1: Thanks for joining us this week on the World of Intelligence. Make sure to visit our website, janes. com/ podcast, or you can subscribe to the show on Apple Podcasts, Spotify or Google Podcasts so you'll never miss an episode.


Ritu Gill, Intelligence Analyst, joins Harry and Sean to discuss the practical use of OSINT to support law enforcement. Ritu discusses it’s use in supporting risk assessments and classified or closed sources of intelligence. She also discusses the tools used to make the most of the open-source intelligence available to analysts.

Today's Host

Guest Thumbnail

Harry Kemsley

|President of Government & National Security, Janes

Today's Guests

Guest Thumbnail

Sean Corbett

|AVM (ret’d) Sean Corbett CB MBE MA, RAF
Guest Thumbnail

Ritu Gill

|Intelligence Analyst