Open Source Intelligence: a Strategic Enabler of National Security the Importance of Open Source Intelligence (OSINT) Has Grown in Recent Years

CSS Analyses in Security Policy CSS ETH Zurich Vol. 3 • No. 32 • April 2008

Open Source Intelligence: A Strategic Enabler of National Security The importance of Open Source Intelligence (OSINT) has grown in recent years. For the traditional intelligence community, OSINT is likely to remain one component of an all-source intelligence capacity that includes classified sources. For most government agencies, however, OSINT is the only intelligence they have access to, which renders it a strategic enabler of decision- and policy-making. Governments should consider formulating a national OSINT strategy and establishing an OSINT center to allow for the effective exploitation of open source information. is to be found. The media, public agencies, think-tanks, universities, NGOs, and the private sector all constitute open sources of information.

The evolution of the OSINT debate can be attributed to three main factors. The first is the broadening of the security agenda over the past two decades. During the Cold War, intelligence services were pre- occupied with a limited number of largely state-centric challenges. Discovering the intentions and capabilities of the Soviet Union was the primary task of the West- www.istockphoto.com ern intelligence community. Since the fall of the Berlin Wall, however, these threats Open Source Intelligence (OSINT) has information. However, the role and po- have multiplied and become more diverse gained considerable prominence in re- tential of OSINT remain a matter of some in terms of their agents and nature. cent years. Traditionally, intelligence has dispute. OSINT’s advocates believe it to be been the business of discovering secrets the answer to many of today’s intelligence Accordingly, the range of issues that intel- using a closed system of collection and challenges. They call for a new intelligence ligence agencies are required to deal with analysis. Key sources included human in- paradigm marked by a preponderance of has widened dramatically. Today, these intelligence (HUMINT), signals intelligence open source information and a trans-sector clude, inter alia, terrorism, the proliferation (SIGINT), and imagery intelligence (IMINT). intelligence collaboration that includes a of weapons of mass destruction, organized Although open sources were frequently broad network of public and private actors. crime, fragile states, intra-state conflict, il- used in the intelligence process, their value But there are others who warn against legal immigration, and energy security. was seen as secondary. Classified informa- treating OSINT as more than a component Since the attacks in the US on 11 Septem- tion was deemed more valuable and often of a continuing, all-source approach to ber 2001, many government agencies have more credible. The systematic acquisition intelligence-gathering and analysis. had to contend with the securitization of of non-classified information was rarely their core concerns, whether they be trans- seen as an intelligence priority. OSINT drivers port, food, water, or the environment. The In order to understand the OSINT debate, broadening of the security agenda has Today, OSINT’s importance is widely it is useful to first define the concept. raised the demand for more information, acknowledged. It is estimated that OSINT OSINT is information gathered from pub- which in turn has fostered a growing ap- provides between 80 and 95 per cent of licly available sources for the purpose of preciation of the value and utility of OSINT. the information used by the intelligence meeting specific intelligence requirements. community. There is a growing debate These sources can be free or subscription- A second driver is technology. The evolu- within and between the various branches based, on- or offline. OSINT is not limited tion of the internet and the emergence of of government and the national security to the internet, although it is here that an the collaborative web have alerted security apparatus on how best to use open source increasing volume of valuable information actors to the potential of new tools and

technologies for collecting, analyzing, and Open source information: Useful sites distributing knowledge on global affairs. The proliferation of websites, portals, wikis, The following websites provide a wealth of open source information for researchers and and blogs has opened a world of informa- analysts interested in global affairs: tion hitherto unavailable to most intelli- International Relations and Security Network ( www.isn.ethz.ch) gence professionals. Based at the Center for Security Studies at the Swiss Federal Institute of Technology (ETH Zurich), the ISN collects and manages resources from hundreds of different think-tanks, research institutes, international organizations, and government agencies in its digital library. Google Earth provides more geospatial It also publishes a daily news analysis service, Security Watch, and indexes the content of intelligence than was available to most thousands of IR- and security-relevant websites. governments less than a decade ago. Even Oxford Analytica ( www.oxan.com) services such as Wikipedia are increasingly A premium rate strategic analysis and consulting service drawing on a network of university cited as intelligence sources. There is also researchers and faculty members at Oxford and other major universities around the world. a growing market for commercial intelli- Newstin ( www.newstin.com) gence vendors offering products and serv- An innovative news aggregation service that pulls content from thousands of different ices previously restricted to the public sec- media sources from across the globe. Newstin’s language translation features also allow visitors to read information published by foreign news and information sources at the click tor. Thanks to the information revolution, of a button. the traditional intelligence community no longer has a monopoly on the skills or in- shareable. Information collected by one non-state actors are just as likely to use formation needed to understand, analyze, organization can be given to another at open sources of information to broadcast or address today’s security threats. little or no cost. Second, OSINT collected inaccurate or misleading information. On using ethical means can be used in legal occasion, OSINT needs to be verified against The intelligence failures surrounding 11 Sep- proceedings without risking the exposure information from classified sources. tember 2001 and the invasion of Iraq have of sensitive intelligence assets. Indeed, also driven this development. Particularly OSINT constitutes almost zero risk com- The usefulness of OSINT does not always in the US, these failures have prompted a pared to intelligence operations using extend to providing actionable intelligence thorough reassessment of the way in which spies and other clandestine assets. Third, on the tactical or operational level. While intelligence is used to shape the policy- OSINT can be accessed, exploited, and it may provide a rich source of informa- making process. After successive commis- shared around the clock. And fourth, intel- tion on the grievances and motivations of sions stressed a need for the intelligence ligence gathered from authoritative public al-Qaida, OSINT will not necessarily reveal community to make greater use of OSINT (if sources can be used to inform the public of the exact location of Osama bin Laden or only to verify the opinions and conclusions serious threats to national security. the tactical information needed to cap- of classified sources), an Open Source Cent- ture him. As militant groups and organized er was established by the US Director of Na- Finally, and perhaps most important of crime syndicates become aware of just tional Intelligence in November 2005. Since all, OSINT provides context and aware- how large their “digital footprint” really is, then, the number of OSINT positions in the ness that is critical to an understanding they are more likely to go offline and stay US intelligence community has grown. The of the global security agenda. The growing below the radar. Similarly, while OSINT has OSINT debate has also intensified in other complexity and interconnectedness of our been used to acquire intelligence on Iran’s countries, particularly in Europe. world, and the declining degree of certain- nuclear program, it cannot provide real- ty and predictability, have underlined the time insight into exchanges of information OSINT benefits importance of horizon scanning and long- between Iranian scientists. OSINT advocates are keen to highlight its term strategic intelligence assessments benefits. Perhaps the most immediate of that draw on the knowledge of multiple Tailoring OSINT to individual needs these is the issue of cost. OSINT is consid- sources and disciplines. Two conclusions can be drawn from the erably less expensive than collecting infor- above assessment. First, making strate- mation via classified means. Researchers Limitations and weaknesses gic use of OSINT is necessary, feasible, and and journalists working in the field, for OSINT is not without its limitations. For tra- promising. Second, OSINT will mean dif- example, are a valuable source of human ditional intelligence agencies, it is unlikely ferent things to different people. For the intelligence. Helpful communications in- to offer a 100 per cent solution to their in- traditional intelligence community, OSINT telligence can be found on the many blogs formation needs. Indeed, it is only likely to is likely to remain one component of an and forums dedicated to international compound the problems they already face, all-source information collection capacity affairs, as well as in the letters pages of the greatest of which is information over- that includes clandestine sources. Clearly, every quality newspaper. High-quality load. Filtering the “signals” from the “noise” traditional intelligence processes will need imagery intelligence is freely available is becoming increasingly difficult and time- to be further refined to make better use from Google Earth and similar services. The consuming. The promises made by techno- of OSINT. For most government agencies, fact that OSINT offers a potentially greater logy vendors, no matter how sincere, can- however, OSINT is the only “INT” they have return on investment than satellites and not replace the enormous analytical effort access to. It is the source of first and only other classified sources is particularly that the wealth of OSINT requires from hu- resort and a strategic enabler of policy- and relevant for countries operating on tight man beings. decision-making. intelligence budgets. Furthermore, the fact that multiple news Naturally, the challenge of promoting a Open source intelligence also has other agencies report an event may not make it more systematic use of OSINT will vary major advantages. To begin with, it is accurate or true per se. Governments and depending on the government agency

in question. Within the traditional intel- Institutionalizing OSINT: The US model ligence community, what is required most is a change of mindset. Many analysts, Assistant Deputy Director of National Intelligence for Open Source particularly those shaped by the Cold War, Establishes open source strategy, policy, and program guidance continue to be biased against OSINT and Makes sure that a single open source architecture is developed refuse to acknowledge its value. Indeed, Advises agencies and departments outside the National Intelligence Program regarding the information collected from open sources acquisition of OSINT. is routinely stamped “SECRET” and put un- National Open Source Committee der lock and key, thus limiting its utility. Re- Provides guidance to the national open source enterprise markably, a number of Western intelligence Members are senior executives from the Open Source Center, Office of the Under Secretary agencies continue to deny their staff access of Defense for Intelligence, Department of Homeland Security, CIA, National Security Agen- to the internet on the grounds of security. cy, National Geospatial-Intelligence Agency, Department of State’s Bureau of Intelligence and Research, Defense Intelligence Agency, Federal Bureau of Investigation, Office of the To be effective, the intelligence community intelligence community’s CIO will need to invest more in developing its Open Source Center OSINT capacities. A first step would be to Created in 2005 by the Director of National Intelligence, with the CIA as its executive agent improve the training given to researchers Several hundred full-time personnel and analysts tasked with finding and ex- Advances the intelligence community’s exploitation of open source material; helps to deve- ploiting open sources of information. Im- lop mini open source centers within the respective agencies proving language skills is also of vital im- Nurtures acquisition, procurement, analysis, dissemination, and sharing of open source portance. The most valuable intelligence information, products, and services throughout the government is often in a language other than the one Makes reports, translations, and analytical products available online in a secure website spoken at the office. Additional IT invest- available to government officials ( www.opensource.gov) ment is also necessary, even if it is unlikely Sources: Intelligence Community Directive No. 301; CRS Report for Congress, 5 December 2007. to provide a “silver bullet” to the challenge of information overload. A joint OSINT center could be tasked with group deals with OSINT at the Federal De- supporting the all-source capabilities of partment of Defense, Civil Protection, and Looking beyond the OSINT needs of the clandestine intelligence services; track Sports. The Strategic Intelligence Service intelligence community, the challenge is trends in IT and provide government agen- (SND) and the Military Intelligence Service greater still. Government players should cies with the tools and technologies they (MND) have institutionalized OSINT, as has avoid agency-specific solutions that lead need in order to acquire and exploit the the domestic intelligence service at the Fed- to a duplication of effort and an uncoor- information better; establish collaborative eral Police Department, where a small OSINT dinated system of outsourcing contracts partnerships with non-government actors; section was founded in 2001. Also, individual and partnership agreements. This requires communicate best practices in the collec- departments have bought their own infor- an all-government OSINT strategy that tion, management, analysis, and dissemi- mation gathering systems, some of which addresses some fundamental challenges: nation of information; provide training and have failed to meet expectations. How should one build an organization education to government researchers; and capable of exploiting the collective intel- conduct early-warning and long-term fore- Still lacking is the formulation of a nation- ligence of thousands of disparate sources? sight activities. al OSINT strategy that would coordinate How does one break down information OSINT activities at the political level, de- silos and encourage greater knowledge- An OSINT center should combine permanent fine roles and responsibilities and, if neces- sharing and collaboration? Where does one staff (information professionals, intelligence sary, create a centralized OSINT infrastruc- find staff capable of thinking and working analysts, IT experts, etc.) together with rotat- ture for all interested departments. The across disciplines? How does one manage ing staff from different government agen- current debate on a revision of the civilian the rapid evolution of technology? What cies. In order to keep personnel costs low, it intelligence agencies and the creation of policies and processes can be put in place should tap knowledge and expertise from a federal security department should be to boost operational effectiveness? None academia and the private sector as system- regarded as an opportunity to investigate of these questions are easy to answer. atically as possible. While establishing and and clarify the future role and institutional Governments will need to tailor their ap- maintaining such a center will require a siz- implementation of OSINT in Switzerland. proaches to meet the information needs able financial investment, it is bound to save of all their constituents. governments a considerable sum of money on an annual basis by consolidating access Author: The merits of an OSINT center to premium information services and coor- Chris Pallaris One way forward would be to establish a dinating IT investments. [email protected] national OSINT center that is mandated to responsible editor: provide OSINT to all branches of the gov- Switzerland and OSINT Daniel Möckli ernment. Such a center can be positioned A number of recent initiatives have illus- [email protected] within an existing national security frame- trated the growing importance of OSINT in work or stand alone as an autonomous en- Switzerland. An interdepartmental OSINT Other CSS Analyses / Mailinglist: tity. Either way, it should remain free from Working Group has been established to ex- www.isn.ethz.ch the influence of any one government de- plore possible synergies between various german and French versions: partment. government agencies. A second working www.ssn.ethz.ch