Google Maps Is a Better Spy Than James Bond
Open-source intelligence is a vital tool for governments—and for checking them.
Emily Thornberry, a member of the British Parliament, recently made a statement to the House of Commons that “relying on so-called open-source intelligence provided by proscribed terrorist groups is not an acceptable alternative” when it came to identifying the use of chemical weapons in Syria.
Thornberry’s words betray an alarming lack of knowledge not only about the situation in Syria but also about how open-source investigation has revolutionized nation-state and commercial intelligence, journalism, and conflict monitoring. This is particularly worrying because Thornberry is the shadow foreign secretary—the opposition member charged with monitoring foreign affairs and who’s most likely to take the same office if the Labour Party forms a government in the future.
Open-source intelligence, in its simplest form, refers to sources of data that are open; anyone can see and read them if they choose to. The internet, for example, is the greatest collection of open-source data that has ever existed. This vast repository is not only useful for intelligence agencies and private companies; it has also become a vital source for civil society groups to track conflict, fight corruption, and investigate crimes. Open-source intelligence is, in fact, potentially far more reliable and checkable by a democratic public than traditional closed sources.
Open-source intelligence is both well-established and used extensively by intelligence agencies and law enforcement. First adopted at scale during World War II and later used throughout the Cold War, open-source intelligence has provided vital context and sometimes key pieces of previously unknown information to decision-makers. In the words of William Donovan, the head of the U.S. Office of Strategic Services, which would later become the CIA: “Even a regimented press will again and again betray their nation’s interests to a painstaking observer.”
Since the advent of the internet, social media, and smartphones, open-source intelligence has undergone a revolution as people willingly and publicly post vast amounts of information about themselves online. Actors outside of the traditional intelligence community have begun to sit up and take notice. One study found that in 2014, about 80 percent of federal, state, and local law enforcement in the United States were using social media platforms as intelligence-gathering tools.
Commercial intelligence companies have started to crawl through the vast reservoirs of online data and turn them into threat intelligence for businesses. Civil society has also begun to embrace open-source investigation, using it to track the proliferation of nuclear and chemical weapons, to monitor conflict, and to inform investigative journalism.
One of the primary strengths of open-source investigation is that the sources and methodology are exactly that—open. Anyone with a computer and an internet connection can follow the reasoning of analysts, interrogate the same sources, and critique the techniques used. This does not prevent open-source analysts from carrying out the same rigorous analysis that would be expected of closed sources. However, it does mean that mistakes and errors in reasoning can be identified and called out with far more ease by others.
Some, such as Thornberry, may call into question the sources that are used: Surely they are unknown quantities and cannot be trusted? This is a valid question, and it is why open sources are analyzed and verified before they are included. Does a video show what it claims to show? Has it been taken at the claimed location? What time was it taken? Is old media being repurposed for a new event?
All of these questions, and others, can often be answered using techniques that have been developed by the open-source community. The process of geolocation has become central to this verification process: using details in images or videos to identify the precise location that events took place, sometimes with an accuracy of an inch or so. Once you know the location, you can use shadows to judge the time. Other details—such as historical weather data, daily satellite imagery, and the rate of building construction—can be consulted to test if a piece of media is consistent with what it claims to be. Even the sudden increase in posts on social media alone can be used to establish whether an event has occurred, resulting in an ad hoc reporting system that can be far faster than traditional methods.
These are just some of the techniques used by the open-source community, which constantly innovates to ensure it can verify data. The culmination of this kind of verification process can be seen in the investigation into a Libyan warlord named Werfalli by Bellingcat, an open-source investigation group of which I am a member. The video below (which contains graphic elements) details how it verified media of a mass execution, using satellite imagery, shadows, and geolocation.
Simply identifying exactly where an event took place can lead to significant discoveries. Geolocation of videos depicting strikes in Syria released by the Russian Defense Ministry identified that, despite claiming to be targeting the Islamic State, it was actually bombing civilian infrastructure in rebel-held areas. The total number of verifiable Russian airstrikes that hit Islamic State targets in the first 25 days of the country’s air campaign? One.
This ability to publicly verify sources stands in stark contrast to the secretive nature of most other kinds of intelligence, which protect their sources and methods with a veil of secrecy lest they be compromised. Though essential to covert intelligence operations, this secrecy has sometimes been used to hide mistakes and poor judgment. The “dodgy dossier” that helped justify the second Gulf War is an obvious example. The open nature of these kinds of investigations, and the rigorous verification process that open-source analysts use, in fact makes them more reliable than investigations using many other techniques.
Thornberry’s remarks not only showed a remarkable lack of knowledge about the power and respectability of open-source investigation, but they also displayed a worrying misunderstanding about information emerging from Syria. Although not a rich country, Syria has workable internet infrastructure, and the percentage of its citizens using the internet has actually increased during the conflict, from 21 percent in 2010 to nearly 30 percent in 2016. During the conflict, this infrastructure has been complimented by enterprising groups and citizens, who have realized that an internet connection is one of the most important tools a citizen could have. By taking videos and images of air raids and artillery bombardments, they could refute the smears of a regime that painted entire populations as terrorists, the same slanders that Thornberry repeated in Parliament two weeks ago.
The reality is that the vast majority of open-source information emerging from Syria comes from normal citizens and local civil society. The traumatic videos from Khan Sheikhoun showing children choking to death after a sarin gas attack by the Syrian regime were taken by first responders, doctors, local journalists, and activists. A multitude of civil society actors across rebel-held areas has documented war crimes perpetrated by the regime, including chemical and incendiary attacks and cluster bombings, in incredible detail. The Syria Civil Defence, colloquially known as the White Helmets, has been so effective at providing consistent and verifiable media of this kind that it has become the bête noire of Russia and the regime, subjected to a huge smear campaign and actively targeted by airstrikes.
A proportion of open-source information does, of course, come from the rebels, as indeed a proportion comes from the regime and its allies. This is why the process of verification that groups such as Bellingcat has pioneered is so important. As well as accidentally giving away vital details that can directly uncover operations or secrets, these partisan sources have been used to track casualties from the obituaries of dead fighters, understand the development of car bombs, and uncover the extent of the Islamic State’s drone program. All these investigations were done mostly using partisan sources, but the information was verified and treated in such a way that it still produced a useful product.
That these partisan sources still contain useful information has been recognized by international and respected bodies, such as the International Criminal Court (ICC) and the Organisation for the Prohibition of Chemical Weapons (OPCW). Last year, the ICC released its first arrest warrant based primarily on videos of mass executions posted on social media. The OPCW, while investigating chemical attacks in Syria, used open-source videos and images from the incidents, which it verified and used to fact-check the testimony of witnesses. The joint investigation team examining the downing of Malaysia Airlines Flight 17, in which 298 people were killed, has used video and images to track the Buk missile system that fired the weapon traveling from Russia into Ukraine. Although, as with all investigatory techniques, it is not perfect, open-source investigation is not a wishy-washy so-called technique: It is a potent, accepted, and verifiable tool to hold power to account.
That Thornberry chooses to label civil society actors as “terrorists” and discount their testimony and verifiable evidence is not only lamentable; it is also inhumane and wrong. “So-called open-source intelligence” has developed into a powerful and respected tool, capable of uncovering secrets hidden in plain view. In the case of Syria, the vast majority of this information comes from civil society and regular citizens. They are simply ordinary people who are recording the industrial-scale slaughter around them in the hope that somewhere, someone is watching.