Using Covert Research Accounts in OSINT Investigations

Raymond James Todd's article discusses the use of covert research accounts in OSINT, emphasising their value in intelligence gathering while underscoring the ethical and legal challenges they present.

Terminology Considerations

Firstly, it is important to note that covert research accounts are commonly referred to as "sock puppets" in informal contexts. However, this term is not professionally appropriate and may introduce bias, particularly in legal settings. The term "sock puppet" carries connotations of deception and manipulation that could negatively influence perceptions of the investigative process. For the purposes of professional discourse and legal proceedings, it is recommended to use the term "covert research accounts" instead. This terminology more accurately reflects the purpose and nature of these investigative tools without introducing potential bias that might negatively influence a judge or jury.

Creation and Management of Covert Research Accounts

Creating a credible covert research account demands careful attention to detail. A successful account must have a plausible backstory, a well-crafted digital footprint, and consistent behavioural traits across multiple platforms (Maltego, 2022). For instance, a covert research account designed to penetrate a tech community would need to follow relevant blogs, comment on posts, and engage in discussions that match its assumed identity (Ozturk, 2021). This level of detail is crucial not only for avoiding detection but also for gaining the trust of the target group.

Technical safeguards are essential in managing covert research accounts. Investigators typically use separate investigative devices, virtual machines, and VPNs to ensure that their real identity cannot be connected to the covert account (SANS Institute, 2013). These techniques must be employed with caution, as social media platforms are becoming increasingly sophisticated in detecting and removing fake accounts, flagging activity like using VPNs. Consistency in behaviour across all interactions is paramount; any inconsistency can lead to exposure (Maltego, 2022).

Strategic Considerations

The strategic deployment of covert research accounts is as important as their creation. Each social media platform has its own norms and detection algorithms, requiring investigators to tailor their accounts accordingly. LinkedIn, for instance, demands a more professional profile, whereas Twitter allows for a more casual and less detailed persona (Maltego, 2022). Understanding these platform-specific nuances is critical for maintaining the effectiveness of covert research accounts.

Long-term success with covert research accounts requires them to evolve. For investigations involving prolonged monitoring, these accounts must be made to look legitimate by regularly updating their profiles, engaging in activities, and adapting posted opinions to reflect current trends (Ozturk, 2021). This adaptability not only enhances the credibility of the covert research account but also increases its ability to collect valuable intelligence over time.

Types of Covert Research Accounts

It is crucial to distinguish between two core types of covert research accounts for OSINT research, those for passive collection and those for active undercover, as this distinction has significant implications for both strategy and ethics. Passive collection accounts are primarily observational, collecting information from public profiles and reviewing open discussions without direct interaction. Active undercover accounts, conversely, involve direct engagement with subjects, joining closed groups and participating in community activities. While potentially yielding more in-depth intelligence, active undercover accounts raise more significant ethical and legal challenges, including issues of consent and potential manipulation.

The choice between passive and active approaches should be guided by the investigation's specific objectives, required level of access, potential risks, and legal and ethical constraints. Investigators should always opt for the least intrusive method that can effectively achieve their goals, often starting with passive accounts and only escalating to active ones when absolutely necessary. This balanced approach helps reconcile the need for thorough intelligence gathering with ethical considerations and legal compliance.

Ethical and Legal Implications

While the strategic benefits of covert research accounts in OSINT are clear, their use raises significant ethical and legal concerns. One primary ethical issue is deception. By their nature, covert research accounts are based on false identities, which can lead to breaches of trust and manipulation of individuals or groups. This becomes particularly problematic when these accounts are used to interact with vulnerable populations, where the potential for harm is substantial (SANS Institute, 2013).

The Japan Principles, endorsed by Kent Police, provide ethical guidelines emphasising transparency, accountability, and respect for human rights in policing practices. Applying these principles to the use of covert research accounts necessitates critical evaluation of the ethical boundaries of deception in investigations. The principles emphasise minimising harm and ensuring that all investigative actions are justifiable and proportionate. This could involve reassessing the use of covert research accounts in scenarios where deception may cause significant harm or violate the trust of innocent individuals. Additionally, investigators must ensure their actions comply with legal boundaries, particularly regarding privacy laws and digital surveillance regulations (Wells & Gibson, 2017).

Legally, the creation and use of covert research accounts occupy a grey area. While creating a fictitious online identity is not inherently illegal, using that identity to engage in unlawful activities, even for investigative purposes, can have severe legal consequences (OS2INT, n.d.). Investigators must navigate these legal complexities carefully, ensuring that their actions do not violate privacy laws, lead to entrapment, or involve unauthorised access to information. The Royal United Services Institute (RUSI) highlights the evolving legal landscape around OSINT and the need for clear regulatory frameworks to address these grey areas, particularly concerning privacy and ethical digital identity use (RUSI, 2021). Proelium Law (2021) further underscores the importance of balancing effective intelligence gathering with respect for individual privacy rights, which are increasingly emphasised in global legal and regulatory frameworks.

OSINT, Article 8, and Privacy Concerns

Article 8 of the European Convention on Human Rights (ECHR) guarantees the right to respect for private and family life, home, and correspondence. This provision significantly impacts the use of OSINT and covert research accounts, especially within Europe, where privacy protections are stringent (Chinese Journal of International Law, 2023). The deployment of covert research accounts must be carefully evaluated against Article 8, ensuring that any intrusion into an individual's private life is lawful, necessary, and proportionate. Zwanenburg discusses in the Chinese Journal of International Law (2024) how the evolving digital landscape challenges traditional privacy notions, requiring a nuanced approach to balancing state security interests with individual rights.

The Role of Human Intelligence (HUMINT) and Technological Advancements

Integrating covert research accounts with Human Intelligence (HUMINT) operations can significantly enhance the depth and accuracy of the intelligence gathered. Combining digital personas with real-world intelligence allows investigators to cross-verify online information with traditional methods (Maltego, 2022). This approach is particularly effective in complex investigations where digital and human elements are intertwined.

However, technological advancements, particularly in AI and deepfakes, introduce new challenges and opportunities for using covert research accounts. AI-driven tools can create highly sophisticated accounts capable of generating realistic voice and video content. While these tools can strengthen the credibility of a covert research account, they also present ethical and legal risks, particularly concerning the potential misuse of spreading misinformation or conducting unauthorised surveillance (Ozturk, 2021).

Critical Reflection

The use of covert research accounts in OSINT represents a double-edged sword. On one hand, they are invaluable for gathering intelligence, infiltrating groups, and monitoring activities without exposing the investigator's true identity. On the other hand, their use involves deception, raises ethical questions, and exists in a legally ambiguous space. The key to leveraging covert research accounts effectively lies in striking a balance between strategic utility and ethical responsibility.

Investigators must approach the use of covert research accounts with a clear understanding of the ethical and legal boundaries that govern their actions. This includes being prepared for the potential consequences of their use, particularly in cases where the line between legal and illegal activities becomes blurred. Moreover, continuous adaptation and learning are essential, as both technology and social media platforms evolve in ways that can either enhance or undermine the effectiveness of covert research accounts.

In conclusion, while covert research accounts are a powerful tool in the OSINT arsenal, their use requires careful consideration and responsible management. Investigators must not only master the technical aspects of creating and managing these accounts but also remain vigilant of the ethical and legal implications that come with their use. Only by doing so can they ensure that their investigative activities are both effective and justifiable.

References

Marten Zwanenburg (2024) Chinese Journal of International Law. OSINT and Article 8 of the European Convention on Human Rights. Available at: https://academic.oup.com/chinesejil/advance-article/doi/10.1093/chinesejil/jmae027/7745434 (Accessed: 1 September 2024).
Wells & Gibson (2017) OSINT from a UK perspective: considerations from the law enforcement and military domains. Available at: https://shura.shu.ac.uk/17412/2/OSINT_EASS.pdf (Accessed: 29August 2024)
Maltego (2022) Creating Sock Puppets for Your Investigations. Available at: https://www.maltego.com/blog/creating-sock-puppets-for-your-investigations/ (Accessed: 28 August 2024).
OS2INT (n.d.) Developing and Deploying Effective Sock Puppets on Social Media. Available at: https://os2int.com/toolbox/developing-and-deploying-effective-sock-puppets-on-social-media/ (Accessed: 1 September 2024).
Proelium Law (2021) Open Source Intelligence and Privacy. Available at: https://proeliumlaw.com/open-source-intelligence-and-privacy/ (Accessed: 30 August 2024).
Royal United Services Institute (RUSI) (2021) The Future of Open-Source Intelligence. Available at: https://static.rusi.org/330_OP_FutureOfOpenSourceIntelligence_FinalWeb0.pdf (Accessed: 30 August 2024).
SANS Institute (2013) What Are Sock Puppets in OSINT? Available at: https://www.sans.org/blog/what-are-sock-puppets-in-osint/ (Accessed: 31 August 2024).
Secjuice (2023) The Art of the Sock: OSINT & HUMINT. Available at: https://www.secjuice.com/the-art-of-the-sock-osint-humint/ (Accessed: 31 August 2024).
Ozturk (2021) The Mega Sock Puppets Tutorial for OSINT. Available at: https://ztrkouzhan.medium.com/the-mega-sock-puppets-tutorial-for-osint-af3bd29dd5fc (Accessed: 1 September 2024).