OSINT – The Untapped Treasure Trove of United Nations Organizations

OSINT – The Untapped Treasure Trove of United Nations Organizations

. 7 min read

Could the devastating, and still ongoing, Covid-19 pandemic have been prevented? While many different experts have given many different answers to this question, less emphasis has been placed on the role of information. In November 2002, the World Health Organization (WHO) detected an “unusual respiratory illness” in the Chinese Guangdong Province based on information from online news sources. When the WHO officially requested more information about this suspicious pneumonia outbreak, Chinese authorities refused to cooperate. Ultimately, the WHO issued a global warning about these pneumonia cases and began its fight against the unusual illness, which was later called Severe Acute Respiratory Syndrome (SARS). Yet, the same system that had allowed the WHO to detect SARS in 2002 was shut down in May 2019, only months before the outbreak of Covid-19. It remains unclear whether this system could have completely prevented the current pandemic—but it probably could have helped the world prepare.

This brief vignette illustrates the powerful potential of publicly accessible information. Ultimately, it was a few articles in online news sources, social networks, forums, and blogs that helped the WHO monitor whether states complied with international health regulations. But the power of publicly accessible information, often referred to as Open Source Intelligence (OSINT), is not only limited to the health sector. OSINT can empower United Nations organizations with various focus areas to more effectively monitor member states’ compliance with international regulations. In turn, more effective monitoring can facilitate more effective punishments for non-compliance, ultimately making UN organizations more relevant actors in international relations.

Understanding Open Source Intelligence

But what exactly does the term Open Source Intelligence mean? When experts use the term OSINT, they do not simply refer to publicly accessible information. Instead, OSINT consists of both the collection and the processing of public information obtained from open data sources for a particular purpose. Such open data sources could include the previously mentioned examples of news sources, social media, forums, or blogs, as well as other sources such as academic publications, governmental data, or corporate-published information. OSINT has notably been used by intelligence services and the police to investigate and prosecute cybercrimes. Most perpetrators of cybercrimes are frequently online and have a large social media presence. The vast amount of publicly accessible data generated by this online activity can provide valuable insights for investigators. In fact, some experts have even advocated for expanding the use of OSINT in investigations of more conventional crimes, for instance to provide investigators with more background information on potential suspects.

To understand the applications of OSINT to the United Nations, we can imagine UN organizations to be the investigators that use OSINT to try and prosecute the crimes of member states. So far, UN organizations have had to rely on member states self-reporting to monitor compliance with international rules and regulations. Naturally, those states not complying with international laws would misreport their behavior to avoid punishment. In essence, the criminals would have to turn themselves in. OSINT could now make the monitoring activities, or investigations, of UN organizations much more effective. For example, UN organizations could use automated search engines to browse online sources for key-word searches. This approach was used by the WHO to detect the SARS outbreak in 2003. Additionally, UN organizations could use visual information from open data sources, such as satellite imagery obtained from Google Earth, to monitor member state behavior on the ground over time. A similar approach was employed by the International Atomic Energy Agency (IAEA), which used satellite imaging to investigate whether North Korea had restarted one of its main nuclear reactors.

The International Atomic Energy Agency (IAEA) has frequently used satellite imagery to monitor compliance. "Satellite Imagery" by IAEA Imagebank.

The Functional Capacities of Open Source Intelligence: OSINT in Action

Both of these approaches were used in combination by the Office of the UN High Commissioner for Human Rights (OHCHR) with the launch of the Democratic People’s Republic of Korea (DPRK) Accountability Project in 2019. The project has tried to promote North Korean accountability to international law by systematically investigating potential instances of human rights violations. Yet UN officials lacked direct access to the country, forcing them to use non-traditional monitoring mechanisms. As one of these mechanisms, the OHCHR used e-discovery software to perform a broad review of open source information. By the end of 2020, the body had managed to collect more than 4,000 distinct files, including written evidence such as reports and court documents, as well as visual evidence such as satellite imagery and videos. This OSINT-based investigation eventually led the OHCHR to conclude in January 2021 that there were “reasonable grounds” to believe that the DPRK had committed multiple crimes against humanity. The agency also used OSINT to identify North Korean officials who were suspected to have had direct knowledge of or involvement in these abuses. Thanks to OSINT, the situation can now be referred to the International Criminal Court (ICC).

The DPRK Accountability Project demonstrates the impact OSINT can have on prosecuting human rights violations. The use of open source intelligence allows for remote investigations in the case that officials are denied access to the country where a violation might have occurred. But perhaps even more importantly, OSINT can break down the barriers between victims of or witnesses to human rights violations and investigators. Until recently, victims were often forced to flee the country if they wanted their case to be heard by international authorities. Now, victims can directly reach investigators by sharing their story on designated online platforms and indirectly by posting on social media or elsewhere online. These advantages were one of the main reasons why the OHCHR decided in 2019 to monitor human rights developments in Myanmar via open source applications. OSINT can ensure that even seemingly minor evidence like social media posts receive proper attention, thereby contributing to holding human rights violators accountable for their actions.

To further explore OSINT’s capabilities, let us return to the opening vignette of the WHO and the outbreak of SARS in November 2002. One of the main advantages of OSINT is that the reserve of publicly accessible open data is unbelievably vast—and constantly growing. One can find almost anything on the Internet. However, the unbelievable amount of information available makes data analysis much more complex. To detect unusual diseases, WHO officials did not read every newspaper article, social media post, and blog post individually. Instead, they relied on a so-called web crawler that automatically screened all published information within a certain region and searched for keywords. This technology was developed and maintained by Canadian epidemiologists and specialized doctors, who shared all the web crawler’s findings with the WHO. Once it detected a predetermined keyword multiple times, the system sent an alert to the WHO, which then further investigated the issue. While still in operation, this platform was able to detect the first signs of about 40 percent of international disease outbreaks. Some officials even praised the system as “the foundation” of the WHO’s early warning system of global pandemics.

Open Source Intelligence (OSINT) has been successfully used to detect disease outbreaks in the past. "Medical masks hang on a dryer with clothespins" by Marco Verch Professional Photographer.

Potential Limitations of Open Source Intelligence

The immense potential of OSINT also constitutes one of its greatest disadvantages in the eyes of UN member states: OSINT can expose non-compliance and thereby significantly limit national sovereignty. Because of OSINT’s reach, the entire world knows when North Korea commits a human rights violation or when China tries to cover up a disease outbreak. Other UN member states might like to see North Korea’s or China’s non-compliance with international regulations be exposed, but they might also be afraid of OSINT revealing their own non-compliance. Therefore, it’s likely that only those UN organizations that act relatively independently of member states’ interests would adopt OSINT as a core monitoring mechanism. In contrast, UN organizations in which member states like China have substantial influence will likely shy away from this approach. In fact, this may be one of the reasons why the WHO never developed its own web crawler for detecting potential disease outbreaks and instead relied on Canada’s: developing its own system might have simply been too controversial among member states. Once the Canadian government shut down its web crawler in May 2019 after it determined domestic issues to be of greater importance, the WHO was left empty-handed.

A related disadvantage of OSINT concerns its vulnerability to fake news. With the overwhelming amount of open source data on the Internet, the possibility that acquired evidence contains inaccurate or misleading information is incredibly high. Should individuals or governments discover the particular keywords that cause a web crawler to alert the WHO, they may intentionally spread disinformation containing these trigger terms. Such a misinformation campaign could significantly weaken the monitoring power of OSINT. As a consequence, OSINT can never be the only evidence upon which UN organizations may punish perpetrators of human rights violations or other types of non-compliance. Other sources of evidence, such as interviews or eye-witness observations, must always complement publicly accessible data.

These limitations illustrate that OSINT may not be able to detect every instance of non-compliance single-handedly. This intelligence collection method is certainly no panacea. But if combined with other sources of information, OSINT can empower UN organizations with a multitude of ways to monitor adherence to international regulations more effectively. Currently, the entire world seems to be discussing how to prevent future pandemics, and OSINT can be a vital part of the solution. Whether it concerns monitoring disease outbreaks, human rights violations, or nuclear energy programs, OSINT can help overcome the problem of self-reporting that has so far undermined the authority of UN organizations. However, the powerful potential of OSINT will go to waste unless UN organizations commit to investing in new monitoring mechanisms. Failing to explore these novel approaches would leave a nearly limitless treasure trove of opportunities wastfully untapped.

Cover photo "Good morning servers" by Not4rthur.