Doctrine corner: Open Source Intelligence doctrine

Doctrine corner: Open Source Intelligence doctrine

Michael C. Taylor

FMI 2-22.9, Open Source Intelligence, provides interim tactics, techniques, and procedures (TTPs) for open source intelligence (OSINT) operations. It provides a basic description of the fundamentals of OSINT, the planning of OSINT operations and support; the collection and processing of publicly available information; and the production of OSINT. As interim doctrine, FMI 2-22.9 provides not just basic techniques and procedures but serves as a catalyst for increasing awareness of OSINT and improving Army OSINT operations. This article presents the fundamentals of OSINT operations found in this emerging intelligence doctrine, FMI 2-22.9.

What is OSINT?

OSINT is relevant information derived from the systematic collection, processing, and analysis of publicly available information in response to intelligence requirements. Two important terms in this definition are-

[] Open Source. Any person, group, or system that provides information without the expectation that the information, relationship, or both, are protected against public disclosure.

[] Publicly Available Information. Data, facts, instructions, or other material published or broadcast for general public consumption available on request to a member of the general public; lawfully seen or heard by any casual observer; or made available at a meeting open to the general public.

The OSINT Discipline

OSINT operations are integral to Army intelligence operations. Publicly available information forms the basis of all intelligence operations and intelligence products. The availability, depth, and range of publicly available information enable intelligence organizations to satisfy many intelligence requirements without the use of specialized human or technical means of collection. OSINT operations support other intelligence, surveillance, and reconnaissance (ISR) efforts by providing information that enhances collection and production. As part of a multidiscipline intelligence effort, the use and integration of OSINT ensures decisionmakers have the benefit of all available information.

The source and the collection means rather than a specific category of technical or human resources distinguish OSINT from other intelligence disciplines. Open sources broadcast, publish, or otherwise distribute information for public use. The collection means (techniques) for gathering publicly available information from these media of communications are overt and unintrusive. Other intelligence disciplines use covert or intrusive techniques to collect private information from confidential sources.

Open Source Media

Communications consist of a sender, a message, a medium, and a receiver. The medium is the access point to publicly available information for open source research and collection. The primary media that open sources use to communicate information to the general public are–

[] Public Speaking Forums. Public speaking, the oldest medium, is the oral distribution of information to audiences during events that are open to the public or occur in public areas. These events or forums include but are not limited to academic debates, educational lectures, news conferences, political rallies, public government meetings, religious sermons, and science and technology exhibitions. Neither the speaker nor the audience has the expectation of privacy when participating in a public speaking forum. Unlike the other open source collection, monitoring public speaking events is done through direct observation and, due to its overt nature, could entail risk to the collector.

[] Public Documents. A document is any recorded information regardless of its physical form or characteristics. Like public speaking, public documents have always been a source of intelligence. Documents provide in-depth information about the operational environment (OE) that underpin our ability to plan, prepare for, and execute military operations. During operations, documents such as newspapers and magazines provide insights into the effectiveness of information operations. Books, leaflets, magazines, maps, manuals, marketing brochures, newspapers, photographs, public property records, and other forms of recorded information continue to yield information of intelligence value about operational environments. Sustained document collection contributes to the development of studies about potential OEs. Document collection on the operational and technical characteristics of foreign materiel aids in the development of improved U.S. tactics, countermeasures, and equipment.

[] Public Broadcasts. A public broadcast entails the simultaneous transmission of data or information for general public consumption to all receivers or terminals within a computer, radio, or television network. Public broadcasts are important sources of current information about the OE. Television news broadcasts often provide the first indications and warning (I&W) of situations that may require the use of U.S. forces. Broadcast news and announcements enable personnel to monitor conditions and take appropriate action when conditions change within the area of operations. News, commentary, and analysis on radio and television also provide windows into how governments, civilians, news organizations, and other elements of society perceive the U.S. and U.S. military operations. Broadcasts also provide information and insights into the effectiveness of information operations both lethal and non-lethal.

[] Internet Sites. Internet sites enable users to participate in a publicly accessible communications network that connects computers, computer networks, and organizational computer facilities around the world. The Internet is more than just a research tool. It is a reconnaissance and surveillance tool that enables intelligence personnel to locate and observe open sources of information. Through the Internet, trained collectors can detect and monitor Internet sites that may provide I&W of enemy intentions, capabilities, and activities. Collectors can monitor newspaper, radio, and television websites that support assessments of information operations. Collectors can conduct periodic searches of web pages and databases for content on military order of battle, personalities, and equipment. Collecting web page content and links can provide useful information about relationships between individuals and organizations. Properly focused, collecting and processing publicly available information from Internet sites can help analysts and decision makers understand the operational environment.

OSINT Considerations

For the most part, the considerations for OSINT are similar to those of other intelligence disciplines. OSINT organizations need clearly stated intelligence requirements to effectively focus collection and production. OSINT operations must comply with Army Regulation 381-10, U.S. Army Intelligence Activities, and Executive Order 12333, U.S Intelligence Activities, on the collection, retention, and dissemination information on U.S. persons. OSINT organizations can be overwhelmed by the volume of information to process and analyze. OSINT operations require qualified linguists to collect and process non-English language information. In addition to these common considerations, personnel responsible for planning or executing OSINT operations must consider the following:

[] Limitations. Intelligence organizations whose principal missions are counterintelligence, human intelligence, and signals intelligence must comply with applicable Department of Defense Directives and Army Regulations that govern contact with and collection of information from open sources. For example, Department of Defense Directive 5100.20 prohibits signals intelligence organizations from collecting and processing information from public broadcasts with exception of processing encrypted or “hidden meaning” passages.

[] Operations Security. More than any other intelligence discipline, the OSINT discipline could unintentionally provide indicators of U.S. military operations. Information generally available to the public as well as certain detectable activities such as open source research and collection can reveal the existence of, and sometimes details about, classified or sensitive information or undertakings. Such indicators may assist those seeking to neutralize or exploit US military operations. Purchasing documents, searching an Internet site, or asking questions at public events are examples of detectable open source research and collection techniques that could provide indicators of U.S. plans and operations. Using the five-step operations security process, organizations must determine what level of contact with open sources and which collection techniques might provide indicators that an enemy could piece together in time to affect U.S. military operations. The steps of the process are identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risks, and application of appropriate countermeasures. In OSINT operations, countermeasures range from limiting the frequency or duration of contact with a source to prohibiting all contact with a source.

[] Deconfliction. During planning, the G2/S2 staff and the G3/S3 staff must deconflict ISR operations. Specifically, collection may compromise the operations of another intelligence discipline. Contact or interaction with open sources may adversely affect the ability of non-intelligence organizations such as civil affairs, military police, medical, and public affairs to accomplish their missions. Overt contact with a source by civil affairs, military police, or other personnel may compromise OSINT operations as well as the safety of the open source or collector. Each of these situations could lead to the loss of access to the open source and information of intelligence value.

[] Deception and Bias. Deception and bias are of particular concern in OSINT operations. Unlike other disciplines, these operations do not normally collect information by direct observation of activities and conditions within the area of interest. OSINT operations rely on secondary sources to collect and distribute information that the sources may not have observed themselves. Secondary sources such as government press offices, commercial news organizations, nongovernmental organization spokesmen, and other information providers can intentionally or unintentionally add, delete, modify, or otherwise filter the information they make available to the general public. These sources may also convey one message in English for U.S. or international consumption and a different non-English message for local or regional consumption. It is very important to know the background of open sources and the purpose of the public information in order to distinguish objective, factual information from information that lacks merit, contains bias, or is part of an effort to deceive the reader.

[] Intellectual Property. Army Regulation 27-60, Intellectual Property, prescribes policy and procedures with regard to the acquisition, protection, transfer and use of patents, copyrights, trademarks, and other intellectual property by the Department of the Army. It is Army policy to recognize the rights of copyright owners consistent with the Army’s unique mission and worldwide commitments. As a general rule, Army organizations will not reproduce or distribute copyrighted works without the permission of the copyright owner unless such use is within an exception under U.S. Copyright Law or required to meet an immediate, mission-essential need for which non-infringing alternatives are either unavailable or unsatisfactory. According to the U.S. Copyright Office, “fair use” of a copyrighted work for purposes such as criticism, comment, news reporting, teaching, scholarship, or research, is not an infringement of copyright.

Conclusion

FMI 2-22.9 is scheduled for publication during the summer of 2006. As with any field manual, its measure of effectiveness will be demonstrated in how well the TTPs enable users to accomplish their missions. Hopefully, the manual will be successful since failure means commanders and their soldiers may not be benefiting from one of the most abundant sources of information on the OE. It is incumbent upon you, the initial users of FMI 2-22.9, to put the doctrine through its paces and send your feedback to the Intelligence Center. Your feedback will improve not just the doctrine but the training and the tools that enable effective OSINT operations.

Michael Taylor is a senior intelligence analyst for ARSC Communications. He is currently the OSINT Doctrine Project Leader for the Directorate of Doctrine of the U.S. Army Intelligence Center at Fort Huachuca. Arizona. His background includes 25 years of military and civilian experience in National, operational, and tactical intelligence operations, primarily as an intelligence analyst and Russian linguist. Mr. Taylor’s previous doctrinal literature works include: FM 34-1, Intelligence Operation; FM 34-25-3, All-Source Analysis System and the Analysis and Control Element; three Special Texts on Objective Force division and brigade intelligence operations; a series of studies on the doctrinal implications of the Distributed Common Ground System-Army; and several articles in the Military Intelligence Professional Bulletin.

COPYRIGHT 2005 U.S. Army Intelligence Center and School

COPYRIGHT 2006 Gale Group