From establishing the use of chemical weapons by Syrian forces against innocent civilians in 2012, to documenting war crimes by invading Russian forces in Ukraine in 2022, the past decade has seen the explosion of open-source intelligence (“OSINT”). The discipline draws upon an ocean of (putatively) publicly available data – now ranging from selfies to car registrations to satellite imagery – to perform a kind of forensic analysis that would have been nigh impossible in previous eras. Having redefined practices from citizen journalism to military targeting, OSINT’s increased prominence has been accompanied by growing calls from scholars, practitioners, and senior officials for the U.S. Intelligence Community (IC) to more concertedly take up the craft. Otherwise, so the thinking goes, these agencies run the risk of obsolescence, as governments find their erstwhile monopoly on sophisticated intelligence gathering eroding, alongside their ability to avoid strategic surprise.
For senior U.S. decisionmakers, the choice may boil down to a simple binary: double down on the game the IC plays best, or wade into a relatively new game that anyone can play. In terms of resourcing, authorities, and analytic credibility, however, forays into the latter could come at the expense of the former. By dint of its sheer scale, scope, authorities, relationships, organization, and history, the IC’s potential reach into the depths of secrecy is unparalleled. It is this very reach that may stand at greatest risk from unbounded attempts to find what hides in plain sight.
The most recent National Intelligence Strategy from 2019 rightfully acknowledges that “an inability to stay current with rapid changes in technology and industry standards may affect the IC’s competitive advantage.” But what exactly is the IC’s competitive advantage? The strategy does not offer a definition, but I would suggest it is the ability to collect and analyze what no one else can and how no one else can. I borrow this definition from one of the foundational documents governing the very practice of intelligence in the United States: Executive Order (EO) 12333 – wherein the phrase “information not otherwise obtainable” appears several times.
Granted, EO 12333 is far from the final word on the do’s and don’ts of U.S. intelligence. And, if anything, the 42-year-old directive is long overdue for an update to bring several related disciplines into better alignment with the geopolitical and bureaucratic realities of the 21st century. Even so, as a compass-check against first principles, it might be a good starting point, particularly as it details how and why the IC is charged and authorized to do what no other entity can.
EO 12333 also sets out the chief goal of the IC: to “provide the President and the National Security Council with the necessary information on which to base decisions concerning the conduct and development of foreign, defense and economic policy, and the protection of United States national interests from foreign security threats” – for which “accurate and timely information about the capabilities, intentions and activities of foreign powers, organizations, or persons and their agents is essential.” Such collection is to be “pursued in a vigorous, innovative and responsible manner that is consistent with the Constitution and applicable law and respectful of the principles upon which the United States was founded.” These clauses should serve as the baseline of both flexibility and limitation as the IC adapts itself to an OSINT-driven era.
The IC’s initial foray into so-called OSINT hewed to this competitive advantage, filling a gap no one else could. According to the CIA’s history of the Foreign Broadcast Information Service (FBIS), established in 1941, “U.S. officials could not know quickly what national leaders were telling their own people or citizens of nearby countries without some wholesale monitoring of foreign radio…the fastest, cheapest, and most reliable way of getting general information and intelligence concerning a particular country.” The ensuing decades, however, would see intensifying and competing demands from throughout the government and academia, scandal and budget cuts, and a meandering and ballooning mission scope, per the above history. As the information space shifted from one of dearth to deluge for policymakers over that period, discussion of the IC’s proper OSINT role seems to reemerge with each major geopolitical event and technological advance. In 2023, the government has lost the monopoly it once had over collecting and transmitting freely broadcasted info, at speed, cheaply. The urge to recapture that monopoly is understandable, but likely misguided.
As the Biden administration amply demonstrated in the lead up to Russia’s renewed invasion of Ukraine in early 2022, when it comes to understanding adversary plans and intentions, there is no alternative to the human or technical infiltration that only the IC is equipped and permitted to perform. Director of National Intelligence (DNI) Avril Haines acknowledged that “the United States had obtained ‘extraordinary detail’ about the Kremlin’s secret plans for a war it continued to deny it intended.” Consequently, when considering the extent to which it adopts OSINT as a core function, the IC must adopt a “first, do no harm” approach to its most unique and exclusive mission, given the substantial opportunity costs at stake. In an era of limited resources and seemingly boundless collection, decisionmakers may yearn for an IC that can stay one step ahead of the adversary, while also being able to “beat the press.” Even if only periodically successful, it is better to vigorously pursue the former than to catastrophically succeed at the latter.
Moreover, arguments for the IC to concertedly wade into the OSINT game often fail to distinguish between collection and analysis, and the degree to which the IC should be a consumer versus a producer. On all scores, the degree of faith these arguments often place in algorithms, machine learning, and artificial intelligence seems overly optimistic at best, commercially self-serving at worst. There is no disputing the IC should do more to ensure open-source insights augment and contextualize clandestinely acquired information. It is also clear that the U.S. government needs to seriously overhaul its massive and arcane classification system, which is structurally inclined toward stove-piping. Attempting to duplicate the practice of OSINT collection and analysis at scale, however, poses clear risks to both IC tradecraft and credibility that must be carefully considered.
For example, the explosion of “publicly available information” threatens to turn all-source intelligence into a nebulous, infinite attempt to boil an ocean of data – much of which is embroiled in ongoing domestic and foreign policy debates surrounding privacy and surveillance. The IC cannot take for granted that the imprimatur of government is not simply synonymous with public trust and credibility. Meanwhile, OSINT itself entails significant – and increasingly scarce – personnel resources to triage and assess. For a group of agencies already subject to crippling “information overload,” dedicating linguists and data scientists to OSINT risks robbing Peter to pay Paul. Understanding how OSINT-specific requirements and priorities would be incorporated into existing prioritization and deconfliction processes – in a way that does not expose key gaps in other “-INTs” – is crucial. In other words, the kinds of OSINT data the IC collects, from whom, and at what resource and opportunity costs, are critical questions, too easily papered over with a sweeping nod to the need for “more OSINT.” The answers are vital to ensuring the discipline ultimately benefits national security decision-making more than tech startups or data-brokers, and closely adheres to the Constitutional principles and values enshrined in EO 12333.
Moreover, the IC has far less leeway in drawing conclusions from the disparate and disaggregated sources than do civil society or journalists leaning on OSINT to draw inferences, which are sometimes faulty. Relative to the IC’s analytic tradecraft, which has been continually refined over decades (but certainly not perfected), OSINT practices are still nascent, and can themselves sometimes suffer from their own myopia: that of “big data.” As social scientists note, the assumption that grand accumulations of unstructured data will necessarily yield better insight “sacriﬁc[es] complexity, speciﬁcity, context, depth and critique for scale, breadth, automation.” In other words, reverting to OSINT to find patterns the IC may not have otherwise known to look for must not be deemed a license to make judgments it might have otherwise had to justify.
Meanwhile, to the extent the IC takes up producing so-called OSINT, the question arises as to what then distinguishes intelligence from investigative journalism, not to mention why taxpayer money ought to be dedicated to a discipline for which the private sector will clearly retain the cutting edge. Wading too far into abstract national security threats, unbounded data-sources, and less-than-robust technologies to provide speedier forecasts risks setting the IC up for inevitable failures which could erode the very credibility that OSINT proponents claim must be salvaged.
The notion that intelligence must adapt to keep pace with the times is hardly new. Nearly two decades ago, Professor Joseph Nye marveled at the post-Cold War increase in “the ratio of mysteries to secrets in the questions that policymakers want answered. A secret is something concrete that can be stolen by a spy or discerned by a technical sensor… a mystery is an abstract puzzle to which no one can be sure of the answer.” The year was 1994. Incidentally, this was the same year that the legendary Michael Jordan inexplicably decided to leave his championship basketball streak to try his hand at a different sport entirely. “Jordan’s decision to leave the NBA at the utmost peak of his powers in order to pursue a short-lived career in professional baseball is still a source of curiosity,” a sports columnist wrote last year. The lesson is this: in weighing the degree of focus on uncovering secrets versus solving mysteries, U.S. officials should err in favor of the IC’s proven competitive advantage and avoid taking their eyes off the ball.
IMAGE: A visualization of big data. (Getty)
The post The IC’s Biggest Open-Source Intelligence Challenge: Mission Creep appeared first on Just Security.