Berkeley protocol on open source digital investigations

A picture is worth a thousand words, a video worth even more – but how many are acceptable in a courtroom? Potentially all of them, if the recommendations of the newly published Berkeley Protocol on Digital Open Source Investigations (the “Protocol”) are followed.

Launched at a virtual event on December 1, 2020 and published in all UN languages, the Protocol contains “the first global guidelines for the use of publicly available information online – including photographs, videos and other content posted on social media sites – as evidence in international criminal investigations and human rights’.

The culmination of a three-year collaboration between the UN Office of Human Rights and the Berkeley Law Center (HRC) relates to the dissemination of public information in the age of the Internet and recognizes the key role it can play in recording war crimes and other human rights violations. Named “OSINT” (short for “open source intelligence”), it includes all data collected from open, publicly available sources, including material found only on the deep network.

Given the pace of technological development, the Protocol avoids prescribed rules, specific to the tool, and instead offers a legal, ethical, methodological and security framework for those conducting open source investigations. Alexa Koenig, director of the HRC, described it as “a living document that will help strengthen war crimes investigations using 21st century methods, with the goal of improving justice and accountability around the world.” There are basically five principles:

  1. Responsibility: Records of investigations and materials must be kept and documentation must be clear.
  2. Competence: Investigators must ‘have appropriate training and technical skills’.
  3. Objectivity: Researchers must be aware of their own bias and take steps to mitigate it.
  4. Legality: Applicable laws, including data protection and privacy rights, must be respected.
  5. Security Awareness: Those who ‘conduct online investigations should have basic operational security awareness to ensure that they keep their digital footprint to a minimum and be aware of potential risks.’

The protocol is the third framework of its kind, preceded by the Minnesota (1991; updated 2016) and Istanbul (1999; updated 2004) protocols, which dealt with standards for investigating suspected deaths and for identifying and documenting torture.

However, although there have been no international best practice guidelines so far, various OSINT initiatives precede the protocol and will continue to be developed under its supervision. For example, the Bellingcat news platform relies on OSINT for its policy and conflict-focused stories, while Forensic Architecture, run by Goldsmiths University in London and linked to the International Criminal Court’s (ICC) Technology Advisory Board, uses open source data. code extracted from media-rich environments to map human rights violations. His investigations are represented by national and international legislation and courtrooms, all the way to the UN level.

NGOs are also pioneers of OSINT projects and will benefit from clear Protocol guidelines. In 2016, Amnesty International launched Amnesty Decoders, an inventive platform that allows volunteers to engage in “micro-tasks,” such as viewing satellite images of buildings in Raqqa, Syria, and recording when they are damaged or destroyed. This data was later used to map civilian casualties killed by a U.S.-led coalition. The platform is supported by Amnesty’s Digital Verification Corps, which is trained in OSINT methods such as reverse image searches, geolocation and shadow analysis.

Amnesty International has also convened an OSINT project dealing with oil spill incidents in the Niger Delta between 2011 and 2017. While the organization is no stranger to researching environmental violations by submitting credible evidence in the Bodo community lawsuit initiated by Leigh Day, the NGO’s expertise, used in conjunction with thousands of hours of volunteers to review OSINT, creates exciting opportunities for future evidence gathering.

In addition, the supporting power of open source data is used effectively in war crimes trials. With the launch of the Protocol, the United Nations High Commissioner for Human Rights, Michelle Bachelet, pointed to the role of the OSINT in The Gambia against Myanmar (often referred to as the “Rohingya genocide case”), where “satellite images” are used ‘to substantiate accounts victims’. The case is currently pending before the International Court of Justice.

Footage on social media was also key in the case of Mahmoud al-Werfalli, a Libyan war commander whose case is pending before the ICC. The warrant for his arrest was issued shortly after videos “documenting his role in the murder of 33 people” appeared on the Internet.

At the national level, the collaboration between WITNESS, TRIAL International and eyeWitness to Atrocities – a mobile application that verifies documentaries of mass crimes and stores them on a secure server – has enabled verification of videos and photos used to convict the two high-ranking Congolese commanders for crimes against humanity. on Friday, September 21, 2018. OSINT may also be credited with securing the conviction of ISIL members in various countries, including Finland and Germany.

The launch of the Protocol raises the question of how law firms should adapt to OSINT’s potential as a researcher of rights-based violations and a supporter of traditional testimony. In recent years, the debate over the relationship between technology and law has mainly focused on directing and automating processes such as document review and contract drafting.

Intelligent outsourcing is often presented as a threat to law firms ’traditional revenue streams, with legal professionals being advised to provide increasingly personalized services to clients to balance this. However, this framing ignores the need for today’s lawyers to equip themselves with a technical set of skills that includes internet literacy, technical analysis, coding and security, so that open source research can be combined with legal analysis in search of human rights protection.

Source