A (working) definition of OSINT

Last week the OSINT Foundation released a 3-page (pdf) definition document which includes a definition of OSINT. As I have been working on collecting and analysing ‘OSINT definitions’, this document immediately drew my attention. It is possible to find many different definitions of OSINT in literature and in organisational documents, none of which however is widely accepted. And without a shared definition it is difficult to further develop this professional field and make meaningful comparisons.

Therefore I believe there is a need of getting into a debate on the definition of OSINT, perhaps similarly as has been going on in relation to the definition of intelligence (see for example Warner 2002). Hence, in this blogpost I discuss the definition as put forward by the OSINT Foundation, argue why I believe that definition is unhelpful, and present a possible alternative definition of OSINT.

OSINT according to the OSINT Foundation

According to the OSINT foundation, OSINT is intelligence that is produced from publicly available information and is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.

We quickly recognise the Director of National Intelligence (DNI) definition of OSINT as originally included in the (now rescinded) Intelligence Community Directive 301. This ICD, just as the OSINT Foundation document, references the Public Law 109-163, Section 931 as the origin of the definition.

When we dive into this origin, it appears that the definition is an amalgamation based on hearings by the US Congres subcommittee on intelligence, information sharing and terrorism risk assessment held in June 2005. Bean (2007) describes, based on these hearings, as well as his personal involvement in that time, the various tensions between different opinions and interests that eventually led to this definition.

The resulting findings of Congres define OSINT as a finalised intelligence product in contrast, as the acronym ‘OSINT’ would suggest, to a collection discipline. The OSINT Foundation uses this definition however then also adds (on page 3 of the document) that ‘As a noun, the acronym OSINT refers to an intelligence discipline‘ and further ‘As a distinct intelligence discipline, open-source intelligence is almost exclusively an activity where information is acquired second-hand.’ (I tend to disagree with the ‘second hand’ remark, especially in relation to social media, however that is for another blogpost)

These additions suggest that the Foundation also sees OSINT as an activity which appears to be inconsistent with the definition on the first page of the OSINT Foundation document. Another, and bigger, problem that exists with the definition, is that it includes ‘analysis and dissemination’ as characteristics of OSINT and thus defines OSINT as a finalised intelligence product.

While there are many examples of good analytic products, produced both inside and outside the intelligence community, which are solely based on information collected from open sources, it is not a given that only such finalised and disseminated products qualify as ‘OSINT’. Information from open sources has been a critical foundation in all-source analytic products more or less since the emergence of modern intelligence services. Therefore it would be much more productive to think of OSINT in terms of a collection discipline, rather than a complete product. In the next section I’ll dive a bit into the history of the acronym OSINT to see if that history contains any further clues.

OSINT, the history of an acronym

It does not require any stretch of the imagination to understand that the use of the acronym OSINT alongside the other ‘INTs’ suggests that the original intention of the acronym was to identify open-source intelligence as a distinct collection discipline next to the traditional HUMINT, SIGINT, MASINT and IMINT collection disciplines. However, the public history on the emergence of the acronym is scarce.

The first public use of the phrase ‘open source intelligence’ and the acronym ‘OSINT’ in the intelligence studies literature that I found, is in an article from 1990 by Robert Steele. In that article the acronym OSINT is mentioned twice, however not specifically defined. While the number of publications on the use of information from open sources for intelligence purposes steadily increased in the early 1990s, the acronym itself was not used frequently yet at the time. Even the 1994 Director of Central Intelligence Directive 2/12 that established the community open source program office (COSPO), did not contain the acronym OSINT, nor the phrase ‘Open Source Intelligence’.

On the other hand, the 1993 US Department of Defense ‘Joint Doctrine for Intelligence Support to Operations’ does contain the acronym OSINT and Simmons (1995:38) writes ‘According the joint doctrine, open source intelligence is referred to as OSINT and is to be treated like all other available information. That is, it should be integrated into an all-source product based on each piece of informations relative value, reliability, and relevance. Like the other conventional collection disciplines, there is no specific policy or doctrine that specifies precisely how OS materials will be integrated into the intelligence analysis process.’

Simmons on the one hand refers here to OSINT as ‘all other available information‘, while on the other hand he regarded OSINT alongside ‘the other conventional collection disciplines‘, so as a collection discipline. Another author writing on OSINT in 1993 , Holder-Rhodes, however defined OSINT as an unclassified intelligence product that is drawn from analysis reflecting access to the widest possible range of multimedia sources.

In the US Department of Defense Joint Publication ‘Joint Intelligence Support to Military Operations’ from 1996, we see that OSINT is defined as ‘Information of potential intelligence value that is available to the general public‘. Also the NATO Open Source Intelligence Handbook from 2001 defines OSINT as a type of information, i.e.: ‘information that has been deliberately discovered, discriminated, distilled, and disseminated to a select audience, generally the commander and their immediate staff, in order to address a specific question.’

I’m still working on a more broad and thorough collection and analysis of the various definitions of OSINT as used over time by (governmental) organisations and in (academic) papers, and especially am working to incorporate definitions from other countries (rather than the US). The definitions I found so far, however generally fall in one of three categories in which OSINT is either defined as:

  • a (specific) type of information
  • a finished product (analysed & disseminated)
  • a collection methodology

Personally I believe the latter is the more accurate category of definitions as it in line with the use of acronyms for the different collection disciplines.

Conclusion: a working definition of OSINT

Given the previous discussion I propose to follow the intelligence cycle and align the definition of OSINT with the collection phase in the intelligence process, hence as one of the collection disciplines next to HUMINT, SIGINT etc. So certainly not as a finished product. I could imagine that OSINT can be defined both as a methodology and as a certain type of information, just as intelligence can be defined as a process as well as a product. For now I stick to the methodology.

Additionally, I believe it is important that if we see OSINT as methodology it should match with the intelligence cycle, and thus the presence of direction should be visible in the definition. After all, OSINT is more than ‘just’ collecting information and it is arguably incorrect to define all collection of information from publicly available sources for whatever reason as open source intelligence. We cannot say that for example reading foreign newspapers by rulers, diplomats and other civil servants to stay abreast of developments in the world, qualifies as OSINT. Such a broad definition has little diagnostic value as it does not distinguish well between casually observing the world – which humans all do all the time – from a purposefully organised approach to information collection and exploitation which we would expect in an intelligence context.

My working definition of OSINT is therefore:

the methodical collection and exploitation of information from publicly available sources to fulfil an intelligence requirement.

In other words, according to this definition OSINT is a) the collection of information, b) from publicly available sources, c) as a directed activity based on an intelligence requirement and d) executed in a methodical manner (again showing it is part of a wider process).

I’m not fully convinced on the accuracy of the definition yet, as I, for example, have condensed ‘data and/or information’ into just ‘information’ to compress the definition. However, I’m unsure whether that would not cause a methodological problem. In any case I realise this working definition is likely to be only the start of a discussion and I look forward to discussing this topic on many occasions and hope to learn from diverging views.


References

Bean, H. (2007) ‘The DNI’s Open Source Center: An Organizational Communication Perspective’ in International Journal of Intelligence and CounterIntelligence, Vol. 20: pp. 240–257.

Donovan, W. (1946) ‘Intelligence’, in Life Magazine, 30 September 1946, pp. 108-121.

Dulles, A. (1963) The Craft of Intelligence. Boulder, CO: Westview Press.

Holden-Rhodes, J. (1993) ‘Unlocking the Secrets: Open Source Intelligence in the War on Drugs’, in American Intelligence Journal, Spring/Summer 1993, pp. 67-71.

Kent, S. (1949) Strategic Intelligence for American World Policy. Princeton University Press.

NATO (2001) Open Source Intelligence Handbook.

Steele, R. (1990) ‘Intelligence in the 1990’s: Recasting National Security in a changing world’, in American Intelligence Journal, Summer/Fall 1990.

Warner, M. (2002). ‘Wanted: A definition of intelligence’, in Studies in Intelligence 2002, Vol. 46