How We Learn What We Know, to Chart What We Know

Posted on 29 April 2013 by


hilary_thumbnailI spent an enjoyable 20 minutes today speaking with Hilary Sargent, an OSINT rock-star who had to ask me what OSINT was.

That’s not to say that she didn’t know – I’m sure she did. But when I told her that it was Open Source INTelligence, and further explained the difference, say, between that and traditional HUMINT, she cut me off to explain that she’s a veteran investigator.

And elicitation specialist.

Now she runs the site Click the image on the left to see the full sized edition of the one that kicked off this post, or click here.

We’d started talking because I asked her permission to run here on PLI the graphic above, that she released today. It tracks quite clearly the who-knew-what-and-when-they-knew-it of the Tsarnaev investigation. I’d seen it online, tweeted by Th3J35t3r , and it was to me a fantastic vindication of what I was talking about the other day when I posted my looooooooooooong post about why the Boston Marathon Bombings was not evidence of an intelligence failure.

I asked Hilary what brought her to do this kind of work – I’m not the first to do so; see a great piece in Reuters about her here.

That’s when she asked me the question about OSINT. “I’ve heard that word a few times today,” she said.

Sargent says that she has not yet turned her charting abilities into a business, but she keeps getting stuck reading newspaper articles that really need a chart and don’t have one.

So at this point, her startup costs seem to be her weekends.

Sargent said that one of the reasons she wanted to make this chart was listening to Lindsay Graham saying that, but for a spellcheck, the FBI woulda had him.

Sargent’s understanding of the intricacies of data sharing have led her to the conclusion that when it comes to interagency sharing, offering access is not the same thing as data sharing.

hilary_thumbnail2“I was trying to show the idea that, ‘they should have caught this guy,’ was wrong,” she told me.  If you look at her chart, which she compiled from open news sources and scholarly descriptions of the organizations and systems it describes, you can see that no agency was even remotely close to knowing enough to catch him. “Each agency knew a different thing.”

Sargent says she made the chart to clarify some of the inconsistencies and flat out wrong statements in the press about even basic things, like a “Watch List”.

Mainly, though, she said, she did it because it needed to be done and no one else had done it.

“I start with a similar pencil and paper version,” she told me. “I know kind of the rough basics, like that TSA and Customs are part of DHS; I didn’t know about TIDE or a lot of these other more arcane databases.

“I also didn’t know the way to structure to describe it visually. It seemed clear there wer four things that, had everyone who could have possibly known and focused on, they would have caught this guy.

So, if, for example, there was one senior guy at a JTTF who had spoken with the guys in Russia and with the family, and known about the son’s activity and his overseas travel, then they would have known.”

Sargent started mainly by reading media articles – there haven’t been a lot of documents released on this yet, anyway. She spent a ton of hours reading about the differences between several of the federal lists.

“Most articles did a bad job delineating between, for example, TIDE and the No Fly List and TECS. That was the most important distinction. For the media to say he was “On a watch list” is really misleading.

“Then I just read a couple of hundred articles, and a bunch of stuff written over the ast ten years about how all this stuff works.”

“I didn’t include description of 90-day window,” she said. “I try to walk a line between only charting what I completely understand; I don’t put things I don’t understand in the chart. I don’t want people from the intelligence community to look at my chart and roll there eyes; that is my goal anyway, and it is a hard thing to do.

“I am sure a lot of people in the IC have been reading the New York Times and rolling their eyes,” she said.

The real reason I am writing about her here is because of how she synthesized all these data and then produced the analysis, and basically it was straightforward OSINT work. She Googles a lot, and she has the kind of personality that lends itself to wanting to find the answer and being willing to spend the time to get it.

One good tip she gives, that we agree with and do, is that for things like TIDE and TECS and No Fly that you start at Wikipedia to get a basic idea, but never quote it – rather, look at the link collection at the bottom of the listing and go directly to the scholarly works and articles quoted therein. She warns that this is for researching things more than people  – unless you’re a B-list celebrity or higher, the Wikipedia pages and the links tend to be self-serving paff for people.

But for things? Great stuff.

Her one statement about cops and research is very important for analysts to remember when they speak with detectives or cops who say that they just Don’t Understand The Google.

“Oh yeah? Well tell him to get me a score from some game on ESPN and I guarantee you he can find it in seconds on his phone. These are the same skills.

“They can do it.”