The culmination of three years of collaboration between the U.N Human Rights Office and Berkeley Law’s Human Rights Centre (‘HRC’), the Protocol addresses the proliferation of public information in the Internet age, and recognises the critical role it can play in evidencing war crimes and other human rights violations. Named ‘OSINT’ (an abbreviation of ‘open-source intelligence’), this encompasses all data gathered from overt, publicly available sources, including material found only on the deep web.
Mindful of the pace of technological development, the Protocol avoids prescriptive, tool-specific rules, and instead proffers a legal, ethical, methodological and security-based framework for those carrying out open-source investigations. It has been described by Alexa Koenig, director of the HRC, as ‘a living document that will help strengthen war crimes investigations using 21st century methods, with the goal of improving justice and accountability worldwide.’ At its core are five principles:
- Accountability: Records of investigations and materials must be kept, and documentation must be clear.
- Competency: Investigators must ‘have proper training and technical skills’.
- Objectivity: Researchers must be aware of their inherent bias, and take steps to mitigate this.
- Legality: Applicable laws, including data protection and privacy rights, must be complied with.
- Security Awareness: Those ‘conducting investigations online should have basic operational security awareness to ensure that they minimise their digital trail and are aware of the potential risks.’
The Protocol is the third framework of its kind, having been preceded by the Minnesota (1991; updated in 2016) and Istanbul (1999; updated in 2004) Protocols, which respectively addressed standards for investigating suspicious deaths, and for recognising and documenting torture.
However, whilst international best practice guidelines have been absent until now, various OSINT initiatives pre-date the Protocol, and will continue to evolve under its tutelage. For example, news platform
Bellingcat relies on OSINT for its stories, which centre on politics and conflict, whilst
Forensic Architecture, which is run out of Goldsmiths University, London and linked to the Technology Advisory Board of the International Criminal Court (‘ICC’), uses open-source data drawn from media-rich environments to map human rights violations. Its investigations have been presented to national and international legislatures and courtrooms, up to the UN level.
NGOs are also pioneering OSINT projects and will benefit from the clear guidance of the Protocol. In 2016
Amnesty International launched Amnesty Decoders, an inventive platform which allows volunteers to engage in ‘microtasks’, such as reviewing satellite images of buildings in Raqqa, Syria, and recording when they were damaged or destroyed. This data was later used to map civilian casualties killed by the US-led coalition. The platform is supported by
Amnesty’s Digital Verification Corps, who are trained in OSINT methods such as reverse image searches, geolocation, and shadow analysis.
Additionally, the corroborative power of open-source data has been utilised effectively in war crimes trials. At the launch of the Protocol, the United Nations High Commissioner for Human Rights, Michelle Bachelet, gestured towards the role of OSINT in
The Gambia v Myanmar (often referred to as the ‘Rohingya genocide case’), where ‘satellite imagery’ has been used ‘to
corroborate the accounts of victims’. The case is currently being tried before the International Court of Justice.
The launch of the Protocol raises the question of how law firms should adapt to OSINT’s potential as excavator of rights-based violations, and a corroborator of traditional testimonies. In recent years, discussion of the relationship between technology and the law has largely focused on the streamlining and automation of processes such as document review and contract production.
AI-assisted outsourcing is often presented as a threat to traditional income streams of law firms, with legal professionals advised to provide increasingly personalised client services to counterbalance this. Yet this framing ignores the need to equip today’s lawyers with a technical skill set spanning internet literacy, technical analysis, coding, and security, so that open-source research can be combined with legal analysis in pursuit of the protection of human rights.