The IC’s New OSINT Strategy Gets the Basics Right

Critical Questions by Emily Harding

Published April 2, 2024

The intelligence community (IC) publishedits first-ever open-source intelligence (OSINT) strategy in March. It is a big-picture, priority setting document-an essential, basic step to re-launch OSINT as a serious intelligence discipline. The unclassified version may be thin on details, but it provides insight into the fundamental challenges the IC is facing trying to integrate OSINT into its current practices.

OSINT has taken many forms over the years, but in this modern iteration, it is more powerfuland more essential than it has ever been before. What once was largely translation work is now deriving unique insights from massive, public datasets, using the power of cloud computing and artificial intelligence (AI) to find all the needles in the haystack, and sharing those insights with a wide range of customers.

Q1: Why does the IC need an OSINT strategy?

A1: OSINT has waxed and waned as an intelligence discipline. Since the founding of the Foreign Broadcast Information Service (FBIS) in 1941, the IC has turned to a nascent form of "OSINT" largely for translations of foreign press or insights from gray literature. With the advent first of "big data," then of cloud computing, and now of AI, the potential insights from publicly available and commercially available data are immense. The IC has yet to figure out how to capture those insights and integrate them fully into intelligence work, including even deciding where OSINT should sit. The organization responsible for the bulk of OSINT, the Open Source Enterprise (OSE), has moved within the Central Intelligence Agency (CIA) and the Office of the Director of National Intelligence (ODNI) repeatedly. But today, there is new energy. New leadershipat the OSE and the naming of an OSINT executive within ODNIhave resulted in a strong plan and a clear vision for where to take OSINT in the very near future.

The strategy outlines the priorities as streamlining data acquisition, developing technologies to both collect and analyze data, strengthening coordination of collection across the IC, updating and standardizing OSINT tradecraft, and developing the OSINT workforce. A classified version of the strategy is also in the works. Beyond that IC strategy, the OSE and the Defense Intelligence Community's (DIA) OSINT community have developed their own plans.

Q2: There seems to be a significant focus on the acquisition of open-source data. Why?

A2: The strategy says the IC will work to"coordinate the acquisition of open source data to avoid redundancy and expand data sharing, as appropriate, to enable mission and ensure the most efficient use of IC resources." This goal reflects two challenges: first, with 18 intelligence agencies often pursuing complementary goals, duplication of effort and redundant purchases of data is a real challenge. The IC is working to be responsible stewards of taxpayer funds by purchasing data only once. Second, "as appropriate" hints at another challenge: different intel agencies have different authorities, and the "need to know" culture in the IC means that even open-source data needs to be handled in alignment with those authorities.

ODNI will provide overall direction to the IC, which will "implement the CAI Framework and track PAI and CAI in a centralized, multi-domain data catalog to enhance transparency." In other words, there will be a central location from which the entire IC can access open-source data, and the data in that location will be structured with data tagging standards. Structuring data is one of those boring, expensive, and totally necessary tasks that must be done for the IC to succeed. Congress will need to review carefully what will surely be big budget requests for data structuring, but in the end, they should also write the checks.

The strategy also references "interoperability," which hints at what has always been a structural challenge for the IC (and the entirety of the federal government). Each contract reflects the data standards and data mapping of that contractor, sometimes using proprietary systems. Those systems often do not interact well, or at all. Putting in an early marker for interoperable systems is a smart move.

Q3: What does it mean that the strategy says they will "identify and implement a pathway to deliver IC OSINT products to the broader U.S. Government"? Why is that needed?

A3: Boiled down to its core mission, the IC is an information management system. Since its establishment in the 1940s, the IC has developed robust mechanisms to collect, store, and distribute classified data securely. OSINT is not that. Half the benefit of an OSINT system is that it is completely unclassified and can provide rich, actionable insights to a large portion of the U.S. government without a security clearance. This is an opportunity to share a lot of information widely with the USG.

However, IC systems are designed to transport classified products to cleared individuals. There are secure networks, secure printers, secure safes, even secure bags for transporting by hand. These mechanisms are effective, but expensive and time consuming. In the case of OSINT, they are also unnecessary. OSINT can and should be far more accessible, and it needs its own system for distribution. The technology to share safely must be developed, and policies and guidelines will need to be adjusted.

Q4: The strategy spends considerable time on innovation for new capabilities. One goal is to "drive OSINT innovation to deliver new capabilities." Isn't the IC at the cutting edge of this kind of collection and analysis?

A4: Yes and no. First, the bad news: because Congress has in turn funded and underfunded OSINT over the years, the IC has swung back and forth between using OSINT and drawing down OSINT resources. Plus, the instruction to new analysts is "don't chase CNN." In other words, if the press is already reporting on a development, there is no need to reprint the same story, slower. As a result, open information has been routinely undervalued. Finally, IC culture is highly focused on obeying the rules, and there are clear rules about CIA, the National Security Agency, and other foreign-facing intelligence agencies touching data from U.S. persons. Publicly available information (PAI) and commercially available information (CAI) are hugely valuable, but it is often hard or impossible to identify and scrub information that comes from U.S. persons. Rarely are large datasets labeled that way. The IC has been cautious about using such data, given the prohibitions, so they are also far behind private sector entities with no such restrictions. The OSINT enterprise should work with Congress to establish what is appropriate use and what protections need to be in place for that data.

Now, the good news: this is the IC, and it is an expert at doing impossible things on short notice with scarce resources. Leaders in this space say that IC has its own bleeding-edge capabilities. However, keeping up with rapidly advancing technology will be challenging with current levels of resourcing. Getting datasets, exploiting current datasets, and securing dependable AI-enabled tools is expensive.

The IC has an opportunity here. OSINT tools, like advanced computing and AI assistance, may not be ready to deploy on the "high side"-the IC's classified system. But the "low side," or unclassified systems, can be a test bed for these new capabilities before they transfer up. Low side testing will allow rapid iteration of new technologies, and the best of the best can move up to high side systems. As the strategy says, "The IC must embrace the ability to test new capabilities on unclassified systems that present fewer risks and barriers than classified networks."

Q5: There is an entire paragraph on who does what in the IC, full of acronyms. Can you explain what that means?

A5: Here is the key paragraph:

"The Director of the Central Intelligence Agency (D/CIA) serves as the OSINT Functional Manager (OSFM) for the IC and delegates day-to-day functional management responsibilities to the Director of the Open Source Enterprise (D/OSE) to oversee and guide open source activities across the IC. CIA, as the Open Source Functional Manager1, works in close collaboration with the Defense Intelligence Enterprise Manager for OSINT at the Defense Intelligence Agency (DIA) and the IC OSINT Executive at the Office of the Director of National Intelligence to develop IC policy and coordinate resource requests. The OSINT Executive also supports the implementation of the OSINT Strategy by establishing defined roles and responsibilities for IC elements as part of a federated OSINT enterprise, and ensuring alignment between the IC's and Department of Defense's open source activities."

Basically, the roles go like this: CIA hosts OSE and serves as the functional manager for OSINT. OSE leads a federation of IC OSINT-ers, as chair of the National Open Source Committee (NOSC), which includes representatives from all IC agencies. The NOSC prepared this IC-wide OSINT strategy.

ODNI, which is meant to serve an IC-wide coordinating function, has a position called the "IC OSINT Executive." That person is responsible for coordinating efforts on OSINT across the IC, but his power to direct or compel is limited. ODNI's IC OSINT executive is also a member of the NOSC. Having an ODNI coordinator and an IC agency be a "functional manager" on several topics was a compromise back when ODNI was created, with an eye toward not recreating bureaucracies and not stripping IC agencies of their power and capability in key areas.

DIA also has a robust open-source capability, and this paragraph gives a nod to their efforts as the lead OSINT manager for the defenseenterprise, which is part of the IC but also part of the Department of Defense.

If this seems quite complicated, remember that each of these agencies had an independent, yet nascent, OSINT capability before ODNI was created in 2004, and each OSINT capability was aimed at specific customers. Those missions have endured, even if the overall IC landscape has changed. This complexity also highlights why the first goal of coordination is so necessary-the many churning oars of the IC need to sync up and row in the same direction.

Emily Harding is the director of the Intelligence, National Security, and Technology Program and deputy director of the International Security Program at the Center for Strategic and International Studies in Washington, D.C.

Programs & Projects