On the 22nd of November 2022, the European Law Enforcement Research Bulletin of the CEPOL (European Union Agency for Law Enforcement Training) published a research paper titled “Artificial Intelligence and Interoperability for Solving Challenges of OSINT and Cross-Border Investigations”. The paper describes a newly proposed Person-Centric OSINT approach using Artificial Intelligence (AI) and interoperability to solve the challenges that emerge during investigations, such as multiple-identity, identity frauds, exchanging Cross-Border information, and the complexity of OSINT investigations. This is a series of blog posts that describes the research.

Challenges

Multiple-Identity

The central EU information systems were implemented in silos, creating information gaps due to a lack of interoperability. Implementing the information systems in silos has created challenges for detecting incorrect, incomplete, or fraudulent identities.

The need to improve EU interoperability is clear. Existing systems such as EURODAC, SIS / SISII, and VIS must share data, and new IT systems such as ECRIS-TCN, EES, and ETIAS also need to follow these guidelines. That must be done without adding new databases or changing access rights to existing systems.

The components needed as part of the move towards EU interoperability include the following: the European Search Portal (ESP) for fast and seamless simultaneous searches in EU information systems, in addition to Europol and Interpol data; the Shared Biometric Matching Service (sBMS) that searches and compares biometric data (fingerprints and facial images), linking this data to other systems; the Common Identity Repository (CIR) to increase the accuracy of identification through automated comparison and matching, and the Multiple Identity Detector (MID)for automatic detection of multiple identities linked to the same set of biometric data.

However, many common challenges will emerge due to the different formats and structures of data, low quality of biographic and biometric data, low accuracy of matching algorithms, errors in data entry, and fraudulent actions. For example, when the border authorities receive the Advance Passenger Information (API) and the Passenger Name Record (PNR) of air and sea passengers, it is difficult to exchange and match the identity of one passenger with his/her records stored in the EES, ETIAS, SIS, and VIS due to lack of interoperability and different data structures and formats. Another example of these challenges is the car license plate number. The license plate number has different formats and structures that vary from one Member State to another, creating difficulties in searching and finding the correct license plates and linking them with individuals, such as owners or suspects.

Important to mention that the central EU systems have gaps in covering all the persons of interest living or travelling to the Member States of the European Union. The gap could be summarised in three types of persons of interest: the short stay visa-exempted third country travellers, permanent foreign residents, and EU citizens. The eu-LISA will implement the ETIAS system and units for solving the gap for the visa-exempted TCNs. However, none of the existing or newly established central European information systems will solve the gap for permanent TCN residents and EU citizens. Each Member state is responsible for solving that gap by creating national systems and achieving interoperability between the national and central information systems as per the EU regulations for interoperability.

The ETIAS will solve the existing security gap of the visa-exempted TCNs. However, the central and national ETIAS unit officers should be well-trained to solve the multiple-identity issues. The visa-exempted visitor will apply for a travel authorisation before arrival to the EU Member State. The visitor will submit identity-related information such as a facial image and biographical data, which will be stored and processed by the ETIAS. The identity-related information will be searched against all the central EU information systems to check the former existence of the visa-exempted applicant in other EU systems than the ETIAS, and the central MID, Multiple-Identity Detector, will automatically flag the identities with similarities based on biometric matches or biographic matches. The ETIAS unit officers have to manually investigate all the elements of the multiple-identities and confirm or reject the link between identities.

Identity Fraud

The fraudulent actions and wrong matches are other issues created due to the lack of interoperability and low accuracy of some biometric modalities. For example, the fingerprints of a third-country national could be enrolled in the VIS system with specific identity information, while the fingerprints of the same third-country national might be enrolled in the EURODAC system using different identity information. A second example is that the different facial images of a third-country national could be enrolled in the VIS and EURODAC systems. When submitting a facial query to both systems, the results could be two lists of candidates, instead of one "hit/no hit" from each system, due to the low quality of facial images and the low accuracy of facial recognition algorithms.

Cross-Border Investigation

Cross-Border information exchange is required when revealing the identity of an involved suspect or victim depending on identity information or criminal information that resides in a foreign country outside the borders of European countries. Furthermore, exchanging of cross-border information is required by immigration authorities for the identification and security clearance of TCN asylum seekers and travellers. Cross-Border investigations are challenging because there is no proper way or technical solution for exchanging cross-border information, and the officers in the EU countries don't have access to the cross-border databases and information systems. The third case of the cases section will simulate the challenge and the solution for a valid hypothetical scenario for cross-border investigation.

OSINT Complexity

Using tools and methods of OSINT is challenging because it contains various information technology elements such as domains, websites, protocols, headers, codes, scripts, IP addresses, certificates, hashes, usernames …etc. It requires strong IT skills to obtain optimum results in revealing the identities of suspects or victims related to terrorism or serious crime. Moreover, it is difficult to match the suspects' identity-related data and facial images stored across the different databases with the data from open sources. For example, a suspect has a record stored in a national or European database such as SIS or EURODAC. The stored record might be biographic data or a facial image. When the suspect has a different identity on the internet and social media, it is difficult to link the identity stored in the national and EU databases with the fraudulent identity claimed on the internet and social media.

Furthermore, the officers don't get the optimum results from the OSINT tools because they need to understand the tools' mechanism, accuracy, and demographics. Also, they may not differentiate between image recognition and facial recognition in many cases. For example, it is important to understand which type of human images could return good results when searching with tools such as Google, Bing, and Yandex. Those OSINT tools are Artificial Intelligence algorithms for image recognition, not facial recognition. Another example is the facial Recognition AI algorithms used for OSINT have limitations due to their recognition mechanism, the accuracy of algorithms, geographic coverage, and ethnicity bias. Understanding the limitations will lead to optimum results when using such OSINT tools dedicated to facial recognition.

Finally, the different encounters of the same identity are not linked across the different data sources, creating multiple-identity and fraudulent identity challenges due to lack of interoperability and the variations of names and languages.