LOGBOOK

HELP

Quiz Entry - updated: 2026.06.07

Where does OSINT data actually come from, and what rules should govern its use?

OSINT draws from social media, search engines, public registers, WHOIS databases, and blogs, but its use must follow principles of legality, proportionality, and respect for privacy.

Common sources:

  • Social media profiles and public posts.
  • Search engine results and cached pages.
  • Public registers and government databases.
  • WHOIS domain registration records.
  • Blogs, forums, and public websites.

Legitimate applications:

  • Law enforcement and intelligence investigations.
  • Cybersecurity threat intelligence gathering.
  • Investigative journalism and fact-checking.

Five governing principles for ethical OSINT:

  • Legality. Stay within the boundaries of applicable law.
  • Proportionality. Collect only what's necessary for the specific purpose.
  • Source documentation. Record exactly where each piece of information came from.
  • Objectivity. Analyze without bias or predetermined conclusions.
  • Respect for privacy. Recognize that "public" doesn't mean "fair game."

Consequences of misuse: privacy violations exposing individuals to harm, legal liability under the DSGVO and criminal law, and exploitation by malicious third parties who obtain improperly gathered data.

From Quiz: PRIVACY / TOM and OSINT | Updated: Jun 07, 2026