Losing access to TikTok can hinder investigations. Here’s how to research safely without exposing your network or personal device.

Some state and local governments are removing access to TikTok on state-managed and university devices over security concerns. This presents an unprecedented predicament for open-source researchers. The popular short-form video content application has become a boon for investigators in law enforcement, cyberthreat intelligence and academia. 

The sudden lack of access leaves many researchers with two bad choices: forego a potentially rich information source or continue on an unmanaged, personal device. Even when exceptions, such as in the federal policy exist, the time-consuming process can slow or end the pace of a time-sensitive investigation. Before you abandon the lead or put your organization at risk, consider how a cloud-based managed attribution platform could preserve your research while obfuscating your identity.

Following the lead


TikTok is a powerful tool for OSINT investigations. The video app boasts over one billion active users as of March 2023, with one million videos viewed each day. With the sheer volume of content comes important leads for investigators. The TikTok videos of Russian citizens helped tip off the intelligence community (IC) that a conflict was coming in Ukraine last year. Law enforcement officials have used it to investigate trafficking of guns, illicit substances and exploitative material. 

Videos sometimes pop up from criminal organizations who make short-term advertisements for narcotics and other illegal goods and activities. The videos are either removed or taken down, but thanks to TikTok’s architecture, investigators can save those videos for later use to geolocate, find a suspect or file away as evidence on a known perpetrator. The ability to download videos quickly as they come up — and sometimes before criminals have realized they’ve mistakenly given away personally identifying information (PII) — is one of the aspects of TikTok that make it such an important tool for law enforcement and researchers.

The unacceptable “solution”

But concerns have grown over TikTok’s parent company, ByteDance, and its potential ties to the Chinese Communist Party (CCP), causing state and local governments to remove the app from devices with sensitive data. As many investigators lose access to crucial information for their research, they are turning to the unthinkable as a stop-gap — downloading the app on their personal devices to conduct research.

Why is this so bad? Using a personal unmanaged device (i.e., without the security and policy protections of your organization) would be a critical mistake for five key reasons.

  1. Your digital fingerprint could give away sensitive information
  2. You could tip off your target
  3. You could put yourself and your investigation at risk
  4. There’s no audit trail
  5. You could see things you can’t unsee

Your unique digital fingerprint — those cookies and browser settings that shape your search results and algorithms — could be the thing that links a target back to you and your organization. Accidentally giving away identifying information is easy on an unmanaged device and could be a threat to you, your company and your investigation. Even if the target isn’t an active threat, tipping them off could drive your lead underground and make you lose the trail. This is a dangerous high-stakes game, especially when dealing with potentially criminal organizations. It’s important to remember that open-source information is available to everyone, including adversaries.

Depending on the nature of your investigators, researchers in particularly sensitive fields could also be risking their mental health and even legal standing. Investigators can accidentally expose themselves to exploitative material that takes a mental toll and can put them in legal hot water. You can’t unsee something, and it’s not something you should risk. 

The inability to audit personal devices poses many risks to investigators. It could also be all for naught, if the process for collecting evidence doesn’t hold up in court.

Even turning to a burner device lacks the procedural guardrails or oversight necessary to complete an investigation. Some state bans, like Montana’s, feature exceptions for law enforcement, but the process for approval is arduous and time-consuming. Some even require explicit permission from the governor himself, presenting investigators with an untenable work around in the environment of a fast-paced investigation.

With these mounting reasons, frustrated researchers may feel like the only thing left to do is throw up your hands and let a valuable lead slip through your fingers. It isn’t!

The actual solution

The bans that cut off researchers from videos that can help investigate cybercrimes, trafficking and illicit activities shouldn’t be the end of the line. Frustrated researchers with strict firewall rules can use Silo to save and share videos for their investigation. 

Silo for Research provides a cloud-based, off-network and off-device access point for investigators. This provides a key barrier to protect the investigator and the research output.

Silo for Research is a purpose-built platform for sensitive online investigations. In addition to 100% isolation from the user device and network, it provides robust managed attribution capabilities. Researchers can mask their identity and intent utilizing a global managed research network with digital fingerprint controls:

  • Access target sites from a non-attributable IP address localized for the region
  • Manipulate your fingerprint including OS, browser, device type and more to blend in with the crowd

Additionally, Silo for Research helps decrease time-to-insight by simplifying access to the surface, deep and dark web, as well as integrated tool suites:

  • Automate collection at regular intervals or randomized times
  • Automate multi-search workflows to collect the information you need from go-to sites

Remember the crucial TikTok feature to download those videos earlier? Silo Drive allows researchers to store evidence in a secure, cloud-based environment without exposing a network or device to potential malware. Silo Drive also provides an easily organized evidence repository for later use, whether in court or in an intelligence report. Both the saved files and browsing activity is auditable for clear oversight and ethics adherence.

Silo for Research was built to allow researchers access to crucial information for investigations while protecting identity, data and networks. The banning of a critical application may feel like the end of the road, but it could be the beginning of a better way to research.

To learn how Silo for Research could help you access the evidence you need while protecting your network, book a demo.
 

Tags
Anonymous research OSINT research Social media