Updated: October 28, 2006
Social networking sites (SNS) like MySpace and Friendster offer plenty of opportunities for investigators to learn about their quarry. This page provides some tips for making the most of the public information available on such sites.
As an information security professional (see my blog), I have gained some interest in this area. Hopefully these tips can assist you in any on line investigation you may be pursuing.
Time sensitivity. SNS are very dynamic. Some profile owners (individual users of a particular SNS) change content multiple times a day, and change the layout (backgrounds, accompanying music, or other characteristics) daily. Investigators seeking the maximum information about an SNS user need to visit the profile frequently and save or print on each visit. Failing to do so will jeopardize the likelihood of maximizing recovered information.
Linked information. The information you seek may not be on the individual's profile, but on the profile of one of the individual's friends. Remember this is the web, and just about everything is plentifully linked. So visit the profiles of the commenters on the profile you are investigating. You may very well find the photo or reference you are seeking.
Signing in. You will be able to see more information if you sign in. To sign in, you will need to make an ID and password on the site. It is up to you to determine the costs and benefits of signing in. Some SNS may show profile owners who is visiting the profile. Investigators must determine if the extra information is worth tipping your hand on such a site. One can use an alias if that is a concern, but then one must assess if ethical concerns or evidentiary concerns might be paramount. I'm not a lawyer and I don't play one on TV. Seek appropriate counsel.
Protected areas. Password protected areas are a dead end. Search elsewhere once you hit a security sign in for a photo album, blog area, or other protected web page. Although SNS are notoriously insecure, and there are many published hacks for SNS, it is a violation of the site's terms of service, a violation of established law, and a violation of the profile owner's privacy to bypass those protections. I suppose that law enforcement acting under a court order, or other government officials acting on behalf of national security may legitimately be a justifiable case, but for most investigators, this should be beyond the pale. The HP pretexting case, anyone?
Search engines. A critical aspect of effective SNS investigating involves effective use of search engines like Google. Here are a few brief tips on Google searches. The square brackets are NOT part of what you should enter in the search field.
More tips coming! Come back soon!
