Big data: The gold mine of investigative policing

By John Gillon, Senior Business Solutions Manager at SAS

While all sectors deal with big data, the consequences of not taking advantage of such sources are undoubtedly greater for intelligence, security and law enforcement agencies for the benefits they can gain in investigative policing. Many examples exist of agencies failing to recognize the significance of seemingly unrelated pieces of information, which – if considered as a whole – could indicate an escalating situation with opportunities to intervene.

Such failures exist at all levels, most notably in recent global terrorist events. Other examples would be local law enforcement agencies failing to identify predatory pedophile activity, escalating domestic violence, or other scenarios where the risk factors are increasing.

Keeping Fraud Detection Software Aligned With the Latest Threats

This pressure is markedly increased by the public and media expectation that agencies will always have the means to capitalize on the data available to them. But the reality is often very different. Mere access to data isn’t sufficient. To be effective, agencies need powerful tools designed to complement their workflow in investigative policing. Unfortunately, the limitations of some current tools often mean that any exploitation of the data illuminates the right information only after it’s too late.

How to reveal the myriad connections hidden in big data

Big data has a significant impact on the actual work of an investigator. By their very nature, investigations can be incredibly complex, with multiple data points, each potentially involving distinct lines of inquiries and hypotheses. To be successful, investigators and officers need to understand the significance of all of these elements and maintain an understanding of them as the investigations grow in size and complexity. Visit any major incident room and you’ll find every available wall space being used to display networks, images, timelines and maps. With the volume of information to be interpreted, there simply aren’t enough walls available.

To deal with all this data, agencies need the ability to sort through it and focus on the critical issues. The reality is that this can’t be achieved without high-powered analytics. An essential component in this toolkit is event stream processing – and the ability to process data in real time. Regardless of data speed, quantity or source, investigators need the ability to trigger processes based on defined patterns and relevant data. And they must alert stakeholders in real time about escalating threats or other priority issues.

Even after filtering the information for what’s most important, data volumes are still large and investigations complex. The problem of workspace and the ability to hypothesize visually remain since the real estate on the incident room walls is finite.

Accessing the gold in the big data gold mine

Investigators and analysts need an environment where they can easily access multiple pieces of information (which may have previously been isolated) to further their inquiries and reveal patterns of connectivity that cut across disparate data sources. With fast moving inquiries, new information needs to quickly be brought into play – automatically revealing connections with what is already known. For example, using telecommunication, transport and witness account data, investigators should be able to discover links between a victim and a suspect.

A modern investigation software product provides network diagrams so that incident room walls become virtual. Network diagrams should be dynamic and easy to share or duplicate to allow simultaneous, but disparate, streams of investigation and insights to develop. As more information becomes available, workspaces (formerly walls) should update without waiting for an analyst to perform an update. Data formats and views could be adjusted to provide different perspectives. For example, an investigator may develop crucial insight through something as seemingly simple as toggling between network, timeline and map views.

Opening up new investigative policing possibilities

While the basics of good detective work have largely remained the same, the investigational environment has changed immeasurably in the past decade. At one time – for the majority of inquiries – interviewing the witnesses and suspects, together with any available forensics, would have exhausted the investigative opportunities. This is no longer the case. The almost unimaginable amount of data we all generate in our daily lives is there to be used by investigators, and any failure to do so on their part will almost certainly attract criticism when things go awry.

We expect our law enforcement and security agencies to adjust and be effective in the modern world – and they now have modern tools to do so.

Back to Top