Evolved version

Ben Proctor authored
revision 6e7cd720c47daf3933602192f07d59a5b29f45c1
document
## What is this
Andrew Fielding ran a session at BlueLightCamp 2014 looking at what the limits should be on police and by extension other public bodies use of publicly available social media data. There was some discussion and we reached no firm conclusions except there seemed to be a consensus that it would be good practice for public bodies to publish a statement on their approach to these data.

This is my first stab on what that might look like. I really hope we can collaborate on it.Since publishing the first draft I've worked with people in a range of roles in public bodies and this has evolved my thinking.

## Our approach to gathering and processing open source intelligence data

### This covers
This document sets out to explain what we do with information people publish into the public areas of social networks and other parts of the Internet which they did not explicitly intend us to see. This sort of information is often called "open source intelligence".

### This definitely does not cover
This document does not cover how we find or what we do with information that people normally keep private.

It also does not cover information that people have knowingly and explicitly provided to us even if this was on social networks.

### The principles underpinning our approach

1. Just because we can see what people publish online does not mean that we should see what people publish online.
2. You should be able to expect that you can talk to people and keep your conversations private from us unless we have a good reason to view your conversations.
3. We don't need as strong a reason to gather open source intelligence as we do to gather intelligence that you have not published in publish.
4. Whenever we gather open source intelligence we will limit the scope of our searching and the time we hold the data based on an assessment of what is proportionate.

### Ways in which we will gather open source intelligence and why we think this is proportinate

#### Digital engagement

As part of our normal digital engagement activities we will follow or like relevant accounts from accounts under our control. We will be able to see what people publish even if they did not intend us to see it and we will interact with people through these accounts.

if you don't want us to follow you just ask us and we will stop.

We will not store any information we see in this way.

#### Why do we think this is proportinate?

This is part of the normal way people and organisations to use social media. Many people expect us to behave in this way. It is a natural extension of our engagement with and accountability to the community.

#### Keyword monitoring

We may run searches for keywords related to the local area so that we can see what the community is talking about. This will let us know whether there are pressing issues in a given area or particular concerns.

We might talk to people who are talking about issues in the local area where we believe we can be helpful.

We will not store any data related to these searches.

#### Why do we think this is proportinate?

It is common for organisations to monitor ongoing conversations in order to be helpful or to join in with the normal discourse.

#### Building a picture of an individual

We will not normally monitor social media profiles from individuals other than in the steps given above.

However

We may monitor social media profiles where there is evidence that inidviduals may be harrassing or bullying our staff via social media. If we do this we will keep records of activity where it is neccessary to advise or protect our staff, to pass to the police or to take legal action.

#### Why do we think this is proportinate?

We have a duty to our staff which we think means it is reasonable for us to monitor open source intelligence.