4 Key Success Factors for Implementing Investigative Analytics into Your Workflow
Forward-thinking law enforcement agencies are using data analytics to focus investigations, close cases faster, and proactively identify connections between criminal actors in their communities — and beyond. Analytics is even being used to uncover new evidence in cold cases that was previously not accessible. For many agencies that want to follow their lead, however, one question weighs heavily on their minds: How do we even start?
There are several best practices law enforcement agencies can use to jump-start an analytics practice in their digital forensics function, even if their team has limited staff. One starting point is to study real-world examples of how other agencies are using analytics in their investigations to help protect and save lives and accelerate justice. Here’s a look at two:
Jefferson Parish Sheriff’s Office (JPSO)
This law enforcement agency in Louisiana supplemented its existing Digital Intelligence assets with the latest analytics technology to create a 360-degree view of cases that follows a seamless flow of information from the field to the lab to the investigative team — and ultimately, to the courtroom. Analytics is a force multiplier for JPSO’s Digital Forensics Unit, whose investigators collect, preserve, review, and analyze data from mobile phones, computers, and tablets.
“Analytics software allows us to look at multiple cases, compare phones to each other, and really take a deep dive,” said Deputy Chief Timothy Scanlan, Commander of the Technical Services Bureau at JPSO, in a recent interview. “Instead of handing a detective a thumb drive with one phone on it, we now give them access to multiple phones in a case. They can collaborate with each other and build those cases. Analytics is only going to strengthen us, moving forward.”
Gulf Coast Technology Center (GCTC)
Another analytics success story is GCTC in Mobile, Alabama, who has brought 23 agencies under one roof to build a world-class crime-fighting unit. The intelligence-driven law enforcement program uses the latest analytics technology to co-join similar or related digital evidence from various sources to create “master cases.”
“We don’t separate by agencies, so everything’s getting dumped into one master case if that makes sense. And so, we’re building contact repositories [and] cross-referencing everything,” said Commander Kevin Levy, of the Mobile Police Department’s Cyber Division, in an interview.
Commander Levy helped establish GCTC, whose cloud-based collaboration system allows investigators to view and analyze data from multiple sources. And it’s helped investigators to connect the dots on criminal activity in ways that may have been impossible — or at least, very challenging and time-consuming — for them to do in the past. A case in point: an investigation into a car-theft ring that quickly expanded into one of a major crime syndicate involved in vehicle theft and firearms theft and distribution — and which also led to investigators solving two active homicide cases.
Jump-starting an analytics team in your agency requires more than technology
JPSO and GCTC are among the rapidly growing number of law enforcement agencies around the world that are using analytics technology to transform how they work with data — and seeing impressive results. For JPSO and GCTC, the solution they’re using to automate their digital data analysis, visualize case narratives, and simplify reporting is Cellebrite Pathfinder.
Investing in the right technology is a critical step to setting up your agency’s analytics team for success. Cellebrite SME Sigal Caspi, who worked for the Israel Police Force for some 25 years and was Head of Intelligence Analysis Section in Several Departments, expands on why agencies should consider adopting a solution like Cellebrite Pathfinder.
“Pathfinder speaks the language of the investigator,” says Caspi. “For instance, it can aggregate multiple identifiers within a case and attribute them to a single person of interest. Then, investigators feel confident, ‘This is familiar. I’m not dealing with bits and bytes or numbers. I’m dealing with names — with people.’ They can present the data in a simple and intuitive format that allow them to tell the narrative of the case and draw the attention of the relevant stakeholders”
With Pathfinder, for example, investigators can ask leading questions of interactive data and present the evidence in a corelative and colorful display that’s easy to share with key stakeholders in an investigation. The solution also streamlines the investigative process by using advanced artificial intelligence (AI) to analyze and visualize data from various digital sources to identify patterns, reveal connections, and uncover accurate leads quickly.
However, investing in advanced technology isn’t enough to build a successful analytics team for your law enforcement agency. To reap the full benefits of an advanced AI solution like Cellebrite Pathfinder investing in appropriate training for staff working with the technology is vital.
With that in mind, Caspi offers the following four essential best practices for not only getting your analytics program up and running but also, laying the groundwork to build a best-in-class operation over time:
#1: Involve the right people early in the process
Implementing an analytics program requires the attention of many stakeholders. Some may think that the forensic lab team is sufficient, but this is not always the case. Members of the digital forensics lab usually take the lead on the investigative analytics portion of the investigation as well as the technology that enables it.
However, their focus is mainly on the collection and review of data from digital devices. Investigators should also take part in this process — ideally, as soon as possible. Raw material (cellular extractions) can be directly ingested into Cellebrite Pathfinder, which decodes the information, making the case ready for investigation.
A well-executed analytics program makes it possible for the analysts and investigators — and even the prosecutors — dedicated to a case to collaborate, so they can work together to surface relevant leads and discover connections that might otherwise be missed. (The GCTC case described earlier is a prime example of the power of collaboration around analytics.)
Also, leaders in the agency — commanders as well as team leaders or heads of investigations — need to be brought into the loop early so they can understand why the department wants to create an analytics team, and how this commitment can lead to faster case resolution and deliver detailed evidence that helps prosecutors convict suspects.
#2: Arrange for appropriate, flexible, and engaging training
Flexible training is crucial. Investigators are normally very busy and have limited time during the day, but they need to be key participants in analytics training, as the technology benefits their workflow significantly. Cellebrite offers various instructor-led, live-online, and online on-demand training courses to fit participants’ schedules and budgets.
When investigators understand the value of having analytics technology supporting their day-to-day work, it can help to drive their engagement in the implementation process. It also helps if agencies work with a provider who offers flexible training options.
Investigative analytics training also must be engaging and memorable, as well as straightforward and easy to absorb. Training has to stick and be effective so that people can build confidence and start working independently as quickly as possible, and ideally, share their knowledge with others in the unit.
Training also must be continuous as technology is always advancing. Investigative analytics team members, outside of formal learning opportunities, can stay up to date on trends on their own by taking advantage of free webinars, blogs, technical articles, and more.
#3: Create compelling reports on progress and share results at the right time
Most law enforcement agencies today grapple with major time pressures along with the lack of resources. So, they must make sure that every implementation of a new tool will lead to improvements in the organization’s efficiency and effectiveness.
Ongoing measurement of internal performance following the implementation of a new investigative analytics solution is critical in determining how quickly the technology is delivering a robust return on investment and how it is adding more value to the organization over time.
In addition to creating general reports on the value the solution is providing to the agency, ongoing communication and reporting about the investigation process and findings are essential to increasing awareness about the technology and its capabilities to key stakeholders.
Until now, the approach to reporting digital evidence in investigations has been largely outdated and uninspired. Cellebrite Pathfinder makes reports much more compelling. Instead of monotonic documents with mountains of digits and words, the solution displays evidence in various ways to captivate the attention of decision-makers. Screenshots of dashboards and chat strings between suspects across multiple devices and platforms are just two examples.
Timing is also crucial for sharing reports — and underscoring the value of the investigative analytics solution. A good time for the investigation team to share findings is at the end of the workday when everyone is sitting around the table and the commander is asking for updates on progress. This is an opportunity for the team to say, ‘We’d like to show you what we’ve achieved so far.’
And instead of giving the usual brief of, ‘We examined 24 devices,’ they can tell a compelling story with content and context and provide leadership, at a glance, the who, what, where, when, and why of what they’ve discovered through their analysis.
#4: Keep evolving your investigative analytics program
Implementation of an investigative analytics program in a law enforcement agency isn’t a “set it and forget it” exercise. It requires constant evaluation and ongoing adaptation. As noted earlier, team members should engage in continuous training as well as self-directed learning. Technology needs to be kept up to date. And the team should be staffed adequately to meet the needs of the department.
Anyone in the agency working with analytics should be encouraged to keep digging deep on data to uncover leads and connections that can help the department address unsolved cases and accelerate future investigations. For example, the Junction City Police Department in Kansas, which recently adopted Cellebrite Pathfinder, plans to create a “map” of the local crime community and hopefully, dismantle and disrupt criminal networks in the area.
Bonus tip: Set the vision from the outset
Caspi recommends that law enforcement agencies thinking about creating a formal analytics program answer this question first: “Why do we want to analyze data?”
One of the biggest obstacles to getting a successful analytics program off the ground, according to Caspi, is understanding the need for it. Very often, an agency’s answer to that question is twofold: “We want to speed our investigations and we want to help our investigators work more efficiently and focus on more high-value work.”
“When you use an advanced analytics solution like Cellebrite Pathfinder, investigators can save time and accomplish in a short period what would have otherwise taken months,” says Caspi.
(Download the Pathfinder eBook: Fight Crime, Not Time: Investigative Thinking in the Digital Age)
“The solution helps them answer important questions like: ‘Which people does this suspect interact with the most?’ and ‘Why did this suspect go to this place?’ It also provides tips that help surface insights that can accelerate investigations.”
And here’s a final tip for agencies that want to build a successful investigative analytics program: Make clear to investigators from the outset that adopting an analytics solution with advanced AI isn’t a move designed to replace them—it’s a strategy intended to support them.
Jack Ziv is VP of Product Business Management at Cellebrite. As a Product expert and intelligence veteran, Jack had the privilege to design and create technology solutions to help law enforcement agencies around the world resolve common intelligence and investigation challenges. Serving as a Captain (reserve) for the National SIGINT Unit, his prism of mixing operational investigation methods and industry-leading technology creates his unique perspective.
Jack holds an MBA specializing in Business Strategy and Innovation from the Interdisciplinary College of Herzliya and a BSC in Technology Management from Holon Institute of Technology.