You wake up at 7:15 AM everyday. First thing, you check your phone, probably some doomscroll, for exactly four minutes before getting out of bed. Then as the day goes by, you have your breakfast by 8:00 AM. You pay the delivery person with Google Pay. You arrive at the office at 8:50 AM sharp, swipe your badge, and join the guest Wi-Fi because it’s faster than the corporate network.
To you, this is just a Monday morning.
But to an intelligence analyst, a data broker, or a sophisticated algorithmic dragnet, this is a Pattern of Life (PoL), the most valuable currency in the modern surveillance economy.
This type of modern surveillance is all about capturing your daily routine so a baseline could be established. It’s not about what you do right now, but what you do everyday. This way, any deviation, missed breakfast, a different app for payment, or anything of that sort from your usual routine could be easily identified, say on a dashboard somewhere 1000s of kilometres away.
This geekswipe edition explores how Pattern of Life surveillance is conducted and approached from an Open-source Intelligence (OSINT) and Signal Intelligence (SIGINT) perspective.
What is a baseline?
To put it simply, Patter of Life analysis isn’t about finding a clue or anything of that sort. It’s all about drawing a map. A systematic collection and in-depth analysis of the target’s habits, routines, and associations. If you look at it, it’s basically reverse-engineering a human being from their daily actions.
These daily actions, the routine, itself is the baseline. These can be basic like the following activities.
- Where and when do you sleep?
- Where do you work?
- Who do you meet with?
- How do you spend your money?
- What’s your monthly average spending?
- Where do you spend the most?
The shocking fact is that the corporate sector is more interested in this than the intelligence community. Think about how valuable the above information could be to a tech company like Google or Meta whose entire business model is built on the attention economy. Remember that confused feeling how instagram knows what product you were talking about and showing the ad for it? This is how. We’ll talk about this in detail in the next section.
Anyways once they (a corporate or an intelligence agency) have established the baseline, that’s when the magic happens. The baseline itself isn’t usually a threat but the anomaly in the baseline is.
If a target who hasn’t left their neighborhood in a month suddenly drives to a remote warehouse at 3:00 AM and turns off their primary mobile device … Well, that’s when a drone gets tasked or an intervention is planned. Or a targeted ad gets triggered for better storage warehouses around the area.
It’s behavioral economics applied to hunting. Humans are deeply, fundamentally predictable creatures. We like routines. PoL analysis simply weaponizes that predictability.
Where does the data come from?
So how does a tech company or an intelligence agency build an accurate baseline of your Monday down to the t? It all boils down to OSINT and SIGINT with geolocation.
The digital spy in the pocket – SIGINT
You are walking around everyday with a beacon. Actually, several!
Every time your phone connects to a cell tower, hands off between towers, pings a Wi-Fi router, or uses Bluetooth to find your AirPods, connects to the GPS, it’s screaming its identity into the void.
Intelligence agencies use IMSI catchers to mimic cell towers and force phones to connect with them. Once connected, it reveals the device’s unique identifiers and precise locations.
The thing about OSINT is you don’t even need to be the NSA anymore. The commercial data broker market is a cesspool of location data harvested from weather apps, games, and “free” services. They aggregate these unique identifiers, strip out the names (anonymisation), and sell them as datasets.
If a dataset shows a device moving from your home address to your work address every day, it doesn’t matter if the device is labeled “User_1234A.” A child can know that it’s your device.
Yes, your phone knows when you sleep, where you work, whose device is in proximity on a routine basis, but if you are deeply entrenched in a particular ecosystem like Google, Microsoft, Apple, or Meta, they know more than even what you know about yourself. They know about your preferences, hobbies, likes and dislikes (social media patterns), mood (search patterns), cross-domain spending habits (pixel tracking), and even when you’d be likely to make a decision based on your unique psychology.
Social media and other digital footprints – OSINT
We humans always have the tendency to post and boast about something on the internet. It could be a social post or it could be an automated fitness update.
And people, even the ones in the military, are terrible at operational security. There are numerous events where soldiers and officers have inadvertently exposed their bases and warships by posting their morning fitness activity on Strava. Complaining about a delayed flight on Twitter? That’s an intel for your travel plans.
The OSINT landscape has become brutally efficient, especially with the rise of AI. It’s no longer just about scraping text but about cross-referencing vast, disparate datasets in milliseconds, at scale.
OSINT Evolution
If you think OSINT is still just advanced Google Dorking, you’re living in 2022. The tools have evolved now. And they are scary good.
Tools these days use graph-based entity relationships, predictive modeling, combined with social media intelligence to predict your next move even before the analyst types his question. Add advanced computer vision to geolocate photos based on shadows, architecture, and even flora on top of that.
Tools these days don’t just show that John Doe exists. They show you that John Doe shares an IP address with a shell company registered in Cyprus, which lists a director who frequently checks into the same boutique hotel in Geneva as a known person of interest.
The connections are drawn before the analyst even asks the question. Things are so cutting edge that it feels more like Minority Report (Film) or Person of Interest (TV Show) or Watchdogs (Video Game) is a close reality, where AIs can predict a crime even before it happens.
Human in the loop
It makes us think that with all this tech, human analysts would be obsolete. That’s where the human in the loop works brilliantly. Because, algorithms are narrow and most of the times flag false positives.
A human could break a routine if they have a toothache. Or if life happens. So these false positive flags in Pattern of Life analysis would need a deep, intuitive, and subjective pair of eyes. A human.
Why should you care?
You might think that you aren’t a spy. Or someone who is plotting a coup. So why does this matter to you, a common citizen?
As mentioned earlier, the tools developed to hunt bad guys in the early 2000s are now being used to sell you shoes, deny you health insurance, and predict your political leanings.
The barrier to entry for Pattern of Life analysis is lowered. One doesn’t need a multi-billion dollar NSA-level budget anymore. Just a motivated individual with a credit card and a basic understanding of OSINT frameworks can build a terrifyingly accurate profile of almost anyone.
We have built a society where convenience is subsidized by total, relentless surveillance. We traded your privacy for free mapping apps and tailored Instagram feeds, and in the process, we gave away the baseline of our existence.
The pattern of our life is no longer ours. It’s a commodity. And the algorithms are always watching for the anomaly … or the right time to show you an ad.
