We were asked recently about the ethics and legality of Dark Web searches, increasingly part of many investigations. I realized we had never posted on this issue and it’s about time.

Since a lot of what we use from the Dark Web is stolen information, can we make use of it?

In short, the answer is yes as long as we have the right reasons.

Firstly, a few terms. The Dark Web is a subset of what’s known as the Deep Web. That’s everything on the internet that you can’t get to by using a search engine such as Google. Think not only about all the proceeds of crime on the dark web, but useful legal things including your credit card statement or your medical test results. You can’t get the results for such pages from Google because we don’t want just anyone looking at confidential banking, medical and other information that is on the internet but is private. The Deep Web is vastly larger than the Web you can get to with a search engine.

The Dark Web refers mostly (but not entirely) to illicit activity that includes human trafficking, drug dealing and all sorts of other criminal activity including the theft of personal data. In some authoritarian countries, political dissidents exchange information on the Dark Web that would get them arrested at home if they did so out in the open.

Is it Legal?

In many cases, handling Dark Web material is forbidden by law. If they find child pornography on your computer, you’re probably going to prison. But what about stolen information?

In January 2020, the U.S. seized a web domain weleakinfo.com, which provided “a search engine to review and obtain the personal information illegally obtained in over 10,000 data breaches containing over 12 billion indexed records,” according to the government release. These included names, email addresses, usernames, phone numbers, and passwords for online accounts. The seizure was part of an international operation that involved U.K., Dutch and German law enforcement.

You would think that any remaining such business in the U.S. would be rolled up, but that would be wrong. What’s the difference?

One obvious case is that it should always be OK to research your own information. Many people pay for Dark Web monitoring, so that someone with access to the Dark Web itself or databases derived from the Dark Web can let you know if any of your personal information has been hacked and publicized.

But what about looking at someone else’s information? You didn’t steal it, you didn’t pay anyone to steal it or tell them how to do it. You’re just getting access to something already published.

In the United States newspapers have had the right to publish stolen information since the famed Pentagon Papers case, New York Times v. U.S., 403 US 713 (1971). When newspapers publish private company information such as the Panama Papers they are publishing the fruits of stolen property. The decision of what to publish and what to withhold belongs to the publisher, not to the victim of the theft.[1]

If the authorities catch the party that engineered the theft, they go after that party. Chelsea Manning and now Julian Assange have been in trouble not for publishing but for stealing. But the publishers are legally in the clear. It’s explained in a helpful article by the Nieman Foundation. The big discussion among journalists is not whether it’s legal to publish certain material, but whether it’s ethical in some cases.

Since the United States does not license journalists, anyone can “publish” anything they want and be subject to the same First Amendment protections as well as limits (the First Amendment makes no exception for libel, for instance).

And yet, some websites get rolled up and others don’t, even though they operate in the open.

Justice Department Guidance

A month after they seized weleakinfo.com, the Justice Department issued a guidance memo in February 2020 called “Legal Considerations when Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources.” You can get it here.

Remember, this is a group of prosecutors (not a court or a legislature) opining about what’s legal. The salient part of the guidance for our purposes:

… many of the federal criminal statutes associated with the type of stolen data that tends to be sold in Dark Markets—e.g., passwords, account numbers, and other personally identifiable information—only apply if there is intent to further another crime: for instance, an intent to use the information to defraud. For this reason, a purchaser of the stolen data who lacks a criminal motive is unlikely to face prosecution under those statutes.

So, if we are using the data we buy to find a witness in a case, to track down someone defaming our client, or just doing regular anti-fraud due diligence on a prospective borrower who wants $50 million of our client’s funds, we feel as if we are on solid ground.

But the DOJ cautions that when you buy someone else’s stolen data, it’s much more likely to “raise questions about the purchaser’s motives and result in scrutiny from law enforcement and the legitimate data owner, particularly if a trade secret is involved.”

So for anyone buying this data, you need to ask, “Why do you need it?”

Things We Will Do with Dark Web Data

We have used Dark Web data to try to figure out who is behind a website defaming one of our clients. In another case a client was being harassed and there was no way to know who had bought the throwaway (“burner”) phone making the calls.

In both cases, we went to the databases of information gathered from data breaches. We hoped to find numbers and email addresses that we could link to physical addresses in order to identify who was behind the suspect activity.

Sometimes, you can take a “handle” from an email address (say paulb3222) and see if that prefix is associated with any individuals. You then need to do more work to make sure the paulb3222 you are looking for is the same person as the guy in Australia who goes by paulb3222. Believe it or not, such handles are more common than you would think.

We think this kind of work is permissible and ethical because we are not engaged in fraudulent activity. Indeed, we are trying to stop what is allegedly criminal or tortious activity, and we are using data that has already been published.

Things We Will Not Do with Dark Web Data

Beyond the obvious – reselling illegal images, dealing in drugs, violating medical privacy – there are uses of the data we can find on the Dark Web that are illegal. If you find out what someone’s password used to be when their Target account was hacked and dumped on the Dark Web, it would be illegal to use that password to hack into other accounts they may have. And as the DOJ makes clear, you shouldn’t be in the business of stealing trade secrets.

Post-Breach Security Tips

If you want to find out if your email address was part of a data breach, you can do so for free at https://haveibeenpwned.com/ The site has no specifics beyond where the breach took place, but if you see your breach happened with Target, it would be a good idea to change your Target password — if you haven’t already — and to change all other passwords that are identical or very similar.

Our recommendation: get a password keeper that assigns a different, long, randomly generated password for every site you use. You only need to remember the one password for the password keeper. That way if there is a breach, they only have the one password they stole which won’t resemble any of your other ones.

[1]One caveat: All of the law referred to in this article is American law, and American law is probably the most permissive when it comes to what you can publish without worrying about state intervention.

 

Investigators get information in exchange for money, so why in the world would an investigator want to tell people how to get that information for free?

As I wrote last week on our companion blog, The Divorce Asset Hunter in an article called Giving it Away is Great for Business, it’s not a matter of ethics (the usual subject of this blog) but of good business practice.

A speech I gave last month generated tremendous response around the simple topic of five kinds of information you can often get for free and that your hired investigator will get in much the same way.

At The Divorce Asset Hunter, I explained why giving something away is good for business. People buy from people they like and especially in businesses such as ours, people they trust.

Here, I want to go into more detail about what I gave away.

The speech was about asset searches, but the sources we look at in an asset search are sources we use in pretty much any investigation about a person. They are:

Company information, real estate ownership, court records, liens and securities records.

Here (in brief) is what I told the audience:

  1. Company Information. People don’t hide assets just in their own names. They form companies to hold the assets. Even if they are not trying to hide anything, companies limit personal liability and are a standard business device across the western world. I walked them through a couple of Secretary of State websites to show how easy it is to get rudimentary information on private companies. I included the proper caveats, such as the varying amount of information the states offer, the fact that some make you pay a small fee, and some reveal close to no information much of the time (that’s you, Delaware). Still, to get a full picture of someone’s commercial activities, you can’t just look at the companies you know someone runs or works for. They could have a whole second life structured around companies or partnerships that have been secret.

The takeaway was that companies are arranged by state – not by city, county and not nationally as in England or France. A person in Sioux Falls, South Dakota a few miles from the Minnesota line may have companies in either state. Check both.

  1. Real estate ownership. The U.S. has more than 3,000 counties, and real estate ownership is recorded at the county level. The websites differ and some don’t give you much. But others can give you deeds, mortgages and more. Exceptions include a good bit of New England where towns record real estate, and in New York City there is a unified city department.

I told them to search widely, looking for the person as both grantor and grantee and searching for both company and individual names. Sometimes deeds aren’t online but ownership is via the website of the county’s tax assessor.

  1. Court records. Not all records are on line, but many are (especially in Florida). As with real estate these are almost always by county (in New England you may need to check county and town courts). As for federal court records, it’s usually much easier. Anyone can sign up for PACER, the federal court records site. It’s not free but it’s not expensive either. Nearly all federal courts take part in PACER, and while some records are not on line, the majority are (especially in newer cases). All bankruptcies are heard in federal court and are findable here.

The wonderful thing about court records is that they can be gold mine of information. You want to know about Mr. Garcia, and you see he got sued along with some company you never heard of. It turns out that by reading the court papers you find out that this is Mr. Garcia’s company. Now you take that company name search it for real estate (see step 2 above).

  1. Liens. We recently were trying to find out what assets someone had. We found a lien against them that had been satisfied, but the collateral listed included a couple of investment funds they may still have owned. That’s the only place on the public record you would see that kind of information. If they didn’t owe someone money, the ownership would be a matter of private contract only.

Securitized debt (debt that’s backed by a thing) is known as a UCC lien. Usually the state’s Secretary of State keeps track of these as it does of companies. Some states such as Florida and New York have free UCC records, but in Texas they will cost you a whole dollar each. UCC’s are like mortgages on anything that’s not real estate. But like mortgages, the first person to record an interest in something gets first crack at it.

  1. Securities records. If someone is senior enough, a public company will report on how much he gets paid and what stock options he was granted. Even better sometimes is that the company will report that the executive gets paid via a side company. You can then look that company up, see if it owns real estate and has been to court.

U.S. securities records are on a service called EDGAR, maintained by the Securities and Exchange Commission. There’s a free version of EDGAR. Note that this only covers public companies (listed on the stock market).

I like to do the widest possible search on EDGAR because there are a lot of different SEC form numbers. If you restrict your search you could miss something. But if you’re looking at someone with a common name, you may need to pick a form. The one that will reflect compensation in stock is Form 4.

Any investigator you hire should be doing all of the above. They will do a lot of other searches in addition, and also will make use of paid databases you won’t have. No matter.

Say you are doing an asset search on your spouse, prior to a divorce filing. The more research you can do yourself the better. It gives your investigator a basis on which to start and saves you money because investigators should not charge you to retrieve what you already have. Most importantly, it’s an easy way to monitor some of the key indicators that your joint financial affairs may be heading a direction you did not know about.

Wouldn’t it be nice to be able to find out:

  • Whether your spouse has set up a secret company to hold assets?
  • Whether a disgruntled former business partner may have sued your spouse?
  • What kind of money your spouse has borrowed against land or equipment?
  • What initial public offerings your spouse was subscribed to, and what stock awards and options may have been awarded?

In most cases you will still need to hire a professional, but now if a pro tells you that everything he looks for is on line, and you know perfectly well that mortgages in California are not online, you’ll know this is not the investigator for you.

I closed my speech with this: I could give a day-one investigator the password to all of my databases, plus put a huge pile of public record documents in front of them, and they would probably still fail to come up with all that I can. That’s because part of what you pay an investigator for is the ability to keep a number of competing theories in play at any one time, and to generate new inquiries based on what an initial sweep of records turns up.

Not to worry. More knowledge is nearly always preferable to less knowledge – certainly when it comes to finding money, deciding whether to invest or lend, or fighting for your financial life in litigation.

It’s one of the tried and true ways investigators have to explain their work. “Connecting the dots.”

What we usually mean is that in a sea of data, we can find the relevant material and put it in the right context by showing how it relates to other facts.

You sometimes end up with a compelling narrative in chronological order of someone’s life or business dealings, all plucked from billions of possible public records and interviews.

The problem is that in many dynamic investigations, people keep moving and doing different things. The dots are in motion.

A perfect illustration hit me last week when I looked at the painting above by Sophie Taeuber-Arp, a brilliant painter, sculptor and designer who died far too young in 1943. The painting from 1934 is called “Equilibrium,” but its equilibrium looks like it lasted for less than a second. If you look at the picture, the green ball on the right and the figure on top are not held up by anything. The rest of the figures look precarious.

Lots of investigations present a “snapshot” of what we find, but things are often about to change, as in this picture.

Ten years ago we wrote about the arrest of an employee of New York’s Catholic Archdiocese Background Checks for All. Anita Collins had been charged with embezzling funds from the church. After our article, she pleaded guilty to taking $1 million in 450 small payments to herself over many years. She was sentenced to as many as nine years in prison.

What made the case interesting for us is that Collins had been hired just before a new policy took effect, requiring background checks on all employees. A background check would have turned up previous problems she had with handling money.

Later on, when the church went back and required checks on employees there from before the policy’s start date, they required checks only for longtime people who dealt with children. Collins was exempt.

Where the dots are in motion in this kind of situation is simple: An employee could come aboard with minor responsibility and then work his way up to the point where he handles a lot of cash. But, his time with the company usually counts as some kind of quasi-investigation. [“But they’ve been with us for years!” is what bosses usually say when presented with evidence of employee theft.]  In reality, the more senior an employee, the more important a background check is, whatever the due diligence equilibrium used to be. People are always on the move, like the shapes in the painting. For really important employees, companies could consider periodic reviews to catch drunk driving, domestic violence, or financial stress taking place after hiring.

Other examples of connected dots in motion:

  • Databases have time lags and need to be checked repeatedly. We once needed evidence that a particular person was living in a particular apartment. When we started the case in February, nothing showed up for him. Then we looked again in April and there he was, having associated his cell phone with the apartment back in February. The time lag between recording the data and selling it to the database was two months. February’s “equilibrium” was different from April’s.
  • Social media, or course, is always being refreshed. If the case is active, keep monitoring it. People sometimes (carelessly) ask friends to call them on a cell phone you didn’t know about the month before. They give away vacation spots and the names of trusted friends. Very useful!
  • Asset searches. The minute the subject may think you are looking at his company, get ready for him to form a new company. If you discover a new company and ask him about it, the money may be on the move again. Sure, it could be a case of fraudulent transfer, but you still have to keep track of where the funds are going and when.

Taeuber-Arp’s picture is exciting to me the way investigations are: Things never stay the same for long.

 

If you enjoyed this article, you may also want to look at our other blog, The Divorce Asset Hunter (divorceassethunter.com).

 

 

I was puzzled this week at the reaction to a bomb of a story by the Wall Street Journal. The paper’s rightfully cautious lawyers allowed it to go to press and declare that 131 federal judges had broken the law by hearing cases in which they or their families had a direct financial interest.

Photo: Uwe Kils, Creative Commons

Even though a bunch of judges admitted they had acted incorrectly, other than a couple of reports by The Hill and Esquire.com, the reaction was zero.[1]

The story and its aftermath yielded a couple of interesting lessons.

  1. If a story can’t be politicized these days, it goes away fast. The judges named in the story came from across the political spectrum. Obama appointees, Bush (both of them) appointees, Clinton appointees, Trump appointees. They should have recused themselves but didn’t. No political points to be scored here.
  1. As an investigator, the story was a wonderful illustration of the idea that the world is packed with information that nobody either looks at or analyzes. This story scratches the surface of what lies ahead as artificial intelligence (AI) both increases the amount of data we can search, and the speed with which we can analyze it. Imagine being able to see not just the part of the iceberg above the water, but the whole thing – right away.

JUST ASK FOR IT

In this case, the paper relied on a non-profit called The Free Law Project which put together the stock ownership data for the judges. How did the Free Law Project get this information, which judges are required by law to submit? They asked for it. That’s it. Now it’s a public database on their website.

There is a lot of other wonderful information that is there for the asking. Freedom of information requests at the federal and state government levels have given us all kinds of material over the years as we investigate.

Did someone really serve in the military? What did a charity say its mission was when it was established? What kind of things did a company import and declare to U.S. Customs? We’ve found it all by asking for it.

All sorts of other great information is there for the taking. We once linked two people using state-level lobbying records freely available on the government’s website. If your database doesn’t look at lobbying records, that should be the database’s problem, not yours.

PUTTING IT ALL TOGETHER

The brilliance of the Journal’s story wasn’t just the sea of data the Free Law Project gave them. It was the critical task of seeing what happens when you match one set of data with another. The second set, of course, was looking at cases all the judges had heard. When a party before the judge turned out to have been owned in part by the judge or the judge’s family (personally or in trust and known to the judge), that was where the law was broken.

One of the keys to a good investigation is how databases and other forms of information work together. I’ve written for years that we employ an “all windows open” approach. It’s no good running a search on Bloomberg and then checking it off your list as a source already consulted. If later in the investigation you find out in an interview or court record that your subject has a company you didn’t know about when the investigation started, you have to look at that company on Bloomberg again. [2] Think of it as having each information source in a separate open window on your computer. Don’t close all until the investigation is done.

It probably took the Journal a long time to do its analysis, but note that the story only handles cases between 2010 and 2018. Nearly three years of cases since then have been heard – thousands – and the “investigation” is far from complete.

THE FUTURE OF INVESTIGATION WITH ARTIFICIAL INTELLIGENCE

On a very basic level, the Journal used AI to parse all the data. Once parties and stockholdings are fed into a database, a computer can spit out conflicts in a second. Human beings need to carefully review the findings, but doing the entire job by hand would have taken years.

AI helps in processing time, but it also is helping to create searchable data sets that were never searchable before. I discussed this at length in a law review article a few years ago, Legal Jobs in the Age of Artificial Intelligence. Imagine being able to search in seconds the transcripts of every podcast or YouTube video on the internet.

That time is coming. More data, more analysis, more human hours to make sense of it. This Wall Street Journal story is just a taste of the future.

 

 

 

 

 

[1] The Administrative Office of the U.S. Courts, which runs the federal judiciary, told journalists it was looking into the matter. Many cases may have to be retried. It’s a mess for the judiciary which will play out over weeks, months, years, probably.

[2] My book, The Art of Fact Investigation discusses this concept, and I’ve included it for years in my courses and lectures to lawyers around the country.

The longer you investigate people, the more bad behavior you will be able to talk about. But there is little I have encountered in my work that is more sickening than deed fraud – the subject of a recent case we had.

Philadelphia. Photo Credit: Creative Commons.

A form of identity theft that allows the crooks to take not just cash out of your bank account but your entire home, deed fraud is rampant and preys on the weak: A New York Grand Jury empaneled to investigate the issue said in 2018, “The victims of residential real estate fraud are largely from the most vulnerable segments of our society – the elderly, the financially disadvantaged, the medically infirm, the uneducated, and the unsophisticated.”

It turns your stomach. It’s been around a long time, but now in cities with rapidly gentrifying neighborhoods, crooks appear to be moving in on older people in greater numbers.

What I found in my case is that there are people who do it repeatedly, but seldom face criminal charges. If someone catches them at it and sues to get the property back, they just don’t show up in court and move on to scam someone else.

New York, Philadelphia and Miami have charged a few people in recent years, but based on what we saw in our investigation, it’s a tiny portion of the cases out there.

The New York City Sheriff got 2,000 complaints of deed fraud in the four years up to 2014, with a combined fair market value of $112 million for the properties concerned. Multiply that by 2, 3 or 4 and then multiply that figure by a number of other cities, and you’ve got theft in the billions.

An FBI report on elder fraud from its Internet Crime Complaint Center said identity theft of all types cost $39 billion in just 2020.

The Basic Pattern

Front men identify a property that appears run down or is behind on its property taxes. Often these are homes in gentrifying neighborhoods, occupied by people who may have paid under $100,000 for them decades ago and are sitting on big capital gains but can’t afford the upkeep.

The front men either make a bogus claim that they will buy the home and satisfy the mortgage (in order to induce the owner to leave so they can put in tenants) or more commonly, they will just forge a deed and sell it to an LLC that is either theirs or connected to the people running the scam.

The new bogus owner then borrows money from the company of an associate, maybe to renovate or demolish the place with an eye to flipping it. Sometimes, the mortgage gets assigned to a reputable bank. The crooks bet that they can move fast and flip the place before the rightful owner can get to court and have the sale reversed. People thrown out of their own homes have turned to living on the streets.

What Can Be Done

The main problem appears to be the use of unreliable or plainly criminal notaries. All transfers of real property need to be notarized, but if a notary is happy to have a dodgy ID card put in front of him before attesting that the actual owner of the house appeared before him, the sale will go through in most every case.

The New York Grand Jury and the National Notary Association recommend that other states adopt California’s longstanding requirement that the seller provide a thumbprint as well as a signature. That could help catch perpetrators more easily. In several cases we saw in our investigation (and in one famous case in Philadelphia), the fraudsters are ex-convicts whose prints would be on file with the police.

Another helpful suggestion is to delete the signature image from on-line records of property transactions, so that crooks can’t practice imitating the signature of the rightful owner.

Perhaps the best hope is a pilot project being evaluated in New York to put the property registry on blockchain. This could help because each rightful owner of a property would have a private key and only use of that key would allow the land registry to transfer the property. At least that would prevent forgers from pulling a property out from under the owner without ever contacting them.

In the meantime, the New York Sheriff has good tips for anyone to follow for themselves or on behalf of elderly relatives who can’t:

  • Check your property’s deed at the registry at least once a year. This is often on line depending on your county. Make sure the county has the right mailing address for you.
  • If your county offers it, sign up for notification in the event anyone files anything relating to your property with the county clerk.
  • Contact the government if you stop receiving tax bills.
  • If the property is vacant, drive by or hire someone to do so to make sure it isn’t occupied.
  • If you don’t have title insurance, look into it.

It won’t stop all of the thievery out there but it’s like having a second lock on your door or a home alarm system. Whatever makes it harder for the criminals to steal from you is a good thing.

Any litigator tasking interviews of potential witnesses needs to know about the no-contact rule (ABA Model Rule 4.2)[1], which forbids talking to represented people on the other side of a case. This also goes for most current employees of the other side —  certainly any employee senior enough to make critical decisions or who was involved in the matter under dispute.

Ordinarily, the interviewing of former employees of the company on the other side is OK, but there are lots detailed issues that come up before deciding an interview is permissible.

Does your investigator know what those issues are? Even if he knows, will he care or just proceed as he would have anyway? The difference is important, because interview material improperly gathered could be ruled inadmissible and you could be sanctioned. You may be able to talk to the former employees, but you’re not allowed to get privileged or confidential information out of them. Your investigator should know what those concepts mean.

The topic of permissible ex-employee interviewing came up recently when Honeywell talked to a former employee of a company called ICM Controls and then retained him as a consultant to Honeywell. ICM had sued Honeywell for patent infringement, and Honeywell wanted to interview the former employee Andrew Nguyen, co-inventor of the patent in question (the other inventor is the current ICM president).[2]

ICM alleged that Nguyen may have disclosed privileged or confidential information he obtained as a result of his employment.  Honeywell responded that Nguyen had not worked for ICM for more than 20 years and that ICM had never disclosed him as a person with information relevant to its claims, “much less privileged or confidential information.”

Honeywell relied on a New York case, Muriel Siebert v. Intuit, 8 N.Y. 3d 506 (2007), which recognized that contacting an opponent’s former employee (even those privy to confidential or privileged information) may be appropriate as long as counsel operates within certain boundaries and takes measures to avoid disclosure of privileged or confidential information.

Those measures are all-important, and are why for years our firm has gone into interviews with a template agreed to by our clients. This includes how we represent ourselves and makes certain that we first tell the person we are interviewing that we do not want them to give us any privileged or confidential information. We also ask them whether or not they are represented by a lawyer. If they are, we terminate the call.

We posted about our procedures in Trial Ethics: A Template Can Save Your Life and I’ve been talking about the issue for years and have given CLE courses all over the country to state bars and the ABA. If your investigator can’t pass the simple test of flagging problems in the case we wrote about or the Honeywell matter, find yourself an investigator who can.

In the Honeywell case, Honeywell’s lawyer first made sure that Nguyen wasn’t working with ICM and wasn’t privy to privileged information, the court said. Continuing to use Ngyuen as a consultant “would entail some risk of straying into arguably privileged information,” the court warned, but that is a highly unusual fact pattern for most interviews with former employees.

The Honeywell case was a closer call than most, but in the end it affirmed that with careful precautions in place, former employees of opposing parties may be interviewed if they are unrepresented.

As long as you know the rules and follow them.

 

[1] In representing a client, a lawyer shall not communicate about the subject of the representation with a person the lawyer knows to be represented by another lawyer in the matter, unless the lawyer has the consent of the other lawyer or is authorized to do so by law or a court order.

[2] ICM Controls Corp. v. Honeywell International, U.S. District Court, N.D.N.Y. 5:12-cv-01766.

What conveys the truth more effectively?

A snapshot of a person’s values and accomplishments in the form of a quotation? Or a long essay about that person that will contain the short clip but surround it with other facts that could contradict or water down the single line (or build on the quote and infuse it with needed context)?

Photos: ShareAlike 2.0 Japan.

It’s a good question because you can make a case that at times, either answer is preferable. It might be nice to have both. That’s why in our memos, we have bullet-point highlights on top and then all the facts (usually in chronological order) in the body of the document.

How best to convey the essence of something is the subject in part of a marvelous show at New York’s International Center for Photography: a fascinating pairing by Richard Choi of video and still photos plucked from the 30 seconds or so of the video. Billed as “a meditation on the stream of life and its expression as a single image, between film and photography, between life and our memory of it,” it prompted in me all kinds of thoughts about fact investigation.

To know fully what someone’s life consisted of you would have to be there for the whole time, and that’s not practical. In abstracting a life to get the essence of it, you need to make editorial decisions about what to include and what to omit. Sometimes the gaps are there in testimony and documentation, and sometimes you have so much information that you are obliged to leave some out.

One of the pairings in the exhibition that struck me was a short film of a mother and her young daughter and son kneeling in prayer in what looks like a church or chapel. The photo shows them immobile and deep in prayer. But the video reveals that the little boy couldn’t stop fidgeting for most of the time, and the photo captured him at a rare single moment of rest.

The difference between a snapshot in time and a flow of information comes up in many walks of life. In accounting a balance sheet is a snapshot of the last second of the period, but profit and loss and cash flow are financial “movies” of the company’s life over the course of a quarter or year. To process a movie or a photo you think differently, and that certainly goes for reading financial records. Companies can clean up a balance sheet for the end of the year or the quarter, and then go back into debt on January 2, for instance. A “movie” of  a whole year can obscure a big change that happened in the business at one end of the period or another.

Another way the photo vs. movie issue comes up with investigators is when we do interviews. We have to boil down for the client the remarks most relevant to their inquiry. If possible it’s nice to provide clients with a transcript of a whole interview, but in many states lawyers and their agents are discouraged from recording telephone calls as a matter of ethics. In other states, it’s forbidden by law to record a phone call without telling the other person that a recording is under way. We wrote about this in Taping Phone Calls Is Not Worth the Risk.

But now, there exists the ability to transcribe automatically whole YouTube videos. I wrote about the revolution in investigation that this kind of computing power would bring in Legal Jobs In the Age of Artificial IntelligenceIf you can easily provide the context for the quote you pull out of a one-hour interview or video, it’s always good to do so.

Soon we may be able to transcribe automatically all YouTube videos in existence and then search the texts for what we need. But you can’t hand your client 15,000 hours of transcripts of every former employee of Company X talking about what it’s like to work there.

You will need to play editor, even if it’s a matter of giving selected clips of video. In some cases, a single 10-second statement will do the trick, and here “photo” will triumph over “movie.”

Some people just like privacy, but others form companies with a view to concealing any link between that company and themselves. If you are hiding assets from creditors, that’s a plus (for you, not the creditors).

Picking a company name can be more difficult than many think. A lot of the obvious company names are taken since you can’t have the same name as an existing company in your state. So people often follow rules that make it easier to pick a name quickly, a lot like the lazy way many choose passwords.

If you want to hide your company from an asset searcher’s prying eyes, don’t do the following.

  1. Don’t name your company after something guessable by those who know you. People name things after the street they grew up on, but ex-wives looking for assets often know what that street is called (and we ask that question in our divorce questionnaire). The same goes for a beloved summer camp attended in their youth or a favorite pet. Keep the sentimental out of your naming convention.
  2. Don’t pick an acronym of your children’s names and think we won’t see through that. ZKR Holdings could be anything, but if your kids are named Zach, Karen and Ryan, we will be onto you.
  3. Don’t name companies after things related to your hobby. An opera buff named all his companies after – yes – operas. He did this before his marriage began to disintegrate, but it was easy to find companies we didn’t know about by searching a list of the 200 most popular operas.
  4. Don’t group your names. If you name your first company after the street in Boston where you opened for business, using the street names all around there will make it easier to guess for new companies. Also, if we know your company is called Alpha Investments, don’t try for Alpha Investments II, III, IV etc. When we see that during an asset search, our eyes light up.
  5. Don’t name a company in a new state the same thing it was named in the old state, especially if everyone you’re hiding from knows the name of the one in the old state.

The hardest companies to find are those that followed these rules:

  1. They picked a name that could mean anything. If you are the owner of seven dry cleaners in northern Indiana, European Furniture Imports is a name we wouldn’t immediately link to you. Even better, Eusall Ltd. That could be anything.
  2. They paid someone to be the incorporator. It’s no good spending all this time on picking a sneaky name, and then putting yourself down as the incorporator or agent for service of process. Some states don’t list the name of the incorporator, but some do.
  3. When they paid someone to front for their company, they didn’t pay the same lawyer or agent who handles all of their other financial affairs. I once found a bunch of companies by going through the list of about 150 that a person’s lawyer had set up. We ruled out most of them, but a few turned out to belong to the person we were investigating.

For anyone who has ever tried to play pool, it quickly becomes obvious that the best way to get the ball in the pocket isn’t always the most direct.

If there’s another ball in the way or the angle doesn’t work, redirecting the ball off one of the cushions can be the best option. Even if you need to hit the ball without banking it, you may need to strike it on the side instead of straight on. In either case, you’re not looking at the goal but at the indirect means of reaching of the goal.

We’ve been writing for years about meta-thinking: how to look for the things that will get you the thing you want. Don’t google for the lawyer in New York, google for the body that licenses lawyers you’ll be able to look at their list (which isn’t fully indexed by Google). See our posts Meta Searching for Fake Royals and Surprise! Google is There to Make Money. There’s also my book, The Art of Fact Investigation.

I thought of indirect investigation yesterday when in group discussion of lawyers and accountants, we were asked to talk about the moment we knew we were good at our jobs.

Find a Lawyer in Liberia Without a Liberian Website. Go!

My moment came in my first job after law school when my new company asked me to find them a lawyer in Liberia. The country was largely destroyed after years of warfare and there was no workable phone system there.

I found them a lawyer in about an hour. Instead of looking in Liberia or anywhere in Africa, I found a former Liberian president living in the U.S. Midwest where he was teaching at a university.

In Liberia he had been a big shot, but here he was in the phonebook and picked up his home land line at lunchtime. Of course he knew lawyers in Liberia and informed me that they were all using cell phones from Ghana. He recommended two, gave me their numbers, and within two days we had hired one and paid him by wire. Our documents arrived by courier the next week. It sounds simple enough, but nobody else had thought of it.

And How Were You Spelling That?

Another example from the same company a few months later: They had done an interview with someone who recommended talking to a former employee with a very long Italian surname.

The interviewee didn’t’ know how to spell the name, which contained three vowels that, based on pronunciation, could have been a’s, e’s i’s or u’s. There were consonants that could have been single or double. It would have cost a fortune to run databases on all the permutations, which is why they hadn’t found him.

I decided to play around with the permutations in the Social Security Death Index (free), figuring that certain combinations would be rare and certain ones very common. I found the guy with the second-most common possible spelling and we reached him by phone immediately. This after months of fruitless googling.

Sometimes, the bank shot is the way to go.

Investigators are in the business of gathering evidence. Beyond gathering, there is the equally important job of analyzing. Good fact gatherers need to report on evidence but also where it comes from and how reliable it may be.

Evidence was my favorite law school course by far (so perhaps not surprising I work with evidence for a living). What I remember from about day one was my wonderful teacher and future colleague Peter Tillers reminding us that for something to be evidence, it doesn’t have to be very good evidence at all. Just a little bit of a nudge to push knowledge forward will be enough.

If someone says they saw something, that’s evidence. It could be rock solid, it could be garbage. In court, that’s for the finder of fact – jury or judge – to figure out. (Fed. Rules of Evidence 104(b):  “When the relevance of evidence depends on whether a fact exists, proof must be introduced sufficient to support a finding that the fact does exist. The court may admit the proposed evidence on the condition that the proof be introduced later.”)

When we do our due diligence work for investors, we never come out and say in a report, “this man is a liar” or “we doubt the reliability of her resume.” Instead, we present the evidence and let the reader decide.

A CFO says he has an advanced degree from Caltech. We can’t check that with Caltech without his permission, but we notice that databases never have a single address for him in California, despite the claimed degree and a few jobs before and after. Could the person really have the degree?

Of course. He could be a scrupulously private person who kept his Chicago cell phone the whole time, lived with family in Pasadena and never got any mail or deliveries in California while studying there. It’s up to our client to ask more questions, or maybe to let us interview a few professors to see if this guy was ever enrolled in their small and selective program. If so, did he graduate?

Evidence also comes from omissions – the hardest thing to program computers to spot. If someone has a 1.5 year gap between their M.A. and their first job, that could mean  a variety of things: Time taken to travel, time spent at a seminary but ultimately deciding not to enter the clergy (we’ve seen it), or the inability to get a job because of bad recommendations. Most commonly, it means leaving a first job off the resume because it wasn’t very interesting or impressive, and it was 20 years ago.

Where evidence comes from is something the rules care a lot about. Even non-lawyers tend to know about the concept of hearsay being excluded – something that the person testifying doesn’t have first-hand knowledge about. But anyone who has taken evidence knows there are many exceptions to the rule.

One is a recording made in an ordinarily conducted activity (Rule 803 (6)). Here is a list of passengers who took flight 5644 on Feb. 8 last year. As long as the airline says it’s a genuine list, you don’t need an eyewitness to say that the people on the list probably took the flight in order to admit the list. The theory is that the airline automatically produces these lists thousands of times a day. There’s not likely to be any special effort to include Mr. Jones on this list if he didn’t really fly.

Compare that to a Dun & Bradstreet report about a company. Who fills out the information about the size of the company’s payroll? It’s annual sales? Mr. Jones provides the numbers if he owns the company. That is not like an airline manifest. It’s much more open to manipulation. It’s evidence, but of a very different quality.

The same goes for a LinkedIn Profile. Indispensable if you want to know what someone wants you to think about their career trajectory. But you need to remember they can leave out anything they want. They can stretch a few dates to cover inconvenient periods of unemployment following a firing, and shove an honorary doctorate into educational qualifications that, at first glance, can look like they have a PhD. (We’ve seen all this too).

It’s all evidence, of course, but it’s up to us to help guide our clients through it so that after proper consideration, they can give it the weight they think it deserves.