i2 Analyst Notebook In Action: Case Brief #1
Updated: Apr 11
If you are new i2 user, you may be asking yourself what i2 Analyst Notebook looks like in action. In this first post in a series titled "i2 ANB in Action," we will walk you through a fictional investigation and how a supporting analyst uses i2. As part of this, we will show what the products look like and how they are useful.
This series of blogs is a companion post to our i2 Analyst Notebook Tutorial and related "how to's".
We are tasked to analyze data gathered during an investigation in Crescent City, CA. Detectives have received information from a trusted informant of possible human trafficking in the area by a criminal network.
Starting the Case
An informant identified Rick Anderson and George Bolton as associated with this network. Neither subject is known to the detectives assigned to the case, so our investigation will be starting from scratch. They are depicted as "entities" in i2 below.
We begin by gathering information on both subjects. We start by checking both public and law enforcement records for information about these two individuals. First, we search the local Dept. of Motor Vehicles and other public records for information. We are looking for any information that gives us a 'whole person picture' of the subjects.
Using Entities & Attributes
Using i2, we create additional entities in the chart based on their relevance to the investigation. We can document less relevant information as attributes. Attributes are excellent for adding identifying information without creating additional, unnecessary entities. They are also instrumental when analyzing data.
In our two subjects, we have added the cell phone numbers of each as attributes. Bolton’s date of birth (DOB) was also added.
Using the Mapping Tool
Additional open-source record searches uncover residential lease agreements and articles of incorporation for two businesses under our subject's names. We use i2's Mapping Tool and Google Earth to get a visual understanding of where the known addresses are located. The location map of these identified locations is included in Figure 3.
For a quick FYI, locations can be mapped using the street address or Lat/Long coordinates. Additionally, i2 can be used with a variety of commercially available mapping software.
Further Visualizing Our Investigation
Through i2, we can visualize our subjects, attributes, and associated entities. In Figure 3, we have our first subject, Rick Anderson. He is an entity. We see his address and cell number as attributes.
We also see his link to his two businesses (Speedy Quick Car Service and Top to Bottom Cleaning Services) and his leased property at 900 Childs Ave.
Our second subject, George Bolton, is depicted in Figure 3 in the same way as Rick Anderson. We see Bolton's attributes and his associated leased property.
Right now, our subjects are depicted individually (e.g. no connections between them).
Hopefully, that will change as our investigation continues.
Cross-referencing with Police Records
The investigators cross-referenced the addresses on the leases and found two separate police reports for the same address. Because of the nature of the previous reports and the current discoveries, the building at 520 N. Pebble Beach Dr. was put under surveillance by the Crescent City Vice Squad. This may give them better insight into the activities reported.
Our Current Case Status
Using i2, we can capture the current status of our investigation and products. Through the Dashboard, we can visualize our POIs and associated locations. This is depicted in Figure 3. This is a great start.
If you want to follow this i2 in Action case study and receive i2 tips, tricks and tradecraft to your email, sign up for our mailing list today.