CROSStrax acquires PI Direct Link

CROSStrax acquires PI Direct Link




DESTIN, FL – October 24, 2018 – (CROSStrax acquires PI Direct Link) – CROSStrax LLC, an industry-leading investigation case management solution, announced it has acquired PI Direct Link, a full-service investigation case management software platform. The purchase will allow CROSStrax to scale its users and better serve the technology and development needs of both organizations.

The asset purchase of PI Direct Link fits into the overall CROSStrax strategy to develop, maintain, and enhance our user experience in the investigative community. By purchasing the company, CROSStrax will continue to provide case management services to investigation related businesses throughout the world.

“Our acquisition of PI Direct Link significantly complements the overall client base of CROSStrax, allowing us to focus on our up-and-coming offering, the CROSStrax Community. This investment represents an important strategic opportunity to grow an already momentous base of investigative customers. Yes, the acquisition significantly adds to our increasing customer base but more importantly, the geographic presence of our customers.”

Brad Dalhover, Vice President of Business Development of CROSStrax, commented:

“During our initial discussions, it was clear, the vision and goals of the two companies were similar. Bringing both companies together will prove to be a great asset to the investigative industry and I am excited to be a part of CROSStrax,” said Brad Dalhover, CEO, and founder of PI Direct Link.

Mr. Dalhover will join the CROSStrax Team of industry experts supporting the CROSStrax platform and will serve as Vice President of Business Development. Mr. Dalhover will continue to strengthen the already strong relationships he has built since 2012, work to form new relationships and bring awareness to the intuitive features of the CROSStrax software platform.

About CROSStrax

CROSStrax, a worldwide provider of investigation case management cloud-based software, provides enterprise level solutions to the investigative community. The company offers the most comprehensive arsenal of investigation tools that will help business owners and department heads close cases quicker, with a greater level of security than ever before. More information can be found about CROSStrax at the company’s website


PI:  "I dont have enough cases" and here’s why

PI: "I dont have enough cases" and here’s why

I don’t have enough cases.

The single most common excuse we hear from private investigators across the country. Here are a few examples:

Do you currently use a case management system or software? The single most common excuse we hear from private investigators across the country.

Here are a few examples:
Do you currently use a case management system or software?
“No, I don’t have enough cases”

Would you be interested in checking out a free trial of our software to see how it is helping PI’s? “No, I don’t have enough cases.”

Are you familiar with CROSStrax? Yes. I like the product but I do not have enough cases to justify the expense.

What do companies like G4S, Litigation Solutions and Covent Bridge have in common? They have teams of programmers, IT specialists and consultants working on a daily basis to help improve the technological capabilities of the company. Do you have that?

PI’s often complain that large companies like the ones above get all of the cases and try to subcontract out to PI’s at a reduced rate. That is completely avoidable. Compete with them on a technological level and get those cases yourself.

In the late 1990’s, Omega Insurance Services, which was bought by First Advantage, which was bought by Global Options, which then became Covent Bridge I believe through a series of huge mergers with similar large investigative companies such as ICS Merrill, became one of the largest investigative companies in a matter of a few years.

How? Technology! There had to be more people working on the technology solutions, then there were people working in the office and in the field. Omega figured out, through the use of technology, how to deliver information to the client quicker, more efficiently, and in a more impressive manner than their competitors. Their marketing strategy leveraged and showed off their capabilities. Are you doing that?

Their competitors were sending bulky VHS tapes in large envelopes which the client would receive in three to five days. Omega was delivering video snippets and case updates on a daily basis via their case management platform. What are you doing to separate yourself from your competition?

One of our favorite quotes from industry people came during a webinar we did with Jimmie Mesis at PI Magazine. When discussing price, one of the attendees said they could not afford $19 per month. Jimmie responded and told the investigator if he was unwilling to invest $19 per month in his business, it was time to find another job.

This is what we at CROSStrax do. Let us be your team of programmers and IT specialists. Let us show you how a case management system can make yesterday the last time you say “I don’t have enough cases.”

Learn more about CROSStrax at or email us at

Preparing a State Insurance Fraud Referral

Preparing a State Insurance Fraud Referral

Preparing a State Insurance Fraud Referral

As a private investigator, you may focus your business on insurance and claims related work. If that’s the case, have you ever submitted a state insurance fraud referral? If you said no, your not alone by any means; however, being able to do so will certainly set you apart from your competition.

Every state has their own way of doing things but the general idea remains consistent, identify the state statutes that were violated, determine the elements of the statute and match them to your case, and pull out all of the evidence from your investigation and the claims file to support your belief that fraud was committed. It’s no different from what a detective in a police department does with crimes he/she may be investigating.

This need for private-public cooperation in the battle against insurance fraud has led to the enactment of state fraud reporting laws that facilitate insurance fraud referrals while affording insurers a measure of insulation from civil liability for defamation or bad faith. However, these laws sometimes referred to as “immunity acts”, do not create an impenetrable shield to insurers who provide evidence of suspected fraud to law enforcement. A finding that an insurer or investigator acted with malice or bad faith during the referral process can completely undercut any immunity and lead to costly litigation. Simply be professional and act in good faith at all times and the state immunity laws will provide adequate protection against frivolous lawsuits.

Insurance Fraud Referral Template CTA


Who would have thought the word milk would have so much relevance to the world of insurance fraud? I’ve always told people, if you have MILK, you have fraud. No, no, not the liquid milk, the acronym M.I.L.K.

  • Materiality – was the activity in some way material to the case?
  • Intent – was the activity done intentionally?
  • Lie – did the subject lie about something for the purposes of concealment?
  • Knowledge – did the subject know what he was doing was wrong?

If you can prove these four elements, you most likely have a solid case of fraud and can prove it.

Who do I submit my state insurance fraud referral to?

Although the governing authorities vary by state, most states have an organized insurance fraud bureau; the investigators there will be your first point of contact. This doesn’t mean that you won’t speak with other people during the process, it’s just where you’ll start. You will most likely discuss the case with a state attorney who will use you to get up to speed on what happened and what you’re alleging.

There have been times when I feel I have a solid case but the investigator assigned from the fraud bureau just doesn’t see it my way. Because I’ve reported so many of these, I know what state attorneys are looking for and in some narrowly tailored situations, I’ll take my case right to the Assistant State Attorney (ASA) to review the salient facts and generate some interest in the case. I recommend not doing this too often you want to develop a good working relationship with the state investigators. Going to the ASA on every case they say no to will certainly anger even the most patient of investigators.

Keys to a Successful Fraud Prosecution

  • Know and follow the requirements and limitations of applicable fraud statutes.
  • Limit company representatives involved in referrals. Insurance fraud referrals and responses to requests for information from law enforcement should only be handled by designated special investigations units or claims personnel.
  • Document, document, document. The importance of documenting everything sent to or received from law enforcement or prosecutors and maintaining that documentation cannot be overstated.
  • Provide the good, the bad and the ugly. If it’s material, report it.

How do I prepare the actual referral?

Now that you know fraud exists, you have to express it to someone else in a written referral. It’s like the longest school project you’ve ever been assigned! You’ll have to answer the who, what, where, when, and how of the case.

In this post, I’ll break down the most important topics and the sequence you should submit them in the final referral.

General Information

The general information section basically covers the “who” is involved in the referral. Here you will provide information on the subject or suspect, the insurance company, and any involved agencies, such as the police, the fraud bureau, or even the state attorney.

This is important because whoever is working on the file may be duplicating efforts, or worse, stepping on another agencies toes.

Statement of Facts

This section will most certainly be the most voluminous. In this section, you will document every fact that has led you to the conclusion fraud was committed.

Facts can come from many different places. For instance:

  • Investigation Reports
  • Claims Notes
  • Depositions and Statements
  • Medical Records and Medical Professionals
  • ISO Reports (Claims History Report)
  • Database Searches
  • Witnesses
  • Co-workers

Seeing all of these possibilities, you can see why it’s so important to outline the fraud in a documented referral. Giving the ASA a solid case that they don’t have to do too much with will go a long way in whether or not they accept the file. The days of slamming a huge box of paperwork in an ASA’s office and saying, “…there is fraud in that box” are over.

Material Misrepresentation

Within the Statement of Facts, you’ll be including a section called Material Misrepresentation. In this section, you’ll outline where, when, and how the suspect committed fraud. Address how the suspect misrepresented himself, his injury, or anything else he may have intentionally misrepresented during the claim process.

Current Status of the Claim

The people reading your report will want to know where the claim stands currently. Is the claim denied, still active? Is the suspect still getting paid, or not getting paid?

In most cases, the claim will have been denied but there still may be medical expenses that need to continue being paid.

Date of Discovery of Suspected Fraud

Pretty basic. What date did you determine fraud existed?

You’ll write something like, “Potential fraud has been established as of April 10, 2014.”

Some people make the mistake of using the date of loss as the date the fraud was discovered. The date at which point restitution can be ordered is the date the fraud was discovered and that could be years into a claim.

Applicable Statutes

A statute is a written law enacted by a legislature. The statutes you will deal with most frequently regarding insurance fraud, are state-level statutes. Keeping in mind, there may be other statutes, other than just insurance fraud, that is applicable to your referral.

For instance, if the suspect lied during a deposition, he may have committed purgery. Insurance fraud is theft, so if you have a situation where the restitution you’re requesting is greater than a certain amount of money (usually $500 or so), your suspect may have committed grand theft, or conspiracy to commit grand theft.

You must research the laws and determine what statutes are applicable to your case. Once you determine the statutes you’ll be using, it’s important to determine what degree of the crime is applicable. For instance, in Florida, an offense will be charged as Grand Theft in the First Degree if the property that was stolen is valued at $100,000 or more. An offense will be charged as Grand Theft in the Second Degree if the property that was stolen is valued at $20,000 or more, but less than $100,000.

For instance, in Florida, an offense will be charged as Grand Theft in the First Degree if the property that was stolen is valued at $100,000 or more. An offense will be charged as Grand Theft in the Second Degree if the property that was stolen is valued at $20,000 or more, but less than $100,000.

Based on what you’re asking for in restitution, that could change the statute you want to use significantly, and in turn, will also change the prevailing penalty. FindLaw has an excellent website that goes over all of the insurance fraud statutes by state.

Loss and Restitution

In this section, you’ll be defining how much money was allegedly bilked from the insurance company and what you would like to see in restitution be returned back to your client.

These amounts may vary greatly, some over $100,000, some just a few hundred dollars. No matter the amount, it’s important that you don’t lose sight of the fact the reason you’re submitting the referral isn’t just punitive in nature. You want your client to be made whole again and get the money back they lost.

Why not just sue them and get a judgment? Good question. Because insurance fraud is stealing and against the law. Also, if you are able to tie the restitution to their possible conviction and sentencing, even if the sentence is just probation, you will have a much greater chance of getting the money back than if a civil court issues a judgment. If they default on payments during the probationary period, they violated the terms of their probation and may have to serve the original sentence in its entirety.

Are you aware, on a national level, if insurance fraud was a business, it would be a Fortune 500 company, according to national reports? It is, by all accounts, the second largest economic crime in America; only tax evasion exceeds it.

Witness List

You will be required to submit a list of prospective witnesses. A witness list is comprised of the players involved in the case. It’s proper to provide their names, addresses, and contact information, along with what role they played in the claim.

If either party desires the testimony of a given witness, that party must take the appropriate steps to obtain the witness’s presence at an appropriate time and in an appropriate fashion. Failure to include a witness on the required witness lists may result in that witness’ testimony being prohibited at trial or other sanctions. Court rules vary, so requirements in your jurisdiction should be consulted.

Exhibit List

An exhibit is a document, record or another tangible object formally introduced as evidence in the court. Your exhibit list is a list of such Exhibits a party wants to produce before the court to prove a case.

It’s best to label each Exhibit first, then produce a reference sheet (Exhibit list) to add to your referral. Trying to label and record the Exhibits as you go can get confusing and will take much longer.

Remember, as you collect the evidence you may require a chain of custody form.


Here’s my typical conclusion, “Based upon the foregoing, it is respectfully requested the findings are made as set forth above.” No reason to be wordy here as you’ve already outlined your entire case in detail throughout the referral.

Final Thoughts

I’ve submitted close to 100 insurance fraud referrals in my time and I still learn new things simply because there are so many laws, so many variables, and things are ever-changing in this environment. Once you get the first one under your belt, the rest became easier and easier and it’s rewarding to follow these assignments through to the end.

If you have any questions, or I can be of assistance, email me at

Insurance Fraud Referral Template CTA

Upcoming Private Investigator Conferences

[av_textblock size=” font_color=” color=” av-medium-font-size=” av-small-font-size=” av-mini-font-size=” admin_preview_bg=”]

2019 Private Investigator Conferences

If you would like to have your conference listed, please send conference information to

Stay tuned for the 2019 Conferences!


Evernote is Not the Best Investigation Case Management Software

Evernote is Not the Best Investigation Case Management Software

Evernote is Not the Best Investigation Case Management Software, it’s Not Even Good

If anyone tells you Evernote is the best investigation case management software to start off with, they have no idea what they’re talking about.

At one time, I used Evernote almost exclusively as it related to ideas, sharing information, to-do lists, tasks, etc. Evernote, a complex but easy to use note-taking application is used by millions of people to organize their lives and thoughts. I used Evernote for years and had a version installed on my phone, tablet, computer, and iMac.

Evernote flawlessly synced to all my devices and I could add text from anywhere just by typing, or I could clip web pages and emails using related clipping apps. As you wrote, Evernote would reliably save whatever it was you were typing so you could stop at any time and close the computer, knowing Evernote saved every letter.

The Swiss Army Knife of All things Written

Evernote was the Swiss Army knife of all things written and I can see why some would tout it as the best investigation case management software. The app and its integrations had so much promise, especially for the investigative community. Unfortunately, I’ve canceled my subscription and deleted my account in its entirety, and I suggest you do the same.

In 2016, Evernote made a “what’s new” announcement where they laid out some changes that would negatively impact many of its users. Most notably, Evernote added a section to its Terms of Service called, “Will Evernote Employees Look at My Content?”

What? Why in the world would Evernote employees need to read your content?

The public responded harshly, and Evernote intelligently retracted. Evernote CEO Chris O’Neill stated “After receiving a lot of customer feedback expressing concerns about our upcoming Privacy Policy changes over the past few days, Evernote is reaffirming its commitment to keep privacy at the center of what we do. As a result, we will not implement the previously announced Privacy Policy changes that were scheduled to go into effect January 23, 2017.”

So, all is good, right? I don’t think so.

What’s crazy is Evernote employees can still read your content. This was a lame attempt at damage control because they got caught with their hand in your content. Any content you store in Evernote is still not secure because it isn’t encrypted internally, and their employees can still access your data.

I know investigation industry professionals who still store sensitive data inside Evernote. Not a good idea by any means now that we know Evernote isn’t even close to the best investigation case management software on the market.

In today’s environment of data breaches, you should not store anything cloud-based without encryption.

Evernote’s Terms of Service and Privacy Policy

From Evernote’s Terms of Service:

“Your privacy in your Content is a paramount concern for us, and we hope that Evernote employees never need to examine anyone’s Content. However, there are limited circumstances in which we may have the need to review part or all of your Content, as discussed in our Privacy Policy.”

So, after reviewing the Privacy Policy, it becomes clearer what Evernote means and it’s no more comforting.

Do you still think Evernote is the best investigation case management software for your business? Here is the verbiage from the Privacy Policy:

Do Evernote Employees Access or Review My Notes?

As a rule, Evernote employees do not monitor or view your personal information or Content stored in the Service, but we list below the limited circumstances in which our employees may need to access or review your personal information or account Content

  • We believe our Terms of Service has been violated and confirmation is required or we otherwise have an obligation to review your account Content as described in our Terms of Service;
  • We need to do so for troubleshooting purposes;
  • Where necessary to protect the rights, property or personal safety of Evernote and its users (including to protect against potential spam, malware or other security concerns); or
  • In order to comply with our legal obligations, such as responding to warrants, court orders or other legal process. We vigilantly protect the privacy of your account Content and, whenever we determine it possible, we provide you with notice if we believe we are compelled to comply with a third party’s request for information about your account. Please visit our Information for Authorities page for more information.

What does Evernote do with my Content?

Evernote also uses a number of technologies to help you get the most out of the Service. Our systems automatically analyze your data, including your account Content, in order to power Evernote features and to continually improve the Service for you. This may include, for example:

  • Making search work the way you want it to;
  • Showing you information most relevant to how you are using the Service at a specific time or location
  • Detecting when it looks like you’re making a list and suggest features or tips that might be useful
  • Showing you information relevant to a note you are creating or reviewing. The information we show you may include Notes from your own account, Notes from accounts you are connected to through Evernote Business or Collaboration Features, and third party content that you have elected to receive.

In addition, as part of our efforts to protect your account and the functionality of the Service, our automated systems may analyze the emails you send to and from your Evernote service account to detect spam, malware or other potential security concerns and may block delivery of such emails.

So essentially, Evernote is warning you up front, if Evernote employees feel they need to access your content, they can and they will.

Additionally, they scan your emails using automated technology. Emails you send and receive using Evernote.

What should I do now?

  1. Before you do anything, collect your data from Evernote and populate it into another system like the Mac Notes or OneNote for Windows. This will certainly take some time depending the extent of your content. Then, use Evernote’s export feature to have all your notes saved in one file. If you need to, you can recover this file in Evernote later.
  1. Next, manually delete all of your content from Evernote. Deleted each note from within the application, allow it to sync, and confirmed the data is gone from all of your devices.
  1. Empty the trash!
  1. Click on the accounts options and at the bottom of the page click “Deactivate Account”.
  1. Hold your horses, Evernote still has your account on file. It is still associated with (and searchable by) your email address or username. There is no online option to completely remove your account.

To do this, you must submit a support ticket from the main support page. Chose the drop-down option “Account”, and then “Deactivated Account”.

Submitted the following message:

“Hello, I have already deactivated my account and I would like to my account to be permanently deleted. I have already taken the liberty of deleting the content. Please respond to me when this has been completed.”

As an investigator, you have a responsibility to keep your clients’ information confidential and secure. You can no longer rely on Evernote to do that for you.

In your search for the best investigation case management software for your business, the security of the information it holds should be a top priority.

The Financial Benefits of Case Management Software

The Financial Benefits of Case Management Software

What does everyone want?  More money is usually the number one answer and more time for [insert personal choice here] is a close second.  The PI Direct Link case management system helps private investigators with both.  The system and is powerful features help reduce, and in some instances, eliminate the time consuming administrative tasks that most PI’s, managers and owner’s despise.

Case management software is an investment.  Not an expense.

How much time per month do you spend on the following:

  • Who worked what case last week?
  • How much time did they put in on the case?
  • What case expenses and amounts need to be billed to the client?
  • Giving case information to a vendor or subcontractors
  • Gathering information necessary to invoice a case
  • Looking for information is a case file
  • Scheduling staff or subcontractors
  • Creating Reports and Invoices

The beauty of the PI Direct Link software is that it pays for itself.  It saves you time.  Time you can spend pursuing new business, working on a case, doing tasks you can bill your clients for.  If PI Direct Link gave you an extra hour of time per month to do an investigation, would that be beneficial?  What is the software saved you 5, 10, 20 hours of administrative time per month?  If your bank said they would give you $75 if you gave them $29 back, would you do it?  If PI Direct Link allows you to bill out one extra hour at $75 and the monthly cost is $29, would you do it?  Think of software and tools for your business as investments in success and profits.   The time investigators save by having a case management system can be used for revenue generating tasks such as marketing, working a few extra hours of investigation, or taking that new client out to lunch.
Our support team is here to help.  Start your free trial of PI Direct Link today by visiting  Signup is quick and easy.  During the trial, experience our awesome customer service and take advantage of webinars, video tutorials, and email support to help you along the way.

Personal identifiable information online security

Personal identifiable information online security

Personal identifiable information online security

We all need to be aware and focus on having the very best online security. With so much information being leaked online, you need to employ robust password procedures, dynamic security protocols, and an innate assurance that all those tasked with enforcing these policies understands the urgency of their responsibility. As you can imagine, each time we go online it’s possible we left a breadcrumb trail of personal identifiable information behind.

Can’t I just erase the information or delete my account?

While we can try to erase the data, and delete the accounts, companies like Google, Spokeo, PIPL, and so on will continue to aggregate our information in bits and pieces, and they’ll maintain that data and possible use it in ways you may not approve of. Let’s face it, every service that’s free comes with a price. Plus, even the paid ISPs need to keep your personal data for various reasons.

You may not be aware of this, but there are websites out there whose sole responsibility, or maybe I should say agenda, is to aggregate information so if they are deleted, they can be republished on their site for viewing. Check out Politwoops. This is an archive of the public statements deleted by U.S. politicians. They allow you to explore the tweets they would prefer you not see. And there are many other sites that do this on much larger levels and may include your information.

The idea here is simple; you must be wary that your data can always be leaked online and you, and only you, must take responsibility for your online activity. It is up to you to find the best possible ways to stop any leaks from happening. Granted, this isn’t an easy task but the reality is, no one is going to protect you like you would protect yourself.

Case Management Systems and Personal Identifiable Information

During an investigation, you have a need to gather and use personal identifiable information, we all know that. However, when you’re done using the information, who is responsible for the proper maintenance and disposal of those records.

I’ve worked for several large private investigation firms and I can tell you, from my experience, breaches have been a reactionary problem without thought to a proactive solution. In fact, at one of the large firm, to test a report that included a massive amount of personal identifiable information, one of the developers use the name of a very popular football player who was involved in a very high-profile criminal case.

The developer certainly wasn’t supposed to use live data and never should have used such a high-profile individual; however, to make matters worse, he told a lot of people what he did and copies of the information were disseminated to certain people in the office. Could have been a disaster really.

Your case management should have processes and triggers that will flag this type of nefarious behavior. Additionally, the case management system you use should just allow but encourage your business to become paperless.

Not being paperless creates a whole new set of issues. One of which, people in the office must physically secure sensitive data in a locked drawer, cabinet, desk, or safe, when not in use or not otherwise under the control of a person with a need to know.  This is a monumental task and takes everyone in the office to be on board with looking for offenders in an effort to maintain an effective policy. Paperless is the way to go!

I found this online and found it quite relevant. The Organization for Economic Co-operation and Development (OECD) identified the following Fair Information Practices:

  • Collection Limitation – There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
  • Data Quality – Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date. Purpose
  • Specification – The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
  • Use Limitation – Personal data should not be disclosed, made available or otherwise used for purposes other than those specified, except with the consent of the data subject or by the authority of law.
  • Security Safeguards – Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data.
  • Openness – There should be a general policy of openness about developments, practices, and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller.
  • Individual Participation – An individual should have the right:
    • (a) to obtain from a data controller, or otherwise, confirmation of whether the data controller has data relating to him;
    • (b) to have communicated to him, data relating to him within a reasonable time; at a charge, if any, that is not excessive; in a reasonable manner; and in a form, that is readily intelligible to him;
    • (c) to be given reasons if a request made under subparagraphs (a) and (b) is denied, and to be able to challenge such denial; and
    • (d) to challenge data relating to him and, if the challenge is successful, to have the data erased, rectified, completed, or amended.
  • Accountability – A data controller should be accountable for complying with measures which give effect to the principles stated above.


Companies generally must use and sometimes must maintain personal identifiable information in the normal course of business, such as, names, Social Security numbers, credit card numbers, or other account data that identifies the person it’s attached to.

This information can be necessary for a plethora of necessary business functions. However, if sensitive data falls into the wrong hands, the result is fraud, identity theft, or other nefarious acts. Because of the cost associated with a breach, safeguarding personal information is just good business.

5 Principles of a Sound Security Plan

  1. Take inventory of what personal information you have in your files and on your computers.
  2. Keep only what you need for your organization.
  3. Protect the information that you must maintain.
  4. Properly dispose of what you no longer need.
  5. Have a plan! Remember, even the best get breached. If you do, having a plan of what to do will be critical.

Post Tip

Surfing safely on the Internet during an investigation isn’t always a given nowadays. Having up to date virus protection and malware protection is important but what about when you’re traveling through the Internet? Did you know it’s pretty easy for hackers to know where you’ve been and what you’ve been researching?

Tor, an acronym for The Onion Router, is a network and software that adds another layer of protection and helps you surf the web anonymously. Tor hides where you go and what you’re looking at.

Tor encrypts the data you send across the Internet in multiple layers, like an onion. It sends that data through multiple relays, each one “peels back the onion”, until your information leaves the final relay and arrives at the intended destination. This is ‘onion routing’ and if used correctly, it can be one of the best ways to ensure your browsing will remain anonymous.

Check out the Tor site at, and did I mention, it’s free.

Personal Identifiable Information CTA


15 Types of Evidence and the Elements to Look For

Preparing Open Source Intelligence (OSINT) for Litigation

Preparing Open Source Intelligence (OSINT) for Litigation

Preparing Open Source Intelligence (OSINT) for Litigation



Social Media
Internet Mining

Let’s face it, we live in a day and age where your online existence says volumes about who you are and how you conduct your yourself. In rare instances, we see social media replacing the need for traditional surveillance.

Surveillance is most often necessary but judges and juries don’t always warm up to the idea of someone crouching in the bushes or sitting in a car photographing another person. However, open source intelligence has the benefit of often coming from the subjects themselves, thereby eliminating or at the very least curtailing the “creepy” factor.

We’ve all heard and read countless articles on the Internet in investigations, and for good reason. Even with the Internet as mature as it is now, a clear majority of investigative agencies, law firms, insurance companies, and employers are not effectively using this potential treasure trove.


Google Hacking-Database

The Google Hacking Database (GHDB) is open source intelligence at its finest, an authoritative source for querying the ever-widening reach of the Google search engine.

Information randomly gathered and haphazardly put together will often be useless when evidentiary issues are ignored at the start of the investigation. Like any other investigation, it’s important to involve your legal team at the inception of any open source intelligence query.

A simple “social media” inquiry may sound harmless enough but it often falls short of gathering evidence in a way that makes the results useful when it matters the most, at trial. Also, consider “flat-rate” basic services that perform a general scan. They often do so without a narrowly tailored effort and in many instances, fails to consider how the information relates to the overall investigation and defense in litigation.

ABA Rule 4.2 Communication with Person Represented by Counsel

In representing a client, a lawyer shall not communicate about the subject of the representation with a person the lawyer knows to be represented by another lawyer in the matter unless the lawyer has the consent of the other lawyer or is authorized to do so by law or a court order.

Furthermore, it’s been adopted by many state bar associations that “friending” or connecting with a represented party is frowned upon and a violation of Rules of Professional Conduct in most instances.

Ethical Considerations

Although tempting, especially behind the guise of the Internet wall, one must avoid initiating contact with a represented party. Although it’s quite clear, the question of what constitutes “contact” is often a matter of debate. The American Bar Association (ABA) projects contact with an opposing party not permissible and specifically defines when contact is appropriate.

What if you’re not a lawyer, maybe you’re an investigator or claims professional? Remember, as with common investigation rules, if the information secured is to be used by counsel at trial, expect the same rules to apply. Most jurisdictions have made the use of pretexting or creating a fictitious persona to contact a party, an ethical boundary not to be crossed. Are there jurisdictions with a more liberal approach? Sure. However, the safest bet is to only extract information that is publicly available on a person’s Internet profile or web page.

The CROSStrax Internet Mining Tool

The CROSStrax Internet Mining Tool was designed for quick, relevant, intelligent, and investigator guided Internet mining investigations. Our instant search capabilities provide the valuable information you can use to assess risk.

Behind the scenes:

1. Figure 1 – shows our search engine firing on all cylinders. That’s right, CROSStrax does the work for you and searches the Internet through direct API access.

2. Figure 2 – is our manual search box. Once the system is done, the investigator can no go into CROSStrax and dig further using the exact search criteria the specific site uses behind the scenes.

3. Figure 3 – allows you to attach all confirmed hits to a final report that is generated for you. A photo snippet, matching indicators, and a summary is attached to each hit and neatly placed in a final report for your clients.

Facebook Social Media

77% of Facebook users don’t know how to change their privacy settings or simply haven’t edited them.


As in any investigation, thought must be given to obtaining open source intelligence in a way that will allow it to be admitted into evidence at trial. Article X of the Federal Rules of Evidence deals with the admission of writings, recordings, or photographs. Fed. R. Evid. No. 1001(1) defines “writings” and “recordings” as “letters, words, or numbers, or their equivalent set down by…photo stating, photographing, magnetic impulse, mechanical or electronic recording, or other forms of data compilation”

In this regard, the admissibility of open source intelligence content is no different than traditional evidence, such as diaries, photographs, or other documents. The evidence must first be authenticated to be admitted. Like all other evidence, it also must be relevant and material and must not constitute hearsay in order to be admitted. Practical Pointer: Know what fact you are trying to prove and articulate how the social media evidence will prove that fact.


Most background search services fall short on knowing what to do with the information once it is obtained. For the information to be admitted at trial before a jury, it must be both authentic and relevant. Relevancy is usually not an issue. Authentication, on the other hand, can be a very complicated matter.

Rules and requirements of authentication can vary among jurisdictions and often fall within the discretion of the judge. While the easiest way to authenticate evidence is via stipulation, this is not always available. Federal Rule of Evidence 901 requires evidence that the item is what it is claimed to be. While the threshold for authentication is low, it should be considered at the time the information is obtained. If you wait until trial to decide how to authenticate the evidence, it may be too late.

Under Rule 901, the most practical opportunities for authentication are from the testimony of a witness with knowledge or from distinctive characteristics in the evidence. The courts have determined that the following are sufficient for the authentication of social media:

1. The statement of a party to an instant message that conversations were his own
2. A witness who has read messages or posts that know’s the subject individual
3. Distinctive characteristics in a photograph that identify the individual
4. A username consistent with a common nickname of an individual
5. Testimony about the process of downloading and preserving evidence from the person doing so.

Courts have routinely excluded social media evidence simply because it was found online and downloaded; therefore, you need to have a plan for authentication from the outset.

Expectation of Privacy

People generally believe an individual’s personal information will remain private and will not be admissible in court. However, when it comes to social media and any other open source intelligence, an individual is most likely waiving their expectation when they post information that is publicly accessible.

Many courts have concluded, essentially, once you post something viewable by anyone else on the Internet, you have forfeited any privacy interest in it.

In one early social media privacy case, involving MySpace, a court dissented, “(A woman’s) affirmative act made her article available to any person with a computer and thus opened it to the public eye. Under these circumstances, no reasonable person would have had an expectation of privacy regarding the published material.”

You may have a reasonable expectation of privacy with respect to papers in a locked filing cabinet, but not to papers you leave visible on your desk in your workplace. Your activities in an isolated or fenced home create a stronger expectation of privacy than your activities in a high-rise hotel with the curtains open.

Social media privacy cases simply apply the long-standing “reasonable expectation of privacy” rule to open source intelligence. Looking at the way social media sites operate, most courts have decided that once something is voluntarily posted on Facebook, it no longer brings a reasonable expectation of privacy. You give up your privacy by posting something on publicly accessible Facebook pages.

Don’t be fooled, your privacy can be violated on social media, however, if someone else makes a post that is invasive of your privacy. Remember, your consent doesn’t cover the postings of others that you don’t authorize.

Use of Counsel in Obtaining Evidence

Some may feel it’s common sense; however, it may simply be in your best interest to engage counsel in obtaining open source intelligence gathered on the Internet at the outset. There is a lot of great open source intelligence resources at your fingertips, but if the data isn’t secured in a manner consistent with the ethical and evidentiary requirements of the jurisdiction, it will soon be labeled as useless.

Because those requirements vary, a “cookie-cutter” social media or Internet mining investigation is usually less effective. Take time to get the right evidence the right way.

15 Types of Evidence and the Elements to Look For

15 Types of Evidence and the Elements to Look For

15 Types of Evidence and the Elements to Look For

There are two things to consider when contemplating the admissibility of different types of evidence, relevance and materiality. Evidence must be relevant and material to the issue(s) at hand or it could be deemed inadmissible. That said, while not admissible in court, there are still many types of evidence that can be valuable in an investigation. For instance, some evidence that is not admissible on its own may be admissible in tandem with other forms of evidence.

The law of evidence governs what can be presented in a court of law.  It applies to the use of oral or written statements, such as an affidavit, exhibits, or any other documentary material which is admissible in a judicial or administrative proceeding. Therefore, an investigators ability to gather, analyze, and track evidence is a critical competency. Even though evidence may not be direct proof of an event or claim, the direction of any case can change directions just based on the types of evidence identified.

Types of Evidence You May Run Across

1. Physical Evidence

Real evidence, physical evidence, or material evidence is any tangible object that plays some part in the issue that gave rise to the lawsuit, introduced in a trial, intended to prove a fact in issue based on the object’s evident physical features.

2. Exculpatory Evidence

Exculpatory evidence is evidence advantageous to the defendant in a criminal trial that absolves or tends to exonerate the defendant of guilt. It is the opposite of inculpatory evidence, which tends to prove guilt. Because of its extreme value to the defense, prosecutors and police are required to disclose to the defendant any and all exculpatory evidence when it becomes available.

3. Forensic Evidence

Forensic evidence refers to scientific evidence, such as DNA, trace evidence, fingerprints or ballistics reports, and can offer factual proof to determine a person’s guilt or innocence. Generally considered to be strong and reliable evidence, forensics role in exonerating the innocent has been well recognized. Due to cost and resources, forensic use in private matters is generally limited to serious cases that will most likely end up in court.

4. Direct Evidence

One of the most powerful types of evidence, direct evidence is a form of evidence such as eyewitness testimony. The evidence alone is the proof that something occurred or didn’t occur.

5. Analogical Evidence

There are times where the main issue is “cutting-edge” or generally under-researched.  Analogies come into play when you don’t have data to refer to or other sources on the matter to reference. Because there is a need for information to draw an analogy and you have to get your evidence from somewhere, analogical evidence, or comparative analysis, is the natural next step.

6. Anecdotal Evidence

Because it’s often dismissed as unreliable and worthless, anecdotal evidence is one of the more underutilized forms of evidence.  Anecdotal evidence is evidence that is based on a person’s observations. When used in conjunction with other types of evidence, it can actually be very useful for refuting generalizations because all you need is one example that challenges a claim.

7. Character Evidence

Character evidence describes any testimony or document presented for the determination of proving that a person acted in a certain way on a certain occasion based on the character or disposition of that person. Three factors classically control the permissibly of character evidence, the purpose the character evidence is being used for, the form in which the character evidence is offered, and the type of proceeding (civil or criminal) in which the character evidence is offered

8. Circumstantial Evidence

Circumstantial evidence, also known as indirect evidence, requires an inference regarding something that is based on a series of facts detached from the fact the dispute is trying to prove. It requires a presumption of facts from other facts that can be proven. While not considered to be overwhelmingly strong evidence, it can be relevant in a private matter, with a lesser burden of proof than “beyond a reasonable doubt”.

9. Demonstrative Evidence

Evidence in the form of a representation of an object and is considered to be demonstrative evidence when it directly demonstrates a fact. This could be photographs, video and audio recordings, charts, etc.

10. Digital Evidence

In recent years, the use of digital evidence in trials has greatly increased. Digital evidence can be any sort of digital file from an electronic source. This can include files, documents, emails, text messages, instant messages, the contents of a hard drive, electronic financial transactions, audio files, and video files. Digital evidence can be found on any server or device that stores data, including some lesser-known sources. It is important to think outside the box and don’t discount some unorthodox means such as home video game consoles, GPS, sport watches and internet-enabled devices. Additionally, digital evidence is often found and cataloged through internet searches using open source intelligence (OSINT).

11. Documentary Evidence

Documentary evidence can be and usually is introduced in the form of documents, such as an invoice, a contract or a will. In recent years, the term can include any media by which information can be maintained.

12. Hearsay Evidence

Hearsay is an out of court statement, that is made in court, to demonstrate the truth of the matter proclaimed. In other words, hearsay is evidence of an utterance or statement that was made other than by a witness while testifying at the hearing in question and that is presented to demonstrate the truth of the matter stated. Hearsay evidence is generally not admissible in court; however, it can be of interest and value in a private investigation where the burden of proof, if there is one, is less vigorous than in court.

13. Prima Facie Evidence

Latin for “at first sight”, prima facie may be used as an adjective meaning “sufficient to establish a fact or raise a presumption unless disproved or rebutted”. Typically presented before trial, this evidence is generally enough to prove something until it is disproved. Also referred to as “presumptive evidence”.

14. Statistical Evidence

Evidence that uses numbers (or statistical data) to back a position is called statistical evidence. This type of evidence is based on information gathering such as surveys or polls.

15. Testimonial Evidence

This is either oral or written statements given by a witness or authority under oath. It can be assembled in court, at a deposition or through a written affidavit.

Benefits of Knowing

Sometimes just keeping in mind what the various types of evidence are will help you identify them as evidence during an investigation. Remember, a small piece of evidence can change the course an ultimately the outcome of a well performed and maintained investigation.

Any tangible evidence must be cataloged and tracked until it’s proper disposal. Use the CROSStrax’s Chain of Custody Template to track the possession of evidence during your next investigation.

5 Things to Look for when Choosing Investigative Software

5 Things to Look for when Choosing Investigative Software

5 Things to Look for when Choosing Investigative Software

About five years ago I started the CROSStrax project. The goal, design and implement investigative software that will direct the course and content of an investigation. Now, having gone through research, development, and practical testing, it’s easy to see what the key elements are to great investigation case management software.

So what do we know? Case management software manages information related to an investigation. manages information related to an investigation. Investigative software should perform basic tasks, such as, storing case information, managing billing expenses, employee and vendor records, and much, much more. At this point in the game, you should be looking for a cloud-based system, allowing access from anywhere in the world. Remember though, if the system is creating more work you or your organization, it’s simply counter productive. While I started thinking about the key functions to look for in case management software, the variables to look for became clear,

  1. ease of use,
  2. automation,
  3. and resources.

To sum it up, a one stop shop for investigation case management software that saves time and get’s things done.

Look Closely for These Five Feature

1. Report Design and Generation

Make sure the software you choose has a standard workflow in mind when it comes to investigative reports.  The software should allow your investigators access to input all of the data while the system is responsible for the aggregation, segmentation, and generation of the final report. This process will create a more efficient investigation while maintaining a consistent work product.

2. Automation

In designing CROSStrax we immediately looked at what could be done via automation. Three things we identified immediately were connections via API with our database information provider, various Internet sites to perform Internet Mining Investigations, and accounting software to automate the billing and expense process. These tasks alone shaved hours off man-time that now could be used to perform other more labor intensive tasks.

3. Data Breach Prevention

Your efforts here will demonstrate to your clients that your organization has taken anticipatory steps to address data security threats. The continuing problems of lost and stolen laptops containing critical information on hard-drives illustrates that corporate policy designed to safeguard portable data only works when employees follow the rules. By choosing a cloud-based case management system, you take back control of your security protocols, but remember, security protocols are only as good as the investigative software you choose, so choose wisely!

4. Help Desk Reports

It’s hard to get a client and if your clients aren’t happy, business will eventually suffer. Complaints should always be resolved as quickly as possible. Make sure your case management system keeps comprehensive records of all customer complaints, from the initial problem to the eventual solution.

5. Task Management

With the “do more with less” theory of business, it’s hard to always remember everything. Make sure the system you choose for case management has a comprehensive and integrated task management system. The tasks should allow you to schedule to co-workers, have due date reminders, and email notifications. In CROSStrax we put the tasks on the user dashboards for easy visibility.

Final Thoughts

Choosing investigative software is no easy task and you have to make sure that your decision is what’s best for your business or investigative process. By making the five features above a priority, you’re sure to choose software that will create a more efficient, client ready, and consistent work product.

  • Have you been using case management software, what are your thoughts?
  • What software have you been using and what are some positives and negatives?
  • Is there something you would like to see in case management software?
  • Price-point? Costs? Too high or just right for what you get?

Leave your questions, ideas, or general conversation in the comments below.

Pin It on Pinterest