How to Investigate Someone (8-Step Process Using Public Records & OSINT)

Investigating someone is the process of collecting and verifying information about a person using public records, court filings, government databases, and online sources. This process exists because personal information is distributed across multiple disconnected systems — court portals, property databases, business registrations, social media, and commercial data aggregators — that must be searched and connected to form a complete and accurate picture. Investigators, attorneys, employers, landlords, and individuals use these methods to confirm identity, evaluate risk, verify claims, and make informed decisions. This guide explains the complete step-by-step process for conducting a lawful and accurate personal investigation, from environment setup through verification and documentation.

Quick Answer: Investigating someone requires 8 steps:

1. Set up a secure, anonymous research environment
2. Verify the subject’s identity across two independent sources
3. Search address and location history through property and government records
4. Search court records at the state and federal level
5. Check business registrations and professional licenses
6. Analyze online presence using OSINT and Google dorking
7. Archive and document every finding with source, date, and collection method
8. Verify all findings against primary sources before treating them as confirmed

Skipping steps or changing the order produces incomplete findings and increases the risk of errors that compromise the investigation.

Essential Tools at a Glance

For the full tool breakdown including VPN comparison and browser configuration, see OPSEC Tools for Investigators.

Start Here — Quick Workflow

If you need to investigate someone quickly, follow this order:

1. Confirm identity using full name + city + one additional identifier (age, phone, or employer)
2. Check address history using county property records or TruePeopleSearch
3. Search state court records for criminal and civil cases
4. Verify findings against primary government sources — not aggregators

The full eight-step process below covers each of these in detail, plus business records, online presence, archiving, and verification.

What You Need Before You Start

• Full name (required)
• Approximate location — city and state (required)
• At least one additional identifier: approximate age, phone number, email address, or employer name

Without a second identifier alongside the name, searches return too many similarly named individuals to work with efficiently. The identifier set expands as the investigation proceeds — but you need at least one to begin.

⚠️ Legal Notice: This guide covers research using publicly available records and legally accessible OSINT sources. Accessing records that require authentication, bypassing access controls, or using findings to harass, stalk, or harm any individual may violate federal and state law. Research must comply with the Fair Credit Reporting Act (FCRA) if used for employment, credit, housing, or other regulated purposes. This guide does not constitute legal advice. Know the applicable laws in your jurisdiction before conducting any investigation.

When You Would Investigate Someone

Personal investigations are conducted for a wide range of lawful purposes. The method is the same across all of them — the legal framework and depth of research vary.

Hiring and employment screening — Employers verify work history, credentials, criminal background, and professional license status before making hiring decisions. Investigations conducted for this purpose must comply with the Fair Credit Reporting Act, which requires using an FCRA-compliant provider, obtaining written consent, and following specific adverse action procedures. See What Is a Background Check for the regulatory framework.

Tenant screening — Landlords verify identity, rental history, court records, and financial background before entering a lease. FCRA compliance requirements apply here as well. See Rental Applicant Background Checks for Landlords.

Online dating and personal safety — Individuals verify that a person they met online is who they claim to be, has no undisclosed criminal history, and has not misrepresented their identity. This is one of the most common use cases for personal investigation and one of the fastest-growing. See Online Dating Background Checks.

Business due diligence — Individuals and companies verify the background of a potential business partner, contractor, or vendor before entering a financial relationship. This typically covers business registration history, litigation history, regulatory actions, and financial public record.

Personal safety concerns — Individuals investigate a person who has made threats, exhibited concerning behavior, or whose true identity is uncertain. The investigation establishes who the person actually is and what their documented history shows.

Locating someone — Investigators, attorneys, and individuals locate a missing person, a debtor, or someone who has cut off contact. This is the core use case for skip tracing methodology. See What Is Skip Tracing and How Private Investigators Find People.

Types of Personal Investigations

Not every investigation requires the same depth of research. The appropriate type depends on the purpose, the stakes involved, and the information already available.

Basic lookup — A quick check using free, no-account sources to confirm identity, surface a current address, and check for major public record flags. Appropriate for low-stakes verification — confirming a contractor’s identity, verifying a name and location. Completed in under an hour using TruePeopleSearch, Google operators, and basic court portal searches.

Background investigation — A structured search across court records, property records, business registrations, and professional licensing databases. Appropriate for employment screening, tenant screening, business due diligence, and any situation where documented history is the primary concern. Takes several hours to a day depending on jurisdictions covered.

Deep investigation — A full OSINT investigation combining public records research, cross-platform online presence analysis, social media research, OSINT pivoting, and verification across multiple independent sources. Appropriate for legal cases, complex due diligence, skip tracing, and investigations where a complete and defensible record is required. May take several days and involves the full eight-step process described in this guide.

The eight steps below apply to the full deep investigation. For basic lookups and background investigations, Steps 1, 2, 3, 4, and 8 are the core sequence.

How Long an Investigation Takes

The 8-Step Investigation Process

• Step 1 — Set Up Your Research Environment
• Step 2 — Verify the Subject’s Identity
• Step 3 — Search Address and Location History
• Step 4 — Search Court Records
• Step 5 — Check Business Records and Professional Licenses
• Step 6 — Analyze Online Presence
• Step 7 — Archive and Document Findings
• Step 8 — Verify Everything

What “Investigating Someone” Actually Means

Personal investigation, as described in this guide, is not surveillance. It is not covert physical observation. It is the systematic retrieval and analysis of information that already exists in public record systems, government databases, and the indexed public internet — information that is legally accessible to anyone who knows where to look and how to connect it.

The United States generates more publicly accessible personal information than any other country. Court filings, property transactions, business registrations, professional licenses, voter registrations, marriage and divorce records, bankruptcy filings, and tax lien records are all created by government agencies, maintained in public databases, and legally accessible without special credentials or authorization. Most people are unaware of how much of their history exists in these systems — and most investigators are unaware of how many of those systems can be accessed for free.

OSINT (Open Source Intelligence) extends this further — applying structured methodology to the indexed public internet to surface information from social media, news archives, corporate records, and cross-platform data connections that do not appear in formal government databases.

The combination of public records research and OSINT methodology is what makes a personal investigation comprehensive. Neither alone is sufficient. Public records establish documented history. OSINT surfaces current activity and online presence. Together they produce a picture that is both historically grounded and current.

For the broader context of what personal information is legally accessible and through what systems, see What Information About a Person Is Publicly Available and How Public Records Are Organized in the United States.

Before You Begin: Legal and Ethical Boundaries

Every investigation must be grounded in a clear, lawful purpose. The techniques in this guide surface real information about real people. That power carries corresponding responsibility.

The Fair Credit Reporting Act governs investigations used for employment screening, tenant screening, credit decisions, and insurance underwriting. Research conducted for these purposes must go through FCRA-compliant providers and follow specific adverse action procedures. Using a general OSINT investigation for hiring or rental decisions without FCRA compliance creates significant legal liability.

State privacy laws vary significantly. California, Virginia, and other states with comprehensive privacy statutes impose restrictions on how personal information can be collected and used that go beyond federal law. Investigators operating across state lines must account for the laws of the subject’s state as well as their own.

Harassment, stalking, and doxxing — using investigation findings to intimidate, harm, or expose a person to danger — are criminal offenses in every jurisdiction. The fact that information was lawfully collected does not authorize its use for any purpose.

Step 1 — Set Up Your Research Environment

What this step does: Creates a clean, anonymous search environment that prevents the investigation from generating records that expose the investigator or alert the subject. Primary tools: No-logs VPN, dedicated research browser, purpose-built research identity. Risk if skipped: Platform logs connect your real IP and identity to the investigation. Subject alert systems may notify the person being researched. Records may be discoverable in legal proceedings.

The first step in any investigation is not searching. It is preparing the environment from which you will search.

Every platform you access during an investigation logs your IP address, device fingerprint, and in some cases your account identity. Some platforms notify subjects when their profile is viewed. An investigation conducted from an unsecured environment leaves a trail that can alert the subject, compromise the investigation’s integrity, and in legal contexts, produce discoverable records of the investigator’s activity.

Before the first query runs, the following must be in place.

A no-logs VPN must be active and verified — confirmed through an IP leak test showing the VPN server’s address, not your real IP. Mullvad and ProtonVPN are the current recommendations for investigative use.

A dedicated research browser must be open with no personal accounts logged in, no saved passwords or autofill active, and uBlock Origin running in strict mode. Firefox with privacy.resistFingerprinting enabled is the standard configuration.

If the investigation may require logging into any platform, a purpose-built research email account with no connection to your real identity must be available. A prepaid card with no real identity link handles any payment requirements.

The research must be conducted on a personal device, connected to a personal network — not an employer-issued device or a corporate or institutional network that logs traffic.

The complete pre-search setup procedure is documented in the OPSEC Checklist for Investigators. The framework behind it — covering network, browser, identity, and device controls — is in OPSEC for Investigators: How to Stay Anonymous While Researching. For anonymous investigation setup specific to people-search platforms, see OPSEC for Background Checks & People Search.

Step 2 — Verify the Subject’s Identity

What this step does: Confirms you are researching the correct person and establishes a verified identifier set before committing investigative resources to a full search. Primary sources: Property records, voter registration, court filings, people-search aggregators. Risk if skipped: Findings from one person are attributed to another — a consequential error in any investigation with real stakes attached.

The most consequential error in personal investigation is researching the wrong person. Names are not unique identifiers. John Smith is not one person — it is thousands of people, many of whom share a city, an age range, and a general profile with your actual subject.

Identity verification before conducting a full investigation prevents findings from one person being attributed to another — an error with serious consequences if the findings are used for employment decisions, legal proceedings, or any purpose with real stakes attached.

The goal of this step is to establish a confirmed identifier set: a combination of data points that, taken together, uniquely identify your subject and distinguish them from similarly named individuals.

Start with what you know. Name, approximate age, last known city, and one additional data point — an employer, a phone number, an email address, a vehicle — is usually sufficient to begin. The identifier set expands as the investigation proceeds.

Cross-reference early findings against each other. A name and city found in a property record should match the name and city found in a court filing. Discrepancies are either errors in the underlying record or indicators that you are looking at two different people. Do not proceed with a full investigation until the subject’s identity is confirmed across at least two independent primary sources.

For the full identity verification methodology, see How Investigators Verify Someone’s Identity and How to Verify Someone’s Identity Online.

Want a faster starting point? A public records database can generate an initial identifier set — including known addresses, aliases, and associated records — in a single search. This reduces the time required to begin verification and helps prevent early-stage identity errors. For a comparison of safe and risky platforms and how to use them without alerting the subject, see OPSEC for Background Checks & People Search.

Step 3 — Search Address and Location History

What this step does: Establishes where the subject has lived, owns property, or is currently located — and unlocks access to every record system that uses address as a primary field. Primary sources: County property appraiser databases, voter registration records, TruePeopleSearch. Risk if skipped: Court filings, business registrations, and utility records tied to unknown addresses are missed entirely.

Address history is one of the most useful starting points in a personal investigation because it connects to almost every other record system. Property records, voter registration, court filings, business registrations, and utility records all use address as a primary organizing field. A confirmed address history for a subject unlocks access to all of them.

Property records are the most reliable source of address history for subjects who own real property. County property appraiser and assessor databases are publicly accessible in most states and searchable by name or address. A property record confirms address, ownership dates, and in many cases additional contact information filed with the county.

Voter registration records are publicly accessible in most states and contain name, address, and party affiliation. In some states, date of birth is also included. Voter rolls are one of the few government sources that are updated regularly and tied to a verified identity — registration requires proof of identity in most jurisdictions.

People-search aggregators compile address history from multiple sources and present it in a single report. TruePeopleSearch provides this for free without account registration and without the subject alert risk of paid platforms. For platform-specific OPSEC controls when using paid aggregators, see OPSEC for Background Checks & People Search.

For the full address research methodology, see How to Find Someone’s Address History and How to Find Someone’s Address Using Public Records.

Step 4 — Search Court Records

What this step does: Establishes the subject’s documented legal history — civil disputes, criminal charges, bankruptcies, and federal enforcement actions. Primary sources: State court portals, PACER, bankruptcy court records. Risk if skipped: Criminal history, civil judgments, restraining orders, and financial events that exist in the public record go undetected.

Court records are the most information-dense public records available for personal investigation. A single court filing may contain the subject’s full name, date of birth, address at time of filing, employer, attorney, co-defendants or co-plaintiffs, and a detailed factual record of the underlying dispute or offense. Court records establish documented history in a way that no other source matches.

State court records — Civil and criminal filings at the state level are the starting point for most investigations. Most states have online portals for searching court records by name. Coverage varies significantly: some states provide full case documents online; others provide only docket information and require an in-person visit or written request for documents. For state-by-state access guidance, see How to Search State Court Records Online.

Federal court records — Federal civil and criminal cases, bankruptcy filings, and federal agency enforcement actions are searchable through PACER (Public Access to Court Electronic Records). PACER charges per-page fees for document retrieval but is the authoritative source for federal case records. For PACER navigation, see What Is PACER: A Beginner’s Guide to Federal Court Records.

Bankruptcy records — Bankruptcy filings are federal court records and searchable through PACER. They contain detailed financial disclosures — assets, liabilities, creditors, income — that are not available from any other public source. For bankruptcy research methodology, see How to Search Bankruptcy Records.

What to look for in court records — Case type (civil, criminal, family, probate), the subject’s role (plaintiff, defendant, respondent), case outcome, and any co-parties named. Each co-party is a new identifier for pivoting. Each case number connects to a document set that may contain far more information than the docket entry suggests.

For the broader framework on court record types and access, see How Court Records Work in the United States and Civil vs. Criminal Court Records.

Step 5 — Check Business Records and Professional Licenses

What this step does: Surfaces business activity, credential status, regulatory history, and financial obligations not visible in court or property records. Primary sources: Secretary of State databases, state licensing boards, SEC EDGAR, FINRA BrokerCheck. Risk if skipped: Undisclosed business entities, lapsed or revoked licenses, and regulatory actions remain hidden.

Subjects with business activity leave a record trail through Secretary of State databases, professional licensing boards, and regulatory agencies that is entirely separate from the court and property record systems — and frequently more current.

Secretary of State databases — Every state maintains a searchable database of business registrations, including LLCs, corporations, and partnerships. A search by subject name returns all entities where the subject appears as a registered agent, officer, or organizer. This surfaces business activity the subject may not have disclosed, historical business names, and associated addresses and co-owners. For business research methodology, see How to Research a Business and Its Owners.

Professional licensing boards — Licensed professions — attorneys, contractors, medical professionals, real estate agents, financial advisors — are regulated at the state level, and license records are publicly searchable. A license record confirms the subject’s credentials, their status (active, suspended, revoked), and in many cases their disciplinary history. This is particularly valuable when verifying professional claims or investigating misconduct.

SEC and regulatory records — Subjects with securities industry registrations, investment advisor status, or involvement in public companies appear in SEC EDGAR and FINRA BrokerCheck. Both are publicly searchable and contain disclosure records that include regulatory actions, complaints, and employment history within the regulated industry.

Liens and judgments — UCC filings, tax liens, and judgment liens are public records that establish the subject’s creditor relationships and financial obligations. For lien research, see What a Lien Record Actually Means and How Asset Searches Work.

Step 6 — Analyze Online Presence

What this step does: Surfaces current activity, online associations, and self-disclosed information that does not appear in formal record systems. Primary sources: Google dorking, platform-specific social media search, OSINT pivoting, reverse lookups. Risk if skipped: Current activity, aliases, platform connections, and recent location data that exist only in the public internet go undetected.

Public records establish documented history. Online presence analysis surfaces current activity, associations, and information that has not yet entered formal record systems — or that exists only in the indexed public internet and would not appear in any government database.

Google dorking is the most powerful free tool for online presence analysis. Structured search operators — site:, filetype:, intitle:, inurl:, exact phrase strings — filter Google’s index to surface documents, profiles, cached pages, and file types that a standard keyword search would not return. A well-constructed dork can surface court documents, cached social media profiles, leaked spreadsheets, and organizational records in a single query. For the complete operator reference and investigative dork recipes, see Google Dorking for Investigators.

Social media research — Platform-specific searches surface the subject’s public posts, connections, location check-ins, and self-disclosed information. Each platform has different privacy defaults and different levels of public accessibility. The OSINT methodology for social media research involves identifying the subject’s username across platforms, mapping their network of connections, and extracting location and timeline data from post metadata and content. Platform-specific OPSEC controls for viewing profiles without alerting the subject are covered in the OPSEC guide.

OSINT pivoting — Every identifier found in online presence research becomes a new search input. A username found on one platform is searched across others. An email address found in a forum post is run through reverse email lookup. A phone number is run through reverse phone lookup. Each pivot either confirms existing findings or surfaces new ones. For the full pivoting methodology, see OSINT Pivoting: How to Follow Data Connections Across Systems.

Reverse lookups — Phone numbers and email addresses associated with the subject can be run through reverse lookup tools to surface additional names, addresses, and platform registrations. See Reverse Phone Lookup Guide and Reverse Email Lookup: What Information You Can Find.

For the complete OSINT methodology applied to online presence research, see OSINT Workflow: The 8-Phase Investigation Framework and OSINT for Advanced Investigators.

Step 7 — Archive and Document Findings

What this step does: Creates a timestamped, source-documented record of every finding that can be cited, verified, and defended. Primary tools: archive.today, ExifTool, encrypted storage, investigation log. Risk if skipped: Findings cannot be verified or cited if challenged. Pages change or disappear. Files shared without metadata stripping may expose the investigator’s identity or device.

Documentation is what separates an investigation from a collection of browser tabs. Findings that are not documented with their source, collection date, and collection method cannot be verified, cited, or defended — and may not be usable if the investigation produces legal proceedings.

Archive every finding at first contact. Archive.today creates a timestamped, independently hosted snapshot of any publicly accessible page. That snapshot is the evidentiary record. It exists independently of the investigator’s device, carries a third-party verified timestamp, and can be independently verified by anyone reviewing the investigation. Do not rely on screenshots alone — they exist only on the investigator’s device and carry no independent timestamp.

Document the collection metadata. For every finding: the full source URL, the archive URL, the date and time of collection, the collection method, and the exact query or search path used to reach it. A finding without documented provenance cannot be defended if challenged.

Strip file metadata before storing. Files downloaded during the investigation — PDFs, images, documents — carry embedded metadata about the downloading device. Strip it with ExifTool before moving files to investigation storage or sharing them with any party.

Store in encrypted storage. Investigation files belong in an encrypted folder or encrypted drive — not on an unencrypted desktop or in a cloud service connected to the investigator’s personal identity.

For the complete evidence handling framework — including SHA-256 hashing, chain of custody documentation, and reporting standards — see Evidence Handling & Metadata for Investigators.

Step 8 — Verify Everything

What this step does: Confirms findings against independent primary sources to eliminate aggregator errors, misattributed records, and false positives. Primary sources: Government databases, court portals, official agency records — not aggregators or data brokers. Risk if skipped: Errors from commercial aggregators — outdated records, misattributed findings, duplicate entries — are treated as confirmed facts.

A finding is a lead until it is verified. Verification is the process of confirming a finding against at least one independent source — a source that does not derive from the same original record as the first.

People-search aggregators, data brokers, and commercial background check platforms compile their data from the same underlying government records and data purchases. A finding that appears in three different aggregators may be three copies of the same underlying record, not three independent confirmations. True independent verification requires going to primary sources: the government database, the court portal, the property appraiser’s office.

The verification hierarchy: Tier 1 sources are primary government records — court portals, property appraiser databases, Secretary of State filings, federal agency records. Tier 2 sources are credible secondary sources — established news organizations, professional databases with primary source documentation. Tier 3 sources are aggregators and data brokers — useful for surfacing leads, not for confirming them.

For the complete verification methodology including source tier classification and cross-referencing procedure, see How to Verify Information Using OSINT.

Common Mistakes

Researching the wrong person. The most damaging error in personal investigation. Confirm identity across two independent primary sources before proceeding with a full investigation.

Using aggregators as primary sources. Data broker reports are compiled from underlying records that may be outdated, incorrect, or misattributed. Every finding from an aggregator should be verified against the primary source before being treated as confirmed.

Skipping OPSEC setup. An investigation conducted from a personal account, a work device, or without a VPN may alert the subject, create employer-accessible records of the activity, or connect the investigator’s real identity to the research. See Common OPSEC Mistakes Investigators Make.

Not archiving. Pages change and disappear. A finding that is not archived at first contact may not be recoverable in its original form when needed for documentation or legal purposes.

Stopping at the first result. The first result for a name search is almost never the complete picture. A single court filing may reference prior cases not in the first result set. A single address may connect to property records across multiple counties. Continue until the search is exhausted, not until the first result is found.

Treating absence of findings as confirmation. A clean search result does not mean a clean subject. It means the available indexed sources did not surface a finding. Records that are not indexed, records behind login walls, and records in jurisdictions with limited online access may contain relevant information that the search did not reach.

Tools for Investigating Someone

No single tool covers all investigation sources. A complete investigation requires different tools at each step.

For a full breakdown of tools at each layer — including VPN comparison, browser configuration, and metadata handling — see OPSEC Tools for Investigators.

Frequently Asked Questions

Is it legal to investigate someone? Researching publicly available information about a person using public records and OSINT techniques is legal in the United States. Accessing records behind authentication, bypassing access controls, intercepting communications, and using findings to harass or harm someone are not. Investigations conducted for regulated purposes — employment, credit, housing — must comply with the FCRA. Know the applicable law before you begin.

How long does a personal investigation take? A basic identity and public records check using freely available sources can be completed in a few hours. A comprehensive investigation covering court records, business history, property records, and online presence across multiple jurisdictions typically takes several days to a week. The timeline depends on the depth of coverage required, the jurisdictions involved, and how much of the relevant record system is accessible online.

What is the most reliable source for investigating someone? Primary government records — court filings, property records, Secretary of State databases, federal agency records — are the most reliable sources. They are created and maintained by government agencies with legal obligations to accuracy, and they are the sources that commercial aggregators compile from. Going to primary sources rather than aggregators eliminates the errors introduced by aggregation and produces findings that are directly citable and verifiable.

Can the subject find out they are being investigated? On some platforms, yes. BeenVerified, TruthFinder, and similar platforms offer subject monitoring subscriptions that notify individuals when their profile is viewed. LinkedIn notifies profile owners of viewer identities by default. A subject who monitors their own web traffic can identify repeated visits from the same source. OPSEC controls and careful source selection — starting with no-account, no-alert sources — reduce the risk of subject awareness. See OPSEC for Background Checks & People Search.

What if I can’t find anything? A search that returns no results means the available indexed sources did not surface the information — not that the information does not exist. Records behind login walls, records in jurisdictions with limited online access, and records that predate digital indexing may contain relevant information. Direct requests to courts, agencies, or records custodians — including FOIA requests for federal records — can surface information that online searches miss. See How FOIA Requests Work.

Can you investigate someone for free? Yes — a significant amount of investigative research can be conducted using entirely free sources. TruePeopleSearch, direct government court portals, county property appraiser databases, Secretary of State business search tools, and Google dorking all provide substantive information at no cost. Paid platforms add convenience and aggregation — they do not add primary source access. The most reliable sources (government databases, court portals) are free by design.

What is the best background check site? For most investigative purposes, direct government sources — court portals, property databases, Secretary of State tools — are more reliable than any commercial background check site because they are primary sources, not aggregations of primary sources. Among commercial platforms, the appropriate choice depends on the purpose: FCRA-regulated uses (employment, housing) require a compliant provider. For general research, TruePeopleSearch is the strongest free option with no subject alert risk. For paid platforms, the trade-off is coverage versus subject alert risk — covered in detail in OPSEC for Background Checks & People Search.

How accurate are people search websites? People search aggregators compile data from public records, data broker purchases, and third-party sources. Accuracy varies significantly: address history and name associations are generally reliable as leads; criminal record data from aggregators should always be verified against the primary court source before being treated as confirmed. Aggregators may show outdated records, records from similarly named individuals, or records that have been expunged or sealed. Every finding from an aggregator is a lead, not a confirmed fact.

Can you investigate someone without them knowing? Yes — if the correct OPSEC controls are in place and the right sources are used in the right order. The risk of subject awareness comes from two sources: platform alert systems (BeenVerified, TruthFinder, LinkedIn) that notify subjects when their profile is viewed, and subjects who monitor their own web traffic and can identify repeated visits from the same source. Starting with no-account, no-alert sources eliminates platform alert risk. A VPN eliminates IP-based identification. For the complete anonymous investigation methodology, see OPSEC for Background Checks & People Search and OPSEC for Investigators.

Where to Go Next

For the OSINT methodology that underlies Steps 6 and 8: OSINT Workflow: The 8-Phase Investigation Framework — the complete structured process from objective-setting through reporting.

For Step 1 in detail: OPSEC for Investigators: How to Stay Anonymous While Researching — the full four-layer control framework.

For Step 7 in detail: Evidence Handling & Metadata for Investigators — archiving, chain of custody, and metadata procedures.

For background check platform-specific guidance: OPSEC for Background Checks & People Search — BeenVerified, Spokeo, Whitepages, and safer alternatives.

For the best government databases to use across Steps 3–5: Best Government Databases for Background Research and Best Public Records Databases for Investigations.

Related Guides

• OSINT Workflow: The 8-Phase Investigation Framework
• OPSEC for Investigators: How to Stay Anonymous While Researching
• OPSEC for Background Checks & People Search
• OPSEC Checklist for Investigators
• Common OPSEC Mistakes Investigators Make
• OPSEC Tools for Investigators
• Evidence Handling & Metadata for Investigators
• Google Dorking for Investigators
• How to Verify Information Using OSINT
• OSINT Pivoting: How to Follow Data Connections Across Systems
• How to Find Someone’s Address History
• How to Search State Court Records Online
• How to Research a Business and Its Owners
• How Investigators Find and Track People Online
• What Information About a Person Is Publicly Available
• How FOIA Requests Work
• Understanding Data Brokers
• How to Build an OSINT Report

Disclaimer: This article is for informational purposes only and does not constitute legal advice. All research techniques described here apply to publicly available records and legally accessible sources only. Investigations conducted for regulated purposes — employment, credit, housing, insurance — must comply with the Fair Credit Reporting Act and applicable state law. Use these techniques lawfully and ethically.