Investigations is the systematic process of uncovering hidden truths through research, documentation, and source development. This page covers methodology for investigative journalism.

Every investigation answers three questions:

1. What happened? (Establish facts)
2. Who's responsible? (Identify actors)
3. Why does it matter? (Demonstrate impact)

The order matters. Facts first, then actors, then stakes. Never work backward from a conclusion.

Before investigating, you need a question worth answering:

• What's the tip or lead?
• What would proving it require?
• What would disproving it require?
• Who benefits if it's true? Who's harmed?
• What's already public?

Document everything from day one. Your future self will thank you.

Build the knowledge foundation:

• Public records: Court filings, property records, corporate registrations
• News archives: What's already been reported?
• Academic literature: Who studies this topic?
• Industry publications: Trade journals, professional forums
• Social media: Who talks about this publicly?

Goal: Know more about the topic than most people before making a single call.

Gather primary sources:

• FOIA requests: File early, file often, file everywhere
• Court records: PACER (federal), state court systems
• SEC filings: EDGAR for corporate disclosures
• Lobbying disclosures: OpenSecrets, state databases
• Campaign finance: FEC, state election boards
• Property records: County assessor, recorder offices

Organize obsessively. File naming conventions. Date prefixes. Backup everything.

See Source Handling for detailed guidance. Key principles:

• Start at the edges: Former employees, competitors, regulators
• Work toward the center: Build knowledge before approaching principals
• Verify independently: Never rely on a single source for key facts
• Protect absolutely: Source safety trumps story

Make sense of what you've gathered:

• Timeline construction: What happened when?
• Network mapping: Who connects to whom?
• Pattern identification: What repeats?
• Gap analysis: What's missing? What questions remain?

Open Source Intelligence - extracting information from public sources:

Source	What It Shows
Voter registration	Address, party affiliation, voting history
Property records	Ownership, transactions, value
Court records	Lawsuits, judgments, criminal history
Professional licenses	Credentials, disciplinary actions
Corporate records	Directorships, ownership stakes
Social media	Connections, timeline, interests

• EDGAR: 10-K (annual), 10-Q (quarterly), 8-K (events), proxy statements
• State SOS: Incorporation documents, registered agents, annual reports
• UCC filings: Security interests, lending relationships
• Litigation: PACER, state courts, arbitration records
• Regulatory: Industry-specific databases (FINRA, FDA, etc.)

• Domain WHOIS: Historical registration (archive services)
• Web Archive: Wayback Machine for deleted content
• Reverse image search: Google, TinEye, Yandex
• Metadata: Document properties, photo EXIF data
• Social graphs: Connection analysis across platforms

Before relying on any document:

• Provenance: Where did it come from?
• Format: Consistent with era/organization?
• Content: Matches known facts?
• Context: Why does this document exist?

• OCR: Convert scanned documents to searchable text
• PDF analysis: Extract embedded data, metadata
• Spreadsheet analysis: Pivot tables, VLOOKUP, conditional formatting
• Database queries: SQL for structured data
• Visualization: Timeline tools, network diagrams

• Know the subject: Research thoroughly before contact
• Know your questions: Written list, prioritized
• Know your recording: Legal requirements, consent rules
• Know your limits: What can you promise?

Opening: Establish rapport, explain purpose, set ground rules.

Core interview:

• Ask open-ended questions first
• Let silence work for you
• Follow up on specifics
• Circle back to key points
• Watch for inconsistencies

Closing:

• "Is there anything else I should know?"
• "Who else should I talk to?"
• "What documents would support this?"
• "How can I reach you if I have follow-up questions?"

• Record if legally permitted and consented
• Take detailed contemporaneous notes
• Document demeanor, setting, non-verbal cues
• Transcribe key quotes immediately after

For sensitive claims:

• Two-source minimum: Independent corroboration
• Three sources ideal: Multiple perspectives
• Documentary backup: Paper trail when possible

Before publishing:

• Can you prove it to a skeptic?
• What's the strongest counter-argument?
• What would the subject say in response?
• Are you prepared to defend it in court?

• [ ] Facts verified by multiple sources
• [ ] Documents authenticated
• [ ] Subject given opportunity to respond
• [ ] Legal review completed
• [ ] Editor signoff obtained
• [ ] Publication ethics satisfied

/investigation-name/
  /documents/
    /foia/
    /court-records/
    /corporate/
    /misc/
  /interviews/
    /transcripts/
    /notes/
  /analysis/
    /timelines/
    /network-maps/
  /drafts/
  /published/
  chronology.md
  sources.md (encrypted)
  questions.md

• Encrypted storage: VeraCrypt, LUKS
• Secure communication: Signal, SecureDrop
• Source protection: Compartmentalized files
• Backup: Multiple locations, encrypted

Know your protections:

• Shield laws (state-specific)
• Reporter's privilege
• First Amendment defense

Know your risks:

• Defamation liability
• SLAPP suits
• Subpoena threats
• Physical security

Consult counsel:

• Before publishing sensitive material
• When approached by subjects
• If served with legal process

• FOIA - Freedom of Information requests
• Source Handling - Protecting confidential sources
• Data Journalism - Using data for stories
• Journalism - Broader journalism practice
• Threat Modeling - Security planning

• Investigative Reporters and Editors
• Global Investigative Journalism Network
• Committee to Protect Journalists
• OCCRP

Journalism & Investigations
Core	Journalism · Investigations · Source Handling
Methods	FOIA · Data Journalism · Dataviz · Documentation Discipline
Tools	ArchiveBox · Scrapbook-core · Personal APIs
Culture	Hacker Culture · PGP Communication Guide