AI for Law Enforcement: An introduction to Investigative Intelligence


In law enforcement, information pertaining to an investigation is collected piece-by-piece and computers are generally used for storage and forensic purposes.

While it’s useful to be able to find a piece of information, traditional record management systems are far from putting data to work to automatically find relevant pieces of evidence.

In addition, technologies that are in use by law enforcement agencies are many steps behind the software that even the least sophisticated criminals have access to. The beat cop and the criminal analyst have always struggled to get ahead of the criminal element.

Criminals communicate on platforms that the police department and the intelligence community are unable to observe. They can switch communication platforms quickly, just by downloading a new app. As a result, criminal organizations have been able to outwit, out-manoeuvre, and out-fund law enforcement agencies in terms of technology.

Law enforcement must adapt. To do so it must utilize real-time and big data solutions.

Improving the OODA loop with Investigative Intelligence

Since the traditional approach is not working, police departments are now invoking smarter, tighter, and more automated technologies to establish a level playing field.

In the military, a key concept is the OODA (Observe–Orient–Decide–Act) loop. It recognizes the speed at which the investigative process can observe and act to stay ahead of the enemy. Tightening the OODA loop is as critical in law enforcement as it is in the military. Now, law enforcement is taking measures to reduce its OODA loop to the point where they can prevent rather than react to crimes.

Which technologies can support this?

In law enforcement today, there are many fragmented technology tools – which is a problem.

Investigators use record management systems but often use separate graphical tools to draw connections as part of the link analysis phase.

Disjointed software does not enhance the investigative process. Rather than act as an informative discovery process, no new information comes to the surface that investigators didn’t know already.

The spark of innovation comes when link analysis is intimately and smartly fused with big data and unstructured data processing. At Siren we use the following diagram to illustrate the concept, such fusion is called investigative intelligence.

Investigative intelligence in actionThe division of police forces into jurisdictions can pose difficulties, not only in the rate of technical advancement, but also in the sharing of information. For example, in the metropolitan area of Kansas City, there are two million people inhabiting 15 counties.

Improvements are emerging through the introduction of Fusion centresOpens a new window , which are sponsored by federal agencies. They focus on a specific problem that affects many jurisdictions across the metropolitan area.

However, if there is no technological ecosystem that can automatically and associatively perform data integration, police departments will always be behind the eight ball.

A dynamic data model

In law enforcement, it is clear that the speed of data integration is critical for solving crimes.

What may be less obvious is that recall (the ability to quickly find connected data) is very often much more important than absolute precision.

Historically, law enforcement has employed a fixed data model that controls how the data is shaped and limits the questions that the criminal analyst can ask of the data. As new data sets come in, it can take months to ingest the data, analyse it, and then properly fuse it with existing data.

The existing fusion method attempts to match and adapt all of the metadata attributes. However, this approach is often excessive when, in reality, all that the investigator needs is an automated indication that something is connected to something else that was already in the system.

The solution for this scenario are systems in which fusion can happen via an easy, UI edited dynamic schema, in real-time.

For example, an investigator can upload a CSV file that contains information about stolen vehicles from another jurisdiction. They can simply mark the field “licence plate” and this CSV file will automatically form part of a unified data model and be connected with other relevant entities.

AI-powered entity resolution

In the previous example, the licence plate numbers matched existing data and connections appeared. But, what happens when records have similar but never perfectly matching attributes?

Entity resolution – or identity resolution when it is applied to people – is the technology that determines “who is really who” across different datasets. This becomes key when we recognize that criminals regularly change their information.


Let’s look at a criminal who is moving through jurisdictions and stealing cars. He will tell one police department his name is Bob Smith; in another jurisdiction it will be Bobby Smyth and then Robert Smeth elsewhere.

However, he will also change details such as his date of birth, where he lives, or where he works. Internal transcription errors may then add to this confusion.

The ability to link these identities and fuse them together as you import the latest data into the system is a game changer.

Entity Resolution allows offices across jurisdictions to respond faster, solving crimes that may have eluded police before. It was first pioneered by organizations such as the New York Police Department (NYPD) and other large agencies in their state-of-the-art Real Time Crime Center (RTCC).

Identity Resolution enhances the results even further, across languages and cultures. The global naming recognition engine correlates information and allows identification across transliterations and cultural conventions.

Employing natural language processing to interpret data

Law enforcement data is, on average, 80% unstructured. It may include social media content, witness statements, or typed reports. To conduct a thorough investigation, the analyst must read every single document.

In the investigation of large criminal organizations that are active for many years, this amounts to weeks or months spent reviewing unstructured data, which has a substantial impact on the speed of the investigative process.
Natural language processing (NLP) itself is not new, but within integrated investigative intelligence, there are great practical innovations.

In the Siren Platform, for example, structure is given to the inherently unstructured with integrated statistical network analysis. This approach summarizes an entire corpus of knowledge into a single pane-of-glass which becomes useful when an investigator wants to answer questions such as, “Who is writing to whom (and when and where)?”

Next, investigators need to examine the messages that might be the most relevant. With cross-language entity extraction, which is powered by curated built-in dictionaries and a set of law enforcement rules, it’s a breeze:

The ability to identify geographical markers as they are extracted from text and true positional records is also extremely powerful.

Investigative Intelligence across Law Enforcement use cases

The innovative capabilities of Investigative Intelligence can also impact many other elements of Law Enforcement.

For example, the Siren Platform has been used to identify correlations between the perpetrators of high-speed traffic offenses and crash reports resulting in fatal or serious injuries. This delivered powerful results for individual case investigations, training, policy making, and crime prevention.


Investigative Intelligence is the ability to fuse previously disconnected analytics capabilities so that the investigator can freely ask questions – maximizing each individual technique.

Analytics is, in turn, strongly “supercharged” by investigative AI functions, such as automatic relationship detection, entity resolution and natural language processing.

With AI-driven associative features and unstructured data handling, law enforcement agencies can finally be on a level playing field, technologically speaking, with criminals and effectively tighten the OODA loop.