"NightHawk allows for the visualization of multiple, complex datasets in a user friendly and intuitive environment. The program lets investigators focus on the case, not the task of managing, merging, correlating and/or sifting through enormous amounts of information to find that one critical piece. One way to think about the value of this program is a cost savings approach. 

Depending on type of the investigation it is not uncommon for investigators to request and receive data from Facebook, cellular service providers, Google, GPS trackers, ankle monitors, ShotSpotter, and several other sources. While not every case involves each of these data types, many cases (especially serial shootings) rely on several of these sources of information. 

Generally speaking, a CDR return could contain 7,000 or more lines of data and a Facebook return could contain 12,000 or more pages of information. Google geo-location pings can occur every 2 to 10 seconds, so if you factor those in for any period of time the investigator could be managing another 50,000 lines of data.   While the information contained in these returns is valuable, the ability to search and analyze it has been historically cumbersome and time intensive. NightHawk allows the investigator to search and visualize all of these data sets, for multiples suspects, simultaneously.... and it is fast. 

It is difficult to describe the amount of time required to complete a task like that. However, its safe to assume that it could take an investigator five or more hours just to search an average Facebook return for the pertinent information needed. Then, if they locate the information, it is not presented chronologically and the references to associated pictures and videos are disjointed and hard to put into context. This is just for one suspect, and one set of data so the task of repeating this process for multiple defendant cases increases the time commitment exponentially. 

A similar search in NightHawk could take less than 30 seconds and the information is presented in a logical easy to follow format. Additionally, this data can be integrated with CDR's, ShotSpotter and the other data types described above. That allows the investigator to evaluate the relevance of related information at the same time. For example, an investigator can now see how a Facebook post, lead to phone calls and text messages, which lead to a Facebook Messenger conversation and a shooting that occurred during that conversation, resulting in ShotSpotter data. The ability to efficiently visualize interactions like that has led to previously unknown associations, new suspects, and the development of probable cause that otherwise could have been missed. 

For example, the Task Force is investigating a home invasion and officer involved shooting. The case has relied heavily on data from several service providers. There are currently over 266,000 lines of data loaded into that case. The case agent visualized all of the available data for all of the suspects and then conducted a search for four keywords and one phone number related to the case. The results returned 608 relevant items out of 266,482 lines of data. That search took less than 30 seconds. The ability to quickly visualize these large sets of data and move past dead ends to pursue knew leads is priceless. 

Additionally, this approach allows the investigator to further explore potential leads in a fraction of the time. The ability to do so as uncovered links to previously unrelated shootings and expanded existing cases well beyond where they previously were. The savings in man hours more than pays for the cost of the program. "

- Federal Task Force Officer