Ethical Intelligence Framework

Aletheia is built on the principle that information transparency is vital for security, truth, and accountability. Our mission is to make publicly available intelligence accessible, structured, and actionable for legitimate purposes.

In an era of digital fragmentation, gathering relevant security information manually is slow and error-prone. Aletheia empowers threat analysts, journalists, security researchers, and corporate trust teams by automating the discovery and synthesis of open-source data. We believe that this technology should serve as a shield, protecting individuals and organizations by illuminating digital exposures before they can be exploited by malicious actors.

To maintain ethical integrity and comply with international regulations, Aletheia operates strictly within defined boundaries. We distinguish between lawful, open-source intelligence gathering and unauthorized intrusion.

What We Do (In-Scope):

• Query public APIs and open-source intelligence feeds with proper authorization and API keys.
• Search indexable public web pages and repositories using standard search syntax (e.g., Google Dorking).
• Cross-reference hashes of identifiers against public breach logs (e.g., HaveIBeenPwned) to identify exposure.
• Perform passive DNS lookup, WHOIS checks, and public IP geolocation.

What We DO NOT Do (Out-of-Scope & Prohibited):

• We do not bypass paywalls, authentication layers, or digital rights management (DRM) systems.
• We do not hack, intercept communications, or access private databases or networks.
• We do not deploy malware, active scanning exploits, or intrusive tracking software.
• We do not compromise the privacy of individuals by scraping private communication channels or forums.

Aletheia is a powerful investigative tool. We require all users to adhere to strict ethical standards during their investigations. By using Aletheia, you agree to the following code of conduct:

3.1 Legitimate Investigative Purpose. You must only run investigations for legitimate security analysis, credential auditing, incident response, fraud prevention, journalism, or threat hunting.

3.2 Prohibited Activities. Under no circumstances may the Service be used for harassment, stalking, doxxing, unlawful surveillance, identity theft, or targeting individuals for personal retaliation or intimidation.

3.3 Compliance. You are solely responsible for ensuring your investigations comply with all applicable local, national, and international laws, including data privacy regulations in your jurisdiction (e.g., GDPR, CCPA).

A central pillar of OSINT is evidentiary value. Aletheia is designed to generate reliable, verifiable reports. We maintain a strict chain of evidence:

4.1 Cryptographic Hashing. Every piece of evidence ingested into Aletheia is hashed using SHA-256 upon capture. This ensures the integrity of the data remains unchanged and can be legally verified as a true copy of the source at that timestamp.

4.2 Source Citations. We provide clear, direct citations and source URLs for all evidence. We do not manufacture or synthesize facts; our AI models strictly summarize and correlate the documented sources.

We believe in being open about our algorithms and methodologies. Aletheia does not operate as a 'black box.'

All connectors used for searching are documented. When an entity is matched (for example, linking a username to a target email), we assign a confidence score and explain the logic behind the match. We encourage users to treat matches as probabilistic indicators that require manual verification, rather than absolute facts.

We are committed to preventing the abuse of our platform. If you have reason to believe Aletheia is being used in violation of this framework or our Terms of Service, please contact us immediately.

We investigate all complaints of platform abuse, stalking, or harassment. Accounts found violating these guidelines will be permanently suspended without refund.

Aletheia Ethics & Abuse Team
Email: ethics@aletheia.io