Process

My Methodology

Every investigation follows a structured, repeatable process. Every claim is sourced. Every finding is documented. Here's exactly how I work.

Principles

Investigative Standards

These principles govern every investigation. They are non-negotiable.

Open Source Only

Every piece of evidence used in a published report comes from publicly accessible sources. No hacking. No unauthorized access. No stolen data. If it isn't public, it isn't in the report.

Verifiable Claims

Every factual claim in a report is cited with its source. Readers can independently verify every finding. If I can't source it, I don't publish it.

Complete Transparency

Reports are published in full. No excerpts. No paywalls. No gated access. The entire point is to make the findings public — that's how accountability happens.

Process

The Investigation Pipeline

From initial intelligence to published dossier, every investigation moves through these phases sequentially.

01

Target Identification

Investigations begin with identifying potentially illicit operators through public product listings, regulatory databases, consumer complaints, industry tips, and import/export records. Preliminary screening confirms whether the entity warrants a full investigation.

FDA PMTA Database TTB Permits Industry Tips Product Surveillance
02

Corporate Structure Analysis

I map the complete corporate structure: parent companies, subsidiaries, DBAs, registered agents, and beneficial owners. State-level corporate filings, UCC records, trademark registrations, and commercial databases are cross-referenced to identify the real operators behind brand names.

Secretary of State Filings UCC Records USPTO WHOIS
03

Regulatory Compliance Audit

Every identified entity is checked against federal and state regulatory databases: PMTA authorization status, PACT Act registration, TTB permits, state tobacco/ENDS licensing, and import compliance. Any discrepancies between market activity and regulatory standing are documented.

FDA Database PACT Act Registry CBP Data State Licensing
04

Supply Chain & Financial Infrastructure

The supply chain is traced from manufacturer to consumer. Payment processors, shipping carriers, warehousing facilities, wholesale accounts, and digital infrastructure (domains, hosting, CDNs) are identified and documented.

Import Records DNS Analysis Payment Infra Shipping Data
05

Digital Intelligence & OSINT

Digital footprint analysis including website infrastructure, social media presence, advertising campaigns, online marketplace listings, and archived web content. All evidence is archived with timestamps and hashes for provenance verification.

Web Archives Social Media Ad Libraries Certificate Logs
06

Report Compilation & Legal Review

All findings are compiled into a structured investigative dossier. Claims are verified against source material. The report is reviewed for accuracy, completeness, and legal defensibility before publication.

Source Verification Fact-Checking Legal Review
07

Publication & Notification

The completed report is published on this website, freely accessible to anyone. Upon publication, notifications with links to the report are sent to relevant regulatory agencies, payment processors, hosting providers, and other commercial parties whose compliance obligations are implicated by the findings.

Public Publication Agency Submission Commercial Notice

Evidence Standards

Every published finding meets the following evidentiary threshold:

  • Primary source documentation — Direct records from government databases, corporate filings, or official registries.
  • Cross-verification — No single-source claims. Key findings are corroborated across independent data sources.
  • Temporal documentation — All evidence is timestamped and archived to prevent dead-link degradation.
  • Chain of provenance — Each piece of evidence includes its retrieval method, date, and source URL or database reference.
  • Conservative interpretation — Where data is ambiguous, reports note the ambiguity rather than asserting conclusions beyond what the evidence supports.

What I Don't Do

It's equally important to understand the boundaries of this work:

  • I do not hack, access private systems, or use stolen data.
  • I do not represent myself as a government agent or law enforcement officer.
  • I do not make legal conclusions — I present facts and let the public record speak.
  • I do not accept payment to investigate specific entities or suppress findings.
  • I do not conduct investigations on behalf of commercial competitors or for competitive advantage.
  • I do not publish personal information unrelated to the commercial activities under investigation.

Corrections Policy

If a published report contains a factual error, I will correct it promptly, transparently, and on the record. Corrections are noted in the published report with a dated notice describing what was changed and why. The original claim and the corrected information are both preserved for transparency. Correction requests can be submitted through the Contact page.

See the Methodology in Action

Published investigative dossiers demonstrate this methodology at work. Every source cited. Every finding documented. Every report free and public.

View Published Reports