Skip to main content

Capitol Attack: Federal Agencies' Use of Open Source Data and Related Threat Products Prior to January 6, 2021

GAO-22-105963 Published: May 02, 2022. Publicly Released: May 02, 2022.
Jump To:

Fast Facts

Several federal agencies used "open source" data—social media posts and other publicly available information—to obtain information about the potential for violence at the U.S. Capitol prior to January 6, 2021.

Agencies developed reports for situational awareness based on open source data, which indicated that

  • Groups may attack the Capitol or Congress
  • Extremist groups may commit or incite violence
  • Groups may be armed or
  • Violence was possible between opposing groups

Our interactive timeline details what agencies knew about potential violence as early as November 2020 based on social media posts.

U.S. Capitol Police captured this photo during the January 6, 2021, attack on the U.S. Capitol.

Metro police officers trying to prevent attackers from entering the Capitol

Highlights

What GAO Found

Federal agencies obtained and shared social media posts and other publicly available information—referred to in this report as “open source data”—on potential criminal activity prior to January 6, 2021. All 10 selected agencies— including the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) Office of Intelligence and Analysis who have lead roles in countering domestic terrorism and violent extremism—were aware of open source data about planned events on January 6, and seven were aware of potential violence planned for that day. They obtained the data through manual web searches, sharing with each other, and social media platforms. For example, prior to January 6, the FBI reviewed information regarding an online threat that discussed calls for violence, including “Congress needs to hear glass breaking, doors being kicked in, and blood…Get violent…Go there ready for war.” In addition, in mid-December 2020, DHS’s Office of Intelligence and Analysis received information regarding threats to Congress and elected officials and discussions of bringing guns into D.C. on January 6. Further, one agency received data from a social media platform on December 24, 2020, that included a user threatening to kill politicians and coordinate armed forces on January 6.

Number of Relevant Threat Products Agencies Developed Prior to January 6, 2021

Seven of the 10 agencies developed 38 election-related threat products based partly on open source data to inform security planning (see fig.). Twenty-six of those were about planned events for January 6. Of those, the FBI prepared one and DHS prepared two threat products. The 26 products included these threats:

  • Potential for violence between opposing groups. Six agencies identified that violence could occur if opposing groups came into contact.
  • Groups or individuals may be armed. Five agencies identified that individuals or groups planned to attend events while armed.
  • Groups or individuals may use improvised weapons. Three agencies identified that individuals may use weapons, such as explosives.
  • Extremist groups may commit or incite violence. Seven agencies identified that extremists could incite violence at demonstrations.
  • Groups may attack the Capitol or Congress. Two agencies identified the Capitol or Congress as targets of violent attacks based on election results.

Why GAO Did This Study

Open source data indicated that the potential for violence at the U.S. Capitol appeared online months prior to the attack on January 6, 2021. Law enforcement agencies may use posts on social media platforms and other open source information to identify potential criminal activity, to develop “threat products,” and to conduct criminal investigations. Agencies must consider the protection of privacy, civil rights, and civil liberties when collecting and sharing this information.

GAO was asked to review information related to the January 6 Capitol attack. This is the fifth in a series of reports on aspects of the attack. This report addresses what open source data selected federal agencies obtained and shared, as well as threat products they developed that leveraged such data related to the events of January 6.

To conduct this work, GAO reviewed open source data that agencies obtained and shared, as well as threat products that leveraged the data. Agencies in GAO’s review included those within DHS; the Departments of Justice and the Interior; Architect of the Capitol; U.S. Capitol Police; House and Senate Sergeants at Arms; and the U.S. Postal Inspection Service, as they had specific roles in preparing for the planned events of January 6. GAO interviewed officials from Facebook, Parler, and Twitter about the extent to which they shared information with agencies. GAO selected social media platforms based on, for example, if they had appeared in threat products.

This report is a public version of a sensitive report issued in February 2022. Information that agencies deemed sensitive has been omitted.

For more information, contact Triana McNeil at (202) 512-8777 or McNeilT@gao.gov.

Full Report

Highlights Page (1 page)
Full Report (52 pages)
Accessible PDF (57 pages)

GAO Contacts

Office of Public Affairs

Topics

Homeland Security
Criminal investigationsFederal agenciesHomeland securityLaw enforcementLaw enforcement agenciesPoliceSocial mediaThreat levelsWeaponsSecret service