Somewhere in the middle of almost every investigation — professional or amateur — there's a moment where a single, clean-looking document shows up and the temptation is enormous: just use it, cite it, move on. That temptation has ended careers, damaged reputations, and spread genuine harm. The document looked authoritative. It came from what appeared to be a credible source. And it was wrong — or outdated, or manipulated, or only half the picture.

This section is about the discipline that separates real research from confident misinformation.

The key idea runs through everything that follows: a single source, no matter how official it looks, is not a conclusion. It's a starting point. What makes it reliable is what you find when you go looking for the gaps.

Start with a method called SIFT — and stay with it, because it's deceptively simple at first glance but pays off the longer you sit with it. SIFT is a four-step verification habit developed by Mike Caulfield, a digital literacy researcher whose work has been widely adopted in journalism and research training. The four moves are: Stop, Investigate the source, Find better coverage, and Trace claims to their origins. Each one addresses a different failure mode in how people naturally process information.

The first move — Stop — sounds almost too obvious to mention. But it's the one most often skipped. The moment you feel certain about something you've just read, that certainty is exactly when you're most vulnerable. A confident feeling is not evidence. Stopping means pausing before you share, act on, or build further research on what you've just found. It means asking, before anything else: do you actually know what this source is, and why it should be trusted?

The second move — Investigate the source — means going outside the source to understand it. Not reading the source more carefully. Not scrolling to the bottom to check for a citations list. Leaving the page and finding out what others say about it. This is a move many people never make because it feels like distrust, and distrust feels impolite. It isn't impolite. It's the job.

Find better coverage, the third move, is where triangulation begins in earnest. If a claim is true, it should be findable in more than one place, by more than one outlet, traceable to more than one independent source. If the only place a fact appears is the document you're currently holding — that's worth noting. It doesn't mean the fact is false. It means you haven't confirmed it yet.

The fourth move — Trace claims to their origins — is the one that most often reveals manipulation. Information moves through the internet in layers. A tweet cites a blog post that cites a news article that cites a press release that cites a study. By the time something reaches your screen, it may have shed important qualifiers, reversed its original meaning, or been stripped of context that made it mean something entirely different. Tracing back to the original source — the actual study, the actual document, the actual record — is how you find out what was actually said.

Bear with this framework for one more step before moving to the practical application, because there's a catch that trips most people up when they first encounter SIFT. It's designed for rapid evaluation — for moving quickly through claims without going deep on every one. That's valuable, but it isn't the same as doing thorough research. SIFT tells you whether to trust what you're looking at. Triangulation tells you whether what you're looking at is actually complete. They're complementary tools, not interchangeable ones.

Triangulation across record types is the discipline of checking a claim not just against multiple sources, but against sources that are structurally independent of each other. This is the heart of what distinguishes rigorous open-source research from a well-organized collection of confirming documents.

Think about what "structurally independent" actually means. Suppose you're researching a company and you find its website, a press release the company issued, and an industry profile that quotes the company's founder. Those are three sources — but they're not independent. They all trace back to information the company itself provided or approved. If the company has something to hide, all three sources will hide it consistently. Structural independence means asking: who collected this data, why did they collect it, and do they have any reason to tell the same story this company would want told?

A county property record is structurally independent of a company's website. A UCC filing at the Secretary of State's office is structurally independent of a company's press materials. A court docket — especially a civil or bankruptcy filing — is structurally independent of everything a company says about itself publicly, because the adversaries in those proceedings had every incentive to surface unflattering facts. Cross-checking what a company claims against what its property records, court history, and regulatory filings show is the basic move of due diligence. As Nolo's guide to buying a business^[1] notes, a thorough due diligence investigation checks financial records, asset documentation, and liabilities across multiple independent sources specifically because the person selling you something has an obvious interest in how you see them.

This same principle applies far beyond business transactions. It applies to anything: a nonprofit's claimed impact, a public figure's stated background, a news story's central claim, a social media post asserting that something happened somewhere.

Here's where it gets harder, and worth slowing down for: triangulation doesn't always mean finding agreement. Sometimes what makes triangulated research valuable is that the sources don't agree — and the disagreement itself is the finding. Two records showing different owners for the same property at the same time is a red flag, not a reason to throw up your hands. A court filing that contradicts what a company says in its annual report is a lead, not a contradiction to resolve by ignoring one of them. The discipline is learning to treat discrepancies as information rather than problems.

The ICIJ Offshore Leaks Database offers a useful illustration of why discrepancies deserve careful handling rather than quick resolution. The database, which the International Consortium of Investigative Journalists maintains at offshoreleaks.icij.org^[2], contains information on more than 810,000 offshore entities across the Pandora Papers, Paradise Papers, Panama Papers, and other investigations. The records link to people and companies in more than 200 countries. But the ICIJ itself is explicit about something most users skip over: the inclusion of a person or entity in the database does not mean they engaged in illegal or improper conduct. Many people share names. Information may have changed over time. A record showing a connection between a named individual and an offshore entity is a data point — it requires verification against other records before it becomes a conclusion. Jumping from "this name appears in a leaked file" to "this person is corrupt" is not triangulation. It's exactly the single-source error dressed up in dramatic data.

The same careful handling applies to any database with time-bounded records. And this brings us to one of the most common and least glamorous failure modes in public records research: outdated information.

Records go stale. A property deed shows who owned a parcel three years ago — not necessarily today. A corporate filing shows the registered agent at the time of filing — not after a subsequent transfer. A court case that showed "pending" in a database last year may have been resolved, dismissed, or settled since then. A UCC lien that appeared active may have been terminated. As the ICIJ notes about its own database^[2], each dataset encompasses a defined time period, and some information may have changed. That's true of virtually every public record you'll encounter.

The practical habit this creates is simple: always check the date. Not the date you accessed the record — the date the record was created or last updated. A ten-year-old business registration tells you something about the past. If you're trying to understand the present, you need something more recent, or you need to find evidence that the older record's core facts still hold.

Manipulation is a different problem from outdated information, and it's worth distinguishing carefully. Outdated information was accurate once; manipulation was designed to mislead from the start. Digital documents can be altered. Screenshots can be staged. Metadata can be stripped or forged. A document that looks official — letterhead, signatures, proper formatting — is not necessarily authentic. This is a place where most people's instincts are poorly calibrated, because visual cues like professional design have been culturally trained as signals of legitimacy, and those cues are now trivially easy to fake.

The defense against manipulated documents starts with provenance: where did this document come from, and can you trace it to the original source? A document that someone sent you, or that appeared in a news story, or that was posted to social media is not the same as a document you retrieved yourself from an official government database. The further a document gets from its original source, the more opportunities there were for alteration along the way. Whenever possible, retrieve records directly from the government agency or official repository that holds them. That's not always possible — some records require formal requests, and some originals are inaccessible. But when it is possible, the document you pull yourself from PACER, from a county recorder's portal, from EDGAR, or from a Secretary of State database is more defensible than a copy someone handed you — regardless of how trustworthy that someone appears to be.

When direct retrieval isn't possible, metadata can help. Document files carry information about when they were created, what software created them, and sometimes who created them. A document purportedly from 2015 that was created in software that didn't exist until 2020 is a strong signal of manipulation. This kind of check requires extracting the file's metadata rather than just reading its content — something covered in the section on advanced search techniques earlier in this course. The point here is that metadata checking belongs in the verification workflow whenever document authenticity is uncertain.

Now, all of this analysis is only as useful as the trail you leave behind while doing it. Building a documented evidence trail isn't bureaucratic overhead — it's what makes your research usable by anyone, including future you.

The core practice is straightforward: document your sources at the moment you access them, not after the fact. This means recording the URL, the date and time of access, and a brief note about what the record shows. Web pages change or disappear. Government databases update their records. A court docket that shows one status today may show another status next week. Screenshots are imperfect but better than nothing; archiving pages through a service like the Wayback Machine creates a more defensible record because it creates a timestamped copy that neither you nor the page's owner can alter after the fact.

The evidence trail also means documenting your reasoning — not just what you found, but what it means in the context of your other findings, and what questions remain open. Investigators and journalists who work on complex cases often keep a running research log: a chronological record of what they searched, what they found, what they couldn't find, and what discrepancies appeared. This document isn't a finished product. It's a working tool that lets you reconstruct your own logic later, hand off research to a colleague, or demonstrate that you were thorough if your conclusions are ever challenged.

That last point matters more than it might seem. The value of documentation isn't only about accuracy — it's about accountability. Research without a documented trail is just a set of claims. Research with a documented trail is something a reader, an editor, or an opposing party can examine, test, and push back on. That's what makes it trustworthy, and trustworthiness is the entire point.

One more thing worth sitting with before moving on: the instinct to want certainty is the enemy of good research. Most public records questions don't resolve into clean, definitive answers. They resolve into well-supported conclusions with documented uncertainty. "The available records indicate X, with the caveat that Y has not been independently verified" is a stronger position than "X is true" if the second statement turns out to be built on a single source you didn't check. Acknowledging what you don't know, and what you couldn't find, is part of the evidence trail — not a weakness in it.

The skills built up across every previous section — reading property records, navigating court dockets, searching Secretary of State filings, sending FOIA requests, analyzing campaign finance data, running advanced searches — are only as valuable as the verification discipline that governs how you use them. A well-retrieved record from the wrong time period, or a perfectly sourced document that was altered before it reached you, or a single finding that you treated as a conclusion before checking it against anything else — any of those can undermine everything that came before. Verification isn't the last step of research. It's threaded through every step.

The practical payoff is this: when you finish a piece of research and someone asks how you know what you know, you should be able to walk them through your trail — source by source, check by check, discrepancy by discrepancy — and show them exactly how you got there. That's the standard. Everything in this section is in service of meeting it. What remains is putting these methods into practice across real scenarios — which is exactly where this course goes next.

Sources cited

1. Nolo's guide to buying a business nolo.com ↩
2. the International Consortium of Investigative Journalists maintains at offshoreleaks.icij.org offshoreleaks.icij.org ↩