Dataharvest 2026 - the European Investigative Journalism Conference

The opening of the conference will take place in the Aula Hanswijk (Z1.13, on the first floor), and will be streamed into the Aula Donche (Z1.15, first floor).

Over the past three years, the Guardian Data Projects team has revealed how private equity firms have increased their share in the childcare sector as well as in the provision of children’s care homes in England. We have also investigated how taxpayers’ money for services that provide support for rape and sexual assault victims ends up in private equity companies. And we have estimated that the UK government has spent billions of pounds in companies that are owned by a private equity group.

Attendees to this session will learn about two methodologies the Guardian built to track down the involvement of private equity firms in the country’s economy and specific sectors. They will also learn about specific resources to find out company data, as well as understand how the Guardian built an automated system to analyse thousands of company records to find the ultimate controlling party for each company group. We will also show how an LLM helped to identify companies owned by a private equity firm, as well as the limitations of using this type of technique.

Everyone listens to audio all the time, yet investigators rarely think of it. This session introduces audio forensics as an often-overlooked OSINT skill. We’ll explore how frequencies, compression, spectrograms, and a touch of physics can be used to authenticate media, detect edits, determine locations, and even prove war crimes. Participants will learn how to calculate a shooter’s distance using bullet speed and the speed of sound, analyse electrical network frequencies, and recognise platform-specific compression. No prior experience in OSINT or extensive knowledge of audio is required — this session is suitable for beginners.

Large language models (LLMs) have become a common tool in most investigative newsrooms. But what do you do when prudish language models refuse to process what you are investigating? Or you have so much sensitive information that it makes your stomach hurt to send it to Big Tech?

Enter local AI models!

Norwegian Broadcasting Corporation (NRK) has used AI models running on their own machines or leased ones to carry out several projects. Together with Lighthouse Reports, we exposed a hidden class divide in Norwegian courtrooms – revealing that the wealthy receive more lenient sentences than the poor – by analyzing 9,000 verdicts. The NRK team then turned its attention to the adult industry, reviewing over 1,000 films to document a sharp rise in choking incidents.

While the subjects differ vastly, the projects share a common thread: the controlled use of local AIs to process massive datasets. We want to share our methodology, our findings, and insights along the way – but most of all demonstrate how to get you started with using the latest local models for your specific investigative needs.

In the presentation, we will show concrete examples of how to run the latest local models and invite the audience to think with us about how these models can enhance investigative workflows.

In our digitally connected world, perpetrators feel so safe online that they build their networks openly: on public-access porn websites and messenger apps such as Telegram. Our investigation for STRG_F/NDR in Germany uncovered an international rape network that had formed on porn websites and in dozens of private chat groups on Telegram. One group had more than 70,000 members.

Users exchange detailed information on how to drug and rape women who are already close to them, such as their wives, girlfriends, sisters, or mothers, without them noticing. The rapists share videos and photos of the assaults online. One man from Germany drugged and raped his wife for more than 15 years and generated millions of views with the footage. Our investigation triggered a police investigation, and he was stopped.

We'll share how we began investigating these networks, how we gained access to them, how we investigated the users for years by also going undercover, what tools we used, what ethical and moral challenges we have faced, and how we kept an overview of all the footage we documented and saved over the years.

We will address:
- How do you conduct online research in criminal networks? (Structures, dynamics, and mechanisms)
- How do you gain access to them?  (User's communication and behaviour) 
- What opportunities and limitations did we encounter? (Laws and journalists' rights, ethical and moral responsibilities)
- When should you consider undercover research, and what can it look like? (Journalistic standards and guidelines)
- How do you protect your own mental health when confronted with disturbing content?

The Great Firewall, censorship, and language barriers make open source research on China really difficult, if not impossible. In this session, we aim not only to make you aware of obstacles you may face, but to show you solutions and strategies, especially for journalists and researchers working from outside China who don't speak the language.

We’ll show you the research resources, toolbox and we'll share tips on:

1) how to navigate Chinese social media: WeChat, Douyin, Rednote and others,
2) how to reconcile information inconsistencies in English and Chinese,
3) how to read the ownership of Chinese companies: private, state owned and central government enterprises,
4) mobile device setup and translation applications.

This talk will show the methodology behind The Guardian’s exclusive investigation into properties advertised as tourist destinations on Airbnb and Booking.com located in Israeli settlements that are illegal under international law. The Guardian found 760 rooms being advertised in hotels, apartments, and other holiday rentals in illegal Israeli settlements in the West Bank, as NGOs and activists warned that these companies are violating international law and profiting from war crimes.

In their investigation, they used geospatial tools, like PostGIS and QGIS, to localise accommodations on a specific geographical area, and to join these accommodations with shapefiles representing the borders of illegal settlements to identify those based within settlement boundaries. Using OSINT methods and Google Sheets, they designed a methodology to solve data challenges like duplicate and multi-platform listings, and listings with approximate locations.

In this session, attendees will come up with a robust methodology to find tourist accommodations in any geographical area, so they can reproduce the method for new stories.

Analysts estimate that at least $28 billion tied to illicit activity has flowed into cryptocurrency exchanges over the last two years. ICIJ's Coin Laundry investigation, in collaboration with 37 media partners, exposed part of this shadow financial system, collecting dozens of cryptocurrency wallet addresses and uncovering hundreds of millions of dollars' worth of illicit funds linked to suspected criminals, including a Cambodian conglomerate that facilitated money laundering for hackers and scam compound operators.

In this hands-on session, the panelists will explain how any reporter can use open source resources as well as advanced techniques to investigate major crypto exchanges, find leads, and "follow the crypto." The session will blend an intro showing the kinds of stories you can do on crypto, starting from scratch, the kinds of tools you can use, and then show how we use those tools to compile the data for analysis.

Hundreds of thousands of Europeans were tricked after receiving text messages on their phone claiming they had missed a payment at a toll road or that they needed to pay a fee for a parcel they ordered. Who is behind it?

In this session, we will share the methods that led us to unmasking the person calling himself “Darcula” - the lead developer of one of the major Chinese phishing-as-a-service platforms. The software Darcula created, called Magic Cat, is used by hundreds of scammers worldwide.

The presentation will also go into analysing a large throve of victim data shared by security researchers, re-constructing the phishing software, and infiltrating Telegram groups. The OSINT section will go into detail about using technical data sources and leveraging visual cues in photos shared by the criminals.

This investigation was led by NRK (the Norwegian Broadcasting Corporation) in collaboration with Germany's public broadcaster ARD and Le Monde.

Come to this session to learn more about Chinese cybercrime and how to investigate it, as well as hear more about the data trove the NRK journalists still have that might be relevant to your country.

The stories (in English) can be read here:
https://www.nrk.no/spesial/inside-the-scam-network-1.17399135
https://www.nrk.no/spesial/the-hunt-for-darcula-1.17399157