Back to Field Notes
EngineeringMarch 15, 20263 min read

Zero Retention: How We Built an Intelligence Platform That Forgets

Why OSINT.PH processes search results in memory and never writes personal data to disk, and the engineering decisions behind it.

By OSINT.PH Team
Share

Key Takeaways

  • -Search results are processed entirely in memory
  • -No personal data is written to disk or stored in databases
  • -Investigation boards use client-side E2E encryption
  • -Compliant with RA 10173 (Data Privacy Act of 2012)

The Problem with Data Retention

Most intelligence platforms store everything. Every search, every result, every profile discovered is written to databases, indexed, and cached. This creates a liability: a breach of the platform means a breach of every investigation ever conducted on it.

We took the opposite approach.

Architecture Decisions

Ephemeral Search Pipeline

When an operator runs a search on OSINT.PH, the query flows through our search pipeline:

  1. The query is sent to our API
  2. Our engine queries external platforms in real-time
  3. Results are aggregated, normalized, and returned to the client
  4. The results exist only in the operator's browser session

At no point are search results written to disk. There is no results database. There is no search history table. When the operator closes their browser tab, the results are gone.

What We Do Store

We store only what is necessary for platform operation:

  • Account identifiers (name and email, we do not use password logins)
  • Credit balances (usage tracking)
  • Audit logs (who searched what type of query and when, but not the results)
  • Domain/IP/DNS infrastructure data (non-personal, publicly available)

We explicitly do not store:

  • Search results containing personal information
  • Social media profiles discovered during searches
  • Usernames, emails, or phone numbers from search results
  • Photos or media from external platforms

End-to-End Encrypted Boards

Investigation boards, where operators map connections between entities, use client-side encryption. The encryption key never leaves the operator's device. Our servers store only encrypted blobs that we cannot read.

If our database were compromised, the attacker would find encrypted data with no way to decrypt it.

Compliance

This architecture was designed with Philippine law in mind:

  • RA 10173 (Data Privacy Act of 2012): We minimize personal data processing and storage
  • RA 10175 (Cybercrime Prevention Act of 2012): Our platform is designed for lawful investigative use

The Trade-off

The obvious trade-off is that operators cannot go back to previous searches. There is no search history to review, no saved results to revisit. If an operator needs the same data again, they run the search again.

We believe this is the right trade-off. The risk of storing sensitive intelligence data far outweighs the convenience of search history.

What This Means

When you use OSINT.PH, your searches are yours alone. We cannot see your results. We cannot replay your investigations. And if we are ever compromised, your investigation data is not at risk, because it was never here to begin with.

All Posts
Share

More from Field Notes

AnalysisMar 23, 2026

Detecting Coordinated Influence Operations in Philippine Social Media

From Beijing-trained bloggers to AI-powered cyborg networks: how OSINT techniques can identify, map, and document the disinformation campaigns targeting Filipino public opinion.