Five years ago, a competent analyst could chase a target across the social web with a modest toolkit, a generous Twitter API, and an afternoon. That window is shut. Mainstream platforms have rewritten access rules since 2023, the audience has dispersed across a dozen apps that ignore each other, and a meaningful share of what you turn up is now machine-written or machine-painted. Social media intelligence — the discipline of extracting useful information from public-facing platforms — remains the most productive branch of open-source work. It is also, by a comfortable margin, the hardest to do honestly.
Three things changed at once, and each demands a different reflex from anyone still doing this work.
Access stopped being free.
The generous-API era ended with X’s pricing reset, hardened across Meta and Reddit, and never opened on TikTok in any meaningful way. The replacement is a layered market: paid firehoses for the well-funded, credentialed research programmes for academics and a handful of newsrooms, and patient manual gathering for everyone else. The capability gap between large teams and small ones has widened — but skill matters more on the lean side, not less. An analyst who can produce a clean attribution from twenty posts does not need the firehose. An analyst who needs the firehose to find a person is not yet doing SOCMINT.
The audience scattered.
Whoever you are watching is no longer simply “on Twitter.” They are on Bluesky and Threads, on a Telegram channel they would prefer you did not find, on a Discord server you cannot easily enter, on TikTok under a recycled handle, and on a Substack their employer has not yet noticed. One-platform monitoring used to be merely incomplete. Today it is actively misleading, because silence on one app no longer implies silence overall. Linking accounts across platforms — showing the same hand behind several handles — is now ordinary work rather than specialist work, and small details carry it: writing cadence, posting hours, image reuse, the sequence in which someone appears on a new app, the first dozen people they choose to follow.
Authenticity has to be earned.
Generated stills are competent enough that the eye is unreliable on a single frame. Voice clones clear the plausibility bar for a half-minute clip. Machine-written posts, fluent in the target idiom, pour out of influence operations and run-of-the-mill spam in the same flood. Verification has not become impossible — it has become dishonest to perform from a single source. Treat every artefact as a hypothesis, document where it came from, corroborate from outside the platform, and be willing to publish “consistent with” rather than reach for certainty you cannot back. The investigators most damaged by the deepfake wave are the ones who still treat a screenshot as proof on first reading.
Two quieter shifts sit beneath all of this. The legal floor has risen — between the Digital Services Act, the data-protection regimes that followed GDPR, and platform terms that finally get enforced, “are we allowed to collect this?” is now a gating question, and reports produced without that authority documented increasingly fail to survive court, editorial scrutiny, or a serious corporate risk review. And the war in Ukraine, running for four years now, has acted as a live training ground for the field — pushing multi-source geolocation, transparent methodology, and hostile peer review from advanced techniques into ordinary defaults.
The honest brief for anyone running SOCMINT in 2026 fits in one paragraph. Pay for your collection, in money or in time. Never trust a single platform, because no one lives on a single platform anymore. Treat every artefact as provisional until something off-platform supports it. Document your authority to look before you start, not after you publish. None of this is glamorous, and none of it makes the work faster. What it does is make the work hold up — which is what matters now that so much of what arrives on social platforms is plausible enough to fool you.
