Field notes · Case F-16 · OSINT

Your data center is on LinkedIn

Planning filings, job posts, contractor selfies and hobbyist drone reels publish your layout and your schedule. Anonymity is not a strategy; managed exposure is.

The industry still talks about anonymous facilities: unmarked buildings, no signage, an LLC on the land registry. Then the planning application publishes the floor plan, the utility filing publishes the power draw, the general contractor posts a milestone photo, and a job listing announces the commissioning date by asking for engineers "to support Q3 go-live". Adversaries do not breach your perimeter to learn your layout. They read the planning portal.

The perimeter leaks upstream of the fence, in documents you filed and posts you congratulated.

What actually leaks

Managed exposure, not imaginary anonymity

You cannot unfile a planning application, and you should not pretend the campus is a secret; the town can see it. What you can do is manage the delta between what is public and what matters: review what filings must contain versus what they conveniently contain, put publication clauses in contractor agreements, give site staff social-media guidance that is specific instead of scolding, and run a self-OSINT review on a calendar, the same way you patch. The goal is simple: when you walk the site with an adversary’s dossier in hand, nothing in it should surprise you.

We compile self-OSINT dossiers for operators regularly. Seeing your site from the outside is clarifying.