How to Investigate a Person Using Public Records
A repeatable method for investigating a person using public records: lock down identity first, enrich with court data and open sources, surface adverse findings, map connections, and document everything in a way that holds up.

The hardest part of a public records investigation usually isn't finding data. It's knowing which data actually belongs to your subject. Common names return dozens of candidates. Uncommon ones sometimes return nothing at all, or worse, results that look convincing but belong to someone else entirely.
Good investigations aren't about having more sources. They're about being disciplined with the ones you have.
Start With What You Know, Then Lock Down Identity
Every investigation starts from a seed. Sometimes it's a full name and employer. Sometimes it's just an email address or a username. Whatever you have, the first job is resolving it to a specific, real individual before you do anything else.
This step matters more than most people give it credit for. If you skip it and start pulling records immediately, you'll end up attributing findings to the wrong person. A court record that shares a name with your subject but belongs to someone else isn't evidence of anything. It's a liability.
Cross-match whatever you have across at least two independent sources before you're confident you have the right person. A name plus a confirmed address that appears consistently across property records, a voter registration, and a business filing is a much stronger foundation than a name alone. Date of birth, when you can find it, is one of the highest-value corroborating identifiers. Employers, professional license numbers, and court case details that link back to other confirmed facts also help build out the picture.
Name variants are a discipline of their own. Maiden names, hyphenated surnames, anglicized spellings, and nicknames all create gaps if you don't account for them up front. For international subjects this gets more complicated. Transliterations from non-Latin scripts can produce multiple valid romanizations of the same name, each of which may return completely different records.
Don't assert identity until you have at least two strong corroborating identifiers with no contradictions. If records conflict, that's not a reason to ignore one. It's a reason to investigate further.
Build Out the Profile From Official Records First
Once you've confirmed identity, start expanding from the most authoritative sources before you move to open web enrichment. Official records are less convenient than commercial people-search aggregators, but they produce higher-quality evidence and give you much better control over the timeline.
Court records are among the strongest sources you'll work with. Federal filings on PACER and state court portals typically contain name, address, date of birth, and associated parties. They also carry the weight of legal proceedings, which means the information has usually been verified at some point in the process. Criminal history, civil litigation, judgments, and bankruptcies all live here.
Property records tie subjects to physical locations over time. A consistent address appearing in deed records, county assessor data, and a separate court filing is strong confirmation that you're looking at the same person. Address history is one of the most underrated tools in identity resolution because it creates a thread you can pull through time.
Business filings reveal affiliations that don't show up anywhere else. If your subject is an officer, registered agent, or listed principal of a company, that data exists in state secretary of state records. Shell companies and layered ownership structures show up here too, which is why this source matters a lot in fraud and due diligence work.
Voter registration, professional licenses, FAA records, maritime filings, and property tax records all contribute additional location and biographical anchors. None of them alone are definitive. Together, they build a timeline of where a person has been, what they've been affiliated with, and what identifiers show up repeatedly across independent systems.
Know What Kind of Data You're Actually Searching
Not all commercial data is the same, and the differences aren't just cosmetic. They determine what you can legally access, what identifiers you'll get back, and how reliable the results actually are.
The two regulatory frameworks that govern most investigative data in the US are FCRA and GLBA, and confusing them causes real problems.
FCRA-regulated data (Fair Credit Reporting Act) governs consumer reports. If you're running a background check for employment, housing, or credit decisions, FCRA applies. That means permissible purpose requirements, adverse action notices, and strict rules about what can be reported and how old it can be. Most consumer-facing background check companies operate under FCRA. The tradeoff is that the data is cleaner and more structured, but you're working within a tighter legal framework, and the subject has dispute rights.
GLBA-regulated data (Gramm-Leach-Bliley Act) covers financial institution data shared for specific permissible purposes. This is where things get more powerful for investigators. GLBA-permissible data can include credit header information, which means Social Security Numbers, full dates of birth, and address history derived from financial records rather than just public filings. That's a meaningfully different level of identification depth than what you get from purely public sources. Access to GLBA data typically requires a business purpose that qualifies under the Act: licensed private investigators, law enforcement, fraud investigation, and certain due diligence contexts. You can't just sign up.
The practical difference shows up most clearly during identity resolution. A subject with a common name might return dozens of candidates from public records alone. GLBA-permissible data with an SSN or full DOB collapses that list to one.
Providers aren't interchangeable. This is the part that surprises people who haven't worked across multiple platforms. TransUnion's TLO xP, IDI, Enformion, Tracers, and Microbilt all market themselves as investigative data platforms, and they all return results when you search a name and address. But the underlying data they're pulling from differs significantly, and so do their refresh rates, geographic coverage, and how they handle identity resolution on their end.
TLO xP is backed by TransUnion's credit bureau data, which gives it strong identity resolution and deep address history, particularly for subjects with active financial lives. IDI pulls from a different mix of sources and tends to perform differently on certain subject types, particularly in areas where TLO's coverage thins out. Enformion has built a reputation for current-address accuracy. Tracers is geared toward licensed investigators and has a strong court and public records layer. Microbilt sits closer to the alternative credit and financial data world, which makes it useful for subjects who don't show up well in traditional credit-derived searches.
Running the same subject through two of these providers and comparing results is genuinely instructive. You'll often see different address histories, different associated phone numbers, and occasionally different name variants surfacing on each. Neither platform is wrong, exactly. They're drawing from different wells.
This is why a comprehensive investigative platform that queries multiple underlying data sources simultaneously, rather than routing everything through a single licensed provider, produces more complete results. You don't want to pick one and trust it. You want coverage that spans FCRA-regulated records, GLBA-permissible identity data, and genuine public records in a single search workflow, with clear attribution so you know which source produced each result. That combination is what lets you catch the gaps that any single provider would leave.
One thing worth flagging: your permissible purpose determines which data tiers you can legally access. Running a GLBA-permissible search for a purpose that doesn't qualify isn't a gray area. Make sure your use case, access agreement, and search context are all aligned before you pull that data.
Layer in Open Web and Digital Sources
Official records tell you what's been formally documented. Open web research tells you what the subject has said, done, and been associated with in less formal contexts. Both matter.
Social media profiles, usernames, and online activity can surface locations, relationships, opinions, and timelines that won't appear in any public filing. Cross-referencing usernames across platforms sometimes reveals accounts that belong to the same person under different identities. A username or email found in one context can be pivoted into a completely different layer of the investigation.
Breach data is worth including. Finding an email address in a historical data breach confirms it existed at a specific point in time and was active on a particular platform. That's useful for building a timeline and for distinguishing a real, established identity from a synthetic one created recently. It also points toward platforms the subject used that you might not have found otherwise.
Adverse media and press mentions are a category of their own. Search for the subject's name across news databases, industry publications, and regulatory announcements. What's been written about them, by whom, and in what context? Negative press tied to litigation, regulatory violations, or financial misconduct often appears in sources that won't show up in standard record searches.
Reviews on employer and product platforms are easy to overlook but sometimes contain biographical detail, location information, and strong opinions that give texture to the profile you're building.
Map Connections Before You Draw Conclusions
Subjects don't exist in isolation. People are often best understood through who they're connected to, and those connections regularly reveal patterns that a flat list of records never would.
Shared addresses across time are one of the most useful signals. Two people who appear at the same address in a court record and then again in a business filing years later aren't randomly linked. Former co-directors, co-signers, and co-defendants deserve the same investigative attention you'd give the primary subject.
This is where link analysis becomes genuinely useful rather than just visually interesting.

When you map a subject's connections visually, a few things happen that don't happen when you're reading a spreadsheet. Clusters of related entities become visible. The same node appearing in multiple separate branches tells you something about centrality. Relationships that seemed distant suddenly look close when you see them laid out.
In fraud investigations, this kind of mapping regularly exposes networks that share infrastructure—same registered agent, same address, overlapping officer history—even when the companies appear completely unrelated on the surface. In due diligence, it reveals beneficial ownership and conflict-of-interest relationships that principals don't disclose voluntarily.
Don't stop at the first ring of connections. Associates of associates matter. Shared entities that appear two steps removed sometimes turn out to be the actual point of concern.
Surface Adverse and High-Risk Findings Deliberately
Adverse findings don't always float to the top of a general search. You have to look for them specifically.
For due diligence and KYC work, filter explicitly for sanctions exposure across OFAC, EU, UN, and relevant domestic watchlists. Check for debarment records and regulatory disciplinary actions in the industries the subject operates in. Financial crime convictions and fraud-related civil judgments sit in court records but don't always surface unless you're looking for them directly.
Politically exposed person status matters in financial investigations. A subject who is or has been a senior government official, or who is closely related to one, carries a different risk profile regardless of whether there's a specific adverse finding against them.
Adverse media review is where a lot of these threads come together. Allegations that never became convictions, companies that were shut down quietly, regulatory censures that were resolved without public announcement: these rarely surface in standard record checks. Press archives and specialized media databases surface them.
The goal isn't to build a case against the subject. It's to surface everything relevant and document what you found, what you didn't find, and why the findings matter given the specific purpose of the investigation.
Know What Confidence Level You're Actually Working At
Not all findings are equal. A confirmed address that appears in three independent official records is a very different thing from a commercial data broker result that couldn't be traced back to a primary source.
Be explicit about confidence. High confidence means multiple independent corroborating sources with no contradictions. Moderate confidence means a single credible source with supporting context. Low confidence means a lead that warrants follow-up but hasn't been corroborated yet. And some things are just gaps: the information doesn't exist, or you couldn't find it with the sources available.
What's just as important: document what would change your assessment. If a finding is based on three corroborating data points, note that. If a key piece of identity attribution rests on a single record, flag it. If there's an unexplained inconsistency, write down what additional source would resolve it. Findings that look clean often have assumptions buried inside them, and those assumptions matter when someone else is reading the work.
Document Everything as You Go
This sounds obvious. It's also the thing most people do poorly.
Public records investigations often support decisions with real consequences: a hire, a transaction, a license application, a case referral. The analysis is only as useful as the documentation behind it. Capture source URLs and access dates. Save copies of records where possible. Keep confirmed facts clearly separated from inference and speculation.
Flag records that you couldn't attribute to the subject with certainty. A court case that lists a matching name but has no other corroborating identifier doesn't belong in findings as if it were confirmed. It belongs in a separate section with a note explaining the ambiguity.
When findings involve conflicts in the record, document the conflict and describe how you resolved it. Did one source have a data entry error? Did the records belong to two different people? Did additional research resolve the question? Write it down. Investigations that can't show their work tend not to hold up.
Run the Method Every Time
The process doesn't change by subject type. Confirm identity. Expand from authoritative records. Layer in open web and digital sources. Map connections deliberately. Surface adverse findings with a specific search, not just a general one. Document confidence and gaps alongside conclusions.
Running that sequence consistently is what keeps results accurate and comparable across different subjects, different investigators, and different points in time. Investigations that skip steps or shortcut identity resolution don't fail because the analyst was careless. They fail because the method wasn't treated as a method.