Case Studies
400+ investigations. Here are three.
Every client's details are anonymised. The discretion I show here is the same discretion I show throughout every engagement. These are real outcomes from real investigations.
A social media personality with a stalker
The situation
A public figure with a large online following had been receiving threats from an anonymous account for months. They had reported it to the police, hired a cybersecurity consultant, and changed their passwords. The harassment continued. They came to me because nobody could identify who was behind it.
What I did
I ran the Barnveil Protocol on the client first, mapping their full digital exposure to understand exactly what the stalker had access to. Then I turned the investigation around and used the same techniques to trace the anonymous account. I identified the individual behind it, documented their aliases across multiple platforms, and compiled a legally defensible evidence package.
The outcome
The client's legal team used the evidence to obtain a formal warning and a contact prohibition. I then locked down the client's exposed data to make them significantly harder to find in future. The harassment stopped completely.
"He found who was behind it when nobody else could. I finally feel safe again."
— Client, public figureA family receiving cold calls and uninvited visitors
The situation
A high-net-worth family in London had been receiving cold calls, unsolicited post, and on two occasions, uninvited visitors to their home. Their address, phone numbers, and children's names were appearing on people-search websites they had never heard of. They had no idea how much of their information was publicly accessible.
What I did
I ran the full Barnveil Protocol. The report came back within 48 hours. I found over 200 instances of the family's personal data across 47 databases and websites, including data brokers, electoral roll listings, Companies House records, and several UK-specific people-search sites. I then started the removal process: GDPR takedown requests, data broker opt-outs, directory removals, and Google Maps property suppression.
The outcome
The report was delivered in 48 hours. Removal requests were sent the same week. Within four weeks, 90% of the identified exposures had been confirmed removed. The cold calls stopped. The unsolicited contacts ceased. The 90-day re-scan confirmed the removals had held.
"We had no idea how much was out there. The cold calls stopped. We can finally relax."
— Client, LondonAn executive with defamatory content in search results
The situation
A senior executive discovered that false, defamatory information about them had been published on a blog and was being discussed in online forums. Their home address was included. The content was appearing on the first page of Google when you searched their name. They were concerned about both their physical safety and their professional reputation.
What I did
I ran the Barnveil Protocol to map the full scope of what was out there. Beyond the blog and forums, I found their personal data listed on 30+ data brokers, their email in 4 breach databases, and their home address on Google Street View without blurring. I sent GDPR right-to-erasure requests to the blog host and forum operators, submitted de-indexing requests to Google, and actioned removal requests across all data brokers and directories simultaneously.
The outcome
The report was delivered within 48 hours. The defamatory blog post was removed within 10 days. Google de-indexed the cached versions within three weeks. Data broker removals were confirmed over the following month. The executive's search results are now clean, their home is blurred on Street View, and they have proof of everything that was found and everything that was actioned.
"My reputation was restored without any public fuss. The whole thing was handled quietly."
— Client, finance