As technology expands and affects all members of society across various economic and ethnic groups there is a rising tide of evidence available through the use of not only computers but smartphones as well and don’t forget digital storage devices like iPads.

Digital Forensics

Electronic or digital forensics is about 10-15 years old and currently has developed a substantial body of law concerning acceptable procedures, policies and presentation. Ensuring the security of the evidence and providing against tampering, the handling of electronic devices is very restrictive and the chain of acquisition of the device and associated chain of evidence possession must be strictly documented and reinforced.

Computer Forensics

Computer forensics must not only collect evidence but also prove authorship. It is possible, but difficult to put the perpetrator at the keyboard at the time the evidence is generated. This is most difficult if there are multiple users of a non-password protected machine.

Smart Phones, Tablets & iPad Forensics

On the other hand, smart phones and iPads are very personal and there is very little chance of multiple users having access to the phone. In fact, as reading devices or tablets like Kindle, iPad, Samsung Galaxy, Lenovo Tabs and ASUS ZenPads have become the reading device of choice, as electronic books are outselling paper. But these devices also store gigabytes of potential electronic evidence and clues for the investigator. Contact lists, notes and apps dominate the tablet scene.

How Digital Evidence is Authenticated

Most major police departments have dedicated computer forensic examiner details, while others have least a couple of examiners pursuing digital child exploitation and or pornography cases. Training is extensive, and the certification process is issued by the software manufacturers that specialize in computer forensic software. Special equipment allows the cloning of original hard drive as it is preferable to work on a copy and not compromise the original. CD and DVD where the early archival method of choice, but with the plethora of terabyte plus sized drives the only other choice is to copy to another hard drive making them a consumable media. Storage is necessary until the case is adjudicated and the appeals process satisfied. Meaning digital evidence may be around for 7 or more years. This makes storage of the media problematical. Needless to say, setting up a lab is an expensive project. The lab must be secured and limited to only official members of the team to ensure no tampering. Tampering is a common issue that arises in evidentiary digital cases. The criteria of a digital lab are:
• Was the digital evidence tainted or compromised regarding collection and storage?
• Is the chain of custody documented to be accurate and complete?
• What are the qualifications of the examiner, is it sufficient? Is examiner competent to perform the examinations? Education and training records up to date. Has the examiner’s proficiency been tested (usually completed during the certification process).
• Are all procedure fully disclosed and documented? Are they available for review by the courts?
• The case file must be complete and detailed to qualify for full review and reconstruction of the examination results.
• Were the examinations subjected to peer review?
• Maintenance, update records for the examination machine.
• Only legitimate, licensed and authorized examination software. Software licensing info part of the report.
• Has the examination software been tested and proven, documentation of test.
• Did the hardware/software change, alter or affect the original digital evidence (this is the primary need for the cloned drives).
• Where standard recognized scientific principles followed during the exam?
The examiner must have available for court review record or certificates of training programs, competency tests, annual proficiency evaluation. Documentation of evidence handling procedures, policy and chain of evidence records. In many cases an accreditation program will cover all the basics.

Criminal Defense, Personal Injury, Business Attorneys & More in Greater Las Vegas, Nevada

Carefully evaluate the value vs. expense of creditable digital forensics examination and evidence recovery prior to commitment. Kajioka & Associates Attorneys At Law can assist you in building a strong defense and presenting it to the court. Contact us for a consultation today!