±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 35755
New Yesterday: 5 Visitors: 131

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

UK-Are there rules for dealing with unrelated personal info?

Discussion of legislation relating to computer forensics.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2  Next 
  

engdan
Member
 

UK-Are there rules for dealing with unrelated personal info?

Post Posted: Jan 02, 19 00:59

Hello all,

Firstly I'd like to make absolutely no attempts to hide it and say up-front that this is a 'homework' question Embarassed although it does only relate to a very small part of the task

I have a scenario and have been tasked to write about any legal+procedure issues surrounding the digital forensics. Very briefly, the scenario is that a Victim who happens to work in recruitment for a bank has been receiving threatening emails and SMS messages.

My thought process is that since the victim is in recruitment, when the police acquire or access her computer for emails or her phone for texts as evidence, they may encounter personal information of others (CV's from applicants etc.) unrelated to the case. I suppose it is also possible the victim could possess confidential info belonging to the bank? It is all a bit hypothetical but I'm trying to cover as much ground as possible.

Are there any specific guidelines or rules that must be followed if unrelated personal information is involved in a case? I am keen to understand any actions that can be performed to resolve any issues it could cause.

...Is this even a problem or am I thinking into it all too much?


Thanks in advance!

Dan  
 
  

minime2k9
Senior Member
 

Re: UK-Are there rules for dealing with unrelated personal i

Post Posted: Jan 02, 19 08:07

I'm assuming as you have mentioned the police that your scenario relates to a criminal investigation.

If you check relevant legislation (DPA, GDPR etc) most of them have blanket exemptions for prevention and detection of crime and therefore the personal data on the devices would not affect the examination of the devices. You would probably need to know what power the devices were seized under as that will have some relevance.

Information that would affect processing of evidence would be Privileged material (mostly Legally Privileged) and you should probably read up on those types of material if relevant to your scenario.

Retention of such data should be under MOPI (Management of Police Information) and I would have a read at that to give you a better understanding.  
 
  

trewmte
Senior Member
 

Re: UK-Are there rules for dealing with unrelated personal i

Post Posted: Jan 02, 19 09:09

It doesn't automatically follow that all organisations call law enforcement first.

Major corporates have internal security who investigate first. They also have inhouse forensic tools and suites so they can conduct examinations.

You may want to consider the corp sifting data and only presenting harassment data in any proceedings.
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

engdan
Member
 

Re: UK-Are there rules for dealing with unrelated personal i

Post Posted: Jan 02, 19 14:16

@minime2k9

This is exactly what I was looking for. Thanks for your help, I really appreciate it.  
 
  

engdan
Member
 

Re: UK-Are there rules for dealing with unrelated personal i

Post Posted: Jan 02, 19 14:18

- trewmte
It doesn't automatically follow that all organisations call law enforcement first.

Major corporates have internal security who investigate first. They also have inhouse forensic tools and suites so they can conduct examinations.

You may want to consider the corp sifting data and only presenting harassment data in any proceedings.


I'm definitely going to include a bit about this, as an alternative option to avoid all the DPA stuff. Thanks for your suggestions  
 
  

jaclaz
Senior Member
 

Re: UK-Are there rules for dealing with unrelated personal i

Post Posted: Jan 03, 19 12:22

- trewmte
It doesn't automatically follow that all organisations call law enforcement first.

Major corporates have internal security who investigate first. They also have inhouse forensic tools and suites so they can conduct examinations.

You may want to consider the corp sifting data and only presenting harassment data in any proceedings.


So, basically, in theory an "evil" internal security officer can send (anonimously) a bunch of threatening messages to any employee in the company and thus have a valid reason to sift through all his/her personal data? Shocked

This also - partially - belongs to the big questions/doubts about the BYOD approach:
www.forensicfocus.com/...c/t=15070/
www.forensicfocus.com/...c/t=10567/

Where is the border between personal and professional? Question

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

trewmte
Senior Member
 

Re: UK-Are there rules for dealing with unrelated personal i

Post Posted: Jan 03, 19 18:45

- jaclaz
So, basically, in theory an "evil" internal security officer can send (anonimously) a bunch of threatening messages to any employee in the company and thus have a valid reason to sift through all his/her personal data?


Good point jaclaz and, yes, that could in theory be entirely possible. I haven't come across it, but this cannot be ruled out. Corps do have specific protocols in place to avoid internal (incl. of personnel) contamination being covered up.
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 

Page 1 of 2
Page 1, 2  Next