Well this is very interesting stuff.
This thread has essentially answered a bit of my dissertation. I have a list of guidelines to study and analyse and everything said here is once again, valuable information. The constructive criticism just reinforces the value of this thread.
Despite its popularity, the ACPO guidelines is part of that list, and everything being said here will help me tackle what could be changed. For example, I saw a comment (which I can't find now due to so many replies) that ACPO focuses too heavily on the theoretical side rather than practical. This has now become one of my sub-questions within this project.
The great thing about what I'm doing is that there is no right or wrong answer I could say that the ACPO principles (and the rest of the guidelines) are OK the way they are, or I could say that they need amendments. It's the fact that I've conducted research methodologies as an attempt to get an answer, but everything that is said here is a goldmine.
Thanks for this post tootypeg, you've really helped me out here, along with those who have responded.
So what do they do….blame it all on "unregulated" digital forensics and impose a silly standard that makes things worse in a variety of ways. It's counter-productive but those at the top of the tree will bang on about things being better now despite it being clearly untrue (because doing otherwise would make them look bad and solving the real issues isn't the aim).
As always your feedback is very enlightening. Are you in a position to (even if it is anonymous) provide substantive evidence or demonstratively, traceable example where things are not better due to iso17025 or FSR Codes?
That's practically impossible because nobody's going to want to admit the reality publicly and definitively (ie document the fact they just simply ignore them, or pass them then ignore them, or pass them and just do a token effort to maintain compliance, etc. Nobody is going to be following them to the letter, because it's simply impossible, for a lab conducting DF on a wide range of devices with a good range of tools).
You won't get evidence because nobody's going to document publicly that "I'm not following them because they're prohibitively expensive in time and money" or "We have to follow them but in practical terms it's prevented me taking the best course of action on case X/Y/Z, or wasting considerable time and effort, to the detriment of the quality/volume of work we can get through, and therefore ultimately the detriment of the public" or "we have to follow them, or follow them to win business, and now we're allocated even less time per case, and more corners are cut, because quite simply the time/money wasted on ISO17025, has to come from somewhere".
In many ways I think the CRFP was a more sensible starting point than something we know is going to be essentially impossible to achieve in DF (testing a decent sample of the tools/methods against the various potential data sets). I'm not particularly well versed in the practicalities of its demise but I suspect it suffered from good intentions but woeful lack of resources to achieve the kind of thing that it was setting out to do.
Everyone wants competent examiners and accurate tools…but ISO17025 doesn't even come remotely close to achieving either of those things. It certainly doesn't solve the problems of the scandals, that it got rammed through on the back of, which are essentially nothing to do with DF, or the standard of work produced. It won't solve problems with untrained officers rather than DF individuals interacting with evidence. It won't solve disclosure issues (if there are any). It won't make software reliable or anything like that. As you know, I don't think it actually provides any meaningful benefit to DF, at the cost of huge amounts of time and money.
In my view there's never been enough thought and planning right at the top, to specify what (if anything) is the problem needing to be solved, and THEN what can MEANINGFULLY solve or improve those issues. It's all been a combination of very political, commercial, and with a smattering of old FSS resentment (that's a guess and not specific to DF though - based on conversations with others outside of this field).
Many of the issues causing previous scandals could, and should, be addressed but they don't involve DF at their core (or at all).
For example, I saw a comment (which I can't find now due to so many replies) that ACPO focuses too heavily on the theoretical side rather than practical. This has now become one of my sub-questions within this project.
Check my signature wink .
And check (only tangentially related) the summing up of the tests made by NIST on image carving tools (which is a subset of a subset anyway)
https://www.forensicfocus.com/Forums/viewtopic/t=18141/
https://www.forensicfocus.com/Forums/viewtopic/p=6601012/#6601012
jaclaz
Are you in a position to (even if it is anonymous) provide substantive evidence or demonstratively, traceable example where things are not better due to iso17025 or FSR Codes?
That's practically impossible because nobody's going to want to admit the reality publicly and definitively (ie document the fact they just simply ignore them, or pass them then ignore them, or pass them and just do a token effort to maintain compliance, etc. Nobody is going to be following them to the letter, because it's simply impossible, for a lab conducting DF on a wide range of devices with a good range of tools).
You won't get evidence because nobody's going to document publicly that "I'm not following them because they're prohibitively expensive in time and money" or "We have to follow them but in practical terms it's prevented me taking the best course of action on case X/Y/Z, or wasting considerable time and effort, to the detriment of the quality/volume of work we can get through, and therefore ultimately the detriment of the public" or "we have to follow them, or follow them to win business, and now we're allocated even less time per case, and more corners are cut, because quite simply the time/money wasted on ISO17025, has to come from somewhere".
In many ways I think the CRFP was a more sensible starting point than something we know is going to be essentially impossible to achieve in DF (testing a decent sample of the tools/methods against the various potential data sets). I'm not particularly well versed in the practicalities of its demise but I suspect it suffered from good intentions but woeful lack of resources to achieve the kind of thing that it was setting out to do.
Everyone wants competent examiners and accurate tools…but ISO17025 doesn't even come remotely close to achieving either of those things. It certainly doesn't solve the problems of the scandals, that it got rammed through on the back of, which are essentially nothing to do with DF, or the standard of work produced. It won't solve problems with untrained officers rather than DF individuals interacting with evidence. It won't solve disclosure issues (if there are any). It won't make software reliable or anything like that. As you know, I don't think it actually provides any meaningful benefit to DF, at the cost of huge amounts of time and money.
In my view there's never been enough thought and planning right at the top, to specify what (if anything) is the problem needing to be solved, and THEN what can MEANINGFULLY solve or improve those issues. It's all been a combination of very political, commercial, and with a smattering of old FSS resentment (that's a guess and not specific to DF though - based on conversations with others outside of this field).
Many of the issues causing previous scandals could, and should, be addressed but they don't involve DF at their core (or at all).
I think you have given an enlightening explanation of the problem ratios of time <> money <> manpower <> case management as operated under iso17025 & FSR Codes. What I thought was going to be your feedback would be a direct demonstration of a specific requirement in iso17025 cannot be used (usurps the law of physics) with digital forensics (DF).
However, reading your points above it did strike me that the origin of the problem, apart from highlighting that iso17025 is not the correct fit for DF, is that whether the interpretation given by the Forensic Science Regulator (FSR) in Method Validation in Digital Forensics FSR-G-218 Issue 1 (2016) is flawed? I note the FSR's waiver not to take responsibility for interpretation with this clause in the Codes
2.3 Reservation
2.3.1 Every effort has been made to provide useful and accurate guidance of the requirements contained in the Codes. However, if the guidance supplied here inadvertently implies a lesser requirement than the Codes or ISO17025 require, then the standard rather than this guidance will prevail. (Page 7 of 45)
Are the interpretations incorrect in this particular FSR Codes? Has that directly contributed to the accreditation process being misunderstood? This isn't relevant to my earlier comment about those labs who have been accredited; it is about the emperor's new clothes scenario (the expression often used to describe a situation in which people are afraid to criticize something because everyone else seems to think it is good or important) that is with respect to someone picking up the FSR Codes and thinking well it is written by the FSR so it MUST be correct.
Are any misunderstood interpretations in the code identifiable?
Another query about FSR-G-218 who in the digital forensics community contributed to those interpretations for the Codes? And where is s/he now? The point I am making is did s/he not foresee the problems you have highlighted above (production line bang it on, bang it out)? Should s/he not be asked how they envisaged iso17025+FSR Codes operating in practice?
Good afternoon, in order to be fully transparent, I have actually finished the piece of work that I originally started on this thread about the revised ACPO principles and it can be found here.
Thank you to all for engaging with me on this post and area over the time.
It is worth bringing into this thread the latest Police Forensic Capability Network (FCN) statement of intent
https://
The FSR, given the Government £28.6-million investment 2020-2021, hopes the FCN approach may achieve the FSR objectives
“It is my hope that the work [of FCN] will design quality into innovative approaches, in a way that brings together the best of the public and private sectors and academia.”
https://
FCN Summary does not mention
ACPO Guidelines, not as a forefront message
https://
FCN Prospectus does not mention
ACPO Guidelines, not as a forefront message
https://
A FCN website search for ACPO (https://
A further search for "Guidelines" (https://