Are non technical juries keeping criminals at large?

First published February 2006

by Carrie Moss, Marketing Assistant, CY4OR
www.CY4OR.co.uk

In England and Wales the only qualifications required of a jury member to be eligible to appear in a court of law are that they are registered on the electoral roll, aged between 18 and 70 and have lived in the UK for at least 5 years. Jurors are not required to hold any professional qualifications and there are to date no technical jury qualification guidelines for cases involving complex computer data. Where does that leave us then, when vital yet highly complicated technical information needs to be communicated and thoroughly understood in order to fairly evaluate a case? Let’s take a look at the evidence:

Computer and digital evidence has naturally entered the UK’s courtrooms on an enormous scale as we enter a predominantly digital communications era thanks to the likes of chat rooms, emails and mobile phones. This combined with the introduction and amendments to legislation such as the Data Protection Act 1998, Criminal Justice Act 1994 and Protection of Children Act 1978, has generated a new wave of criminal offences that demand digital evidence in order for successful prosecution. This evidence, presented in what are often serious and expansive cases such as the international Operation Ore investigation into child abuse images, can contain highly complex and technically advanced information.

In many instances, defence in such cases rests on the precise way in which data has arrived onto a computer. Take for example a case involving indecent images such as Operation Ore – were the graphics simply viewed or downloaded? Had the defendant actively sought to discover them or were they sent maliciously to the machine? Uncovering these data trails can be a deciding factor in criminal cases. Additionally, in the majority of cases data will have been deleted or moved about as the offender attempts to cover their tracks, and so not only is the trail a complicated one, it is often deeply embedded within data which only becomes visible under forensic investigation.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Aside from the newly categorised ‘cyber crimes’ (identity theft, hacking, theft of intellectual data etc) there are the more traditional offences such as drug trafficking and money laundering that can be aided by computer forensic evidence. It is surprising how many criminals keep detailed spreadsheets of their finances or attempt to fabricate emails in order to back their defence. The war against the ‘Happy Slapping’ culture for example can also be fought with the help of recovered media files from mobile phones. Nothing is ever permanently deleted, digital fingerprints (known in forensic circles as ‘MD5 hash values’) and trails of evidence are resilient.

This is precisely the stage at which the understanding of digital evidence, its forensic recovery and communicating the methods taken in court to a non-professional, non-technical jury becomes problematic. The investigation, interpretation and presentation of evidence that is often derived from binary data is highly complex and usually littered with technical terms and concepts – is it being handled carefully enough in court or is it falling on deaf ears when presented to a jury?

“I think the courts can seriously underestimate the sheer quantity of information that computer based evidence can consist of – one hard drive could contain hundreds of thousands of files. This combined with the complexity of the information being heard, alongside any potential discrediting of the data by opposing counsel, can devalue what is actually often damning evidence” says Joel Tobias, Managing Director of computer forensic company CY4OR.

Generally speaking, evidence collected by a reputable computer forensic company, acting independently or on behalf of law enforcement agencies, can be relied upon; the ACPO Good Practice Guide and stringent security checks of premises and staff ensure this. From this angle at least, if secured correctly digital evidence can be taken at face value.

Legislative guidelines such as ACPO are addressing the secure collection of computer forensic data, however the driving force behind a change in legal practice relating to IT cases appears weak. The British Computer Society are however one organisation in particular that are energetically voicing their proposals for change;

“The BCS wishes to participate in the continual change to, and interpretation of, the law and the processes of investigation and prosecution to take account of the increasing use of computers in society.”

“IT systems today are international and we remain concerned that there are too many inconsistencies in the law, processes and procedures between jurisdictions. This may allow criminals to remain at large. We therefore support greater international harmonisation of laws on eCrime and the processes for addressing all crimes committed in a computer environment.”

Is it indeed now time to implement a sensible selection system of jury members for IT related cases, who themselves have technical backgrounds or who have received comprehensive training in these matters prior to trial?

Joel Tobias from CY4OR continues “I think it is fair to suggest that the majority of the legal system as a whole is still unprepared to deal with the issue of computer based evidence – we try to offer a friendly matter of fact approach in our advice and reports so that communication and understanding between the legal industry and ours in as comprehensive as it can be.”

0162 797 8123
[email protected]
www.CY4OR.co.uk

Leave a Comment

Latest Videos

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. 

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools.

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_7QiFTiuY7Vw

AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases

Forensic Focus 22nd March 2023 12:44 pm

Throughout the past few years, the way employees communicate with each other has changed forever.<br /><br />69% of employees note that the number of business applications they use at work has increased during the pandemic.<br /><br />Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.<br /><br />Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.<br /><br />Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.<br /><br />With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.<br /><br />Join Monica Harris, Product Business Manager, as she showcases how investigators can:<br /><br />- Manage multiple cloud collections through a web interface<br />- Cull data prior to collection to save time and money by gaining these valuable insights of the data available<br />- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box<br />- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee<br />- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

Throughout the past few years, the way employees communicate with each other has changed forever.

69% of employees note that the number of business applications they use at work has increased during the pandemic.

Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.

Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.

Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.

With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.

Join Monica Harris, Product Business Manager, as she showcases how investigators can:

- Manage multiple cloud collections through a web interface
- Cull data prior to collection to save time and money by gaining these valuable insights of the data available
- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box
- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee
- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_g6nTjfEMnsA

Tips And Tricks Data Collection For Cloud Workplace Applications

Forensic Focus 20th March 2023 12:00 pm

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...