Empowering Law Enforcement With Nick Harvey From Cellebrite

Si Biles: Welcome friends and enemies to another episode of the Forensic Focus podcast. Tonight we have with us Nick Harvey from Cellebrite. A recent migrator to Cellebrite, and everybody here has heard of Cellebrite because we talked to various people from Cellebrite fairly recently and we’ve heard about the products a lot. But Nick has come from a police background and I think he’s going to be a very interesting person for us to hear from because of his actual real-world experience of forensics and in some very important concepts in the UK. But I’ll let Nick introduce himself and we’ll build from there.

Nick, thank you for joining us. Really appreciate you coming on. Being in the UK, you’re actually at the same time as me for a change, which is a nice novelty to be able to hold a conversation in the same time zone. So eight o’clock at night and we’re going to ask you to introduce yourself and tell us a bit about you and your role now, but how you’ve gotten to the point you’re at.

Nick Harvey: No, thank you and thank you for inviting me on. It’s a real privilege to be here. That’s quite a lengthy question to start with really, I guess. Yeah, at the moment I am a customer success manager at Cellebrite, so essentially I’m responsible for all the post-sales relationship, so actually once people have got products. And I use the Cellebrite tools just to make sure actually it’s going well and if they have any issues or difficulties, just to help along with that journey.

I started in January, so just under a year ago now. And prior to that I was in the Metropolitan Police, so I was a detective. Rather, I was a detective, for just over 16 years in the Met Police. And ended up finishing that part of my journey as a detective inspector running the county lines team.

So the vast majority of my career really was involved in serious organized crime and that world, that whole covert world. And then moved over and as I got promoted, was offered an opportunity to look at county lines as a crime type, met some very, very good people as well and came up with a very different way of approaching it, a very data-driven way of approaching county lines that ended up being quite successful. And built in it from there. And that was how I finished off my career in the Met.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Si Biles: Forgive me, I mean, I know what county lines are for various sort of reasons because I worked on cases with them, but even the term “county” is an Englishism. Could you explain to our international audience what the county lines are?

Nick Harvey: Absolutely. County lines is a term based off of the English notion of having counties, but realistically what it actually is are when you’ve got groups organized within networks that are in urban areas. For example, London, Birmingham, Liverpool are the biggest exporting areas. The local marketplaces get saturated, and so in order to continue making more money and earning even more, they will then go and set up shop out in smaller towns and cities around the UK, effectively push out the local drug dealers and take over those areas to expand their business and expand their profits.

It’s been there in different degrees over the years, but it really then, with the rise of the mobile phone, became even easier for them to operate in this way. It has really become a major and prominent issue due to the exploitation that takes place around it, because they can sit at the end of a phone and not take any of the risk themselves. They then need other people to go and do that hands-on dealing and take all of that risk around getting arrested or attacked. And therefore they rely on a younger age group that are more naive and effectively get tricked into thinking it’s a good idea. And so they end up sending children out into towns and cities across the country on their own with a load of drugs, expect them to take all the risk.

Si Biles: Yeah. And you made an interesting point, and I suspect that this is one of the reasons that Cellebrite were particularly interested to snap you up, was that so much of this particular type of crime is driven by mobiles, it’s driven by those communication networks. You said that you were tackling it in a novel data-driven way. What can you tell us about that and-

Nick Harvey: Yeah. I mean, so many cases have been through court now, there’s no secret behind it. Essentially, historically, the way that the policing used to deal with it, because a very, very difficult thing to tackle. You’d have these young runners out in the counties and in these little towns, doing the deals. You’d end up having to follow them actually, conduct surveillance on them, to try and work out where they were getting their drugs from and try and work out who was in charge. It felt like a really inefficient way in my previous experience, particularly around firearms and organized crime and then all the deals that take place there, is I was always very good at attributing and identifying who was holding a mobile phone.

So we just took a very different approach, in that by proving that a telephone was being used to deal drugs from, I could show who phone that belonged to, they’re guilty of drug dealing. It didn’t matter that they weren’t present at the location. So we took something that would take a team four months to try and conclude one case and shut one county line, I could assign to one member of my team and they’d have it done in a couple of weeks. So the way that we accelerated that justice process just was exponential compared to where we were, and it obviously resulted in a lot of additional funding from the Home Office and it’s become quite successful.

Si Biles: Did you find any particular issues in doing it that way? I mean, if you see somebody’s car and they’ve got three kilos of drugs in there, they’re clearly carrying three kilos of drugs and it’s very easy to prove that. With a mobile phone, how did you tackle the concepts of attribution of volume and things like that?

Nick Harvey: That’s actually was the biggest trouble that we faced straight away. It was quite clear when you were looking at the communications data, less so maybe sometimes than the extraction itself, but the actual calls and text messages going out, some organizations and some groups are very, very good, a huge enterprise, and some not so much. And we found that there was no real way of distinguishing between them, so everyone was getting the same sort of sentence. I don’t really think that’s particularly fair, especially if somebody who’s a bit of a chancer and is just trying to set up and is on their own, and then that’s nowhere near the same as a organized group that are exploiting multiple kids and earning a fortune.

So really looked at the patterns behind those messages and patterns behind all of the communications going in and out. And use some health data to work out how much an average drug user would use a day, and therefore how many people are contacting back and the whole … Basically designed a formula behind it that has ended up going through courts and bound to be a reliable method of actually saying, “We think at a minimum you’ve sold this amount of drugs.” And yeah, there’s been quite a positive reception at the courts and at the Court of Appeal.

Si Biles: Excellent. No, that’s really impressive. And I mean, you said you were in the police service for 16 years, dealing with organized crime. How has the mobile changed and how has the digital forensics landscape changed over those 16 years?

Nick Harvey: Oh, I mean, a huge amount. When I first started out, a camera phone was a novel concept, so it’s completely different. Then obviously you moved onto the iPhones and then they became encrypted and everything became harder. It has changed just so dramatically. A mobile phone and the content, you might get a couple of text messages back in the day or you might get a little bit of call logs, that was about it. So it was really such a tiny part of your job. Now it is so, so different. I mean, you can tell the story of someone’s life based on that phone. You can therefore replace the voice of a victim and then the voice of a witness, you can replace them if you’ve got the right dataset. And actually by removing the more vulnerable from courts is only a good thing.

And yeah, I mean, the challenges that come along with it obviously are equally as complicated, but I think it’s been an amazing leap forward really, is actually now that we’re able to actually use that data properly and people are getting their heads around it more. Because it’s taken quite a journey to … A lot of people are still quite set in their ways and have never used it, and trying to convince them and trying to move that change forwards has left the criminals that little bit of a breathing space up until now, but I think that’s really changed recently.

Si Biles: Is that, he says without wishing to invoke hot fuzz, is that kind of the issue of metropolitan police services versus rural police services in a way? In so much as the cities are obviously, I don’t want to say better funded, but I think better funded, and therefore get the technology and get the technological help, and the rural services out in rural … I mean, I live in Oxfordshire, so rural Oxfordshire. I’m aware that some of my local towns have certainly shown up in some of the cases that you are talking about.

Is that dissemination of information an issue of that sort of relationship with the local police forces, or is it just they haven’t gotten to it yet? Or how is it that you are able to push out this information?

Nick Harvey: No, actually it’s pretty good. The communication between forces is a lot better than it used to be. Everything used to be quite isolated and siloed. But no, actually, I was expecting when we first went round to forces, because we were very reliant on that relationship with the towns and cities and in more rural areas, I was really expecting a lot of resistance, but actually going around and trying to explain the way that we wanted to tackle this problem, actually people were really receptive. They got what we were trying to achieve and were very much on board.

Yes, funding is an issue for some forces. It absolutely is, there’s no getting around that. But you’ve got people that really, really want to make a difference and that’s the biggest battle. And those good people are everywhere, they genuinely are.

Si Biles: Yeah, yeah, good intentions, goodwill, and the hard work go an incredibly long way to making things happen, don’t they? And as we were talking earlier just before the podcast recorded, is that generally speaking, my experience of police officers is that they are there because they want to be there and making a difference, not because of anything else. And therefore you already have a candidate pool that is advantageously biased in your ability to choose good people to work with.

I mean, again, I’ve had a reasonable amount of experience with some of the things that have come out … Like Operation, I’m going to pronounce it wrong, but Ventic, Ventic.

Nick Harvey: Venetic, yeah.

Si Biles: Venetic, that’s it. It’s got an extra E in there. I only ever read it and I never say it. I mean, obviously that was a huge step forward for law enforcement in the UK. I mean did you come across and work with any of the data that came out of that?

Nick Harvey: Yes, yeah. A good friend of mine led that operation for the Met and we ended up … Because it was very data-centric and involved a lot of that digital forensic side, my team took on a lot of cases for them. So yeah, we ended up doing quite a large amount of them over the couple of years that we were running that.

So no, it was a huge positive step. I mean, though the Encro phones were a massive problem for law enforcement, for anti-serious organized crime, but it just had that extra benefit of there was so many people out there that were so far out away from our radar that we’re such key players that just were then exposed. And actually really gave us a far better understanding of international organized crime than we’d ever had before.

Si Biles: Yeah, yeah. Yeah, so I mean, obviously the international element of that was critical in obtaining the ruse evidence, but also that it obviously opened up information about the way that stuff was being brought in from overseas to here. We have the advantage of being an island, we’re isolated, and not very good growing conditions inside, so it’s quite interesting how stuff comes in.

I mean, where do you think we’re going to head in that? I mean, somebody recently contacted me about a case with something called a Sky ECC handset. Have you come across the other alternatives to Encro phone, and where do you think we’re going to be … Is this going … I mean, it’s going to be a constant problem, but I mean, what’s your opinion on it?

Nick Harvey: It is. The good and bad of this technology is it does take away that need to have those face-to-face meetings and policing was heavily reliant on that sort of surveillance. In a way it’s going to save us a lot of time once we are able to get into these networks compared to what we used to have to do, but they are always going to look for new ways to try and get around it and use technology in a different way.

So I think there’s going to be this constant sort of cat-and-mouse. But I think as it showed with the Encro phones, they had such confidence in the ability of people they didn’t know. It was a company that actually was incredibly good at it, but they are still then going up against equally smart people from all over the planet that are really determined to find a way around it. And so I think that confidence knock is going to be around for a long time.

And yeah, Sky ECC, as I’m sure you know, is done, that’s not an issue anymore on that one. Yes, they’ll replace them, but it’s going to keep happening. I mean, that’s two major, major encrypted channels that have both been intercepted and taken out. So it’s only going to continue like that. I don’t think there’s really a place to hide anymore. They do so, don’t they. You cannot avoid digital evidence and digital material interacting in a digital way anymore. There is no place to hide once you can actually work out a way around that initial security.

Si Biles: I mean, both of these cases threw up some very interesting questions about how we continue to ensure a chain of evidence and presentability and robustness of evidence and making sure it’s admissible. Is there a generic way that we can address this better, do you think? Or is it just going to really be on a case by case basis, where we start to go through the arguments about admissibility and whether it’s an intercept, or whatever it is.

How can we go forward and assure this? And I mean, feel free to cite Cellebrite as a valid way of perhaps ensuring admissibility of data, and seeing as you do have bills to pay and that’s a very reasonable thing to do. But overall admissibility of evidence in such complex scenarios is a real challenge because it’s not only about explaining it to another professional, it’s about explaining it to a judge and then to a jury. And I mean, yeah, it’s challenging.

Nick Harvey: And do you know what? Actually that is the biggest thing, is that you have some very, very bright people that are able to get around this security and actually tackle it. That skillset is very, very different to the one that you need at the other end. And to be able to explain real simple terms to a judge and to a jury exactly why you can trust that piece of information, what is that piece of information telling me and why can you trust it, that’s a very different skillset and it’s very hard to find people that are very good at both.

And I’m not going to put myself in that camp because believe me, I could not explain to you how technically those things were done. I wouldn’t even dream of it. But trying to have that double hat is actually probably the biggest challenge law enforcement has. It’s the one skill that I think when it comes to digital forensics experts, they love their work. The bit that everyone I think needs to work on is that, “How do I now explain to someone that doesn’t even know what a server is, doesn’t know any of these terms?” Really, really challenging.

Si Biles: Yeah. I mean, you implied from that that you yourself are not a technical person. Is that fair to say? Okay. I won’t add any insult to this in-

Nick Harvey: No, no. Indeed, I think that’s very fair. I take a very different approach to it. Data for me tells a story. It’s just, as a detective, I know where I need to go and I can understand how that story of that data fits into that wider investigation and I know how to move it forward in that direction. But actually, the technical bit behind it I [inaudible 00:18:22].

Si Biles: It’s interesting. Have you trained either formally or informally yourself as a data scientist? I mean, again, it’s a very popular term now to say “I’m a data scientist” and throw a Python script at something and pretend that the output of it is perfect. So is that something that you yourself have done or is it, you are conceptual and you are asking other people to do this? I mean, detective inspector is a high rank. I mean I’m assuming you had a fairly large team underneath you to do things at your bidding.

Nick Harvey: Yeah, I did. I was very fortunate to have a very good team around me. At the beginning we didn’t, but it was very much a … I kept a very simple concept and it is just about … It is that storytelling element at the end. It’s all well and good having all this great information, but it’s just the ability to then take that and actually demonstrate what is the story that it is telling.

And that’s the bit that I like and that’s the bit that I was always quite good at. I love communications data. I’m a little bit of a geek when it comes to a pivot table, some people will make fun of me for. But I like that stuff and I like that, “Here’s actually the information behind why I can say this is you or why I can say that you’ve done this.” When it comes down to that real technical or how did that artifact get on that phone, I will 100% of the time rely on someone far smarter than me to be able to explain that.

Si Biles: I think an interesting thing obviously crops up and everybody is talking about it, and you’ll forgive me because I am incredibly skeptical about this and therefore the tone may come across very badly, but artificial intelligence, which isn’t artificial intelligence, it’s just machine learning and it’s a lot of applied statistics and algorithms and stuff like that, so it’s not really very intelligent.

But is this something that you’ve seen at all come out in anything you’ve seen yet? I mean, to be fair, you left the Met a year ago and the biggest noise about it has been in the last year, so it’s kind of a little bit after your time in some ways. But do you think it’s going to be a significant impact on interpretation of large data sets?

Nick Harvey: I do. I think there’s going to be some real positives and some real areas of concern when it comes to artificial intelligence. Certainly you were already starting to see it where people are using AI tools to generate fake child abuse imagery, that already exists. Thankfully, the law already covers that. That’s not an issue.

Criminality wise though I can see some big problems coming down the road with it, particularly when you start looking at how much more developed these chatbots are getting. And I don’t think it’s going to be long before we start seeing that being used as an automated way to begin the grooming process. [inaudible 00:21:16] a real problem.

Si Biles: Interesting. And do you see it in, I mean, I’ve never considered that, that’s quite an interesting one, but do you see it in other areas of … I mean, obviously IIOC and other areas of child abuse is a major concern, but can you envisage a chatbot doing your drugs dealing for you? Is that something else that’s an equally realistic proposition or does it require more human interaction than that?

Nick Harvey: I think that you’ve already got the dark web being used in a very transactional way, where you do have somebody sat at the other end just physically taking the orders and dispatching the orders out. So I don’t think it’s too much of a leap to say that you can remotely automate that entire process with someone that’s not even real. Fraud as well, there’s lots of areas I think that’s going to happen.

But I do think that policing as well can use it in other ways that we’re not at the moment. Certainly when you talk about … We’ve got, for example, Pathfinder as a tool and Cellebrite to look at that wider piece of data when you’ve got multiple data sets coming in, actually having tools that can look back in time. And, “So actually I have this unsolved stabbing from three months ago. Let’s look through all the new phone downloads we’ve had since across the police service and start looking at the location data, start looking at associates,” and trawling that sort of thing in that far more automated way. I think that it could be used to really help solve crimes in a lot of ways.

I don’t think it’s going to ever replace an officer. I think that’s unrealistic. But I do think that it can be used to harness a lot of the data that does already exist that is just for the volume of it, is being overlooked.

Si Biles: Yeah. I mean, I think you’re 100% right, and the fearmongers out there will be talking about how AI is going to replace people. But the fundamental thing is is that it’s not intelligent and it’s not creative. It’s only ever regurgitating something else that’s been generated by somebody who is intelligent and creative. And so much of investigative work is based upon creative problem solving as opposed to just data crunching. So yeah, no, I agree with you. I think it’s a thing that’s likely not to ever replace us, but could be massively useful in that.

You said that Cellebrite is embracing some tools that are machine learning enabled. He said, I can’t do it now, it still sticks in my throat. But machine learning-enabled, can you talk a bit more about what that actually is?

Nick Harvey: Yeah, absolutely. So we are primarily using it when it comes to the extraction at the end because actually, most conversations that people have in digital forensics or either phones are about unlocking it and getting the data out.

But actually that’s a very small part of that journey. What happens with it at the other end is huge by comparison, and it’s that area I can really see that it’s going to make a big difference. We already have tools around media classification, so looking through and actually saying, “Well, actually I think that this image looks like a car,” or, “I think this is a number plate and this looks like drugs to me.” Conversation patterns around, “Well, this looks like it’s talking about the police or trying to hide evidence.” Those sort of tools are in our tools and they’re really working quite well and they’re really quite popular, and they’re things that we’re building on over time. And it’s those time-saving areas is where we’re trying to focus that on.

Si Biles: I’m aware of some very interesting research to be fair into attacks against machine learning models. Do you have any mitigation against that yet, or is it still new enough as a research concept that it’s not quite there yet? And I mean, to be fair, I think the mitigation is is that, back to the suggestion that AI should not be replacing us, is that it should be checked by a human to make sure that whatever the results are out for positive or negative should be verified. But is this something that you’ve come across yet?

Nick Harvey: No. No, it isn’t. And I think that it’s one of those areas that I imagine is quite difficult. It’s a difficult concept anyway, and the people that are involved at this point in time I think are probably unlikely to be at that criminal end where it’s going to become more prevalent in that day-to-day world of offending. I think there’s still some time between the two.

But you’re right, you’re talking about people’s liberty that’s on the line. It should be checked. I mean, you can’t just rely on it all blindly without actually saying, “Can I believe what I’m being shown here?” I think we don’t do that enough as a society generally, but.

Si Biles: Oh, yes, yeah. Yeah, that’s a topic for a whole nother podcast.

Nick Harvey: Absolutely, yeah.

Si Biles: Yes, yeah. It is brilliant, isn’t it, is as we go from a picture is worth a thousand words when you’re in school to, don’t believe everything you see, to really question absolutely everything you’re seen and told, especially if it comes from a politician. So it really is quite a learning curve for the average person coming into the world. So, yeah.

How are you enjoying Cellebrite, the life of not being involved on a day-to-day frontline basis, and what’s happening for you in the Cellebrite world?

Nick Harvey: Yeah. It’s been quite a transition really. It certainly was a lot to get my head around at first, that step out. It’s my first real step out since I was in my early 20s and stuff. I had jobs when I was younger, but my life has been built around policing.

So it has been quite a change, but it’s been really good. It’s been really nice to see it on the other side and still being able to have a positive involvement. A lot of what I do is still very much centered on helping those that are still doing that great work out there, and they really are doing some amazing work. And just being able to still use some of my experience to try and help with that process, to make sure that they’re getting what they need from us and that we’re communicating in the right way, I’ve really actually quite enjoyed it. And seeing it from the other side has been really positive.

And Cellebrite have been great with that. There’s a lot of people from law enforcement backgrounds and that’s got a really nice supportive feel to it. Everyone has felt the way I felt at some point, so it’s been a really great transition outside.

Si Biles: Cool. I mean, on a day-to-day basis, are you working with law enforcement? I mean, you work with every Cellebrite customer, but I mean, the majority law enforcement?

Nick Harvey: Yes. Yeah, the vast majority are either a police force or a three-letter agency of some description. And no, so that’s how I spend most of my day is actually, “How can we, as Cellebrite, help more? Are you getting everything that you need? Where are your problems? Where are the bits that you’re struggling with? Is there anything that I can do to fill that gap for you?”

So most of my time we’ve actually spent still in that law enforcement world and just trying to help, which is a great feeling really. I’m really fortunate to still have that feeling. Because that was my biggest concern when I left law enforcement, was that that feeling that you are helping and you are doing something is going to fall away, and I still get to, so it’s fantastic.

Si Biles: That’s brilliant. And I mean, you are taking feature requests and things like that, so when people are coming and saying, “Oh, crying out loud, WhatsApp’s just upgraded again and we can’t get anything out of it,” that’s coming through you and being fed back into your development teams?

Nick Harvey: Yes. Yep, absolutely. And looking at those feature requests or just generally of this is the direction that this particular police force or agency wants to move in, this is what their long-term goal is, how can we help shape our products around that. So I get to feedback a lot of positive bits to our development teams and our product teams, and just generally try to help solve those other problems.

Sometimes, more than anything else, it is just, “Did you know how our tool can actually do this,” or, “Have you looked at this particular aspect of it because that might solve some of your problems. Or it might not solve it brilliantly, but actually as an interim, we could do this and then we’ll move on to this for you and try and [inaudible 00:30:39].” It’s really a lovely role for me.

Si Biles: No, no, it sounds fantastic. And it’s interesting, because as a forensic professional, we spend thousands of pounds on bits of software and then probably only use about … Well, I’d like to think it’s the Pareto principle of 80/20, the reality of it is probably 50/50, but there’s always another bit of the software that we’ve invested into that we’ve never come across, we haven’t learned or we don’t use regularly, that may well actually solve our problems. So somebody who’s actually engaging and able to talk to sounds fantastic. So that sounds really, really wonderful.

I mean, one thing you alluded to earlier was the idea that Cellebrite’s looking at larger, more conceptual data sets now, of an unsolved stabbing from three months ago and looking at data that’s coming in now, obviously you seize a phone or whatever. I mean, the volume of data is a huge issue. I mean, it’s a huge issue with one phone now because it’s 128 gig, 256 gig one device. And when you’ve seized multiple of those in any given rate, plus the computers, plus the PlayStation, plus whatever else you’ve pulled in, you’ve got a huge amount of data that you’re sifting through. How are you managing to do that on a scale where you’re talking historically across such a huge amount of data?

Nick Harvey: With some very, very talented developers and engineers [inaudible 00:32:23]. Yeah, it’s that ability just to then bring all that data in together and actually have those tools that really are designed for investigators. And that’s I think the biggest change that I certainly feel really strongly about and being part of, is that there’s so much of the digital forensics world at the moment that is very, very process driven because the volume is just massive coming through the door, and the output is then massive as well. To make that easier so that effectively forensic units become centers of excellence, get a lot of that stuff automated, trying to give them that time to actually really help investigators, but investigators need to help themselves.

And so those sort of tools where you can bring in all of your extractions into one place for a job and actually say, “Right, this is my story. What is that data coming back with? Oh, actually all of my subjects were together just prior to the offense and they all were here and then have moved in this direction.” To look through eight 256 gigabyte app downloads, cross-reference them all and come up with that, is days and days and days of work for an investigator.

Having those tools with those very talented people that’ve been able to do that and bring all that together and at a click of a button can give you those answers, they’re the biggest conversations I think that we are now having in digital forensics in the UK. Is, yeah, we’ve got this extraction thing sorted, we are in a good place with it, but the investigators are now where we need to focus our attention on. And that time to evidence piece is something that’s really important to us as a company.

Si Biles: That’s effectively the next step in the evolution of forensic technology, is to kind of move it out of the hands of forensic professionals, but into the hands of investigators. At least in the initial stage of going, “Oh, well, okay, this is interesting.” And then handing it back again so that somebody can explain why this means what it means. No, that’s a very exciting piece.

I mean, you’re developing this and you’re working on it. You’re providing training for all of this stuff on different levels so I can come along as an investigator, as a DI, and go, “I know how to use Excel and do a pivot table, but this is a bit new to me. Can you please show me how to use it?” And then you will get that investigative training?

Nick Harvey: Yeah, absolutely. Yeah, absolutely. For me, the biggest thing is, first of all, that mindset change of people look at that data and they get daunted by it, and it can look really overwhelming, actually to say, “No, what am I trying to achieve? What are my objectives, and let’s now reframe that.” But we do a lot of work with investigators, and certainly actually one of the presentations I did recently was very much on this topic around that communication between digital forensics units and investigators at the other end. And I found it really fascinating actually that because the labs are very process-driven because they have to be because of the regulations and everything else they have to comply with, is that it doesn’t give them that free time and that head space to actually have those open lines of communication.

So really what I really want to try and work on over the next year personally is help investigators so that they can feel more comfortable going back to the labs and actually asking about specific things and getting their advice. And knowing that there are answers in there if they know where to look.

Si Biles: Contentious question for you, and feel free to dodge it and not answer it, but do you feel that the increase in regulation is actually beneficial?

Nick Harvey: I think having oversight of processes is always a good thing. I think that it is important to make sure that when you are producing something that it is accurate, because these are people’s lives that are on the line. Not only are you talking about someone that might be wrongfully imprisoned, but if that ever were to happen, the real person that’s done that harm to that individual is also then out to do that again to somebody else. It’s really important I think to make sure that we get it right and therefore having that oversight is a good thing.

I am a little concerned that that process has swung too far, and I think that there does need to be that balance of that regulation and some of the structure behind it. We have a lab, for example, in London where we have to validate and verify all our tools are accurate and everything else, and we go through the same process with UKAS that every force does, but yet our work can’t be transferred to another force. So they’re having to employ people, taking them away from investigating, solving crime, to just do the same administrative tasks that we were already demonstrated are accurate.

Yeah, I think that there does need to be a new balance, and let alone how any defense team are going to be able … I can’t see how a defense expert is going to be able to comply with the level of scrutiny and all of the rules. Actually you’re not denying defense justice as well in some way, if they can never find someone that can comply and we’re able to do this work and be able to check over the work that’s been done, where does that leave a defendant? I think that’s perhaps forgotten as well.

Si Biles: Yeah, so I mean, that’s certainly the viewpoint that I have is that given that prosecution labs are generally better set up, better funded and larger than defense individuals, this is an incredibly biased thing.

It’s interesting actually, because I came to forensics after having a background in security. And we used to have something which was called the, what was it, EAL. I can remember the initials, but I can’t remember what it actually stands for. It was an evaluation criteria set that it was used internationally and it was actually done by the US government, and EAL evaluated something to a number. But if it was EAL4+ you could use it for top secret stuff and it was already evaluated that way. And it’s reasonable to say, “Okay, well, Cellebrite is evaluated to do X process and therefore we can assume that to be true.”

I mean, it puts a lot of onus on you guys to make sure that your accreditation and everything is up-to-date and it’s an incredibly expensive process, but it does ease the onus on everybody else and, yeah.

Nick Harvey: [inaudible 00:39:21] public money. You have each of the digital labs for each government police force and organization that are having to hire people dedicated full-time to do this work. When it’s been done 43 different times over by every force and us, and obviously all of our competitors are in exactly the same boat and they’ve all been doing it too. And it’s a lot of duplication, and that’s a lot of public money that’s being spent.

Si Biles: Yeah, yeah. Yeah, shame. We’ll close out in a second, but as a parting shot, what advice would you give to either … Well, actually, no, let’s stick with this. What advice would you give to a DI who is coming to this sort of technology fresh now. They are where you used to be and it’s starting to dawn on them that this is a data source that can be mined for a lot of information and some successful prosecutions. What advice would you give over it? When you were there, what do you wish you knew?

Nick Harvey: Don’t be afraid of just giving it a go sometimes I think, and actually seeing what’s out there and what can be achieved. A lot of processes and a lot of ways of working have existed because of the data and the technology at the time. That changes very quickly. So don’t ever be afraid to turn around and think, “Actually, what if I tried it this way,” and just actually take a different approach to something.

Certainly that’s what we did with that sort of time to evidence, mobile phone extractions, because of the heavy processes involved for my unit, we were turning over so much work so quickly that we would’ve drowned the Met Police’s digital unit. We would’ve drowned it with the amount of phone downloads we were going to be putting in.

So I set up my own lab with a very different spin on it so that we weren’t ever taking any material to court that hadn’t been through the lab officially and hadn’t gone through the proper channels. But I worked out only 4% of my phone downloads, so we had such a good early guilty plea rate, only 4% of my phone downloads actually ever saw a courtroom. So why did I need to get real experts that are excellent at their work looking at my other 96% of that and flooding them and overloading them?

And so it’s those just different approaches that you look at what you actually are trying to achieve and what you really need. Because there are so many options out there if you take that step back and say, “Actually, I know this is the way we do things, but why?”

Si Biles: Yeah. What do you actually need to tell the story that you want to convey and then go and find that, rather than follow the traditional methodology to get there.

Nick Harvey: Yeah, yeah,

Si Biles: No, excellent piece of advice. That’s fantastic. Well, I’m going to close it out here. We’ve been chatting for about 45 minutes and I’ve thoroughly enjoyed it. So thank you very much for joining us tonight and taking the time to talk to us.

For the listeners, you can find us on all places that good podcasts can be found, so Spotify, YouTube, you can come onto our own website. This podcast will be transcripted so if you’re hard of hearing and you’re not listening to this, but you will be reading the transcript so you know what I’m saying about … That you can read it. But anyway, we’ll not worry about these minor technical details. It’s a lot of time travel, I can never remember what the point of all of these things is.

Again, Nick, thank you so much for joining us. Really appreciate it. Do please arrange with us to come back and tell us about this exciting thing that’s going to happen in January, in mid-January, because I really want to know what it is now, and that would be wonderful to catch up. It’s been fascinating talking to you about it.

And just from a personal perspective, thank you very much for the work on the county lines. I mean, it’s a serious problem in the UK. And you think that living out in the countryside that you might be a little safer from these things, but the reality is somewhat different. And it’s nice to know that people are taking such care of it and really following up and making a difference to make it there that way. So I really appreciate that.

But thank you very much for joining us. I will say goodbye and goodbye to all the listeners, and let you go back to your evening.

Nick Harvey: Great, thank you. Thank you for inviting me on, it’s a privilege.

Si Biles: A pleasure.

Nick Harvey: Keep well.

Leave a Comment

Latest Videos

Digital Forensics News Round-Up, February 21 2024 #digitalforensics #dfir

Forensic Focus 21st February 2024 6:19 pm

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. 

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director 
43:45 – Privacy of user data

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts.

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director
43:45 – Privacy of user data

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_ifoHVkjJtRc

How MSAB Is Managing The Digital Forensics Challenges Of Frontline Policing

Forensic Focus 21st February 2024 3:07 pm

Podcast Ep. 80 Recap: Empowering Law Enforcement With Nick Harvey From Cellebrite

Forensic Focus 20th February 2024 11:49 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles