Digital evidence is integral to just about every investigation, from how police investigate crimes to how they spot crime trends, but for it to be of value and close cases, departments must first consider the law, data extraction and storage needs. Ronnie Wendt prepared this e-book, sponsored by Verizon, for PoliceMag.com to help agencies leverage the Internet and digital evidence to solve crimes. For this piece, she developed the story angle, handled the interviews, wrote the article and crafted promotional copy.
Questions remain in the legality of law enforcers pretending to be other people on the Internet. According to Michael Benza, an attorney who represents defendants sentenced to death and a senior instructor in law at Case Western Reserve University in Cleveland, Ohio, this concern seems to be resolved when an oﬃcer pretends to be a child online and catches a sex oﬀender. This method has issues in other types of investigations. Likewise, legal questions arise in cases where law enforcement takes over a website engaged in illegal activity and runs that website to catch people coming there to engage in illegal behavior.
Concerns also crop up when law enforcement does things inside computers or phones, such as installing malware on someone’s device after they visit a speciﬁc website or gathering information oﬀ a genealogy site from a family member who put his or her DNA into it.
Benza warns the law as it pertains to digital evidence is very ﬂuid and has not caught up with technology. “The law is notoriously behind technology; and a deﬁnitive statement from the courts takes a very long time,” he says, recalling how by the time a case involving pagers went to the U.S. Supreme Court for a decision, no one was using pagers anymore.
Law enforcement agencies should consider the following when looking at data storage requirements:
1) Security and very strict access control. The data being collected is sensitive and should not be accessed by everyone. Departments must determine who can access it, how they can access it and put in place ways to prevent unauthorized access.
2) Redundancy. The data must be stored in several ways, in separate locations.
3) Functionality. The storage methods and analysis tools must be functional. Is it a network base or a cold storage? If it’s going to be housed in one facility, the answer is easy, but when there are 10 diﬀerent facilities and remote sites, the answer becomes more complicated. A variety of cloud storage options and software tools exist, but some work better than others. Ultimately, the selected storage must provide full functionality and access when you need it.
4) Expensive. Storing data is expensive. Departments must determine how much storage they need and their budget for it. Analyze how much data is currently being stored to calculate future needs then double that ﬁgure to prepare for the future.