Digital evidence is increasingly becoming a core part of all investigations, ever-increasing in size and creates multiple problems with digital evidence when it comes to handling and managing them.There are two ways in which digital evidence assists a case:
- Indirectly in a conventional crime case with evidence from multiple sources like CCTV cameras or mobile phone data.
- Directly in a cyber-crime with digital evidence playing a central role as the crime was committed digitally, like a malware attack or a cyber-scam.
Interpol has assessed that cybercrime has been on a constant rise since the start of 2020 when the COVID-19 pandemic began. With the workforce moving online, the pandemic has led to the creation of many weak digital infrastructures that criminals are exploiting to access sensitive information.
The increasing amount of digital evidence creates more avenues for law enforcement officers to solve cases. Still, it can be made inadmissible in court if it is not handled properly, or its integrity is not being preserved at any level.
It means all efforts are in vain...
Handling digital evidence brings a tirade of problems for law enforcement agencies. Do you know how to protect the integrity of digital evidence in the most effective way? Is there any tool available to overcome problems faced by law enforcement officers in handling digital evidence?
Let's find out in this article.
6 Major Problems in Handling Digital Evidence
Here is a list of significant problems law enforcement officers face while handling digital evidence.
Risk of Data Breach, Tampering, and Cyber Attacks
Collecting digital evidence is easy in most cases. The tricky part is securing and protecting it from data breaches, cyber-attacks, and tampering. It is very challenging to prevent these attacks and detect tampering as it is done discreetly to make it seems like it is still intact.
To avoid this problem, law enforcement agencies should opt for high-quality enterprise-level digital evidence management systems with robust security systems for evidence protection and tamper detection
It should help maintain audit logs to track the lifecycle of evidence, ensure chain of custody and preserve digital evidence in its original state.
When it comes to the storage of data, it's important to store them in encrypted formats and within hardware that has built-in security protocols.
A good option is to look for a cloud provider that has high-grade security within its data centers, for example, AWS or Azure cloud.
Diversity of Digital Devices, Data Type, and Volume
Digital evidence now exists in multiple formats ingested from different devices like CCTV, body cams, drone cams, home security cameras etc. For agencies, the problem is that the volume of digital evidence is increasing at an exponential rate.
Digital devices do not have enough storage space to retain all kinds of digital evidence. Moreover, it is impossible to manually sift through all the evidence in different devices and file types to find useful insights.
To solve this problem swiftly, law enforcement agencies must have a complete digital evidence management system that can auto-ingest the evidence from various sources and support multiple formats to provide a centralized portal for storage, protection, and analysis.
A powerful system that uses artificial intelligence to search for spoken words, faces and objects within digital evidence instantly. In this way, it allows officers and detectives to speed up the entire process of investigation and to focus more on the actual analysis of relevant information.
This solution speeds up the investigation and allows officers and detectives to focus on the actual analysis of relevant information.
CJIS Security Policy clearly states that agencies need to store digital evidence in a controlled environment or secure physical location and restrict access to authorized individuals only.
This is a problem that agencies struggle with a lot while handling digital evidence, especially when they are enormous in number.
While storing the data in a virtual environment, agencies need to control access based on user roles so that access to evidence is given to authorized personnel only.
Also, keeping audit logs helps in tracking who viewed the evidence at what time. Choose a digital evidence management solution that allows such user and content segregation through secure and separate portals and case folders.
Errors and Mishaps
No human is perfect, and errors are bound to happen due to causes like unintentional biases, excessive workload, technology usage error, random mishaps, etc.
It is crucial to have trained personnel with appropriate knowledge and experience. The workload should be managed appropriately so that the investigation is not affected negatively. Any minor error could lead to evidence being made inadmissible in court.
Technology and automated systems should be utilized properly to help investigators manage the workload and focus on the right information.
To avoid mishaps, everyone except the chief investigator can be given view-only access so that the files are not mistakenly altered or deleted. Also, choose a digital evidence management solution that allows the retrieval of the original file if some mishap has occurred in the shared version.
Also, it is extremely important to provide routine training of evidence handling, procedures to be followed and technology usage to the investigators.
Transfer of Data
Evidence is most at-risk during transfer as data could be breached, exposed, or tampered with. Protecting digital evidence during transit is very difficult.
Storing on traditional devices like USB or laptops with just password-protection is not enough as these can easily be stolen and hacked. Simple online transfer through email is even riskier.
It is stated in the CJIS Security Policy that during the transmission of criminal justice information, the data should be encrypted to ensure protection. The encryption has to be FIPS 140-2 certified.
Hence, while adopting any digital evidence management solution, choose a solution that complies with these policies and follows all the required protocols to ensure secure transfer.
Presenting in Court
Finally, if the digital evidence is made inadmissible in court due to problems in handling it appropriately. Agencies should also be aware of how the evidence can be presented based on the court's technology setup and internet connectivity. Based on that, evidence should be transported and presented securely.
Download and present the evidence if it cannot be shown directly. If possible, capture and print image stills of video evidence and submit all other documents and images in print form to supplement the digital presentation.
Prosecutors must be aware of all the evidentiary requirements of admitting different types of digital evidence to ensure all the procedures are strictly followed. Here is Primer for Prosecutors regarding the benefits, challenges, and guidance for presenting video evidence in court.
Moreover, proper documentation of digital evidence’s chain of custody is required to prove in court that the evidence was retained in its original form and not altered in any way.
This chain of custody record should mention the time and place the evidence was collected from, ownership details of the evidence, where it was stored and details regarding who had access to it at what times.
Maintaining a chain of custody is difficult when it comes to digital files, therefore, it is important to ensure that the digital evidence management solution you opt for provides a complete Chain of Custody report to record and show all these details.
VIDIZMO DEMS: Complete Solution for Secure Handling of Digital Evidence
Digital evidence is a core part of all investigations, so law enforcement agencies should adopt appropriate measures and solutions to combat the problems mentioned above.
As stated earlier, adopting a comprehensive Digital Evidence Management solution will lead to a smoother, speedier, and more accurate investigation.
To cater to all your problems mentioned above, VIDIZMO provides a robust platform, an IDC MarketScape recognized Digital Evidence Management System.
It allows you to ingest, store, handle and share a massive amount of digital evidence ensuring the highest levels of security and meeting compliance requirements such as CJIS.With VIDIZMO DEMS, you can:
- Collect digital evidence from various sources such as body-worn cameras, drone cams, CCTV, dashcams, audio recordings etc.
- Secure your digital evidence with AES-256 encryption at rest and in transit.
- Add another security layer to your digital evidence by integrating with SSO identity providers such as Azure AD, Okta, OneLogin, etc.
- Deploy on-premises data centers on the commercial/government cloud (Azure, AWS) or in a hybrid infrastructure.
- Assign specific role-based access to each portal user with predefined permissions to access and use the portal.
- Detect any tampering or alteration in your digital evidence through SHA cryptographic hash value.
- Maintain a comprehensive chain of custody reports of each digital evidence file, ensuring evidence integrity at all levels.
- Automatically detect, track, and redact faces, people, and other personal identifiers visible in digital evidence before sharing or presenting in the court.
- Highlight important information within the digital evidence by adding annotations and comments.
- Transcribe digital evidence in around 40 languages and translate them into 50+ languages using artificial intelligence.
- Share with external and internal portal users with a limited number of views, block download option, generate multiple links for each file and much more.