<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=49414&amp;fmt=gif">

I’d like to learn more about Campaign Creators!

4 min read

Ensure Unbroken Chain Of Custody for Digital Evidence

By Ziad Amir

The inundation of digital evidence in modern day law enforcement poses a new challenge: ensuring an unbroken chain of custody for digital evidence. In a time where evidence includes everything from CCTV, body cam and dash cam footage to crime scene pictures to audio recordings, managing that digital evidence becomes a cumbersome process, considering that you can’t tag and keep digital files on a shelf in an evidence locker. Naturally, this would result in certain vulnerabilities in the handling of the evidence.

Chain of Custody for Digital Evidence

When physical evidence in an envelope is making rounds from first responders to forensics to investigators, it’s easy to trace the evidence and track each person that gets hold of it with their signatures going on the envelope or a registry, or both. But things get tricky when digital evidence is involved, simply because it can be easily accessed and duplicated, effectively losing all legal worth.

Of course, digital forensics is governed by law to dissuade mishandling. To make any evidence inadmissible in the court of law, a defense attorney would just have to do some digging, find gaps in the handling of a piece of evidence and effectively create reasonable doubt, possibly letting the criminal walk free. 

Therefore, it’s in the prosecution’s, law enforcement agencies’ and, in turn, society’s best interest to make sure that law enforcement can ensure a rock-solid chain of custody for digital evidence (or any evidence, for that matter) and guarantee that there has been no mishandling or tampering with evidence.

Why Is Chain of Custody Important?

In simple terms, a chain of custody demonstrates the integrity of the evidence. It records a log of every single person who access the evidence and they can then be called in to court to testify. A chain of custody reflects whether the evidence is free from unauthorized access and tampering, which is important to establish that it was collected from the scene of the crime and represents that case. This is why it’s also important that the chain of custody trail stretches all the way back to the collection of the evidence at the scene of the crime and changes as few hands as possible, even though there is no legal limit on the number transfers.

Without a chain of custody presented in court along with the evidence, the evidence will most likely be deemed inadmissible in court, rendering all analyses and conclusions drawn from it completely futile.

And it’s not just law enforcement. Chain of custody is equally important in modern medicine, particularly pharmaceutical research. Considering all the new Good Practices (GXP) regulations and guidelines, maintaining a chain of custody has a newfound importance in medical research to provide traceability and control over documents, data and samples, and ensure seamless compliance with the guidelines.

Examples of Chain of Custody

Here’s a small example to demonstrate how chain of custody works:

In 2012, Stephen Conlin managed to get his charges reduced from 3rd degree marijuana sale to 5th degree marijuana possession, simply because law enforcement failed to maintain a reliable chain of custody. Between Conlin’s arrest and his appeal, an unrelated police officer checked out 12 bags of the marijuana confiscated from Conlin for dog-sniff training, without signing the chain of custody log sheet.

In the appeal, the judge discounted the 12 bags and weighed the remaining 5 bags, which weighed less than the 5 pounds needed for 3rd degree sale of marijuana. This case is a perfect example of how inadequate chain of custody can deem incriminating evidence inadmissible in the court of law.

Although mishaps like this are unlikely with digital evidence, the digital dimension does open the door to a whole new realm to mishandling and mistakes. When videos, images and other digital files are stored in local drives, like CD or pen drives, they can be mislabeled and misplaced just as easily. Digital evidence can be dismissed from court for being deleted, duplicated or doctored with. Therefore, chain of custody for digital evidence is just as important, if not more so.

VIDIZMO’s Digital Evidence Management System (DEMS)

The entire point of ensuring an unbroken chain of custody for digital evidence is to trace the evidence when it’s in possession of different entities and keep track of any access or tampering to it, to make sure it doesn’t impede investigations and can be taken to court.

VIDIZMO’s full-featured DEMS not only gives you a transparent outlook of the chain of custody, but it also helps you ensure the integrity and credibility of your digital evidence in the court of law, all while complying with CJIS, FedRamp and more. 

Chain Of Custody

In VIDIZMO, you get a clear look into the chain of custody for digital evidence. A list shows you exactly who accessed the evidence file on the platform and what they did with it, along with their IP addresses. You can download this information as a spreadsheet file, print it and present it in the court of law, if need be, to prove the integrity of your evidence.


Plus, for added security, VIDIZMO DEMS asks for reason and explanation for accessing a piece of evidence, which can also be seen in the chain of custody log.


Tamper Detection

VIDIZMO takes a rather intuitive approach to detect tampering with any evidence. For each evidence file ingested into DEMS, a hash code is generated. This hash code is updated every time someone edits the evidence file, clearly showing that it has been tampered with. When you run a tamper detection on an evidence file (or a bulk of evidence files), you get a blue tick badge or a ‘Tampered’ badge to show you exactly which file has been tampered with. 

Tamper detection in VIDIZMO's digital evidence managment

Audit Log

A defense attorney would not spare any chance to not only challenge the integrity of your digital evidence but of the entire platform that you store your evidence on. You don’t have to worry about that with VIDIZMO. You can see an Audit Log of all the activities performed in the portal, along with IP addresses. Again, you can print this log out to show in court.

Audit log in VIDIZMO's digital evidence management to keep track of all the activity in the portal


An unbroken chain of custody makes sure that the digital evidence is reliable and admissible in the court of law.  

With VIDIZMO’s Digital Evidence Management System (DEMS), you can ensure an unbroken chain of custody for digital evidence, detect tampering with evidence and keep track of all the activities in your DEMS portal. 

VIDIZMO can be deployed on a private or shared cloud, on-premises or a hybrid model. To learn more about VIDIZMO’ Digital Evidence Management capabilities, contact us

New call-to-action

Tags: Digital Evidence Management, security, Tamper Detection

Sign up for our monthly blog updates to receive great content

By signing up you agree to receive our offers, promotions & other commercial messages. You may unsubscribe any time.