According to statistics by United States Courts, the median time from filing to disposition of a criminal case was about 7 months in 2019. For civil cases, this was about 10 months. The statistics also show that there were a total 412,820 cases filed in the U.S. in 2019. It can be reasonably inferred that law enforcement agencies need to manage evidence in large volumes for a long period of time. The number quoted above is only till disposition and retention laws would require evidence to be preserved for even longer. Holding large volumes of evidence for long periods of time brings numerous challenges for law enforcement agencies and one of them is the risk of evidence tampering.
“Evidence tampering” refers to situations whereby a person alters, falsifies, or conceals evidence with the intent to interfere with an investigation process. This is alternatively known as spoliation of evidence in a civil case. Evidence tampering could have serious consequences for a case and impact its final verdict. The issue with digital evidence tampering is that one cannot know for sure whether tampering has occurred, since perpetrators can make minor unnoticeable changes that are enough to impact a verdict. Constantly comparing digital evidence with copies to identify tampering may not be practically possible as this requires a lot of resources such as additional security infrastructure and personnel.
VIDIZMO’s Digital Evidence Management portal caters to this challenge by allowing you to run a tamper detection check on your digital evidence in a few clicks. But you might be wondering how this feature works and more importantly, what benefits it has in comparison to other alternate solutions?
How Evidence Tampering Would Occur?
Before moving on how evidence tampering works, it’s important to know how a perpetrator may go about doing it. There are two types of perpetrators that can tamper your digital evidence: internal and external. Internal perpetrators are those that have access to the organization’s system and use it to replace or delete evidentiary files. For detecting actions of internal users, VIDIZMO offers audit logs and chain of custody features.
External perpetrators are individuals that do not have access to the organization’s system. They may tamper digital evidence by illegally accessing the storage where evidence is kept and modify or delete case-related files. VIDIZMO not only offers reliable security to prevent unauthorized access, but also provides the tamper detection feature to add an additional layer for maintaining the integrity of your digital evidence.
How Tamper Detection Works?
In simple terms, the system assesses the digital evidence file for any changes to ensure the file is the same as the one originally uploaded. For digital evidences that do not match their original state, the system shows them as tampered evidence when a check is run.
When any file is initially uploaded on VIDIZMO Digital Evidence Management portal, a miniature identifier called a “hash” value is created for that file which is stored in the database for future comparisons. The hash value is created using the data of the file. Therefore, this hash value is unique to the file and changes even if the contents of the file are modified to the slightest extent.
To put things into perspective, every video file is essentially a series of binary codes. If we have video file A with its binary code “01110110”, it will create a hash value that is unique to this “01110110” binary code. A modification in the file would lead to creation of a new binary code (for example, “11110110”), which in turn would generate a different hash value. This difference makes it possible to detect tampering.
When a tamper detection test is run, the system generates a new hash value for the file and compares this new hash value to the original one stored in the database. If a difference exists between the two values, the system shows that evidence tampering has occurred for that file.
You simply have to select “Verify Evidence” from the drop-down menu.
And the user interface will show a check mark if the evidence is free from tampering.
Evidence that is tampered will be displayed as “tampered”.
Benefits of This Feature
There is no doubt that tamper detection can be done manually as well. Why choose VIDIZMO Digital Evidence Management portal to do it for you? Here are a few reasons:
- It saves storage space: You can keep multiple copies of the digital evidence in separate and secure places. The copies can be compared to ensure that tampering hasn’t taken place. However, this is less practical and requires more storage. On the other hand, VIDIZMO’s method of maintaining a hash value saves storage space for you. These hash values require almost negligible storage space.
- It saves you time: Manually checking evidence for tampering would require you hours or even days, depending on the type of evidence. VIDIZMO’s tamper detection feature does this in a matter of seconds. Just a few clicks and you’re done!
- It helps you dedicate less resources to tamper detection: This feature helps you worry less about the integrity of your evidence and you can dedicate your resources to other useful tasks.
- It makes you feel confident about your evidence: VIDIZMO’s tamper detection combined with audit logs, security and chain of custody features help you prove to any challenging party that evidence tampering hasn’t taken place.
The bottom line is that VIDIZMO’s tamper detection feature helps you keep evidences safe with low costs in the long run. It also allows law enforcement agencies to present evidence in the court of law in its original form, free from any tampering.
Other use cases of Tamper Detection
The use of VIDIZMO’s tamper detection feature is not just limited to law enforcement agencies. Here are a few other use cases where this feature might be useful:
Preserving important evidence is not only required by law enforcement agencies in criminal cases, but also by law firms in civil cases. For example, in the case of Zubulake v. UBS Warburg, evidence was mishandled. This included an important email conversation between the plaintiff and her employer. Law firms can avoid such instances by collecting and storing evidence on VIDZMO Digital Evidence Management. VIDIZMO’s tamper detection, audit logs, security and chain of custody features can ensure that these are kept safe for their clients.
This feature is useful for large law firms dealing with multiple clients as they need to maintain large amounts of confidential information or evidence for a long period. There’s always the possibility of these being altered, falsified or concealed by external parties to their advantage.
Defense organizations may have numerous digital assets that could have consequences for the defense of the country if these are altered or accessed by unauthorized personnel. Defense organizations would also need to share these files with relevant parties in their original form; free from any tampering. VIDIZMO’s tamper detection combined with audit logs, security and chain of custody features can help these organizations in ensuring that these assets remain confidential and are shared with integrity.
VIDIZMO provides solutions that are not only restricted to law enforcement agencies, law firms and defense organizations. To learn more about how VIDIZMO Digital Evidence Management or VIDIZMO’s other solutions can help your organization,
You can learn more about VIDIZMO Digital Evidence Management by looking at this video.