Digital and Multimedia Evidence as a Forensic Science Discipline
•
1 like•391 views
The document discusses digital forensics as both an investigative tool and a forensic science discipline. As a forensic science, digital forensics uses scientific methods to acquire, analyze, and report electronically stored information for use in legal proceedings. This includes using quality control, validated tools and processes, trained experts, and objectivity. As an investigative tool, digital forensics focuses on identifying and recovering information from various digital sources to aid investigations. Information can flow between the two uses but must meet scientific standards when used forensically.
Report
Share
Digital and Multimedia Evidence as a Forensic Science Discipline
- 1. Scientific Working Group on Digital Evidence Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline Version: 2.0 (June 11, 2014) This document includes a cover page with the SWGDE disclaimer. Page 1 of 4 Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline The version of this document is in draft form and is being provided for comment by all interested parties for a minimum period of 60 days. SWGDE encourages stakeholder participation in the preparation of documents. Suggestions for modifications are welcome and must be forwarded to the Secretary in writing at secretary@swgde.org. The following information is required as a part of the response: a) Submitter’s name b) Affiliation (agency/organization) c) Address d) Telephone number and email address e) Document title and version number f) Change from (note document section number) g) Change to (provide suggested text where appropriate; comments not including suggested text will not be considered) h) Basis for change Disclaimer: As a condition to the use of this document and the information contained therein, the SWGDE requests notification by e-mail before or contemporaneous to the introduction of this document, or any portion thereof, as a marked exhibit offered for or moved into evidence in any judicial, administrative, legislative or adjudicatory hearing or other proceeding (including discovery proceedings) in the United States or any Foreign country. Such notification shall include: 1) The formal name of the proceeding, including docket number or similar identifier; 2) the name and location of the body conducting the hearing or proceeding; 3) subsequent to the use of this document in a formal proceeding please notify SWGDE as to its use and outcome; 4) the name, mailing address (if available) and contact information of the party offering or moving the document into evidence. Notifications should be sent to secretary@swgde.org. It is the user’s responsibility to ensure they have the most current version of this document. It is recommended that previous versions be archived for future reference, as needed, in accordance with that organization’s policies. Redistribution Policy: SWGDE grants permission for redistribution and use of all publicly posted documents created by SWGDE, provided that the following conditions are met: 1. Redistribution of documents or parts of documents must retain the SWGDE cover page containing the disclaimer. 2. Neither the name of SWGDE nor the names of contributors may be used to endorse or promote products derived from its documents. Any reference or quote from a SWGDE document must include the version number (or create date) of the document and mention if the document is in a draft status.
- 2. Scientific Working Group on Digital Evidence Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline Version: 2.0 (June 11, 2014) This document includes a cover page with the SWGDE disclaimer. Page 2 of 4 SWGDE Intellectual Property: Unauthorized use of the SWGDE logo or documents, e.g. promotional material, curriculum vitae, etc. without written permission from SWGDE is a violation of our intellectual property. Individuals may not misstate and/or over represent duties and responsibilities of SWGDE work, e.g. claiming oneself as a contributing member of SWGDE without actively participating in SWGDE meetings, claiming oneself as an officer of SWGDE without serving as such, claiming sole authorship of a document, use the SWGDE logo on any promotional material and/or curriculum vitae. Any mention of commercial products within SWGDE documents is for information only; it does not imply recommendation or endorsement by SWGDE.
- 3. Scientific Working Group on Digital Evidence Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline Version: 2.0 (June 11, 2014) This document includes a cover page with the SWGDE disclaimer. Page 3 of 4 Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline The purpose of this paper is to provide an abstract to assist the reader in understanding that digital forensics is a forensic science and to address confusion about the dual nature of the application of digital forensics techniques as both a forensic science and as an investigatory tool. Digital forensics as a science is the process used to acquire, preserve, analyze, and report on electronically stored information using scientific methods that are demonstrably reliable, verifiable, and repeatable, such that they may be used in judicial and other formal proceedings. As with other forensic science disciplines, the key attributes of digital forensics applied throughout the entire examination process, from collection through analysis and reporting, are: Use of a quality management system containing standard operating procedures and an effective quality assurance program. Proficient analysts with appropriate training, expertise, and experience. Use of validated tools, processes, and methodologies. Objectivity – the forensic analyst must be insulated from work-related undue pressures that could compromise the quality of work. However, when the techniques commonly associated with digital forensics science are applied as an investigative tool, the focus is on the identification and recovery of information. This approach encourages research and innovation in finding relevant information that could be contained in any number of types of digital media and applications (e.g., computers, cell phones, social media websites, vehicle infotainment systems, home gaming systems, and other dynamic sources of information). Information can easily flow from digital investigations into digital forensics, but it must be subjected to the rigorous process demanded by the scientific method and rules of evidence. By contrast, the output of digital forensics can easily be used as direct input in digital investigations.
- 4. Scientific Working Group on Digital Evidence Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline Version: 2.0 (June 11, 2014) This document includes a cover page with the SWGDE disclaimer. Page 4 of 4 Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline History Revision Issue Date Section History Draft 01/16/2014 All Initial draft for public comment. 1.0 02/06/2014 All Formatting and technical edit performed for release as a Draft for Public Comment. 2.0 06/06/2014 All Re-write based on public feedback. Title changed from Digital Forensics as a Forensic Science Discipline to Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline. Re-release as Draft for Public Comment. 2.0 06/11/2014 All Formatting and technical edit performed for release as a Draft for Public Comment.