archives

Legal

This category contains 21 posts

Samsung Galaxy Android 4.3 Jelly Bean acquisition using Joint Test Action Group (JTAG)

There have been some issues during data acquisitions with Samsung Galaxy having the Android 4.3, Jelly Bean as the operating system even if using the recommended steps for Logical File Dump, File System, or Physical Acquisitions for Cellebrite UFED Touch, Classic, and UFED4PC. All were unable to connect even if the mobile device was in … Continue reading

Windows 8: Important Considerations for Computer Forensics and Electronic Discovery

Introduction Documents identified by computer forensic investigations in civil litigation typically require review and analysis by attorneys to determine if the uncovered evidence could support causes of action such as breach of contract, breach of fiduciary duty, misappropriation of trade secrets, tortious interference, or unfair competition.  In addition, bit-for-bit forensic imaging of workstations is also … Continue reading

Unacceptable Acceptable Use Policy

I had an opportunity this week to be on the receiving end of an acceptable use policy (AUP) – something that I should experience each and every time I work for a new client on their hardware, but something that isn’t often the case and thus is a bit of a novelty to me. It … Continue reading

Authenticating Internet Web Pages as Evidence: a New Approach

By John Patzakis [1] and Brent Botta [2] Previously, in Forensic Focus, we addressed the issue of evidentiary authentication of social media data (see previous entries here and here). General Internet site data available through standard web browsing, instead of social media data provided by APIs or user credentials, presents slightly different but just as compelling challenges, … Continue reading

Key Twitter and Facebook Metadata Fields Forensic Investigators Need to be Aware of

Authentication of social media evidence can present significant challenges when you collect by screen shots, printouts or raw html feeds from an archive tool. This is just one reason why social media data must be properly collected, preserved, searched and produced in a manner consistent with best practices. When social media is collected with a … Continue reading

689 Published Cases Involving Social Media Evidence (with full case listing)

The torrent of social media evidence continues to grow. In November 2011 we, at X1 Discovery, searched online legal databases of state and federal court decisions across the United States to identify the number of cases from 2010 and through November 2011 where evidence from social networking sites played a significant role.  As we mentioned … Continue reading

Overcoming Potential Legal Challenges to the Authentication of Social Media Evidence

By John Patzakis1 Summary: Social media evidence is highly relevant to most legal disputes and broadly discoverable, but challenges lie in evidentiary authentication without best practices technology and processes. This whitepaper examines these challenges faced by eDiscovery practitioners and investigators and illustrates best practices for collection, preservation, search and production of social media data. Also … Continue reading

Eleventh Circuit Rules Defendant Cannot Be Compelled to Divulge Encryption Passphrase

Barely three weeks after I penned Another Judge Rules Encryption Passphrase not Testimonial Under Fifth Amendment Analysis, the Eleventh Circuit has held that a defendant’s “decryption and production of the hard drives’ contents would trigger Fifth Amendment protection because it would be testimonial, and that such protection would extend to the Government’s use of the drives’ contents.” For … Continue reading

Another Judge Rules Encryption Passphrase not Testimonial Under Fifth Amendment Analysis

I previously discussed, on a bar association section blog in 2007 (here) and 2009 (here), the case of In re Boucher, where a U.S. judge for the District of Vermont ruled that requiring a criminal defendant to produce an unencrypted version of his laptop’s hard-drive, which was believed to contain child pornography,did not constitute compelled testimonial communication.  Professor Orin Kerr … Continue reading

Can Your Digital Images Withstand A Court Challenge?

The term “digital” in law enforcement is almost immediately associated with digital forensics, i.e.; computer crimes, cyber terrorism, child porn on computer hard drives, and other areas that require special training, expertise, and equipment to investigate these types of digital threats. Media attention is widespread, grant opportunities abound, and a seemingly endless supply of resources … Continue reading

Is your client an attorney? Be aware of possible constraints on your investigation. (Part 2 of a multi-part series)

In my first post several weeks ago, I discussed some of the special obligations that digital forensics investigators may have while in the employ of a lawyer. I elaborated briefly on the duty to zealously guard the attorney-client privilege, to correctly apply the work product doctrine, and to conduct investigations in a way that does … Continue reading

Is your client an attorney? Be aware of possible constraints on your investigation. (Part 1 of a multi-part series)

Significant legal and ethical challenges confront digital forensics investigators, for which some may not be well prepared. Just as many lawyers may be confounded by technology in dealing with digital forensics matters, many digital forensics experts lack formal legal training, and are uninformed about their special obligations in the employ of a lawyer. These obligations include … Continue reading

My cat did it – honest, Guv!

and he did it via remote access… by Sam Raincock, IT and telecommunications expert witness When evaluating computer forensics cases the tricky part is often not just evaluating what is found but determining how it came to reside there. “It was downloaded via a web browser because I identified it in Temporary Internet Files…” “I … Continue reading

Serving search warrants in Spain

First published January 2010 The expert witness perspective by Joaquim Anguas Abstract This article describes the most common schema and basic procedure in which search warrants related to computer evidence are served in Spain from the expert witness perspective, and presents a guide, concrete tools, commands and recommendations oriented to maximize the effectiveness and validity … Continue reading

Malicious Phone Call Legislation in the UK

First published February 2009 by Greg Smith Mobile Telephone Evidence & Forensics trewmte.blogspot.com It is being noted that there is an exponential growth in harassing and intimidating calls from financial companies, card companies and from outsource debt collection firms chasing payments where people have got behind with payment due as a direct consequence of this … Continue reading

Follow

Get every new post delivered to your Inbox.

Join 2,041 other followers