Smartphones, laptops, GPS devices, tablets: Chances are you have one of these on you right now.
Thanks to the plethora of electronic devices, nearly every move a person makes today has the potential to be digitally recorded, stored and, thus, retrievable. This boom in digital devices offers law enforcement a wealth of information for investigations, but do agencies and frontline officers have the skills and technical expertise to handle this treasure trove of digital evidence?
Kevin Metcalf is a former law enforcement officer with more than 20 years of experience as a police officer, Border Patrol agent, SWAT team member and Federal Air Marshal. He is currently a deputy prosecuting attorney in Arkansas as well as a professor at American Military University, teaching courses in public safety and legal studies. He says one of the biggest challenges for many law enforcement agencies is that they don’t have the budget to maintain expensive digital forensic units to process electronic evidence.
“Many agencies have limited resources and limited amount of trained investigators to analyze digital evidence,” he says.
Many detectives are told by digital evidence forensic examiners that it could take months or even years to process digital evidence for a case. Therefore, it’s critical that frontline officers be trained how to handle digital evidence and conduct an initial review of a victim’s or suspect’s device without comprising or changing any of the existing information, according to this article in Police Chief Magazine.
Officers need to know:
- What evidence of criminal activity could be on the device
- How to protect it from contamination
- How to properly package and transport the device
- How to conduct a preview of the data on that device without changing the data
At the very least, officers need to know how to disable the connectivity of a device, says Metcalf.
“It’s very likely that the information on a phone will be gone before it can be processed because someone can remotely access it and wipe out that phone,” he says.
To avoid this issue, officers should know how to switch a suspect’s phone to “airplane mode” so it’s disconnected from the network and cannot be remotely accessed by an outside party.
The laws and standards for search and seizure of such digital evidence are constantly evolving, says Metcalf, and it can be extremely confusing for police and prosecutors alike:
- What information can police legally access from a suspect’s device?
- Can they pick it up and look through it?
- Is the phone analogous to a box?
A common legal argument is that a phone or laptop is just like a box an officer finds in a suspect’s vehicle. During a stop and arrest if an officer legally has the right to search a box in the car that may have evidence associated with the arrest, does that right carry over to a laptop or a phone? After all, isn’t a laptop or phone just a digital container? The safest route, says Metcalf, is for police to obtain a search warrant for seizure of digital evidence.
While these issues will continue to be debated in the court system, it’s critical for officers to obtain the training and knowledge necessary to handle digital evidence.
Metcalf recently took a computer forensics course for prosecutors through the National Computer Forensics Institute (NCFI), an organization dedicated to educating law enforcement professionals in computer forensics and digital evidence handling techniques.
Metcalf said he attended the institute because of the growing number of criminal cases involving digital evidence. “There is constant change with search and seizure legislation and how the courts view privacy rights,” he said. Metcalf wanted to make sure he was up-to-date with legal precedent, but also wanted to gain insight into how law enforcement should obtain and treat digital evidence.
Metcalf recommends police officers consider taking NCFI’s courses. The institute has a state-of-the-art facility that provides them with the skills to conduct basic electronic crimes investigations, respond to network intrusion incidents, and conduct computer forensics examinations. Because digital forensics is such an important issue in law enforcement, the courses are free to attendees and their travel, lodging, and per diem expenses are also paid for by the Department of Homeland Security. Upon completion of training, attendees are issued all computer equipment, hardware, software, manuals, and tools necessary to conduct electronic crimes investigations and forensic examinations.
It’s critical for all officers to have the skills and expertise needed to handle and evaluate digital evidence. After all, electronic evidence will continue to be a critical part of police investigations in the future.
For more information about the National Computer Forensics Institute visit their website.
Comments are closed.