The International Association of Chiefs of Police (IACP) and the US Secret Service have produced a report entitled Best Practices for Seizing Electronic Evidence. Inspector Clouseau would have been proud of it; but there are some scary bits:
'Secure the Scene:
Emphasize that officer safety is paramount. Preserve area for potential fingerprints. Immediately restrict access to computer(s). Isolate from phone lines because data on the computer can be accessed remotely. (!!!)
Secure the Computer as Evidence:
If computer is "off," do not turn "on." If computer is "on," and is a stand-alone computer (non-networked), consult a computer specialist. If a specialist is not available, Photograph screen, then disconnect all power sources; unplug from the wall AND the back of the computer. Place evidence tape over each drive slot. Photograph/diagram and label back of computer components with existing connections. Label all connectors/cable ends to allow reassembly as needed.'
To be fair, the report emphasizes that there has to be 'probable cause', that a warrant is needed etc etc, and warns against disrupting legitimate business; but even so, you can just imagine what might happen in a real situation.
Consider that much or even most data is nowadays stored on host servers at isp's or asp installations. How can the police unscramble the situation? What happens if they turn off a server holding data about obviously criminal money-laundering activity, which isn't even known about by the host, and which serves another 100 legitimate sites? The mind boggles.
The report doesn't mention the problem of remote data storage, for instance offshore records about onshore transactions, such as might be generated by a US insurance company which has re-located offshore, or a foreign sales corporation. How would the police begin to know what is stored where?
The most interesting aspect of the report is that it is concerned with the physical process of seizing data via the hardware which contains it. Isn't that a bit old-fashioned? New York hackers nowadays don't need to catch the shuttle to Washington National to steal data from the administration: shouldn't the police be a bit more creative?
The report is at http://www.theiacp.org/pubinfo/pubs/bestpractices.htm, or in our Resources section.
.
Network Tweets
Network BlogsContent
provided by
|
Archive | Resources | Partners | Site Map | Links | Newsletter Archive | Contact | RSS Feeds | About | Syndication | Advertising & Marketing | Recruitment | Terms & Conditions | Privacy & Cookies
Copyright © 2012 - All Rights Reserved - Tax-News.com
IMPORTANT NOTICE: Tax-News.com has taken reasonable care in sourcing and presenting the information contained on this site, but accepts no responsibility for any financial or other loss or damage that may result from its use. In particular, users of the site are advised to take appropriate professional advice before committing themselves to involvement in offshore jurisdictions, offshore trusts or offshore investments.
Write a comment