This weeks reading takes you from the general discussion we held last
QUESTION
This weeks reading takes you from the general discussion we held last week into some more specific details about the role of both criminal justice and non-criminal justice professionals in the IT and computer forensics world, as well as why it is important that you understand the basic principles and concepts of the criminal justice process. Then we get into the meat of what you would do and how you would interface with law enforcement in the event you have to conduct a forensic system analysis. The readings in module 2 again stress the importance of understanding the criminal justice process, as well as discuss different types of devices or file systems that may contain information critical to your analysis.
Among the basic concepts to understand this week are that there are many types of evidence one could find in digital data. Understanding what data you may find, even if it is not evidence of a crime, is important to preparing a digital examination/analysis plan. Lets look at a non-technical example¦
When a law enforcement officer applies for a warrant to search a residence, the officer must specify for what it is he or she is searching; if the case involves a stolen car, then the officers search will be limited to only those locations a stolen car, or pieces of a stolen car (in case it was chopped), could be located. It would be unwise to just list the stolen car on the warrant, as (in the interpretation of the court) might only limit the officer to the whole car, intact. So, the officer has to determine in the beginning of their search what could have happened to the car (attempting to account for all the possibilities) so his or her search is complete (and most likely to yield results). The officer will also have to justify (in the affidavit) why he or she believes that the car could be found in smaller pieces.
To that end, an officer with auto theft experience may also be able to state that, in his or her experience, stolen cars are often broken down into smaller components, which can be identified with certainty as belonging to the original stolen car, as well as where such components could be hidden. It would most likely not be enough for the officer to simply assert that cars are broken down and sold for parts, if he or she wants to justify seizing an ashtray; the ashtray would need some specific characteristics to do that like a serial number, or other unique identifying artifact.
Search warrants and searches are, therefore, most often limited in scope to items for which the searcher is looking (i.e., nearly always evidence of a crime or wrongdoing). You cannot look for an elephant in a kitchen drawer! I know that sounds absurd, but it is an excellent metaphor¦ However, if you were looking for narcotics, they could be hidden almost anywhere, and you could justify a much broader search. Â In this example, digital evidence is much more akin to narcotics than you may think, with evidential data often occurring in hidden, strange, or unlikely places. Â As such, warrants to search for digital evidence often cast a wide net, but cannot be so overly broad as to not be supported by probable cause or violate someones Fourth Amendment protections and implied rights to privacy under the Constitution.
ANSWER:
Expert paper writers are just a few clicks away
Place an order in 3 easy steps. Takes less than 5 mins.