Authenticating Digital Evidence

Uploaded on 2019-05-01 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Resilience, GOVERNMENT-Law Enforcement, FREE TO VIEW

Given the proliferation of digital media, the question of what types of evidence are admissible in court, and how they should be handled, is increasingly complex. Cellphone video has played a pivotal role in scores of high-profile cases in the US, as have recordings of 911 calls and footage captured from police body cameras

There’s no question this evidence is valuable, but ensuring its integrity and demonstrating an unbroken chain of custody, the documentation that records the chronological sequence of the custody, control and disposition of a piece of evidence, often proves difficult.

To avoid controversies surrounding digital evidence, some public safety authorities have started turning to a seemingly unlikely solution: blockchain technology. At its core, a blockchain is a decentralised database shared across a network. Unlike centralised databases, however, records are only accepted after attaining group consensus. It provides a way to incorporate a variety of data from multiple sources, anonymise it, track it and ensure its authenticity without the need for third-party validation. 

Indeed, blockchain holds the potential to help transform public safety by improving the way agencies handle their most sensitive evidence and data, enhancing interagency cooperation and promoting greater public trust in the integrity of investigations.

Blockchain is uniquely suited to tackling this challenge, according to gcn.com. In fact, the existing US federal guidelines for handling digital evidence are surprisingly similar to the way blockchains work. When seizing a hard drive, for example, special personnel will scan the contents and use that data to generate a hash value. In the same way blockchains use hash values to verify linked blocks, digital forensics investigators use hashes to track digital evidence. Blockchain presents multiple advantages over the current procedures. The principal advantage is the redundancy blockchain provides. 

Instead of relying on a team of specialists to first extract the data, then hash it, then track it, a “blockchain of custody” would allow for open submission of data to the blockchain, where it would be automatically verified by consensus, hashed and then entered into an immutable, shared public record.

Data collection by various agencies in the US has grown exponentially, but the ability to generate intelligence and then act upon this data continues to be hampered by bureaucratic inefficiencies, interagency divisions and siloed data.

Establishing a unified data standard poses many challenges because it requires buy-in from so many agencies.

Blockchain circumvents this problem by enabling trustless collaboration and removing the need for centralised authority. The promise of an immutable, open public record of all data submitted could overcome a major hurdle for interagency collaboration.

Blockchain’s “smart contract” feature could ensure protocols between agencies are always followed because they would be executed automatically by the system. 

Basically, a smart contract is a computer protocol that facilitates, verifies or enforces the performance of a contract or contract clause. In addition to formalising information requests and opening investigations, smart contracts might also help balance data privacy and public safety.

I-HLS

You Might Also Read:

Blockchain Will Radically Transform Anti-Fraud:

 

 

« EU Elections: Facebook Prepares
GCHQ Chief Wants A Big Effort To Improve British Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cloud53

Cloud53

Cloud53 specialise in improving operational IT through strategic use of Cloud technologies and services.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

Security Brigade

Security Brigade

Security Brigade is an information security firm specializing in Penetration Testing, Vulnerability Assessment, Web-application Security and Source Code Security Audit.

MerlinCryption

MerlinCryption

MerlinCryption develops infrastructure security software, delivering advanced encryption, authentication, and random data generators, for Cloud, VoIP, eCommerce, M2M, and USB hardware.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Cyber Security for Europe (CyberSec4Europe)

Cyber Security for Europe (CyberSec4Europe)

CyberSec4Europe is designing, testing and demonstrating potential governance structures for a European Cybersecurity Competence Network.

ABCsolutions

ABCsolutions

ABCsolutions is dedicated to assisting businesses and professionals achieve compliance with federal anti-money laundering regulations in an intelligent and pragmatic way.

Celcom

Celcom

Celcom is the oldest mobile telecommunications provider in Malaysia, providing solutions and services to consumers and businesses.

Sirti

Sirti

Sirti is Italy's leading technology company in the design and production of network infrastructures and telecoms system integration.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

Cybercentry

Cybercentry

Cybercentry is a specialist information security, data protection and cyber security consultancy.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Windstream

Windstream

Windstream is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the US.

Revytech

Revytech

Revytech is a tech company providing services in a broad range of areas including IT operations, cyber security and network engineering.

GovSky

GovSky

GovSky streamlines CMMC compliance, saving time and significantly reducing cost.