White Paper: Solving the Digital Chain of Custody Problem
We live in a digital world, and so does the criminal element. When it comes to collecting, processing, disseminating, and storing digital evidence, the processes and procedures used for a hundred years no longer will do.
Whether from a suspected terrorist Web site, a surveillance video; the audio/video record of a suspect’s interrogation; or a statement provided by a whistle blower, informant, or a concerned citizen, the evidence consists of bits of magnetic or electronic fields that are easy to modify or delete without detection.
Although the use of digital technology has simplified the distribution of intelligence, the ease with which such information can be manipulated, or at least be alleged to have been manipulated, is proving problematic in providing an auditable secure chain of custody. It is simply not practical to store every computer or hard drive in a vault and use the traditional forms of access control and signature cards for sign in and sign out. Every time someone signs out a computer or hard drive to examine it, there is one more opportunity to alter the record—or at least that is what any defense attorney would argue.