Changes in the regulation of digital evidence
The Forensic Science Regulator (FSR)
has set out through her Codes of Practice the accreditation aims, which include appropriate quality standards for all forensic science disciplines, which apply equally whether the services are delivered by small or large organisations, private companies, public laboratories, police forces or individuals.
The FSR has clearly prescribed the requirements for accreditation for Digital Forensics within the Codes of Practice and Conduct (version 3) (see below table)
The FSR has specified that by October 2017 all organisations delivering digital forensic services in support of the Criminal Justice System (CJS) must have the following in place:
- Fully validated methods
- ISO 17025 accreditation, achieved via external UKAS assessment
- Compliance with the FSR Codes of Practice again achieved via external UKAS assessment
|Standards/requirements for forensic science activity (2 of 5)
||Accreditation to ISO/IEC 17025
||Accreditation scope to include the Codes
|Digital forensics is the process by which information is extracted from data storage media (e.g. devices, remote storage and systems associated with computing, imaging, image comparison, video processing and enhancement [including CCTV], audio analysis, satellite navigation, communications), rendered into a useable form, processed and interpreted for the purpose of obtaining intelligence for use in investigations, or evidence for use in criminal proceedings. The definition is intentionally wide and any exclusions will be explicit. Automatic number plate recognition, manual classification of indecent images of children, crime scene photography, eFit, recovery from a working CCTV system, CCTV replay for viewing with no further analysis (acknowledging that there may be quality limitations to the material viewed) all should be conducted by competent staff using methods approved by the organisation, but are excluded from the ISO/IEC 17025 requirement.
|Imaging of hard drives and removable media
||The Regulator expects any method used for imaging ‘conventional’ hard drives to be validated as required in the Codes by Oct 2015.
|Screening or recovery of data from a device using an off the shelf tool for factual reporting
||The use of tools and methods by frontline non-practitioners is permitted but the organisation must hold accreditation for at least one deployment. Further deployments of the method under central control may be permitted outside the scope of accreditation provided that the method chosen can be demonstrated to have adequate configuration control (e.g. locked down data recovery methods and control) and that staff are competent.
| Extraction and analysis of data from digital media including remote storage
|Network capture and analysis
||Under consideration for ISO 17025 by October 2018
| Capture and analysis of social media and open source data
What is ISO 17025 Accreditation?
The United Kingdom Accreditation Service (UKAS) provides ISO/IEC 17025 accreditation to organisations performing various types of testing and calibration. ISO170205 accreditation is a voluntary, third party-reviewed process. As part of accreditation, a laboratory's quality management system is thoroughly evaluated on a regular basis to ensure continued technical competence and compliance with ISO 17025. Laboratory accreditation can only be granted by an accreditation body such as UKAS for the United Kingdom.
Digital Investigation Computer Expert Witness Service
With this in mind it is vitally important when recruiting digital experts that you are confident that the experts / investigators are able to demonstrate that they conform to these standards and hold the required accreditation.
The deadline of October 2017 is fast approaching and it may be that many digital forensic teams, whether they are based in private companies or law enforcement will not achieve this requirement by the deadline
, however it must be said that a large number will have been working towards it for some time.
Post October 2017
It is hard to predict how many private organisations, law enforcement teams and agencies will have achieved ISO 17025 accreditation and Codes of Practice compliance by October 2017.
Trust the experts
Our difference is our people, LGC
draws experts from a variety of high integrity technical investigative backgrounds including law enforcement, military, digital science and IT information security. This skill and experience combination allows us to offer leading edge digital detail, and also the natural intuitive and curious bigger picture investigative mind set for reviewing prosecution digital evidence where others may not.
Our experts are all courtroom trained and can explain complex matters in a simple manner. Our investigators are trained to make sure everyone concerned understands the technology we use, as well as the implications of the information being put before them.
The LGC Digital Investigation Unit hold ISO 17025 and Forensic Regulators Codes of Practice accreditation across a range of digital disciplines with further additions planned ahead of October 2017. The schedule of accreditation for LGC can be viewed at www.ukas.com
For further information in confidence, please contact us +44 (0)844 2641 999 or www.lgcgroup.com/digital
or visit our website www.lgcgroup.com/enquiries
Alternatively Ceri Walsh
our Digital Business Development Manager will be happy to take your call.
Contact Ceri on: Tel: 07843 598 838 or email: email@example.com