Cookies on the
LGC website
We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we’ll assume that you are happy to receive all cookies on the LGC website. However, if you would like to, you can change your cookie settings at anytime.
Question markFind out more

Changes in the regulation of digital evidence

Regulate-digital-devices.jpg

The Forensic Science Regulator (FSR) has set out through her Codes of Practice the accreditation aims, which include appropriate quality standards for all forensic science disciplines, which apply equally whether the services are delivered by small or large organisations, private companies, public laboratories, police forces or individuals.
 
 
The FSR has clearly prescribed the requirements for accreditation for Digital Forensics within the Codes of Practice and Conduct (version 3) (see below table)
The FSR has specified that by October 2017 all organisations delivering digital forensic services in support of the Criminal Justice System (CJS) must have the following in place:
  1. Fully validated methods
  2. ISO 17025 accreditation, achieved via external UKAS assessment
  3.  Compliance with the FSR Codes of Practice again achieved via external UKAS assessment
  
Standards/requirements for forensic science activity (2 of 5)  Accreditation to ISO/IEC 17025  Accreditation scope to include the Codes  Appendix/ Guidance  Notes 
Digital forensics is the process by which information is extracted from data storage media (e.g. devices, remote storage and systems associated with computing, imaging, image comparison, video processing and enhancement [including CCTV], audio analysis, satellite navigation, communications), rendered into a useable form, processed and interpreted for the purpose of obtaining intelligence for use in investigations, or evidence for use in criminal proceedings. The definition is intentionally wide and any exclusions will be explicit. Automatic number plate recognition, manual classification of indecent images of children, crime scene photography, eFit, recovery from a working CCTV system, CCTV replay for viewing with no further analysis (acknowledging that there may be quality limitations to the material viewed) all should be conducted by competent staff using methods approved by the organisation, but are excluded from the ISO/IEC 17025 requirement. 
Imaging of hard drives and removable media  Oct-17 October  October  The Regulator expects any method used for imaging ‘conventional’ hard drives to be validated as required in the Codes by Oct 2015. 
2017 2017
Screening or recovery of data from a device using an off the shelf tool for factual reporting  Oct-17 October  October  The use of tools and methods by frontline non-practitioners is permitted but the organisation must hold accreditation for at least one deployment. Further deployments of the method under central control may be permitted outside the scope of accreditation provided that the method chosen can be demonstrated to have adequate configuration control (e.g. locked down data recovery methods and control) and that staff are competent. 
 Extraction and analysis of data from digital media including remote storage  Oct-17 October  October 
2017 2017
Network capture and analysis  Under consideration for ISO 17025 by October 2018 
 Capture and analysis of social media and open source data  TBA 


What is ISO 17025 Accreditation?

The United Kingdom Accreditation Service (UKAS) provides ISO/IEC 17025 accreditation to organisations performing various types of testing and calibration.  ISO170205 accreditation is a voluntary, third party-reviewed process. As part of accreditation, a laboratory's quality management system is thoroughly evaluated on a regular basis to ensure continued technical competence and compliance with ISO 17025. Laboratory accreditation can only be granted by an accreditation body such as UKAS for the United Kingdom.

 
Digital Investigation Computer Expert Witness Service
 
With this in mind it is vitally important when recruiting digital experts that you are confident that the experts / investigators are able to demonstrate that they conform to these standards and hold the required accreditation.
 
The deadline of October 2017 is fast approaching and it may be that many digital forensic teams, whether they are based in private companies or law enforcement will not achieve this requirement by the deadline, however it must be said that a large number will have been working towards it for some time.
 

Post October 2017

It is hard to predict how many private organisations, law enforcement teams and agencies will have achieved ISO 17025 accreditation and Codes of Practice compliance by October 2017.
 

Trust the experts

Our difference is our people, LGC draws experts from a variety of high integrity technical investigative backgrounds including law enforcement, military, digital science and IT information security. This skill and experience combination allows us to offer leading edge digital detail, and also the natural intuitive and curious bigger picture investigative mind set for reviewing prosecution digital evidence where others may not.

Our experts are all courtroom trained and can explain complex matters in a simple manner. Our investigators are trained to make sure everyone concerned understands the technology we use, as well as the implications of the information being put before them.

The LGC Digital Investigation Unit hold ISO 17025 and Forensic Regulators Codes of Practice accreditation across a range of digital disciplines with further additions planned ahead of October 2017. The schedule of accreditation for LGC can be viewed at www.ukas.com.

For further information in confidence, please contact us +44 (0)844 2641 999 or www.lgcgroup.com/digital  or visit our website www.lgcgroup.com/enquiries

Alternatively Ceri Walsh our Digital Business Development Manager will be happy to take your call.
Contact Ceri on: Tel: 07843 598 838 or email: ceri.walsh@lgcgroup.com