Computer Forensics: Structured Investigation for Legal Evidence - Research Paper

Introduction

The field of computer forensics purposely deals with the application of both investigations as well as the analysis techniques geared at gathering and preservations of evidence from a particular computing device in a specific way that suits for presentation in any court of law. Its main goal is the performance of structured investigation and, at the same time, maintenance of a chain of evidence that is compiled and documented purposely aimed at knowing what happened and the one responsible in the process. The employed personnel is utilizing the extensive knowledge of technology and procedural examination of evidence. There is a variation in terms of the digital content from one location to the other. The metadata is usually classified as an example of digital proof.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

The plan starts with an initial step where there is documentation of the evidence that has been gathered. Usually, investigations are carried out in a particular scene without neglecting even a single piece of information. Moreover, it is not a guarantee that the documentation is narrowed toward the evidence that may be available at a particular time only. It is vital to denote the conditions at present; furthermore, there is a recording of relevant observations at the scene.

In some cases, it can involve the collection and taking of photographs to ensure that the process was legit, legal, and splendid. Secondly, there is a need to avoid the contamination of the crime scene in a specific way that may taint the entire process (Nelson, 2014). Any mere mistake has the capability of destroying the evidence, thus branding it with an element of doubt, and for instance, may lead to the rule out in court. Thirdly there has to adopt a sound time management strategy in which the investigators hurriedly do their work in the shortest time as possible. It is also a fact that the best period of gathering evidence is before the contamination of the crime scene. Besides, a lot of changes might be experienced, such as weather changes, which may be accompanied by different alterations in evidence.

Preservation of evidence is also part of the lucrative process of testing the evidence future in the laboratories. Testing is also a way of confirming some of the evidence before making some conclusions. The narcotics, as evidence has to be conveyed on the laboratory test before it is passed through as evidence in court (Lang, 2014). Strictly aligning to the chain of custody is a crucial step whereby legal and prerequisite needs for that the evidence that has been gathered at all times remains in the care of qualified personnel. Any person involved in ferrying the evidence to the other must be fully equipped with the appropriate credentials. Clean and transparent documentation exhibits the chain of custody at the same time.

Collection and gathering of the evidence may vary based on the population size and the context of its application. In a population of approximately 500 people, collecting evidence can be achieved with ease. Aerial photographs can be taken in a community that is spread out in an extensive area since they can also serve as evidence. Secondly, the investigators have to do something vital to ensure that the scene is not contaminated with the evidence in a small population to the more significant using the shortest time possible (Hui, 2017). Evidence gathered should be appropriately stored in a safe place to avoid any potential damage in a population of small, medium to large. It should also be accessible at any time, making it flexible and ready for presentation in the laboratory.

Investigators seeking employment, depending on their qualifications, should be assigned the task of collecting evidence under a given population segment. For the informational nourishment, it can be stored in large laboratories and sometimes museums.

In the United States, the fourth amendment prohibits what is regarded both as unreasonable seizures and searches. It also translates that any action carried out by a police action that may constitute a search for evidence is a must at all times be considered based on the possible cause. Incase arrests are mandatory, and it must at least be based on the reason itself. All the searches have to be authorized by the warrant that is issued by the judiciary.

There are also exceptions to the warrant requirements and the probable cause. If the seizure rules are violated, the verdict is usually characterized by the exclusivity of the evidence from the prosecutor's case. The charge against the defiant is often dismissed afterwards. Evidence that is illegally seized should not, in any case, be excluded if it was obtained in good faith can be used in the impeachment of the defiant.

In the European Union, the law seems to be difficult since many countries are involved, and also the code may not be ideally developed in some parts. It focuses on the requirements of France, Germany, as well as England. Also, the EU law does not take into account warrants, unlike in the United States. Furthermore, the law doesn't rely on exclusion as a vital means of sanctioning illegal seizures as well as searches. In France, the rules that govern seizures and evidence are encapsulated in CPP code. Investigators dealing with a felony are not required to obtain any judicial order, unlike in American law. In line with non-flagrant offences, following the permission of a judge, a delegate is permitted to simple search but not warranty issued (Kebande, 2015).

In England, a warrant is based on probable cause. It is issued if the police seek evidence of any offence involving the imprisonment of more than five years, property that has been stolen, or even drugs-related cases. Warranty issuance in England is almost equivalent to how it is executed only with a single vital exception. In England, the police can perform seizures and searches without any authorization from the judiciary. The warrantless searches at the same time are not required to take place at a particular time of arrest but later. German CPP law, all the premises of the arrested individuals, can be searched without the issuance of a warrant. Searches are carried out by the prosecutor's supervision.

References

Hui, K. L., Kim, S. H., & Wang, Q. H. (2017). Cybercrime deterrence and international legislation: Evidence from distributed denial of service attacks. Mis Quarterly, 41(2), 497.

Johnson, L. (2013). Computer incident response and forensics team management: Conducting a successful incident response.

Kebande, V., & Venter, H. S. (2015, July). A functional architecture for cloud forensic readiness large-scale potential digital evidence analysis. In European Conference on Cyber Warfare and Security (p. 373). Academic Conferences International Limited.

Lang, A., Bashir, M., Campbell, R., & DeStefano, L. (2014). Developing a new digital forensics curriculum. Digital Investigation, 11, S76-S84.

Maras, M. H. (2015). Computer forensics. Jones and Bartlett Learning.

Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to computer forensics and investigations. Cengage Learning.