Using electronically obtained evidence

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search

Using electronically obtained evidence

One of the difficult aspects of computer security is identifying the individual believed to have committed a certain act using a computer.FN33 Often access to a computer is accomplished by means of a remote terminal or other type of device. These devices do not usually provide unique identification of the person using them, in the way that handwriting and fingerprints do.FN34 Many terminals are secured by the assignment of individual passwords to those people who use the terminal, but it is often easy to learn another's password or to sit at a terminal that was negligently left on.FN35

In order to identify the actor, it may be necessary to record conversations involving communications hookups to the computer, or to intercept the data that a defendant is sending or receiving. For example, in U.S. vs. Rifkin,FN36 the defendant was accused of an unauthorized wire-transfer in the amount of $l0.2 million. One piece of evidence against him or her was a tape-recording made of the transaction in which he or she ordered the transfer. After he or she made this phone call, bank employees carried out the transfer. It must be noted, however, that intercepting verbal communication is prohibited unless both of the parties to the conversation consent to such recording, or it is authorized by statute.FN37 Where neither of these conditions is met, counsel should challenge the admissibility of any evidence resulting from such investigation. As a rule, no such protections apply where data is transferred.FN38 Nonetheless argument can be made that data and speech are analogous. In such a case, it may be argued that data deserves the same protection as voice communications, because an expectation of privacy exists.

Where data communications are being intercepted, counsel must ascertain if any of the computer operation can be proven reliable. Counsel may make a pretrial motion to challenge the reliability of a machine used to intercept data communications in a manner analogous to the making of a motion challenging the use of a breathalyzer in a drunk driving case.FN39

Retrieved from "http://horseproject.wiki/index.php?title=Using_electronically_obtained_evidence&oldid=8549"