Saturday, June 7, 2008

Cybercops for Cybercrime

In an effort to regulate the investigation of digital crime in the US, some states are looking at limiting the practice to Private Investigators. North and South Carolina, Georgia, New York, Nevada, Texas, Virginia and Washington are just some of the states that are enacting mandatory licensing of all forensic investigators.

One of the main problems around the investigation of digital crime is the issue of jurisdiction. Digital crime is borderless. Someone in New York can perpetrate criminal activities in Los Angeles without moving from his of her desk. According to the new laws anyone investigating this crime would have to be licensed in both New York and LA for his or her findings to be admissible in a court of law. Should supporting digital evidence be found in any other states, the investigator would need valid PI licenses for them too. Evidence from unlicensed investigators will be excluded from court and could result in the criminal prosecution of the offenders.

IT professionals by and large don't have any problems with attempts to regulate their field. Their primary concern is that they are being forced into an existing and ill-fitting category rather than being given one of their own. They fear that by allowing anyone with a PI license to claim forensic investigative credibility, evidence will be unnecessarily compromised and the field's image will be irreparably tarnished. Their argument is that if they have to be licensed, then regular PIs should also be licensed to carry out the delicate and specialised work of data collection and recovery.

What is in fact needed is more education on all sides. Forensic investigators need to learn more about court procedures and what constitutes admissible evidence, for example, maintaining the chain of custody of evidence and the proper documentation of findings. Prosecutors should know more about what is and is not possible so that they'll recognise outlandish claims and know when to challenge the credibility of evidence.

If PIs want to engage in digital investigations they should be able to prove their competency in the field. There should be a standard exam that all aspirant digital investigators need to pass in order to qualify for a forensic investigator PI license. Standardised practices will make it easier for investigators to work across state boundaries. Standardisation will also contribute to transparency in a field whose specialised nature places it at risk of obfuscation.

Regulations are necessary in all industries. They help those within the industries work to the best of their abilities and create a sense of accountability and responsibility. It's undeniable that the field of digital investigation needs regulating, as without it evidence is open to compromise. But legislators should take care that the regulations serve the industries that they are designed to protect, and don't detract from their credibility. Stan King, from the Forensics and Investigative Response Practice of Verizon Business Services said, "Like a doctor who's gone to medical school, works in his field, takes continuing education and maintains his medical licenses-that's the level of accountability we need for digital forensics". I don't think that the courts of South Carolina would argue.

Recommended site:

http://www.baselinemag.com/c/a/Projects-Security/Computer-Forensics-Faces-Private-Eye-Competition/



By Sandy Cosser



Sandra wrote this article for the online marketers MVI Data Recovery data recovery one of the most successful data recovery companies in the UK today.

Article Source: http://EzineArticles.com/?expert=Sandy_Cosser

No comments: