Police Are Mishandling Digital Forensic Evidence

Police officers are trampling over vital forensic evidence, are under-trained, and often do not know what they are looking for, MPs investigating digital disclosure problems have been told.

Giving evidence to a justice select committee inquiry into failures to hand over material that have led to multiple court cases collapsing, leading digital forensic experts warned of funding shortfalls and inadequate skills.

“One of the problems is the sheer amount of digital evidence the police have to look at,” said Dr Jan Collie, of Discovery Forensics, who specialises in defence work.

“You have to consider the cloud [for digital storage], too. There’s evidence everywhere. With cuts in funding, officers don’t have the time to do all that.

“When I first started, the police had their own digital forensic units and knew what they were about. Now you are getting very sketchy evidence. People give me screenshots of pictures of a phone. I need to see [a copy of the] original, be able to repeat and verify tests.”

Police forces do not have sufficient resources, she added: “When they have the people, they haven’t got the money to send them on courses.” Officers do not always understand the context of where digital information is found – whether it has been inadvertently hoovered up through a browser or purposefully searched for, Collie said.

“A lot of police stations have mobile phone extraction kiosks where they put a mobile phone in and press a couple of buttons, but it’s not enough analysis. A police officer who has been trained for about a day can use the equipment. He can click it in and handle the buttons, but often they spoil the evidence by mishandling. It’s like they have trodden on the evidence. Interpretation of data is being carried out by ordinary officers – they are not trained to do it.”

Many recent cases that collapsed involved rape charges where crucial text message exchanges were either missed by investigators or only released belatedly. 

Prof. Peter Sommer, an expert witness in digital forensics cases, told MPs: “These kiosks are designed for preliminary inquiry, to see if it is worth pursuing. They don’t really produce reliable evidence. 

“It’s cherry picking. The posh phrase is confirmation bias. It’s got worse because the volumes you have to deal with have got much greater. These tools have deskilled [people]. Unless you know what you are looking for, the results can be very misleading.”

He also pointed out that underfunding of the criminal justice system was leading to many digital forensic experts to quit. “People are ceasing to do it because it’s uncompetitive,” he said. “In criminal work, it’s £72 an hour. If you work for civil case clients, it’s £250 an hour.”

Dr Gillian Tully, who is the official forensic science regulator, told the committee: “Police digital forensic units are quite good at extracting information and making copies. They then pass copies to the general police, and investigators don’t necessarily have the tools to search the information or make good use of it.” 

Tully has called for additional funding for forensic science, adding: “When it comes to legal aid funding, it’s largely awarded to the business with the lowest quote – which is not helpful for quality.” 

Sommer suggested one way to solve disclosure failures would be for all the digital material to be handed over to the defence. But Rebecca Hitchen of charity Rape Crisis, told the committee that disclosure of highly personal evidence often leads to victims refusing to testify, particularly in sexual assault cases.

“When a complainant learns of the level of intrusion into their lives, they often decide it’s not in their best interest to continue,” she said.

“There’s incredibly high levels of withdrawal [from police investigations around the issue of personal history, for example if someone had an abortion at an earlier stage and the police can’t give an assurance that it won’t be revealed. The sensation of sex crime survivors is often that they are being put on trial.”

College of Policing:      Guardian:         Met Police

You Might Also Read: 

UK Police Give Cybercrime Warning:

Terrorists Deploy New Techniques To Counter Digital Forensics:

« Terrorists Deploy New Techniques To Counter Digital Forensics
Bank of England CIO Sets A Cybersecurity Challenge »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

DataVantage

DataVantage

DataVantage data masking and data management software helps you prevent data breaches, pass compliance audits and meet regulatory requirements such as HIPAA and PCI DSS.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

Japan Information Security Audit Association (JASA)

Japan Information Security Audit Association (JASA)

JASA is non-profit association active in developing and managing the quality of Information Security Auditing and Auditors in Japan.

HudsonCyber

HudsonCyber

HudsonCyber, part of HudsonAnalytix, provides leading cyber risk management services for the global maritime transportation industry.

CyberGRX

CyberGRX

The CyberGRX Exchange and our risk assessments-as-a-service help Enterprises and Third Parties cost-effectively identify, prioritize and mitigate risk.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

Sixgill

Sixgill

Sixgill, an IoT sensor platform company, builds the universal data service and smart process automation software allowing any organization to effectively govern its IoE assets.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

BwCIRT

BwCIRT

BwCIRT is the Computer Incident Response Team (CIRT) for Botswana and provides an official point of contact for dealing with computer security incidents.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

NANO Corp

NANO Corp

At NANO Corp, we keep your network visible, understandable, operational and secure with state-of-the-art technology.

Silverse

Silverse

At Silverse, we specialize in building a comprehensive cybersecurity journey, anchored by our extensive experience, industry expertise, and an ecosystem of trusted partners.