By Antara Jha
Computers are used for committing crime as well as it is also used to fight crimes. Digital Evidence is commonly associated with electronic crime, or e-crime, such as identity theft, cyber stalking, virtual rape, credit card fraud, cyber terrorism and etc. The tools of cyber forensics investigations are X-ways WinHex, Rifiuti, Pasco, Galleta/Cookie, NMap, Ethereal, BinText, etc. Rifuti helps in collecting all the deleted and undeleted documents whereas Pasco helps in gathering records of internet activities carried out from the targeted computer.
Generally, criminals leave a digital footprint such as the suspect’s IP address, social media posts or using of their mobile for everyday use in change of traditional things. This could expose the evidence through intent, position and time of crime, relationship with victim(s), and correlation with other suspect(s).
Link based Evidence, Real Evidence, Hearsay Digital, Best Evidence are some sorts of digital evidence that is related to observing and investigation of computer network.
The computer forensics, mobile forensics, network forensics, forensic data analysis, legal considerations and data base forensics are some of the branches of digital forensics.
The availability of high speed internet, the explosion of complexity, legitimacy, privacy preserving investigation and increase in anti- forensic techniques are some of the challenges for digital evidence to curb cybercrime.
In testimony, proper preparation for trial makes all the difference. For digital investigators, preparing for trial can involve meeting with attorneys in the case to review the forensic findings, address any questions and the preparation of how to present it in the court. Scripting direct examination or rehearsing it may not be permitted in some contexts, but some discussion with the attorney ahead of time is generally permissible and provides an opportunity to identify areas that need further explanation and to anticipate questions that the opposition might raise during cross examination.
Indian security officials frequently complain that getting data under the Mutual Legal Assistance Treaty (MLAT) has been a huge challenge. The Budapest Convention came into force on November 23, 2001 as a first multilateral effort by member signatories to address jurisdictional issues.
The main principles of digital forensics are applied with the following areas:-
Identification, Acquisition, Preservation, Examining and analyzing, Preservation.
Data View Inconsistency is often to discover that the visualized content over cyberspace does not always represent the same saved copy on the disk which creates confusion and even inaccurate results in forensic analysis. This opens an area for investigation on how one can solve this issue and which protocols, tools, upgrades, etc., can be used to alleviate the impact of this scenario.
The gap between the emerging smart technologies and forensic tools are one the challenge with cybercrime digital forensics. There is an obvious technology gap between cyber criminals and combating tools and software kits and, unfortunately, it is in the favor of cybercriminals.
The production of electronic evidence has become a need in most cases to show the guilty of the accused or the accountability of the defendant. The future of computer forensics is limitless. The evidence is collected by the specialist in such a way that it has to be handled in an appropriate manner. This will help the court to provide justice to the victim. Thanks to the rising impact of technology in everyday life. Most legal systems throughout the world have updated their statutes to fit this movement in judicial attitude, which occurred largely in the past twenty years.
Some examples of Digital Forensic usage are as follows:-
- Intellectual Property theft
- Industrial espionage
- Bankruptcy investigations
- Employment disputes
- Fraud investigations
The technical conditions for the use of electronic records as evidence lay down in Section 65B (2) of the Indian Evidence Act, 1872 are that:
- The computer used in entering and storing the electronic record was in regular use by an authorized person at the time of such entry and storage;
- The entry of the data was in the ordinary course of activities;
- The computer use was operating properly at the time of entry;
- Storage of the data and that the data contents have not been affected by operational issues with the computer.
Amendment to Section 17 of the Indian Evidence Act, 1872 defines the term admission will include statements in electronic form also. Addition of Section 22A of the same Act says about to make oral admission of the contents of an electronic record irrelevant unless the genuineness of the record is in question. Addition of Section 39 talks about the part of an electronic record which is to be submitted to fully understand the nature and effect of the evidence and the circumstances under which it was made. Sections 81A, 85A, 85B, 85C, 88A, and 90A of Indian Evidence Act is to provide a presumption of authenticity to certain electronic messages etc.
The investigators create a second document for use in court. They are:-
- Telecom Forensics
- Grey Market/SIM box fraudulently
- KYC forgery by TSP/managed services
- Network intrusion and sabotage
- Business losses
- Fraudulent calls/SMSs/ Financial forgery
Section 43, Section 43A, Section 66, Section 66A, Section 66 B, C, D, Section 66 E, Section F, Section 67 of Information Technology Act, 2000 deals with punishment related to digital forensics.
Thus, we can say that computerized control systems manage banks, factories, retail inventories, air traffic control, hospitals, schools, corporations, and government organizations. Computers and their software programs are embedded in our cars, boats, trains and planes, in tools, equipment, and machinery, in telecommunications systems and public switched networks, even in our bodies. Each of them is a potential source of digital evidence, the collection, storage, analysis, and presentation of which is and will be constrained by evolving legal standards and constraints that we fail to understand at our peril.
Antara Jha is a research scholar on Cyber Law, Security and Investigations.