In order for evidence to be admissible in court, the evidence has to be processed via Certified Computer Forensic Laboratory.  Certified Forensic Laboratories follow best practices laid out by specific organizations  with special recognition by the courts, law enforcement and the private sector. Assembling, managing and organizing a Certified Forensic Laboratory, requires research & planning, special equipment and specialized laboratories where certified IT personnel carry out data retrieval and processing using meticulous operating procedures. This configuration of social institutions is important, as it receives funding from both the public and private sectors, which utilize such funding to maximize the truth and reconciliation between all social institutions.

On Admissibility in court

Admissibility, As a legal principle is centered around the fact that the term “Forensic” means “Suitable for a court of law”. This means “Forensic Evidence” can only be brought before a court of law if; it was legally secured through a search warrant granted by judge, or consented to, by someone who can legally consent to such a procedure. Forensic Evidence must come from a credible & reliable source and thus, cannot be handled in any capacity without documentation of its “chain of custody” by trained and accredited individuals, and even the process through which the evidence was obtained must be, repeatable and credible.

There are several key factors that influence admissibility in court, the chain of custody has to do with the accountability of the judicial/law enforcement system. The term “Kangaroo courts” summarizes some of the statistically possible concerns related to “Chain of Custody”. Imagine sending someone to prison for mediocre forensic investigative work. That is another reason why Chain of Custody is important. “Chain of Custody” has to do with preserving the relevance of the evidence, the credibility of the individuals involved in the process, and the legality of the vector of evidence retrieval. The main way that we preserve and maintain “the chain of custody” is through the diligent work of our accreditation agencies who set, inspect and insure that proper forensic criterion is observed and maintained within the many Computer Forensic Laboratories which serve the public.

Computer forensic labs also exist in the private sector for the purposes of consulting services, internal fraud investigations, and eDiscovery, all of which rely upon the relevance, reliability and legality of admissibility. eDiscovery, in certain contexts don’t even involve criminal prosecution, and are simply the collection of digital evidence for the purposes of litigation and/or arbitration. Laws such as the Sarbanes-Oxley Act, stipulate the length of time that accounting and other kinds of electronic data, with potential forensic use cases, should be retained for use. American companies that handle European data must comply with regulations set by the General Data Protection Regulation (GDPR).

Admissibility is an important concept in the context of any litigation, arbitration or adjudication, as mentioned before, the guidelines which govern what organization can reliably produce admissible evidence are set by a handful of recognized scientific organizations.

Certified Forensic Laboratory Accreditations and Requirements

Certified Forensic Laboratories follow the best practices laid out by specific organizations  with special recognition by law enforcement, the private sector and the courts for their reliability and integrity. Such organizations include but are not limited to: the Crime Laboratory Directors Lab Accreditation Board (ASCLD/LAB), The International Organization for Standardization (ISO) and The Scientific Working Group on Digital Evidence (SWGDE).

The American Society of Crime Laboratory Directors (ASCLD) are a non-profit organization that set the guidelines and standards of Forensic laboratories, though not an accrediting entity itself, it was the host organization for The American Society of Crime Laboratory Directors Lab Accreditation Board (ASCLD/LAB), which is an accrediting agency, and has since split off  from, and become its own entirely separate legal entity from the aforementioned ASCLD. The (ASCLD/LAB) Guidelines for Forensic Laboratory Management Practices, outlines the competencies and qualifications of Forensic laboratory managers and staff, as well as operational procedures, security procedures, Health and safety procedures, training and standards of integrity.  

The International Organization for Standardization (ISO) is an independent, non-governmental organization, which is comprised of 162 national standard bodies. ISO also provides guidance for many standards regarding technology, for example ISO provides guidance for the compact disc file system which ensures that every compact disc reader can read every compact disc, regardless of if it is bought in Canada or the UK. ISO, specifically, ISO/IEC 17025:2017 outlines the general requirements for the competence of Forensic laboratories and are often seen as interchangeable with the more, supposedly stringent ASCLD/LAB certification.

The Scientific Working Group on Digital Evidence (SWGDE) is a committee dedicated to the research and development of standards regarding digital and multimedia evidence. They gained recognition from the ASCLD/LAB and are arguably the reason for the ASCLD/LAB’s recognition of Digital Forensic evidence as a separate criterion in their accreditation program. Federal, state and local law enforcement as well as representatives from the private sector are invited to join, provided they do not have any “Commercial Interest”.

An evidence acquisition laboratory is where evidence is handled, in the case of digital evidence, it is where data is extracted from hard drives, mobile phones and other kinds of storage devices for analysis. Such duties are not without hardship, digital forensic personnel within these laboratories need to have experience with cracking passwords with rainbow tables and using tools such as AccessData’s Password Recovery tool kit (PRTK). Files or even entire hard drives may need to be decrypted, therefore having an understanding of the concept of decryption becomes pivotal in the handling of this kind of evidence. For example, Ross Ulbrich, the founder of the Silk road, had to be detained with his laptop already decrypted in order for the evidence on said laptop to become admissible in court. The Evidence Acquisition laboratory needs to be able to manage its inventory of forensic evidence, an information management system is one such requisite for proper management, another is access control, meaning locked doors, security cameras and accountability. Knowing who does what, where, why and how becomes extremely important. Even the layout and floor plan of the Forensic laboratory are subject to strict guidelines. 

In Conclusion, the admissibility of digital evidence in court is largely dependent on the reliability of the organizations handling such evidence, the legality of which such evidence was obtained and, though not discussed in this paper, the relevance such evidence has with regard to proving or disproving a fact in legal dispute. Reliability, in this context, means the Certified Forensic Laboratories follow the best practices laid out by Organizations such as the Crime Laboratory Directors Lab Accreditation Board (ASCLD/LAB), The International Organization for Standardization (ISO) and The Scientific Working Group on Digital Evidence (SWGDE).

Assembling, managing and organizing a Certified Forensic Laboratory requires an incredible capital investment, immaculate research & planning, big heavy expensive special equipment and specialized laboratories where certified IT personnel carry out  meticulous operating procedures. In my opinion, if you want to be in this field, you need to be either incredibly meticulous or just plain credible. This is why, in the back of my mind, journalism and law really speak to me. What if I can’t handle the inherent sense of emergency that comes with the job? At least as a lawyer I know how much prep time I have, I know what my obsession for that week will be before I ever even get paid, I can possibly cherry pick, and maybe even win a lot as a result. How do I cherry pick what emergencies I stumble into as a Forensic tech? It sounds like a dangerously vital proficiency to have though, like handling a gun, it’s better to have it and not need it than need it and not have it. I don’t know how I feel about continuing to stumble into emergencies like this, I’m getting old.

In my personal opinion, This configuration of social institutions is important, as it receives funding from both the public and private sectors, which utilize such funding to maximize the truth and reconciliation between all social institutions. In my philosophical opinion, truth and reconciliation is the best we will ever get to, making the world a better place.

Citations:

• Hayes, D. R. (2020). A practical guide to digital forensics investigations (2nd ed.). Pearson IT Certification.
• Kendall, D. (2024). Sociology in our times (12th ed.). Wadsworth Publishing.