Our legal systems depend on a court being able to have confidence in the material that is used during legal proceedings i.e. confidence in the integrity of the data to make sure it has not been changed, and the origin of the data, namely where it came from and when it was produced. This is essential for the proper functioning of society – to have confidence that people are being found guilty or not guilty on the basis of accurate information.
There have been for a long time various physical measures in place to preserve the integrity of information – for example, a police officer’s record book would be a continuous, contemporary record, perhaps signed by the officer, and physical evidence would be put into bags which were sealed, dated, signed and stored securely.
Increasingly we are seeing digital material being presented in evidence as part of legal proceedings. This might be a file from a hard disk, video footage from body-worn video cameras, a screenshot or a digital record from a database. It is important that the techniques for preserving evidence are kept up-to-date as the formats of data evolve. ETSI TS 103 643 helps provide these techniques. Assuring evidence usually contains human components such as whether the people involved were properly trained and competent or whether the technician tested and calibrated equipment correctly. But it also contains a software or machine component and some questions may be raised: were the algorithms used strong enough? how were hashes used and stored?
“This new ETSI specification helps provide confidence around the software/machine aspects helping people write appropriate software that will be able to be used in court and will stand the test of time,” says Alex Leadbeater, Chair of ETSI TC CYBER. “It aims to provide reassurance to critical court material in a cost-effective way and saves time for those involved in the process.”
ETSI – www.etsi.org