SlideShare a Scribd company logo

Computer forensics law and privacy

Download as PPT, PDF
ch samaram
ch samaram

Computer forensics law and privacy

Technology
1 of 84
Computer Forensics Law & Privacy © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU
Overview Computer Crime Laws Policy and Procedure Search Warrants Case Law Intellectual Property Protection Privacy Ethics 2
Computer Crime What is Computer Crime? – Criminal activity directly related to the use of computers, specifically illegal trespass into the computer system or database of another, manipulation or theft of stored or on-line data, or sabotage of equipment and data. – Criminal activity can also comprise the use of computers to commit other kinds of crime: harrassment, scams, hate crimes, fomenting terrorism, etc 3
Computer Crime What is a Computer Crime? – Stealing trade secrets from a competitor – Extortion – Use of a packet sniffer to watch instant messaging conversations 4
Federal Computer Crime Laws 4th Amendment Computer Fraud and Abuse Act of 1986 Electronic Communications Privacy Act of 1986 5
Federal Computer Crime Laws Electronic Espionage Act of 1996 Communications Decency Act 1996 Child Pornography Prevention Act Digital Millennium Copyright Act of 1998 COPPA - Children's Online Privacy Protection Act HIPAA - Health Insurance Portability And Accountability Act Access Device Fraud USA Patriot Act 6
State Computer Crime Laws Computer crime laws are state-specific 7
Case Law What is case law? – “Created” by the rulings of judges on court cases Importance of case law? – Very few laws governing current and emerging technologies – Precedents set by case law often become legislative law 8
Computer Fraud and Abuse Act
Computer Fraud and Abuse Act 15 USC §1644 - Fraudulent use of credit cards; penalties 18 USC §1029 - Fraud and related activity in connection with access devices 18 USC §1030 - Fraud and related activity in connection with computers 18 USC §1343 - Fraud by wire, radio, or television 18 USC §1361-2 - Prohibits malicious mischief 10
15 USC §1644 Use, attempt or conspiracy to use card in transaction affecting interstate or foreign commerce Transporting, attempting or conspiring to transport card in interstate commerce Use of interstate commerce to sell or transport card Furnishing of money, etc., through use of card 11
Crimes and Penalties Whoever in a transaction affecting interstate or foreign commerce furnishes money, property, services, (>$1,000) shall be fined not more than $10,000 or imprisoned not more than ten years, or both 12
18 USC §1029 Counterfeit access devices Telecommunications instrument modified to obtain unauthorized use of telecommunications services. Fraudulent transactions using credit cards Use of scanning receiver 13
Crimes and Penalties Forfeiture to the United States of any personal property used or intended to be used to commit the offense Fine under this title or imprisonment for not more than 20 years, or both. 14
18 USC §1030 Accesses a computer without authorization to obtain restricted data. Without authorization accesses Federal computers Conduct fraud and obtains anything of value on such computers Traffics in passwords or similar information 15
Crimes and Penalties The United States Secret Service has authority to investigate offenses Forfeiture of any personal property used or intended to be used to commit the offense Fine under this title or imprisonment for not more than 20 years, or both. 16
18 USC §1343  Fraud by means of wire, radio, or television communication in interstate or foreign commerce,  Transmission of digital or analog data in such fraud 17
Crimes and Penalties Fine under this title or imprisonment not more than five years, or both. If the violation affects a financial institution, fine of $1,000,000 or imprisonment of 30 years, or both 18
18 USC §1361-2 Prohibiting malicious mischief Computer hacking/website defacement 19
Actual Crimes  Many cases have been prosecuted under the computer crime statute, 18 U.S.C. § 1030 (unauthorized access). A few recent sample press releases from actual cases are available via links below:  Kevin Mitnick Sentenced to Nearly Four Years in Prison; Computer Hacker Ordered to Pay Restitution to Victim Companies Whose Systems Were Compromised (August 9, 1999) Source: http://www.usdoj.gov/criminal/cybercrime/compcrime.html 20
Actual Crimes Former Chief Computer Network Program Designer Arraigned for Alleged $10 Million Computer "Bomb" Juvenile Computer Hacker Cuts off FAA Tower At Regional Airport -- First Federal Charges Brought Against a Juvenile for Computer Crime Source: http://www.usdoj.gov/criminal/cybercrime/compcrime. html 21
Sample Cases  http://www.daviddfriedman.com/Academic/Course_Pages/21st_cen tury_issues/21st_century_law/computer_crime_legal_01.htm  http://www.law.emory.edu/11circuit/june2000/99-12723.opn.html  http://www.usdoj.gov/criminal/cybercrime/cccases.html  http://www.usdoj.gov/criminal/cybercrime/garciaArrest.htm  http://www.usdoj.gov/criminal/cybercrime/jiangIndict.htm  http://www.usdoj.gov/criminal/cybercrime/schellersent.htm  http://www.usdoj.gov/criminal/cybercrime/usamay2001_2.htm 22
Electronic Communications Privacy Act
Where Can I Find ECPA? United States Code Title 18 Crimes and Criminal Procedure Chapter 119 – Wire and Electronic Communications Interception and Interception of Oral Communications Sections 2510 - 2522 24
Overview of ECPA President Reagan signed ECPA into law in October 1986 Designed to extend Title III Privacy Provisions to new technologies such as electronic mail, cellular phones, private communication carriers, and computer transmissions 25
“The Wiretap Act” This law required that enforcement agencies obtain a warrant before executing a wiretap (usually used to record voice conversations) 26
What Rights Does ECPA Provide?  ECPA protects the transmission and storage of digital communication such as email  Authorities are forbidden to intercept non-voice portions of communication, thanks to ECPA  This is defined as "any transfer of signs, signals, writing, images, sound, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectric or photo-optical system." 27
ECPA Rights (cont.) Act was designed to protect against electronic communication service providers from disclosing any contents of communication to authorities without lawful consent of the party that originated the communication Act provided for coverage of all communication providers, not just “common carriers” available to the public 28
Cellular Phone Communication Act also protects cellular phone conversations; wired privacy extended to wireless Penalty for intercepting a non-encrypted call is only a $500 fine, rather than the normal maximum of 5 years in prison Note: This act also explicitly states it does not protect the “radio portion of a telephone that is transmitted between the cordless telephone handset and the base unit." 29
Radio Paging ECPA also protects pagers Voice and digital display pagers were determined to be an extension of an original wired communication However, tone-only pagers are not protected by ECPA 30
Customer Records ECPA provides for the protection of subscriber and customer records belonging to electronic service providers Authorities cannot access these records without a search warrant and court order, unless otherwise notifying the customer 31
References http://www.digitalcentury.com/encyclo/update/ ecpa.html http://floridalawfirm.com/privacy.html 32
USA Patriot Act
Some Perspective On September 11, 2001, more Americans were murdered than… •American battle deaths in the war of 1812 •American battle deaths at Pearl Harbor •American battle deaths in the Indian Wars •American battle deaths in the Mexican War •American battle deaths in Vietnam prior to 1966 •Union battle deaths at Bull Run •Police officers killed in the line of duty since 1984 34 Source: Federal Law Enforcement Training Center Glynco, Georgia
USA Patriot Act – Oct 2001 Provides Tools To Intercept and Obstruct Terrorism Some believe it was too hasty – There were few conferences – The House vote was 357-66 – The Senate vote was 98-1 35
USA Patriot Act  Specifically, the Act: 1. Creates several new crimes: bulk cash smuggling, attacking transportation systems, etc. 2. Expands prohibitions involving biological weapons 3. Lifts the statute of limitations on prosecuting some terrorism crimes 4. Increases penalties for some crimes 5. Requires background checks for licenses to transport hazardous materials 6. Expands money laundering laws and places more procedural requirements on banks 7. Promotes information sharing and coordination of intelligence efforts 36
USA Patriot Act 8. Provides federal grants for terrorism prevention 9. Broadens the grounds for denying aliens admission 10. Alters some domestic security provisions for DoD  Most provisions of the Act shall cease to have effect on December 31, 2005  However, a USA Patriot Act II is being discussed in Congress 37
Computer Crime Penalty of 5 years for a first offense and 10 years for a subsequent offense for damaging a federal computer system Damage includes any computer impairment that causes the loss of at least $5,000 or threatens the public health or safety. 38
Computer Crime  To be found guilty, the person must: 1. Knowingly cause the transmission of a program, information, code, or command that results in damage to a protected computer without authorization 2. Intentionally access a federal computer without authorization and cause damage (§ 814) 39
Computer Crime  The act requires the attorney general to create regional computer forensic laboratories: 1. Examine seized or intercepted computer evidence 2. Train and educate federal, state, and local law enforcement and prosecutors 3. Assist federal, state, and local law enforcement in enforcing computer-related criminal laws 4. Promote sharing of federal expertise  The act also provides funding for these facilities (§ 816) 40
Other Crimes / Penalties Attacks Against Mass Transportation Systems – The crime is punishable by a fine, up to 20 years if the violator traveled or communicated across state lines or The crime is punishable by life in prison if the offense resulted in death Counterfeiting – The act makes counterfeiting punishable by up to 20 years in prison 41
Other Crimes / Penalties  Harboring or Concealing Terrorists – This crime is punishable by a fine and 10 years in prison (§ 803)  Biological Weapons – This is punishable by a fine, and 10 years in prison  Money Laundering – This crime is punishable by 5 years in prison – For Federal employees, the crime is punishable by a fine 3 times the value received, and 15 years in prison, (§ 329) 42
Increased Penalties Arson from 20 years to life Energy facility damage, from 10 to 20 years Supporting terrorists, from 10 to 15 years Supporting designated foreign terrorist organizations, from 10 to 20 years Destroying national defense materials, from 10 to 20 years Sabotaging nuclear facilities from 10 to 20 years Carrying a weapon or explosive on an aircraft from 15 to 20 years Damaging interstate gas or hazardous pipeline facility, from 15 to 20 years 43
Information Sharing  The act: 1. Foreign and national intelleigence surveillance can exchange information (§ 504) 2. Regional information sharing between federal, state, and local law enforcement (§ 701) 3. Attorney general can apply to a court for disclosure of educational records to prosecute a terrorist act 4. Act also provides immunity for people who in good faith disclose these documents) (§ 507, 508) 44
Privacy Implications  American Civil Liberties Union: “The USA Patriot Act allows the government to use its intelligence gathering power to circumvent the standard that must be met for criminal wiretaps. …  The new law allows use of Foreign Intelligence Surveillance Act surveillance authority even if the primary purpose were a criminal investigation.  Intelligence surveillance merely needs to be only for a "significant" purpose.  Law enforcement may search primarily for evidence of crime, without establishing probable cause  This provision authorizes unconstitutional physical searches and wiretaps 45
Privacy Implications  “In allowing for "nationwide service" of pen register and trap and trace orders, the law further marginalizes the role of the judiciary.  It authorizes what would be the equivalent of a blank warrant in the physical world: the court issues the order, and the law enforcement agent fills in the places to be searched.  This is not consistent with the important Fourth Amendment privacy protection of requiring that warrants specify the place to be searched.”  In short, the USA Patriot Act assumes no “expectation of privacy” 46
Case Study: Carnivore TCP/IP packet sniffer developed by the FBI that has the ability to store all traffic on a network Intended Uses: Terrorism, Espionage, Child Pornography/Exploitation, Information Warfare/Hacking, Organized Crime/Drug Trafficking, Fraud Reassembles your e-mail, webpages, files and searches for keywords 47
Case Study: Carnivore Legitimate use vs. invasion of privacy – Find out which web sites you visit deathtoamerica.com girlsgonewild.com – Read your e-mail bomb making instructions love letters – Save a copy of files you download shoebomb.zip transactions.zip 48
Case Study: Carnivore  Pre-USA Patriot Act realities: – FBI suspects you of criminal activity – Requests court order to use Carnivore – Installs Carnivore at your ISP – Carnivore grabs all of your packets authorized in the court order – Carnivore must not grab anyone else’s packets – Data physically collected once a day – Court order expires in 30 days  Post-USA Patriot Act fears: – The FBI can use Carnivore to go fishing for personal information 49
Related Cases  John Walker Lindh – sentenced to 20 years in federal prison  Conspiracy to Murder U.S. Nationals (18 U.S.C. § 2332(b)) (Count One)  Conspiracy to Provide Material Support & Resources to Foreign Terrorist Organizations (18 U.S.C. Defendant. ) § 2339B) (Counts Two & Four)  Providing Material Support & Resources to Foreign Terrorist Organizations (18 U.S.C. §§ 2339B ) & 2) (Counts Three & Five)  Conspiracy to Contribute Services to al Qaeda (31 C.F.R. §§ 595.205 & 595.204 & 50 U.S.C. § 1705(b)) (Count Six)  Contributing Services to al Qaeda (31 C.F.R. §§ 595.204 & 595.205, 50 U.S.C. § 1705(b) & 18 U.S.C. § 2) (Count Seven)  Conspiracy to Supply Services to the Taliban (31 C.F.R. §§ 545.206(b) & 545.204 & 50 U.S.C. § 1705(b)) (Count Eight)  Supplying Services to the Taliban (31 C.F.R. §§ 545.204 & 545.206(a), 50 U.S.C. § 1705(b) & 18 U.S.C. § 2) (Count Nine)  Using and Carrying Firearms and Destructive Devices During Crimes ) of Violence (18 U.S.C. §§ 924(c) & 2) (Count Ten) 50
Related Cases  Zacarias Moussaoui – awaiting twice-delayed trial  Conspiracy to Commit Acts of Terrorism Transcending National Boundaries (18 U.S.C. §§ 2332b(a)(2) & (c)) (Count One)  Conspiracy to Commit Aircraft Piracy (49 U.S.C. §§ 46502(a)(1)(A) and (a)(2)(B)) (Count Two)  Conspiracy to Destroy Aircraft (18 U.S.C. §§ 32(a)(7) & 34) (Count Three)  Conspiracy to Use Weapons of Mass Destruction (18 U.S.C. § 2332a(a)) (Count Four)  Conspiracy to Murder United States Employees (18 U.S.C. §§ 1114 & 1117) (Count Five)  Conspiracy to Destroy Property (18 U.S.C. §§ 844(f), (i), (n)) (Count Six) 51
Related Cases  Interesting topics in Moussaoui case: – U.S. District Court Judge Leonie Brinkema released a detailed government report on the computers and e-mail search in the case – The evidence includes 140 computer hard drives, four of which used by Moussaoui – FBI investigators copied their hard drives using Safeback and Logicube software – Computer forensics experts were unable to find any trace of Moussaoui's "xdesertman@hotmail.com" account or some 27 variations of that address – A search of computers Moussaoui may have used at a Kinko's in Eagan, Minnesota, also came to a dead end because Kinko's cleans out the hard drives on its public computers once every week 52
References  http://www.epic.org/privacy/terrorism/hr3162.html  http://archive.aclu.org/congress/l110101a.html  http://notablecases.vaed.uscourts.gov/1:01-cr- 00455/docs/68092/0.pdf  http://www.cise.ufl.edu/~nfarring/carnivore  http://www.cga.state.ct.us/2001/rpt/olr/htm  http://www.cise.ufl.edu/~nfarring/carnivore 53
Computer Privacy © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU
Privacy What is privacy? How is it determined? – To determine and define what privacy is, we must look at current law, case precedence, and public opinion 55
Constitutional Search 4th Amendment of the U.S. Constitution “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. ” 56
Privacy What websites are you visiting? – Wireless internet Where are you? – GPS cell phones, vehicles with OnStar What and where are you purchasing? – Credit cards Bluetooth- and RFID-enabled devices and clothing 57
Security and Privacy Security is a wider Concept  Security of Information embraces: – Confidentiality – Integrity – Availability Achieving Security involves People, Procedures, and Technology The same is true for Privacy 58
Laws and Policies govern Privacy Privacy is no longer a vague concept It has been legislated A body of case law exists Federal laws, State Laws, Supra-national laws Even the US Constitution has a bearing Lastly, companies have Policies 59
Topical Relevance Massive on-line databases of people Extensive on-line interactions between companies Millions of daily transactions between companies and customers Who owns all this, and who has a need to know? 60
Motivation for Companies Maintain competitive edge Ensure legal compliance Enhance company image Privacy is a requirement – not a customer delight 61
Many Privacy Rights are embedded in Criminal Statutes US Mail Telephone conversation Library borrowing Bank records Student records Etc. Federal and States 62
Plethora of Laws FERPA – Student records ECPA Electronic Communications Privacy Act – Most basic act for access, use, disclosure, interception and privacy of electronic communications Section 208 of The E-Government Act – Federal agencies should protect PII collected 63
Plethora of Laws  HIPAA Health Information Portability and Accountability Act – Medical records  Gramm-Leach Bliley Act – protects consumers’ personal financial information held by financial institutions.  The (Federal) Privacy Act of 1974 – FTC approved “fair information practices” that are widely accepted principles of privacy protection 64
Plethora of Laws  Section 208 of The E-Government Act – Federal agencies should protect PII (personally Identifiable Information) collected  Sarbanes-Oxley – accounting fraud – securities-law violations – Enhanced penalties for white collar crime – executives directly responsible for problems – Accurate records to be maintained for 5 years  Basel II 65
Plethora of Laws CAN-SPAM Act – Has not yet succeeded in reducing unwanted e-mail – New measures being agreed on by MS, Amazon, Brightmail, etc to filter spam Massachusetts court decided that ISPs may read subscribers’ messages – But all major ISPs disavowed any desire to read e-mail 66
Patriot Act USA Patriot Act – Negates almost every privacy prescription heretofore stated, under special circumstances – The circumstances are not tightly defined – Hence, Governmental abuse is expected & has happened – Not only allows the Government to violate Privacy, but mandates that companies collude in this Is this the anti-law of Privacy? 67
Cookies and Privacy  Simply surfing makes you the target of spyware  Cookies placed on your computer can – Profile your on-line behavior – Track websites you have visited – Trigger targeted pop-up ads – Record search terms and form entries  Security scanners like Spybot and Zone Labs can detect and remove such intrusive cookies  Try a free scan on your computer and see what you get: – http://download.zonelabs.com/bin/free/cm/index4.html 68
Surfing Dangers  Simply surfing can have your browser‑driven online financial security information stolen: – http://www.eweek.com/article2/0,1759,1618052,00.asp  The attacker uploaded a small file with JavaScript to infected Web sites and altered the Web server configuration to append the script to all files served by the Web server (IIS). – No anti-virus program would stop it, – no firewall would slow it down and – no shipping IE security patch would even notice it. – Visit the page, get the infection. It was that simple. 69
Surfing Dangers - Solution Use Firefox (browser component of Mozilla, open source) That’s the recommendation of CERT – http://www.mozilla.org/products/firefox/ You may not enjoy Active X (MS specific code in some web-sites) 70
ISO/IEC 17799 Standard based on BS 7799 – Important, detailed, complex standard – Covers People, Process and Technology – A wide-ranging document on Information Security – Has numerous recommendations in detail – Companies can be certified against this standard 71
Understanding and Implementng ISO/IEC 17799 Start with Toolkit – Full ISO17799 compliant information security policies – Disaster recovery planning kit – Road map for certification – Audit kit (checklists, etc) for a modern network system – Comprehensive glossary of information security – Business impact analysis questionnaire http://www.iso17799-made-easy.com/ 72
Privacy Under Fire Patriot Act – 6 month wiretap without court order “Patriot Act 2” – More expansive laws than Patriot Act Privacy vs. Freedom of Information Act – School and University e-mails Privacy vs. general public good – Your best interests vs. 10 million+ peoples’ 73
Laws Protecting Privacy 4th Amendment of the U.S. Constitution Electronic Communications Privacy Act HIPAA Intellectual Property laws – Copyright – Trademark 74
Search Warrants Obtained by law enforcement by testifying to an uninvolved public agent of judicial review naming – The crime being investigated under probable cause – The specific location(s) to be searched – The items and names of persons to be seized 75
Search Warrants Search warrants do not solely apply to physical domains Also apply to wire taps, either phone or network Patriot Act expands the powers of law enforcement, allowing for easier granting of warrants requesting wire tap access 76
Search Warrants Must be clear and concise Items seized must be listed or at least covered in the text of the warrant Errors or omissions may result in evidence being thrown out of court 77
Subpoenas Subpoena –The process by which a court orders a witness to appear (and sometimes present evidence) at a judicial proceeding and produce certain evidence for purposes of discovery For example, using ISP connection logs to determine a particular subscriber’s identity 78
Court Orders Court Orders – Official judge’s proclamation requiring or authorizing the carrying out of certain steps by one or more parties to a case For example, using a packet-sniffer on an ISP’s router to collect all packets coming from a particular IP address to reconstruct an AIM session. 79
Chain of Custody Begins with seizure of items during the execution of the search warrant Accounts for every minute the items are in custody Must be maintained from seizure through court appearance Failure to maintain chain of custody may result in inadmissibility of evidence 80
Chain of Custody Important for businesses as a case may end up in court Failure to adequately show computer or item did not have an opportunity to be tampered with may result in an unfavorable judgment 81
Video “Search and Seizure” – U.S. Secret Service 82
Summary Many legal issues facing technology and computer forensics from start of investigation through court testimony Complexities and adaptability of technology also potentially create a myriad of issues Following well-documented procedures for obtaining and handling evidence 83
References  US Department of Labor / Office of Administrative Law Judges www.oalj.dol.gov/faq19.htm - Supoena Form  Cyberlaw: Problems of Policy and Jurisprudence in the Information Age – Patricia L. Bellia, Paul Schiff Berman, David G. Post, Thomson/West 2003  4th Amendment http://caselaw.lp.findlaw.com/data/constitution/amendment04/  IEEE Code of Ethics http://www.ieee.org/portal/index.jsp?pageID=corp_level1&path=about/whatis&file=code.xml&xsl=gener  COPS.org Code of Ethics http://www.cops.org/ethics.htm  Court Order http://www.wordiq.com/definition/Court_order 84

Recommended

Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Audio and Video Forensics
Audio and Video ForensicsAudio and Video Forensics
Audio and Video ForensicsDipika Sengupta
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Legal issues related to dna fingerprinting in india
Legal issues related to dna fingerprinting in indiaLegal issues related to dna fingerprinting in india
Legal issues related to dna fingerprinting in indiaIndianScholars
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 

Recommended

Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Audio and Video Forensics
Audio and Video ForensicsAudio and Video Forensics
Audio and Video ForensicsDipika Sengupta
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Legal issues related to dna fingerprinting in india
Legal issues related to dna fingerprinting in indiaLegal issues related to dna fingerprinting in india
Legal issues related to dna fingerprinting in indiaIndianScholars
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptxkiran yadav
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Computer crimes and criminals
Computer crimes and criminalsComputer crimes and criminals
Computer crimes and criminalsOnline
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Forensic Biology - Biological evidences
Forensic Biology - Biological evidencesForensic Biology - Biological evidences
Forensic Biology - Biological evidencesjeremiah_justus
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics toolSreekanth Narendran
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensicSANTANU KUMAR DAS
 
Crime scene management
Crime scene managementCrime scene management
Crime scene managementHafeez Bhutta
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domainppd1961
 
State v. Mott: A Case Study in Forensic Science
State v. Mott: A Case Study in Forensic ScienceState v. Mott: A Case Study in Forensic Science
State v. Mott: A Case Study in Forensic Sciencegcpolando
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Daubert and it’s implications
Daubert and it’s implicationsDaubert and it’s implications
Daubert and it’s implicationsMahipreet Kaur
 
Social Media Forensics
Social Media ForensicsSocial Media Forensics
Social Media ForensicsJohn J. Carney, Esq.
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 

More Related Content

What's hot

Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptxkiran yadav
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Computer crimes and criminals
Computer crimes and criminalsComputer crimes and criminals
Computer crimes and criminalsOnline
 
Forensic Biology - Biological evidences
Forensic Biology - Biological evidencesForensic Biology - Biological evidences
Forensic Biology - Biological evidencesjeremiah_justus
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Crime scene management
Crime scene managementCrime scene management
Crime scene managementHafeez Bhutta
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domainppd1961
 
State v. Mott: A Case Study in Forensic Science
State v. Mott: A Case Study in Forensic ScienceState v. Mott: A Case Study in Forensic Science
State v. Mott: A Case Study in Forensic Sciencegcpolando
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Daubert and it’s implications
Daubert and it’s implicationsDaubert and it’s implications
Daubert and it’s implicationsMahipreet Kaur
 

What's hot (20)

Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptx
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
 
Computer crimes and criminals
Computer crimes and criminalsComputer crimes and criminals
Computer crimes and criminals
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Forensic Biology - Biological evidences
Forensic Biology - Biological evidencesForensic Biology - Biological evidences
Forensic Biology - Biological evidences
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigation
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
Crime scene management
Crime scene managementCrime scene management
Crime scene management
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domain
 
State v. Mott: A Case Study in Forensic Science
State v. Mott: A Case Study in Forensic ScienceState v. Mott: A Case Study in Forensic Science
State v. Mott: A Case Study in Forensic Science
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Daubert and it’s implications
Daubert and it’s implicationsDaubert and it’s implications
Daubert and it’s implications
 
Social Media Forensics
Social Media ForensicsSocial Media Forensics
Social Media Forensics
 

Viewers also liked

Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1Jinalkakadiya
 
Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Adriana Dvorsak
 
The Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse ActThe Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse ActShawn Tuma
 
Computer And The Law
Computer And The LawComputer And The Law
Computer And The LawSaimaRafiq
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINamiable_indian
 
copyright (under indian cyber law)
copyright (under indian cyber law)copyright (under indian cyber law)
copyright (under indian cyber law)ravindra sharma
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Legal issues in the media industry
Legal issues in the media industry Legal issues in the media industry
Legal issues in the media industry BenRay95
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 

Viewers also liked (17)

Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
 
Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...
 
The Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse ActThe Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse Act
 
Computer And The Law
Computer And The LawComputer And The Law
Computer And The Law
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
 
computer forensics
computer forensics computer forensics
computer forensics
 
copyright (under indian cyber law)
copyright (under indian cyber law)copyright (under indian cyber law)
copyright (under indian cyber law)
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
 
Sql Server 2012
Sql Server 2012Sql Server 2012
Sql Server 2012
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Legal issues in the media industry
Legal issues in the media industry Legal issues in the media industry
Legal issues in the media industry
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 

Similar to Computer forensics law and privacy

CYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal PerspectivesCYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal PerspectivesDrSamsonChepuri1
 
Ch 9 White Collar and Organized Crime
Ch 9 White Collar and Organized CrimeCh 9 White Collar and Organized Crime
Ch 9 White Collar and Organized Crimerharrisonaz
 
Computer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaComputer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaVishni Ganepola
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal lawZaheer Irshad
 
Unit-3 Cyber Crime PPT.pptx
Unit-3 Cyber Crime PPT.pptxUnit-3 Cyber Crime PPT.pptx
Unit-3 Cyber Crime PPT.pptxParasSehgal12
 
Furio lerma cybercrime-final
Furio lerma cybercrime-finalFurio lerma cybercrime-final
Furio lerma cybercrime-finalAldrin SuperGo
 
Privacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal LawPrivacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal LawCharles Mudd
 
Chapter 3 legal framework of cybercrime and law enforcement tools
Chapter 3 legal framework of cybercrime and law enforcement toolsChapter 3 legal framework of cybercrime and law enforcement tools
Chapter 3 legal framework of cybercrime and law enforcement toolsMarkDennielMontiano
 
Cyberlaw An Overview
Cyberlaw An OverviewCyberlaw An Overview
Cyberlaw An OverviewTalwant Singh
 
Cyber law media law & ethic
Cyber law media law & ethicCyber law media law & ethic
Cyber law media law & ethicSyed Ali Hassan
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)GrittyCC
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in ITAnushka Perera
 
International Cybercrime (Part 2)
International Cybercrime (Part 2)International Cybercrime (Part 2)
International Cybercrime (Part 2)GrittyCC
 

Similar to Computer forensics law and privacy (20)

CYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal PerspectivesCYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal Perspectives
 
Cyber laws
Cyber lawsCyber laws
Cyber laws
 
Ch 9 White Collar and Organized Crime
Ch 9 White Collar and Organized CrimeCh 9 White Collar and Organized Crime
Ch 9 White Collar and Organized Crime
 
Computer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaComputer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lanka
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal law
 
Unit-3 Cyber Crime PPT.pptx
Unit-3 Cyber Crime PPT.pptxUnit-3 Cyber Crime PPT.pptx
Unit-3 Cyber Crime PPT.pptx
 
File000167
File000167File000167
File000167
 
Computer misuse
Computer misuse Computer misuse
Computer misuse
 
Furio lerma cybercrime-final
Furio lerma cybercrime-finalFurio lerma cybercrime-final
Furio lerma cybercrime-final
 
Privacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal LawPrivacy in the Workplace: Electronic Surveillance under State and Federal Law
Privacy in the Workplace: Electronic Surveillance under State and Federal Law
 
Chapter 3 legal framework of cybercrime and law enforcement tools
Chapter 3 legal framework of cybercrime and law enforcement toolsChapter 3 legal framework of cybercrime and law enforcement tools
Chapter 3 legal framework of cybercrime and law enforcement tools
 
Cyberlaw An Overview
Cyberlaw An OverviewCyberlaw An Overview
Cyberlaw An Overview
 
Cyber law media law & ethic
Cyber law media law & ethicCyber law media law & ethic
Cyber law media law & ethic
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cybercrime law
Cybercrime lawCybercrime law
Cybercrime law
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in IT
 
cyber .pptx
cyber .pptxcyber .pptx
cyber .pptx
 
551 2006 3
551 2006 3551 2006 3
551 2006 3
 
International Cybercrime (Part 2)
International Cybercrime (Part 2)International Cybercrime (Part 2)
International Cybercrime (Part 2)
 

More from ch samaram

Syllabus r10-ecm-42-network security and cryptography
Syllabus r10-ecm-42-network security and cryptography Syllabus r10-ecm-42-network security and cryptography
Syllabus r10-ecm-42-network security and cryptographych samaram
 
Restaurant billing application
Restaurant billing applicationRestaurant billing application
Restaurant billing applicationch samaram
 
Spintronics (1)
Spintronics (1)Spintronics (1)
Spintronics (1)ch samaram
 
Javascript sivasoft
Javascript sivasoftJavascript sivasoft
Javascript sivasoftch samaram
 
Basics java scripts
Basics java scriptsBasics java scripts
Basics java scriptsch samaram
 

More from ch samaram (18)

Syllabus r10-ecm-42-network security and cryptography
Syllabus r10-ecm-42-network security and cryptography Syllabus r10-ecm-42-network security and cryptography
Syllabus r10-ecm-42-network security and cryptography
 
Restaurant billing application
Restaurant billing applicationRestaurant billing application
Restaurant billing application
 
Spintronics
SpintronicsSpintronics
Spintronics
 
Spintronics (1)
Spintronics (1)Spintronics (1)
Spintronics (1)
 
Shore
ShoreShore
Shore
 
Presentation
PresentationPresentation
Presentation
 
Open gl
Open glOpen gl
Open gl
 
Opengl (1)
Opengl (1)Opengl (1)
Opengl (1)
 
Blue gene
Blue geneBlue gene
Blue gene
 
Blue gene
Blue geneBlue gene
Blue gene
 
Wearable (1)
Wearable (1)Wearable (1)
Wearable (1)
 
Javascript sivasoft
Javascript sivasoftJavascript sivasoft
Javascript sivasoft
 
Html siva
Html sivaHtml siva
Html siva
 
Css siva
Css sivaCss siva
Css siva
 
Basics java scripts
Basics java scriptsBasics java scripts
Basics java scripts
 
Ajax
AjaxAjax
Ajax
 
Html 5
Html 5Html 5
Html 5
 
Css siva
Css sivaCss siva
Css siva
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 

Recently uploaded (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

Computer forensics law and privacy

  • 1. Computer Forensics Law & Privacy © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU
  • 2. Overview Computer Crime Laws Policy and Procedure Search Warrants Case Law Intellectual Property Protection Privacy Ethics 2
  • 3. Computer Crime What is Computer Crime? – Criminal activity directly related to the use of computers, specifically illegal trespass into the computer system or database of another, manipulation or theft of stored or on-line data, or sabotage of equipment and data. – Criminal activity can also comprise the use of computers to commit other kinds of crime: harrassment, scams, hate crimes, fomenting terrorism, etc 3
  • 4. Computer Crime What is a Computer Crime? – Stealing trade secrets from a competitor – Extortion – Use of a packet sniffer to watch instant messaging conversations 4
  • 5. Federal Computer Crime Laws 4th Amendment Computer Fraud and Abuse Act of 1986 Electronic Communications Privacy Act of 1986 5
  • 6. Federal Computer Crime Laws Electronic Espionage Act of 1996 Communications Decency Act 1996 Child Pornography Prevention Act Digital Millennium Copyright Act of 1998 COPPA - Children's Online Privacy Protection Act HIPAA - Health Insurance Portability And Accountability Act Access Device Fraud USA Patriot Act 6
  • 7. State Computer Crime Laws Computer crime laws are state-specific 7
  • 8. Case Law What is case law? – “Created” by the rulings of judges on court cases Importance of case law? – Very few laws governing current and emerging technologies – Precedents set by case law often become legislative law 8
  • 9. Computer Fraud and Abuse Act
  • 10. Computer Fraud and Abuse Act 15 USC §1644 - Fraudulent use of credit cards; penalties 18 USC §1029 - Fraud and related activity in connection with access devices 18 USC §1030 - Fraud and related activity in connection with computers 18 USC §1343 - Fraud by wire, radio, or television 18 USC §1361-2 - Prohibits malicious mischief 10
  • 11. 15 USC §1644 Use, attempt or conspiracy to use card in transaction affecting interstate or foreign commerce Transporting, attempting or conspiring to transport card in interstate commerce Use of interstate commerce to sell or transport card Furnishing of money, etc., through use of card 11
  • 12. Crimes and Penalties Whoever in a transaction affecting interstate or foreign commerce furnishes money, property, services, (>$1,000) shall be fined not more than $10,000 or imprisoned not more than ten years, or both 12
  • 13. 18 USC §1029 Counterfeit access devices Telecommunications instrument modified to obtain unauthorized use of telecommunications services. Fraudulent transactions using credit cards Use of scanning receiver 13
  • 14. Crimes and Penalties Forfeiture to the United States of any personal property used or intended to be used to commit the offense Fine under this title or imprisonment for not more than 20 years, or both. 14
  • 15. 18 USC §1030 Accesses a computer without authorization to obtain restricted data. Without authorization accesses Federal computers Conduct fraud and obtains anything of value on such computers Traffics in passwords or similar information 15
  • 16. Crimes and Penalties The United States Secret Service has authority to investigate offenses Forfeiture of any personal property used or intended to be used to commit the offense Fine under this title or imprisonment for not more than 20 years, or both. 16
  • 17. 18 USC §1343  Fraud by means of wire, radio, or television communication in interstate or foreign commerce,  Transmission of digital or analog data in such fraud 17
  • 18. Crimes and Penalties Fine under this title or imprisonment not more than five years, or both. If the violation affects a financial institution, fine of $1,000,000 or imprisonment of 30 years, or both 18
  • 19. 18 USC §1361-2 Prohibiting malicious mischief Computer hacking/website defacement 19
  • 20. Actual Crimes  Many cases have been prosecuted under the computer crime statute, 18 U.S.C. § 1030 (unauthorized access). A few recent sample press releases from actual cases are available via links below:  Kevin Mitnick Sentenced to Nearly Four Years in Prison; Computer Hacker Ordered to Pay Restitution to Victim Companies Whose Systems Were Compromised (August 9, 1999) Source: http://www.usdoj.gov/criminal/cybercrime/compcrime.html 20
  • 21. Actual Crimes Former Chief Computer Network Program Designer Arraigned for Alleged $10 Million Computer "Bomb" Juvenile Computer Hacker Cuts off FAA Tower At Regional Airport -- First Federal Charges Brought Against a Juvenile for Computer Crime Source: http://www.usdoj.gov/criminal/cybercrime/compcrime. html 21
  • 22. Sample Cases  http://www.daviddfriedman.com/Academic/Course_Pages/21st_cen tury_issues/21st_century_law/computer_crime_legal_01.htm  http://www.law.emory.edu/11circuit/june2000/99-12723.opn.html  http://www.usdoj.gov/criminal/cybercrime/cccases.html  http://www.usdoj.gov/criminal/cybercrime/garciaArrest.htm  http://www.usdoj.gov/criminal/cybercrime/jiangIndict.htm  http://www.usdoj.gov/criminal/cybercrime/schellersent.htm  http://www.usdoj.gov/criminal/cybercrime/usamay2001_2.htm 22
  • 24. Where Can I Find ECPA? United States Code Title 18 Crimes and Criminal Procedure Chapter 119 – Wire and Electronic Communications Interception and Interception of Oral Communications Sections 2510 - 2522 24
  • 25. Overview of ECPA President Reagan signed ECPA into law in October 1986 Designed to extend Title III Privacy Provisions to new technologies such as electronic mail, cellular phones, private communication carriers, and computer transmissions 25
  • 26. “The Wiretap Act” This law required that enforcement agencies obtain a warrant before executing a wiretap (usually used to record voice conversations) 26
  • 27. What Rights Does ECPA Provide?  ECPA protects the transmission and storage of digital communication such as email  Authorities are forbidden to intercept non-voice portions of communication, thanks to ECPA  This is defined as "any transfer of signs, signals, writing, images, sound, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectric or photo-optical system." 27
  • 28. ECPA Rights (cont.) Act was designed to protect against electronic communication service providers from disclosing any contents of communication to authorities without lawful consent of the party that originated the communication Act provided for coverage of all communication providers, not just “common carriers” available to the public 28
  • 29. Cellular Phone Communication Act also protects cellular phone conversations; wired privacy extended to wireless Penalty for intercepting a non-encrypted call is only a $500 fine, rather than the normal maximum of 5 years in prison Note: This act also explicitly states it does not protect the “radio portion of a telephone that is transmitted between the cordless telephone handset and the base unit." 29
  • 30. Radio Paging ECPA also protects pagers Voice and digital display pagers were determined to be an extension of an original wired communication However, tone-only pagers are not protected by ECPA 30
  • 31. Customer Records ECPA provides for the protection of subscriber and customer records belonging to electronic service providers Authorities cannot access these records without a search warrant and court order, unless otherwise notifying the customer 31
  • 34. Some Perspective On September 11, 2001, more Americans were murdered than… •American battle deaths in the war of 1812 •American battle deaths at Pearl Harbor •American battle deaths in the Indian Wars •American battle deaths in the Mexican War •American battle deaths in Vietnam prior to 1966 •Union battle deaths at Bull Run •Police officers killed in the line of duty since 1984 34 Source: Federal Law Enforcement Training Center Glynco, Georgia
  • 35. USA Patriot Act – Oct 2001 Provides Tools To Intercept and Obstruct Terrorism Some believe it was too hasty – There were few conferences – The House vote was 357-66 – The Senate vote was 98-1 35
  • 36. USA Patriot Act  Specifically, the Act: 1. Creates several new crimes: bulk cash smuggling, attacking transportation systems, etc. 2. Expands prohibitions involving biological weapons 3. Lifts the statute of limitations on prosecuting some terrorism crimes 4. Increases penalties for some crimes 5. Requires background checks for licenses to transport hazardous materials 6. Expands money laundering laws and places more procedural requirements on banks 7. Promotes information sharing and coordination of intelligence efforts 36
  • 37. USA Patriot Act 8. Provides federal grants for terrorism prevention 9. Broadens the grounds for denying aliens admission 10. Alters some domestic security provisions for DoD  Most provisions of the Act shall cease to have effect on December 31, 2005  However, a USA Patriot Act II is being discussed in Congress 37
  • 38. Computer Crime Penalty of 5 years for a first offense and 10 years for a subsequent offense for damaging a federal computer system Damage includes any computer impairment that causes the loss of at least $5,000 or threatens the public health or safety. 38
  • 39. Computer Crime  To be found guilty, the person must: 1. Knowingly cause the transmission of a program, information, code, or command that results in damage to a protected computer without authorization 2. Intentionally access a federal computer without authorization and cause damage (§ 814) 39
  • 40. Computer Crime  The act requires the attorney general to create regional computer forensic laboratories: 1. Examine seized or intercepted computer evidence 2. Train and educate federal, state, and local law enforcement and prosecutors 3. Assist federal, state, and local law enforcement in enforcing computer-related criminal laws 4. Promote sharing of federal expertise  The act also provides funding for these facilities (§ 816) 40
  • 41. Other Crimes / Penalties Attacks Against Mass Transportation Systems – The crime is punishable by a fine, up to 20 years if the violator traveled or communicated across state lines or The crime is punishable by life in prison if the offense resulted in death Counterfeiting – The act makes counterfeiting punishable by up to 20 years in prison 41
  • 42. Other Crimes / Penalties  Harboring or Concealing Terrorists – This crime is punishable by a fine and 10 years in prison (§ 803)  Biological Weapons – This is punishable by a fine, and 10 years in prison  Money Laundering – This crime is punishable by 5 years in prison – For Federal employees, the crime is punishable by a fine 3 times the value received, and 15 years in prison, (§ 329) 42
  • 43. Increased Penalties Arson from 20 years to life Energy facility damage, from 10 to 20 years Supporting terrorists, from 10 to 15 years Supporting designated foreign terrorist organizations, from 10 to 20 years Destroying national defense materials, from 10 to 20 years Sabotaging nuclear facilities from 10 to 20 years Carrying a weapon or explosive on an aircraft from 15 to 20 years Damaging interstate gas or hazardous pipeline facility, from 15 to 20 years 43
  • 44. Information Sharing  The act: 1. Foreign and national intelleigence surveillance can exchange information (§ 504) 2. Regional information sharing between federal, state, and local law enforcement (§ 701) 3. Attorney general can apply to a court for disclosure of educational records to prosecute a terrorist act 4. Act also provides immunity for people who in good faith disclose these documents) (§ 507, 508) 44
  • 45. Privacy Implications  American Civil Liberties Union: “The USA Patriot Act allows the government to use its intelligence gathering power to circumvent the standard that must be met for criminal wiretaps. …  The new law allows use of Foreign Intelligence Surveillance Act surveillance authority even if the primary purpose were a criminal investigation.  Intelligence surveillance merely needs to be only for a "significant" purpose.  Law enforcement may search primarily for evidence of crime, without establishing probable cause  This provision authorizes unconstitutional physical searches and wiretaps 45
  • 46. Privacy Implications  “In allowing for "nationwide service" of pen register and trap and trace orders, the law further marginalizes the role of the judiciary.  It authorizes what would be the equivalent of a blank warrant in the physical world: the court issues the order, and the law enforcement agent fills in the places to be searched.  This is not consistent with the important Fourth Amendment privacy protection of requiring that warrants specify the place to be searched.”  In short, the USA Patriot Act assumes no “expectation of privacy” 46
  • 47. Case Study: Carnivore TCP/IP packet sniffer developed by the FBI that has the ability to store all traffic on a network Intended Uses: Terrorism, Espionage, Child Pornography/Exploitation, Information Warfare/Hacking, Organized Crime/Drug Trafficking, Fraud Reassembles your e-mail, webpages, files and searches for keywords 47
  • 48. Case Study: Carnivore Legitimate use vs. invasion of privacy – Find out which web sites you visit deathtoamerica.com girlsgonewild.com – Read your e-mail bomb making instructions love letters – Save a copy of files you download shoebomb.zip transactions.zip 48
  • 49. Case Study: Carnivore  Pre-USA Patriot Act realities: – FBI suspects you of criminal activity – Requests court order to use Carnivore – Installs Carnivore at your ISP – Carnivore grabs all of your packets authorized in the court order – Carnivore must not grab anyone else’s packets – Data physically collected once a day – Court order expires in 30 days  Post-USA Patriot Act fears: – The FBI can use Carnivore to go fishing for personal information 49
  • 50. Related Cases  John Walker Lindh – sentenced to 20 years in federal prison  Conspiracy to Murder U.S. Nationals (18 U.S.C. § 2332(b)) (Count One)  Conspiracy to Provide Material Support & Resources to Foreign Terrorist Organizations (18 U.S.C. Defendant. ) § 2339B) (Counts Two & Four)  Providing Material Support & Resources to Foreign Terrorist Organizations (18 U.S.C. §§ 2339B ) & 2) (Counts Three & Five)  Conspiracy to Contribute Services to al Qaeda (31 C.F.R. §§ 595.205 & 595.204 & 50 U.S.C. § 1705(b)) (Count Six)  Contributing Services to al Qaeda (31 C.F.R. §§ 595.204 & 595.205, 50 U.S.C. § 1705(b) & 18 U.S.C. § 2) (Count Seven)  Conspiracy to Supply Services to the Taliban (31 C.F.R. §§ 545.206(b) & 545.204 & 50 U.S.C. § 1705(b)) (Count Eight)  Supplying Services to the Taliban (31 C.F.R. §§ 545.204 & 545.206(a), 50 U.S.C. § 1705(b) & 18 U.S.C. § 2) (Count Nine)  Using and Carrying Firearms and Destructive Devices During Crimes ) of Violence (18 U.S.C. §§ 924(c) & 2) (Count Ten) 50
  • 51. Related Cases  Zacarias Moussaoui – awaiting twice-delayed trial  Conspiracy to Commit Acts of Terrorism Transcending National Boundaries (18 U.S.C. §§ 2332b(a)(2) & (c)) (Count One)  Conspiracy to Commit Aircraft Piracy (49 U.S.C. §§ 46502(a)(1)(A) and (a)(2)(B)) (Count Two)  Conspiracy to Destroy Aircraft (18 U.S.C. §§ 32(a)(7) & 34) (Count Three)  Conspiracy to Use Weapons of Mass Destruction (18 U.S.C. § 2332a(a)) (Count Four)  Conspiracy to Murder United States Employees (18 U.S.C. §§ 1114 & 1117) (Count Five)  Conspiracy to Destroy Property (18 U.S.C. §§ 844(f), (i), (n)) (Count Six) 51
  • 52. Related Cases  Interesting topics in Moussaoui case: – U.S. District Court Judge Leonie Brinkema released a detailed government report on the computers and e-mail search in the case – The evidence includes 140 computer hard drives, four of which used by Moussaoui – FBI investigators copied their hard drives using Safeback and Logicube software – Computer forensics experts were unable to find any trace of Moussaoui's "xdesertman@hotmail.com" account or some 27 variations of that address – A search of computers Moussaoui may have used at a Kinko's in Eagan, Minnesota, also came to a dead end because Kinko's cleans out the hard drives on its public computers once every week 52
  • 53. References  http://www.epic.org/privacy/terrorism/hr3162.html  http://archive.aclu.org/congress/l110101a.html  http://notablecases.vaed.uscourts.gov/1:01-cr- 00455/docs/68092/0.pdf  http://www.cise.ufl.edu/~nfarring/carnivore  http://www.cga.state.ct.us/2001/rpt/olr/htm  http://www.cise.ufl.edu/~nfarring/carnivore 53
  • 54. Computer Privacy © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU
  • 55. Privacy What is privacy? How is it determined? – To determine and define what privacy is, we must look at current law, case precedence, and public opinion 55
  • 56. Constitutional Search 4th Amendment of the U.S. Constitution “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. ” 56
  • 57. Privacy What websites are you visiting? – Wireless internet Where are you? – GPS cell phones, vehicles with OnStar What and where are you purchasing? – Credit cards Bluetooth- and RFID-enabled devices and clothing 57
  • 58. Security and Privacy Security is a wider Concept  Security of Information embraces: – Confidentiality – Integrity – Availability Achieving Security involves People, Procedures, and Technology The same is true for Privacy 58
  • 59. Laws and Policies govern Privacy Privacy is no longer a vague concept It has been legislated A body of case law exists Federal laws, State Laws, Supra-national laws Even the US Constitution has a bearing Lastly, companies have Policies 59
  • 60. Topical Relevance Massive on-line databases of people Extensive on-line interactions between companies Millions of daily transactions between companies and customers Who owns all this, and who has a need to know? 60
  • 61. Motivation for Companies Maintain competitive edge Ensure legal compliance Enhance company image Privacy is a requirement – not a customer delight 61
  • 62. Many Privacy Rights are embedded in Criminal Statutes US Mail Telephone conversation Library borrowing Bank records Student records Etc. Federal and States 62
  • 63. Plethora of Laws FERPA – Student records ECPA Electronic Communications Privacy Act – Most basic act for access, use, disclosure, interception and privacy of electronic communications Section 208 of The E-Government Act – Federal agencies should protect PII collected 63
  • 64. Plethora of Laws  HIPAA Health Information Portability and Accountability Act – Medical records  Gramm-Leach Bliley Act – protects consumers’ personal financial information held by financial institutions.  The (Federal) Privacy Act of 1974 – FTC approved “fair information practices” that are widely accepted principles of privacy protection 64
  • 65. Plethora of Laws  Section 208 of The E-Government Act – Federal agencies should protect PII (personally Identifiable Information) collected  Sarbanes-Oxley – accounting fraud – securities-law violations – Enhanced penalties for white collar crime – executives directly responsible for problems – Accurate records to be maintained for 5 years  Basel II 65
  • 66. Plethora of Laws CAN-SPAM Act – Has not yet succeeded in reducing unwanted e-mail – New measures being agreed on by MS, Amazon, Brightmail, etc to filter spam Massachusetts court decided that ISPs may read subscribers’ messages – But all major ISPs disavowed any desire to read e-mail 66
  • 67. Patriot Act USA Patriot Act – Negates almost every privacy prescription heretofore stated, under special circumstances – The circumstances are not tightly defined – Hence, Governmental abuse is expected & has happened – Not only allows the Government to violate Privacy, but mandates that companies collude in this Is this the anti-law of Privacy? 67
  • 68. Cookies and Privacy  Simply surfing makes you the target of spyware  Cookies placed on your computer can – Profile your on-line behavior – Track websites you have visited – Trigger targeted pop-up ads – Record search terms and form entries  Security scanners like Spybot and Zone Labs can detect and remove such intrusive cookies  Try a free scan on your computer and see what you get: – http://download.zonelabs.com/bin/free/cm/index4.html 68
  • 69. Surfing Dangers  Simply surfing can have your browser‑driven online financial security information stolen: – http://www.eweek.com/article2/0,1759,1618052,00.asp  The attacker uploaded a small file with JavaScript to infected Web sites and altered the Web server configuration to append the script to all files served by the Web server (IIS). – No anti-virus program would stop it, – no firewall would slow it down and – no shipping IE security patch would even notice it. – Visit the page, get the infection. It was that simple. 69
  • 70. Surfing Dangers - Solution Use Firefox (browser component of Mozilla, open source) That’s the recommendation of CERT – http://www.mozilla.org/products/firefox/ You may not enjoy Active X (MS specific code in some web-sites) 70
  • 71. ISO/IEC 17799 Standard based on BS 7799 – Important, detailed, complex standard – Covers People, Process and Technology – A wide-ranging document on Information Security – Has numerous recommendations in detail – Companies can be certified against this standard 71
  • 72. Understanding and Implementng ISO/IEC 17799 Start with Toolkit – Full ISO17799 compliant information security policies – Disaster recovery planning kit – Road map for certification – Audit kit (checklists, etc) for a modern network system – Comprehensive glossary of information security – Business impact analysis questionnaire http://www.iso17799-made-easy.com/ 72
  • 73. Privacy Under Fire Patriot Act – 6 month wiretap without court order “Patriot Act 2” – More expansive laws than Patriot Act Privacy vs. Freedom of Information Act – School and University e-mails Privacy vs. general public good – Your best interests vs. 10 million+ peoples’ 73
  • 74. Laws Protecting Privacy 4th Amendment of the U.S. Constitution Electronic Communications Privacy Act HIPAA Intellectual Property laws – Copyright – Trademark 74
  • 75. Search Warrants Obtained by law enforcement by testifying to an uninvolved public agent of judicial review naming – The crime being investigated under probable cause – The specific location(s) to be searched – The items and names of persons to be seized 75
  • 76. Search Warrants Search warrants do not solely apply to physical domains Also apply to wire taps, either phone or network Patriot Act expands the powers of law enforcement, allowing for easier granting of warrants requesting wire tap access 76
  • 77. Search Warrants Must be clear and concise Items seized must be listed or at least covered in the text of the warrant Errors or omissions may result in evidence being thrown out of court 77
  • 78. Subpoenas Subpoena –The process by which a court orders a witness to appear (and sometimes present evidence) at a judicial proceeding and produce certain evidence for purposes of discovery For example, using ISP connection logs to determine a particular subscriber’s identity 78
  • 79. Court Orders Court Orders – Official judge’s proclamation requiring or authorizing the carrying out of certain steps by one or more parties to a case For example, using a packet-sniffer on an ISP’s router to collect all packets coming from a particular IP address to reconstruct an AIM session. 79
  • 80. Chain of Custody Begins with seizure of items during the execution of the search warrant Accounts for every minute the items are in custody Must be maintained from seizure through court appearance Failure to maintain chain of custody may result in inadmissibility of evidence 80
  • 81. Chain of Custody Important for businesses as a case may end up in court Failure to adequately show computer or item did not have an opportunity to be tampered with may result in an unfavorable judgment 81
  • 82. Video “Search and Seizure” – U.S. Secret Service 82
  • 83. Summary Many legal issues facing technology and computer forensics from start of investigation through court testimony Complexities and adaptability of technology also potentially create a myriad of issues Following well-documented procedures for obtaining and handling evidence 83
  • 84. References  US Department of Labor / Office of Administrative Law Judges www.oalj.dol.gov/faq19.htm - Supoena Form  Cyberlaw: Problems of Policy and Jurisprudence in the Information Age – Patricia L. Bellia, Paul Schiff Berman, David G. Post, Thomson/West 2003  4th Amendment http://caselaw.lp.findlaw.com/data/constitution/amendment04/  IEEE Code of Ethics http://www.ieee.org/portal/index.jsp?pageID=corp_level1&path=about/whatis&file=code.xml&xsl=gener  COPS.org Code of Ethics http://www.cops.org/ethics.htm  Court Order http://www.wordiq.com/definition/Court_order 84

Editor's Notes

  1. Paraphrase these laws on the slides following Check and see if CDA was struck down Check Patriot Act
  2. Radio Frequency IDentification