Electronic devices such as computers, cellphones and digital cameras must be properly seized, processed and stored to preserve the integrity of the data and ensure its evidentiary value. A manual developed by the Electronic Crime Technology Center of Excellence (ECTCoE) can provide agencies with much-needed guidance on drafting policies and procedures for handling digital evidence.
As stated in the text, the purpose of the sample Policy and Procedure Manual is to give law enforcement agencies a collection of documents that can serve as a starting point for developing policies and procedures for the collection, handling and processing of digital evidence. Once final, the manual will be posted to the National Law Enforcement and Corrections Technology Center (NLECTC) System website, in a Microsoft Word format to facilitate editing as needed by individual agencies. The NLECTC System is a program of the Office Justice Programs’ National Institute of Justice.
“The document was written in response to the many requests we’ve seen on the various computer forensic email lists requesting copies of policy and procedure
manuals by state and local officers and agents who have been tasked with developing such a document for their own agency,” explains Russell Yawn, ECTCoE deputy director.
In developing the manual, the ECTCoE was able to take advantage of in-house expertise along with information gathered from law enforcement agencies.
“The ECTCoE deals with the law enforcement community at large so we have contacts throughout the country and some internationally that we can rely on for input,” says ECTCoE Director Robert O’Leary. “We have a well-established network and relied on that network to provide us with examples that agencies were using at the state level, and combined it with the expertise in the ECTCoE. Every CoE staff member has criminal justice experience with digital evidence collection and examination, so we were able to leverage all those resources and put together this set of policies and procedures.”
Some of the agencies that provided assistance include the Southern Oregon High Tech Crimes Task Force, the New York Police Department, Orlando Police Department, Austin Police Department, Dallas Police Department and Charleston Police Department. The ECTCoE also looked at sample policies from the U.S. Department of Defense.
“We were able to get a great deal of information from a number of agencies and contacts, and look at the policies that had been implemented and ensure that we did not overlook any topics or points of interest that other agencies may have found important,” O’Leary says.
The manual should also help agencies performing the Commission on Accreditation for Law Enforcement Agencies (CALEA) accreditation process regarding digital evidence procedures. The purpose of CALEA accreditation programs is to improve the delivery of public safety services, primarily by maintaining a body of standards and establishing and administering an accreditation process.
“Another thing we tried to keep in mind was the CALEA standards,” O’Leary says. “We wanted to ensure that these procedures would lend themselves to compatibility, and we were able to rely on some of our contacts that perform CALEA reviews.”
The manual has sections covering case assignment and prioritization; equipment testing, validation and updates; evidence and property handling; search and seizure; storage of evidence and retention policy; reports; materials and supplies; computer forensic lab access; Manual Outlines Policies and Procedures for Digital Evidence2 release of information to the media; quality assurance policy and process; and sample forms (e.g., computer lab request for service, evidence inventory and details, and evidence access and tracking).
“Some forms we developed, others are based on forms received from other agencies. We simply wanted to give agencies a format they could work with as a guide,” O’Leary says.
Manual Outlines Policies and Procedures for Digital Evidence | DFI News.
Incoming search terms:
- cell site analysis blog
- local police department computer forensic procedure
- give procedure of digital evidence collection and digital evidence preservation- *