Berkeley College Cyber Crime

Berkeley College Cyber Crime

Chapter 13 Lecture Notes

Computer Forensics and Cyber Crime

Conclusions and Future Issues

Traditional Problems and Recommendations in Prosecuting Computer Crime

a. New Laws

Investigation and prosecution of computer-related crime has been hindered by a lack of nomenclature, due primarily to the reluctance of the Supreme Court to interpret emerging legislative actions. As such, investigators, prosecutors, and even trial courts have no basis for determining the legality of either questioned behavior or law enforcement actions.

The development of computer-specific legislation must be undertaken in a manner that ensures uniformity in application and interpretation irrespective of jurisdictional climate. At the same time, emerging legislation must be generic enough to encompass advances in technology, assuring that application to tomorrow’s technology is possible.

b. Internet Users

Legislation must also be enacted that ensures confidentiality for those who seek it for legitimate purposes, but that denies blanket anonymity. This would allow legitimate surfers the luxury to browse the Web anonymously for all practical purposes, safely concealing their identities from criminals and government officials alike, while providing a mechanism for law enforcement to pursue those predators, criminals, or terrorists who attempt to mask their illegitimate activities.

c. Increasing Public Awareness of Computer-Related Crimes

Computer-related crime has not been publicized enough.

A comprehensive effort must be undertaken to educate all levels of the community, including politicians, teachers, law enforcement officials, individual consumers, and children.

Such awareness must include the potential of computer crime, creating an appreciation of the dangers inherent in such activities (i.e., everyone must see both the threat and the exponential growth associated with computer crime).

Once established, this collective understanding should result in additional funding for computer-related initiatives and increase public reporting and cooperation.

d. Increasing Resources to Law Enforcement Agencies

Many small police agencies lack the resources to combat computer-related crime. There must be an increase in the number of multijurisdictional task forces and central reporting stations. While law enforcement agencies have recently formed such collaborative efforts, much is left to be done. Local agencies, in particular, should develop formal alliances with better funded and better trained state and federal agencies.

Also, the federal government must make resources available to these same municipal administrators seeking technological assistance. This includes concen- trated dissemination of grant solicitations, as well as technical guidance to the municipal administrators.

Utilization of central reporting stations (both regional and national) should be increased, as duplication of effort dramatically decreases the efficacy of even the most dedicated of efforts.

Investigators must also secure cooperation within their own department, increasing awareness of the potentiality of digital evidence and its corresponding vulnerability.

e. Developing Relationships between Law Enforcement and the Private Sector

All levels of the law enforcement community must also seek out and establish partnerships with the high-tech industry. High-tech corporations, with their unlimited resources and highly trained personnel, may alleviate resource issues by donating equipment and expertise to their local agencies.

Also, these entities may be called upon to develop software requisite to the law enforcement mission like IP tracking systems, editing and searching tools, and general investigative utilities.

Partnerships which emphasize ethical accountability may also result in the development of materials which preclude the proliferation of inappropriate material through filtering and professional accountability.

The Electronic Commerce and Consumer Protection Group (which includes AOL, American Express, AT&T, Dell, Visa, Microsoft, IBM, etc.) is currently developing regulations to address consumer protection in a global marketplace.

Their goals include the development of a code of conduct among e-tailers to facilitate e-commerce within a secure environment, and the retention of data to identify on-line predators.

Such teamwork will necessarily result in increased reporting of criminal victimization among corporate targets, thus making it easier to develop baseline data for empirical measurement.

f. International Cooperation

Questions have erupted concerning international procedures for the preservation of digital evidence. One of the most ambiguous areas involves the search and seizure of computer networks, as it is questionable whether, and to what extent, the right to search and seize a specific computer installation includes the right to search databases that are accessible by this installation but that are situated in other premises. The importance of such questions has reached astronomical proportions, as more and more individuals and corporations are implementing off-site storage databases to protect proprietary information. Thus, pivotal questions including the international sovereignty over the stored data and the accessibility of the information by investigating agencies remain unresolved.

International agreements must be established and global treatises implemented so that jurisdictional disputes do not compromise the interest of justice.

Unfortunately, such collaboration must overcome traditional problems including cultural stereotypes and multicultural tensions; a lack of global consensus on criminal behavior and human rights; a lack of expertise in criminal justice and legal communities; competing interests; a lack of extradition and mutual assistance treaties; a lack of synchronized law enforcement efforts; and finally jurisdictional disputes regarding original sovereignty in cases of dual criminality.

g. Standardization of Accreditation or Expertise

Law enforcement authorities must establish a standard of accreditation and/ or expertise of forensic methodologies and examiners.

As in any emerging discipline, such standardization would decrease Daubert/Frye challenges to the recovery of digital evidence.

The discipline should attempt to identify and address each of the following questions:

1. Can the techniques involved in data recovery be empirically tested?

2. Have they been subjected to peer review and publication?

3. Does the theory or technique have the potential for a high rate of error?

4. Does the technique enjoy a general acceptance within the scientific community?

Homework Questions: Chapter 13

1. Discuss how the lack of new laws relative to computer-related crimes have challenged law enforcement and prosecutors.

2. Discuss the lack of public awareness regarding computer-related crimes and possible solutions.

3. Discuss the benefits of law enforcement collaborating with the high-tech companies in combatting computer crime.

find the cost of your paper