Scientific Working Group on Digital Evidence

Last updated
Scientific Working Group on Digital Evidence
AbbreviationSWGDE
Formation1998;24 years ago (1998)

The Scientific Working Group on Digital Evidence (SWGDE) is a group that brings together law enforcement, academic, and commercial organizations actively engaged in the field of digital forensics to develop cross-disciplinary guidelines and standards for the recovery, preservation, and examination of digital evidence. [1] [2] It was supported by the United States Federal Bureau of Investigation, but after 2014 is under the National Institute of Standards and Technology. [3]

Contents

History

The SWGDE was formed in 1998. Originally named the Technical Working Group (TWG) on Digital Evidence, it became SWGDE when TWGs were renamed to Scientific Working Groups (SWGs) in 1999 in order to distinguish the Federal Bureau of Investigation-supported long-term working groups from National Institute of Justice-supported short-term TWGs. SWGs are ongoing groups that meet at least once per year, and have federal, state and local members. [4] The goal of these groups is to open lines of communication between law enforcement agencies and forensic laboratories around the world while providing guidance on the use of new and innovative technologies and techniques. [5] The initial members of SWGDE were made up of the Federal Forensic Laboratories as well as representatives of several agencies that performed digital forensics outside the traditional forensic laboratory. Soon representatives from state and local agencies were invited to participate. [6] Today, the members are federal, state, and local law enforcement agencies, academic organizations, and commercial entities. [7] The first meeting of SWGDE was held in July 1998 and the group defined digital evidence as "any information of probative value that is stored or transmitted in a binary form." This includes digitized text, numerals, sound, images, and video. [8] "Binary" was later changed to "digital." [4] Some of SWGDE’s earliest work explored the principles of digital forensics and developed some baseline definitions. In 1999, at the request of the Group of Eight (G8), the International Organization on Computer Evidence (IOCE), which is no longer a functioning organization, with SWGDE contributions, authored a set of principles and definitions that the group felt were as close to universal as possible. These principles were published in the Forensic Science Communications journal and submitted to the G8; the principles were adopted by the G8 in 2001. [6] [8] By 2003, SWGDE had published guidelines for training and best practices. As a result of these efforts, the American Society of Crime Laboratory Directors (ASCLD) approved digital evidence as part of its accreditation process for crime laboratories in 2003. [9] Today, the discipline is referred to as Digital and Multimedia Evidence and comprises the sub-disciplines of computer forensics, audio, video and imaging. [10]

SWGDE Organization

The SWGDE membership presently consists of approximately seventy (maximum 100) forensic examiners, scientists, and managers from more than two dozen federal, state, and local law enforcement agencies, as well as representatives from the academic, private, and research communities. The membership elects its officers from within. SWGDE is composed of an Executive Board, eight standing committees, and ad-hoc committees appointed on an as-needed basis. The standing committees are Audio Forensics, Computer Forensics, Imaging, Photography, Quality Standards, Video, Membership, and Outreach. [7] The Imaging, Photography, and Video committees were added in June 2015, when the Scientific Working Group on Imaging Technology (SWGIT) terminated operations. [11]

SWGDE Function

SWGDE provides guidance to the digital forensic community through the publication of standards, guidelines, and best practices on its website. [12] SWGDE also encourages a number of its published documents to be used by standard developing organizations (e.g. ASTM International) in the creation of national and international standards for digital and multimedia evidence. One such document that has become an ASTM standard is the "Standard Practice for Computer Forensics" (ASTM E2763). [13] Additionally, SWGDE may answer direct inquiries using letters or position statements, which are also typically posted on the website.

Due to the rapidly evolving field of digital forensics, there is a great deal of debate regarding accreditation, certification, and proficiency testing legislation for digital forensic labs, personnel, and tools. [14] SWGDE does not accredit, certify, approve, or qualify laboratories or individuals. SWGDE promotes the establishment and maintenance of a robust quality system through the publication of relevant guidance documents and position papers, such as, guidelines for validation testing and minimum requirements for quality assurance. SWGDE documents seek to provide a framework for agencies to insert their own criteria and describe what should be included in a protocol, while not requiring a particular format or content. [15] [16] SWGDE documents are freely available to the community-at-large, with the goal that agencies wishing to create or improve digital evidence programs will thoughtfully examine and consider their guidance. Documents are first published as a draft version for comment from the public. This provides the public with an opportunity to provide feedback, changes, and objections to any portion before the document becomes final. All feedback is reviewed and, when accepted, incorporated before the document is published as a final version. SWGDE invites all interested parties to review and comment on any published draft or final documents available through its website. [7] SWGDE has published over 40 guidance documents, including joint documents with SWGIT, since its inception. [17] In addition to releasing documents, SWGDE members disseminate best practices for law enforcement professionals where digital and multimedia evidence is concerned. This is carried out by attending and lecturing at meetings and conferences of various forensic organizations that include:

A sampling of published documents

Related Research Articles

The National Institute of Justice (NIJ) is the research, development and evaluation agency of the United States Department of Justice. NIJ, along with the Bureau of Justice Statistics (BJS), Bureau of Justice Assistance (BJA), Office of Juvenile Justice and Delinquency Prevention (OJJDP), Office for Victims of Crime (OVC), and other program offices, comprise the Office of Justice Programs (OJP) branch of the Department of Justice.

Questioned document examination

In forensic science, questioned document examination (QDE) is the examination of documents potentially disputed in a court of law. Its primary purpose is to provide evidence about a suspicious or questionable document using scientific processes and methods. Evidence might include alterations, the chain of possession, damage to the document, forgery, origin, authenticity, or other questions that come up when a document is challenged in court.

Computer forensics Branch of digital forensic science

Computer forensics is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information.

American Academy of Forensic Sciences Professional society based in Colorado Springs, Colorado, U.S.

The American Academy of Forensic Sciences (AAFS) is a society for forensic science professionals, and was founded in 1948. The society is based in Colorado Springs, Colorado, USA. The AAFS is a multi-disciplinary professional organization that provides leadership to advance science and its application to the legal system. Despite the name, the AAFS has members from over 70 countries, and the current president is from the Netherlands. The objectives of the AAFS are to promote professionalism, integrity, competency, education, foster research, improve practice, and encourage collaboration in the forensic sciences. The AAFS has established several other organizations to further professionalism within the forensic sciences, including the Forensic Science Education Programs Accreditation Commission (FEPAC) to accredit collegiate forensic science education programs, and the Academy Standards Board (ASB) to develop and promulgate standards for areas of the forensic sciences without a standards body.

West Virginia State Police

The West Virginia State Police (WVSP) is a state law enforcement agency in the United States that provides police services to the residents of West Virginia. It is the fourth-oldest state police agency in the US. The WVSP was disbanded due to their involvement in quelling of the uprisings on behalf of the coal and mine companies which were surrounding the concept of organized labor in the coal and mine industries. The WVSP was then reorganized as the Department of Public Safety in the second extraordinary session of the West Virginia Legislature on June 19, 1919, as a result of their involvement.

Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. Before accepting digital evidence a court will determine if the evidence is relevant, whether it is authentic, if it is hearsay and whether a copy is acceptable or the original is required.

Since the early 1990s, American and International forensic science laboratories and practitioners have collaborated in Scientific Working Groups (SWGs) to improve discipline practices and build consensus standards. In 2014, the SWGs are being reorganized under the NIST Organization for Scientific Area Committees (OSAC).

The Scientific Working Group on Bloodstain Pattern Analysis (SWGSTAIN) was created in March 2002 at a meeting held by the FBI Laboratory at the FBI Academy in Quantico, Virginia. It was decided that there was enough interest in bloodstain pattern analysis (BPA) to warrant the creation of the Scientific Working Group (SWG). According to the guidelines for organizing a SWG, the Scientific Working Group on Bloodstain Pattern Analysis (SWGSTAIN) generated and ratified a set of bylaws in accordance to the Scientific Working Groups published in Forensic Science Communications.

Digital forensics Branch of forensic science

Digital forensics is a branch of forensic science encompassing the recovery, investigation, examination and analysis of material found in digital devices, often in relation to mobile devices and computer crime. The term digital forensics was originally used as a synonym for computer forensics but has expanded to cover investigation of all devices capable of storing digital data. With roots in the personal computing revolution of the late 1970s and early 1980s, the discipline evolved in a haphazard manner during the 1990s, and it was not until the early 21st century that national policies emerged.

ISO/IEC 17025General requirements for the competence of testing and calibration laboratories is the main ISO standard used by testing and calibration laboratories. In most countries, ISO/IEC 17025 is the standard for which most labs must hold accreditation in order to be deemed technically competent. In many cases, suppliers and regulatory authorities will not accept test or calibration results from a lab that is not accredited. Originally known as ISO/IEC Guide 25, ISO/IEC 17025 was initially issued by the International Organization for Standardization in 1999. There are many commonalities with the ISO 9000 standard, but ISO/IEC 17025 is more specific in requirements for competence and applies directly to those organizations that produce testing and calibration results and is based on somewhat more technical principles. Laboratories use ISO/IEC 17025 to implement a quality system aimed at improving their ability to consistently produce valid results. It is also the basis for accreditation from an accreditation body.

Forensic photography

Forensic photography may refer to the visual documentation of different aspects that can be found at a crime scene. It may include the documentation of the crime scene, or physical evidence that is either found at a crime scene or already processed in a laboratory. Forensic photography differs from other variations of photography because crime scene photographers usually have a very specific purpose for capturing each image. As a result, the quality of forensic documentation may determine the result of an investigation, in that with the absence of good documentation, investigators may find it impossible to conclude what did or did not happen.

Oklahoma State Bureau of Investigation

The Oklahoma State Bureau of Investigation (OSBI) is an independent state law enforcement agency of the government of Oklahoma. The OSBI assists the county sheriff offices and city police departments of the state, and is the primary investigative agency of the state government. OSBI works independent of the Oklahoma Department of Public Safety to investigate criminal law violations within the state at the request of statutory authorized requesters. The OSBI was created in 1925 during the term of Governor Martin E. Trapp.

The following outline is provided as an overview of and topical guide to forensic science:

An independent test organization is an organization, person, or company that tests products, materials, software, etc. according to agreed requirements. The test organization can be affiliated with the government or universities or can be an independent testing laboratory. They are independent because they are not affiliated with the producer nor the user of the item being tested: no commercial bias is present. These "contract testing" facilities are sometimes called "third party" testing or evaluation facilities.

BRT Laboratories, Inc. is a Baltimore, Maryland-based biotechnology company that performs DNA testing. The company has three divisions: Relationship Testing, Forensics, and Clinical Services. It is a privately held, wholly owned subsidiary of Baltimore RH Typing Laboratory, Inc.

Department of Defense Cyber Crime Center

The Department of Defense Cyber Crime Center (DC3) is designated as a Federal Cyber Center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23, as a Department of Defense (DoD) center of excellence for Digital and Multimedia (D/MM) forensics by DoD Directive 5505.13E, and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program. DC3 operates as a Field Operating Agency (FOA) under the Inspector General of the Department of the Air Force.

The Scientific Working Group on Imaging Technology was convened by the Federal Bureau of Investigation in 1997 to provide guidance to law enforcement agencies and others in the criminal justice system regarding the best practices for photography, videography, and video and image analysis. This group was terminated in 2015.

Digital forensic process

The digital forensic process is a recognized scientific and forensic process used in digital forensics investigations. Forensics researcher Eoghan Casey defines it as a number of steps from the original incident alert through to reporting of findings. The process is predominantly used in computer and mobile forensic investigations and consists of three steps: acquisition, analysis and reporting.

The Science and Technology Branch is service within the Federal Bureau of Investigation that comprises three separate divisions and three program offices. The goal when it was founded in July 2006 was to centralize the leadership and management of the three divisions. The mission of the STB is discover, develop, and deliver innovative science and technology so that intelligence and innovative investigation is enhanced.

The Punjab Forensic Science Agency is a government agency under the Home Department, of the provincial Government of Punjab of Pakistan. It provides forensic science services primarily to law enforcement in the province. The Punjab Forensic Science Agency act was passed by the Punjab Assembly on 4 October 2007; assented to by the Governor of Punjab on 29 October 2007; and, was published in the Punjab Gazette (Extraordinary), dated 30 October 2007.

References

  1. John Sammons (2012). The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics. Elsevier. p. 8. ISBN   978-1-59749-661-2.
  2. Scientific Working Group on Digital Evidence (SWGDE) and International Organization on Digital Evidence (IOCE) (April 2000). "Digital Evidence: Standards and Principles". Forensic Science Communications. 2 (2).
  3. "OSAC News". NIST. 2014-02-07. Retrieved 2022-03-17.
  4. 1 2 Carrie Morgan Whitcomb (Spring 2002). "An Historical Perspective of Digital Evidence: A Forensic Scientist's View" (PDF). International Journal of Digital Evidence. 1 (1).
  5. Committee on Identifying the Needs of the Forensic (2009). "Strengthening Forensic Science in the United States: A Path Forward" (PDF). National Academies Press. Retrieved 2014-05-15.
  6. 1 2 Mark Pollitt (31 May 2003). "The Very Brief History of Digital Evidence Standards". In Michael Gertz (ed.). Integrity and Internal Control in Information Systems V. Springer. pp. 137–142. ISBN   978-1-4020-7473-8.
  7. 1 2 3 Scientific Working Group on Digital Evidence (2012). "Bylaws" (PDF). Retrieved 2014-05-15.
  8. 1 2 C. M. Whitcomb (November 2007). "The Evolution of Digital Evidence in Forensic Science Laboratories". The Police Chief. 74 (11).
  9. Eoghan Casey (12 April 2011). Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. Academic Press. p. 12. ISBN   978-0-08-092148-8.
  10. John J. Barbara (October 1, 2003). "Digital Evidence Accreditation Has Arrived". SC Magazine.
  11. "SWGIT". www.swgit.org. Retrieved 2016-07-08.
  12. "SWGDE Homepage" . Retrieved 2014-05-15.
  13. "ASTM E2763 – 10 Standard Practice for Computer Forensics" . Retrieved 2014-05-15.
  14. Patrice Galvin (December 2009). "From The Editor: SWGDE Weighs in on Research Council Reports". Forensic Magazine.
  15. Panagiotis Kanellis; Evangelos Kiountouzis; Nicholas Kolokotronis (1 January 2006). Digital Crime and Forensic Science in Cyberspace. Idea Group Inc (IGI). p. 96. ISBN   978-1-59140-872-7.
  16. John Sammons (2012). The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics. Elsevier. p. 43. ISBN   978-1-59749-661-2.
  17. Scientific Working Group on Digital Evidence. "SWGDE Current Documents" . Retrieved 2014-05-15.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.