Digital Technology and Scientific Evidence Used in Criminal Law
Developments in science and technology have led to entirely new forms of evidence that may be used to implicate or exonerate you in court. Understanding this rapidly evolving body of digital forensics, whether extracted from a cell phone, a car’s black box or from a computer, is now absolutely critical to a criminal defense attorney’s skill set. So too is a basic understanding of DNA evidence.
DNA Testing and Evidence
DNA testing, the evaluation of deoxyribonucleic acid to either eliminate or identify a suspect, has become commonplace. Our DNA holds a unique code that can be compared to DNA from a sample in order to determine whether a potential match exists. If the potential for a match exist, the next question that must be answered is what the probability is that the two samples came from the same subject.
Again, the prevalence of DNA testing in criminal investigations has made it imperative that criminal defense lawyers have a functional knowledge of the mechanisms, strengths and weaknesses of DNA collection and testing.
The Use of DNA in Criminal Cases
DNA is unique to every individual. Complicated and extremely rigid procedures must be followed to accurately identify and analyze DNA evidence in a criminal case. The simplified version of that general procedure is as follows:
- Gathering DNA evidence without contamination
- Tracking the chain of custody of the DNA
- Analysis in a forensics laboratory
- Matching the DNA sample to the suspect or stored profile
- Introducing the results of the DNA testing as evidence in trial
Methods of Testing and Analyzing DNA
Testing and analysis can be performed in a number of ways, but the goal is always to compare the DNA evidence seized in a criminal investigation to that of a suspect or to DNA stored in databases like the FBI’s CODIS. Testing is a two step process of matching genetic markers and computing probability based on the significance of the matches. Testing methods include:
- Restriction Fragment Length Polymorphism (RFLP) – The DNA sample is dissolved in an enzyme that breaks the strand at specific points. The number of repeats affects the length of each resulting strand of DNA and samples are compared by the lengths of the strands. This method requires large samples and it has become largely obsolete.
- Short Tandem Repeat (STR) – The DNA is amplified, and the number of repetitions of base pairs in specific loci, or locations, on a DNA strand are analyzed and compared. This method allows for the use of much smaller strands of DNA and is a commonly used procedure in labs today.
- Y-Marker Analysis – This technique examines several genetic markers found on the Y chromosome and thus can only be used to identify males.
- Mitochondrial DNA (mtDNA) – The DNA can be taken from older material as it does not require nuclear DNA. Of note, this mechanism is extremely accurate if all collection, storage and analysis protocols are followed meticulously.
- Single Nucleotide Polymorphism (SNP) – This technique requires that scientists analyze variations in DNA where one nucleotide replaces another.
Is DNA Testing Reliable?
RFLP and STR methods are traditionally used by forensics labs, while the remaining three methods are used under specific circumstances such as when handling degraded or multiple DNA samples. However, only the Mitochondrial DNA method is considered by the National Academy of Sciences to have been tested and verified according to scientific methodology, thereby ensuring its reliability.
Despite other methods lack of having been validated using scientific method, courts typically allow any variety of DNA testing. At Kurtz & Blum, PLLC, our attorneys will carefully review the DNA evidence in your case and employ the assistance of a forensic scientist to assist in the evaluation and interpretation of DNA results if that proves necessary.
DNA is Frequently Mishandled and Improperly Stored
It’s important to keep in mind that poor handling and storage of DNA evidence is frequently a strong argument against the validity of DNA results. DNA must be cared for with extreme caution and attention to detail to avoid contamination. If you are faced with unfavorable DNA evidence, attacking the handling and storage of the DNA can keep the evidence out of court.
Recently a photo of the Raleigh, North Carolina, crime lab at the State Bureau of Investigation (SBI) showed analysts with their elbows on the table. This is a prime example of how contamination can occur and should never take place in a lab.
What if My DNA Matches Evidence Found at the Crime?
Assuming your DNA is matched to the evidence found relating to the crime, you should not consider it the end of a defense. Rather, it is the beginning of the defense scrutiny of that evidence. If your DNA matches DNA found during an investigation, and all other procedures are performed properly, it is still not an absolute sign of guilt.
DNA evidence is typically used in court to indicate that the suspect’s DNA has a statistical chance of matching the DNA discovered and seized as part of the criminal investigation. The statistical analysis is then combined with other evidence to implicate you as a criminal. Laboratory error, partial matches, and incomplete samples are all real possibilities that affect the strength of DNA evidence or keep it out of court entirely.
Moreover, there can be thoroughly innocent explanations for why your DNA might be found on a crime victim. For example, if you mail a letter and lick the stamp, your DNA might be near someone who was killed. Sending the letter doesn’t mean that you murdered that person.
Digital Evidence and Forensics
The category of digital forensics encompasses data recovered from any device capable of holding electronically stored information (ESI). All data obtained from digital forensics must be authentic, reliably obtained, and admissible to be used as evidence.
Types of Digital Forensics
Digital forensics can be broken down into several sub-categories each with their own rules and guidelines:
- Computer forensics – Examines computer-based digital media with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information.
- Network forensics – Monitors and analyzes computer network traffic for the purposes of information gathering, evidence collection, or intrusion detection.
- Database forensics – Similar to computer forensics, but focuses only on database contents and metadata.
- Mobile device forensics – Differs from computer forensics only in that smaller amounts of data are stored and the communication system serves as its primary purpose.
Digital Evidence in Criminal Cases
Nowadays the most common and valuable devices containing digital evidence are typically your computer and mobile phone. Beyond the substantive content that may be required from a forensic analysis is metadata, which is, simply put, data that informs on data.
Examples of metadata include the date a document was altered or created, the length of a document, the image resolution, or an IP address from which an email was sent. Most courts have accepted Metadata as generally admissible in court.
In order to facilitate your own criminal defense forensic testing of digital devices, your attorney, along with an expert will ensure all evidence has been gathered, including metadata.
Digital Forensic Procedure
The typical digital forensic procedure involves:
- Seizure of item according to extremely strict guidelines for collection and storage
- Acquisition or imaging of digital data in order to make a secure copy to prevent tampering. Simultaneously, the image is assigned a cryptographic hash to prevent alteration of data.
- Analysis of digital data
- Collection into report for evidence
How Is Digital Evidence Collected?
Common forensic tools for this process include the Logicube Talon with which data is extracted and hashed and the Forensic Toolkit (FTK) or Encase with which the data is analyzed.
Due to the extremely volatile nature of digital material and the vulnerability of data to outside manipulation, any data recovered should then be verified using external sources. For example, visits to web sites can easily be verified by subpoenaing the web host for their logs. Intentional disregard for these types of data integrity validations should be seen as a red flag and an indication that something is awry.
Deleted Digital Evidence Can Be Recovered
We would be remiss if we didn’t at least mention that even deleted files remain on a hard drive almost indefinitely unless overwritten or intentionally erased. Thus if you think an email is deleted, keep in mind it could simply be in the trash. If deleted from the trash it could be in “slack space” on your hard drive. It could also be on backups or email servers. This type of persistent data can be accessed using any number of forensic tools, many of which are free.
As basic a concept as this is to computer forensics, it still causes people a great deal of confusion. If this is confusing to you and if your case involves computer or digital forensics, call us at Kurtz & Blum, PLLC. You won’t need to understand the forensics because we do. We can help.
Law Enforcement Needs a Search Warrant to Obtain Digital Evidence
Prior to searching electronically stored information, law enforcement has to secure a search warrant for the data within the seized hardware. The warrant should be limited in scope to information relevant to the crime in order for you to retain some privacy, but this limitation is difficult to enforce and, with the proper rationale, easy to circumvent.
Like DNA and other evidence, the chain of custody of your digital data must be established. The chain of custody is extremely important in digital forensics because of the ease in which such evidence can be altered or tampered with. Heightened scrutiny should always be focused on with digital forensics as it is the type of evidence that is most susceptible to manipulation.
At Kurtz & Blum, PLLC in Raleigh, North Carolina, we have vigorously attacked the use of junk computer forensics. We are acutely aware of how potentially misleading and damaging this malleable form of “evidence” can be.
Cellular Triangulation
Another technology related to mobile phones that cops and defense attorneys frequently use is cell phone triangulation. Cell phone triangulation is a process of identifying the location of a mobile phone through the use of the signals between a phone and radio towers.
Mobile phone tracking can also simply be done by a GPS if the phone is equipped with the technology and it is functioning at the time in question. Regardless of the method, mobile phone tracking technology can be used as evidence in court if proper procedure is followed.
In the event procedure is not followed, criminal defense lawyers can move to suppress the evidence in court. As arguments become more technical it can become increasingly difficult to persuade a less technical judge as to the reasons why suppression might be justified.
Black Boxes (Vehicle Data Recorders)
Vehicles increasingly include a black box. Like a black box on an airplane, those found in cars, trucks, or SUVs record data that can be used in the event of a crash. This data includes whether you were putting on breaks, the speed you were traveling, and so forth.
It is stored by means of a rolling buffer. Such data, like the other technology mentioned on this page, is typically admissible in court and your attorney will require the necessary expert forensics assistance in criminal defense to ensure that you are able to directly address any such evidence.
At Kurtz & Blum, PLLC, we have been able to use this data to show that our client was not driving at an excessive speed when his car hit a pedestrian, thereby resulting in a substantial reduction from what started as a second degree murder case.
Social Networking Activity
Just like your online activity can be acquired, anything you do on social networking sites is potentially available as evidence. You likely use some form of social networking. If so, it is possible that the private information that you are sharing can be used against you in court.
Similarly, your defense counsel may be able to utilize such forensic analysis for your case. This information resides on your own hard drive, on the hard drives of the people with whom you’ve shared, and on the social networking site’s server. Once on the Internet, it can be impossible to remove all traces.
Due to federal law, law enforcement has easier access to your social networking data than your defense attorney. Notwithstanding, at Kurtz & Blum, PLLC, we will take extra steps to attempt to secure valuable information from social networking websites.
Contact Our Technologically Proficient Attorneys
New technologies will continue to appear. At Kurtz & Blum, PLLC, we stay on top of the evolution of technology and are vigilant about preparing for how it might impact evidence in the courtroom. We will take care to utilize any possible forensics in criminal defense to build your case.
The ability to understand technology and digital forensic evidence is now an absolute necessity. The ability to work with a great variety of forensically relevant technologies is an asset of which the attorneys of Kurtz & Blum, PLLC are proud.
Our criminal defense lawyers help people throughout Wake County, North Carolina. We often handle offenses arising out of the following cities: Zebulon, Wake Forest, Cary, Wendell, Morrisville, Rolesville, Garner, New Hope, Fuquay-Varina, Apex, Knightdale, Holly Springs and Raleigh.