Guilty or not? New IEC and ISO International Standard for credible digital evidence
Geneva, Switzerland, 2012-11-21 – The IEC (International Electrotechnical Commission), the world’s leading standards body in electrotechnology, and ISO (International Organization for Standardization), through the ISO/IEC JTC (Joint Technical Committee) 1: Information Technology, have released a new International Standard which will ensure the reliability and credibility of digital evidence, which is increasingly used in court cases and legal disputes due to the development of technology and the growth of cybercrime.
Digital proof can be gathered from computers, mobile phones, mobile navigation systems, digital still and video cameras, storage media (USBs, CDs, etc.) and other similar devices. The new standard, ISO/IEC 27037, Information technology – Security techniques – Guidelines for identification, collection, acquisition, and preservation of digital evidence, will ensure the integrity of such evidence for its admission in legal, disciplinary and other actions.
Digital evidence is inherently fragile, as it may be easily altered, tampered with or destroyed through improper handling or examination.
Decision-makers can rely on the standard to determine the credibility of digital evidence. It can also be used by organizations involved in
protecting, analyzing and presenting digital evidence, as well as policy-making bodies creating
and evaluating related procedures. The standard does not replace specific legal requirements of any jurisdiction, but is rather intended to serve as practical guidance in DEFR (Digital Evidence First Responders) and DES (Digital Evidence Specialists) investigations.
ISO/IEC 27037 provides a harmonized and globally accepted methodology to safeguard its
integrity and authenticity. ISO/IEC 27037 will facilitate the exchange of digital evidence between jurisdictions by making sure that requirements and procedures are consistent: this recognizes that crime, and in particular cybercrime, increasingly takes place across borders.
The new Standard provides guidance to individuals involved in the identification, collection, acquisition and preservation of potential digital evidence such as:
- Forensic laboratory managers
- DEFR (Digital Evidence First Responders)
- DES (Digital Evidence Specialists)
- Incident response specialists
ISO/IEC 27037 complements other ISO/IEC IT security standards, notably ISO/IEC 27001 which outlines an information security management system and ISO/IEC 27002 which provides a code of practice for information security management. ISO/IEC 27037, Information technology – Security techniques – Guidelines for identification, collection, acquisition, and preservation of digital evidence, was developed by ISO/IEC JTC 1, SC (Subcommittee) 27: IT Security techniques.