官术网_书友最值得收藏!

首頁 >

Practical Mobile Forensics(Second Edition)

Rules of evidence

Courtrooms rely more and more on the information inside a mobile phone as vital evidence. Prevailing evidence in court requires a good understanding of the rules of evidence. Mobile forensics is a relatively new discipline and laws dictating the validity of evidence are not widely known. However, there are five general rules of evidence that apply to digital forensics and need to be followed in order for evidence to be useful. Ignoring these rules makes evidence inadmissible, and your case could be thrown out. These five rules are: admissible, authentic, complete, reliable, and believable:

  • Admissible: This is the most basic rule and a measure of evidence validity and importance. The evidence must be preserved and gathered in such a way that it can be used in court or elsewhere. Many errors can be made that could cause a judge to rule a piece of evidence as inadmissible. For example, evidence that is gathered using illegal methods is commonly ruled inadmissible.
  • Authentic: The evidence must be tied to the incident in a relevant way to prove something. The forensic examiner must be accountable for the origin of the evidence.
  • Complete: When evidence is presented, it must be clear and complete and should reflect the whole story. It is not enough to collect evidence that just shows one perspective of the incident. Presenting incomplete evidence is more dangerous than not providing any evidence at all as it could lead to a different judgment.
  • Reliable: Evidence collected from the device must be reliable. This depends on the tools and methodology used. The techniques used and evidence collected must not cast doubt on the authenticity of the evidence. If the examiner used some techniques that cannot be reproduced, the evidence is not considered unless they were directed to do so. This would include possible destructive methods such as chip-off extraction.
  • Believable: A forensic examiner must be able to explain, with clarity and conciseness, what processes they used and the way the integrity of the evidence was preserved. The evidence presented by the examiner must be clear, easy to understand, and believable by jury.
主站蜘蛛池模板: 德化县| 乐至县| 温宿县| 车险| 岗巴县| 石门县| 清原| 石首市| 正镶白旗| 新疆| 库车县| 乡城县| 梅州市| 白山市| 宜宾县| 香河县| 阿坝| 沐川县| 西乡县| 天津市| 陈巴尔虎旗| 灵山县| 合川市| 江陵县| 安乡县| 阿坝县| 民乐县| 大兴区| 承德县| 潼关县| 龙门县| 谷城县| 台湾省| 香格里拉县| 昌宁县| 章丘市| 常州市| 乳源| 重庆市| 石门县| 阜城县|