Justice issues guidelines for handling digital evidence

Justice issues guidelines for handling digital evidence

The Justice Department's National Institute of Justice has published the second in a series of guidelines for IT crime investigations.

'Forensic Examination of Digital Evidence: A Guide for Law Enforcement' was created at the agency's request by the National Institute of Standards and Technology. It outlines techniques for extracting digital data while preserving its integrity.

Computers and other digital media are increasingly important sources of evidence in criminal investigations. The challenge for investigators in the courtroom 'is the demonstration that the particular electronic media contained the incriminating evidence,' the guide says.

Because digital data is easily altered and it is difficult to distinguish between original data and copies, extracting, securing and documenting digital evidence requires special attention. The guidelines lay out the following general principles for handling digital evidence:

  • The process of collecting digital evidence should not alter it or raise questions about its integrity.

  • Examination of digital evidence should be done by trained personnel.

  • All actions in processing the evidence should be documented and preserved for review.

  • Examination should be conducted on a copy of the original evidence. The original should be preserved intact.

The guidelines are not a mandate or official policy, but represent the consensus of a working group of computer forensics experts convened by NIST's Office of Law Enforcement Standards. The procedures may need to be adjusted according to circumstances of each investigation and to comply with local laws and rules of evidence.

The first publication in the series is 'Electronic Crime Scene Investigation: A Guide for First Responders.' Future guidelines will cover:

  • Using technology in investigations

  • Investigating IT crimes

  • Creating a digital-evidence forensic unit

  • Presenting digital evidence in court.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected