How blockchain can improve digital evidence collection and collaboration
Blockchain offers an immutable chain of custody that guarantees data integrity, prevents fraud and provides a transparent, auditable system of record for digital assets related to investigations.
There is a global need to address unique challenges posed by the growing mountain of digital evidence now comprising the bulk of many criminal and civil cases. Evidence management professionals and forensic investigators have been adapting the rigorous processes of evidence handling born in the world of atoms (physical evidence) into the world of ever-increasing bits (digital evidence).
Digital evidence management systems (DEMS) give justice agencies electronic collection, identification and validation of digital information for the purpose of reconstructing events from the past.
The current state of digital evidence management
An audit of the current state of DEMS software shows just how far the extraction and collection stage of the evidence lifecycle has come—we can now extract millions of data points from devices using advanced algorithms. However, the other end of the evidence lifecycle process—management, storage and sharing of extracted digital assets—is limited and often delegated to the classic spreadsheet approach to storing information.
The federal government has been aware of the need to step up its efforts in this arena at least since 2015, when the Rand Corp. published a paper outlining the U.S. criminal justice system’s deficiencies in acquiring and utilizing digital evidence.
An organization that relies on spreadsheets instead of modern software is prone to security and efficiency issues, especially given the stringent nonrepudiation and security features available on DEMS platforms.
Solving for digital nonrepudiation
Paramount to digital-evidence management systems is nonrepudiation—cryptographic proof that an action regarding data either occurred or did not occur. Examples include who accessed information and when, and who might have altered data and how.
Spreadsheets do not provide this functionality. Law enforcement agencies may be able to cryptographically-seal documents and store the “hashes” in a simple spreadsheet, but this is certainly not a scalable or sensible approach for modern digital evidence management. In order to authenticate digital evidence today, prosecutors and court administrators rely upon third-party notary organizations to validate these digital assets.
But what if an emerging technology—one that is tailor-made for secure sharing and non-repudiation—could digitally secure and validate digital evidence? It would also provide trust, transparency and impartiality within the chain of custody through the forensic workflow. Plus, it would avoid the third-party notary, speeding up case proceedings while lowering administrative costs.
A path forward: Blockchain databases for secure storage, management and sharing
Blockchain technology has the potential to secure digital evidence from the point of ingestion, through review and to the creation of reports. Unlike a centralized database, decentralized networks that use blockchain technology offer an immutable chain of custody with nonrepudiation as an inherent component of the system. That guarantees data integrity, prevents fraud and provides a transparent, auditable system of record for digital assets related to investigations.
Blockchain creates cryptographic hashes that can confirm the authenticity of any exported evidential report and prove the chain of custody of digital evidence throughout its lifecycle. Law enforcement agencies that adopt blockchain technology as their DEMS data store can also securely share evidence while also ensuring it has not been tampered with or available to unauthorized parties. This could ensure a fair legal process and combat digital evidence tampering from malicious actors.
Bullish on blockchain
Advocates of digital-evidence management systems relying on blockchain technology have gained momentum in recent years. Vermont, Arizona and Ohio have already introduced laws that accept blockchain records that are secured with electronic signatures in a court of law.
In 2021, researchers published a paper in the peer-reviewed journal “Future Generation Computer Systems,” outlining “a blockchain-based lawful evidence management scheme for digital forensics” called LEChain. The researchers discussed proposals to use cloud computing and blockchain technology for the creation of evidence that is transparent, unable to be forged and is able to be audited and verified.
Another group of researchers published a paper last year in the peer-reviewed journal “Sensors” that underscores weaknesses of a centralized digital-evidence management system. The authors pointed out: “If a centralized system server is attacked, major operations and investigation information may be leaked.”
The authors posited a distributed system employing blockchain technology is the best way to avoid that possibility. These researchers acknowledged performance degradation could exist when big chunks of data, like videos, are stored in a blockchain. They proposed a two-tier blockchain system with “hot” and “cold” blockchains. Hot blockchains would be used for parts of criminal investigations that change frequently during evidence gathering. Cold blockchains would be used for evidence that doesn’t change, such as stored videos.
The second inning
That sophisticated blockchain-based DEMS remain largely in the sphere of academia demonstrates how far this technology has to go before widespread adoption.
Still, the companies and organizations working to develop and implement blockchain solutions to digital-evidence management obstacles ultimately will be those that thrive. Part of the reason is that blockchain technology is the only type that covers all the bases of information assurance: availability, integrity, authentication, confidentiality and nonrepudiation.
The availability of a purpose-built, cryptographically provable database adds a key piece of enabling technology to the arsenal for professionals building and deploying DEMS around the world.
Buck Flannigan is vice president and Kevin Doubleday is communications director at Fluree PBC.