Digital Forensic Science: An Oxymoron?

Authors: Peter Stephenson Published date: 08-07-2018 Status: Published

Caddy and Cobb define forensic science as “…science used for the purpose of law. ” This definition implies strongly that a foundation in law is one of the requisites for any branch of the forensic sciences. The Scientific Working Group on Digital Evidence (SWGDE) defines digital evidence as “…Information of probative value stored or transmitted in digital form. ” Taken as a pair, these two definitions connect the law and science solidly. Generally, we see science and the law as tied together by Caddy and Cobb being a typical fragment of almost all definitions of forensic science. As well, SWGDE talks about “probative value” of digital evidence, harking to Black’s definition of evidence: “Something that tends to prove or disprove the existence of an alleged fact.” If this strong connection between law and science in forensics is axiomatic, why, then, are digital (or “cyber” in today’s vernacular) forensic students taught almost nothing of the law and why is cyber forensics often taught in the criminal justice departments (typically part of the social sciences curriculum) rather than in computer science departments in most American universities? At no time in the history of jurisprudence has there been a greater need for real cyber forensic scientists than today in the age of pervasive, and sometimes massive, cybercrimes. The author takes the position that there are two critical paths to remedy the lack of the clear application of justice in cyber events: a development of a cyber jurisprudence and significant refining of education in the science of cyber forensics. This paper addresses the latter. In the early days of digital forensics, the term was debated among forensic scientists and technologists. There was an early consensus that digital forensics was not a science at all, in fact, barely a technology. At that time, it was largely a tool of law enforcement for discovery of those few computer-based crimes, such as child pornography, that managed to catch hold when the criminal justice community was more focused upon “hard” crimes such as rape, robbery and murder. Vendors of digital forensic tools drove improvements to the technology and eventually the consensus shifted to an acceptance of digital forensics as a technology. This also was in part due to advancements in computer technology, lower costs for computers and the increased use of computers in various types of crimes. In the early 2000s The American Academy of Forensic Sciences, after extensive long-term lobbying by forensics practitioners, created a section that covered digital forensics. It would seem that digital forensics had finally received its due as a legitimate forensic science. However, practitioners still were “trained” rather than “educated” and the early digital forensics programs in universities were at the Master’s level and addressed, predominantly, management rather than scientific issues, and virtually no law. When undergraduate programs began to appear, the focus was on criminal justice and a bit of technology. Still, there was very little law taught leaving newly minted practitioners with little more legal understanding than how to testify and a vague idea of what a Daubert Hearing was. Moreover, it was not, and is not necessary for a digital forensic practitioner to have a university education (although that is improving rapidly as a younger group of practitioners enters the field and older ones retire). When (ISC)2, the primary certification organization for computer security practitioners created a certification for cyber forensic scientists, it became the first certifying organization to require a university degree. The requirements were so unacceptable to the cyber forensic community that the certification was abandoned after a few years. This paper takes the position that facing the challenges under discussion at this symposium relative to cyber forensic science requires a far stronger academic footing that it now enjoys – especially in the law and its relationship to cyber science and forensics - and greater attention to clear definitions of what cyber forensic science is and how it relates to science, technology and the law.

Get access

Kindle iBooks

Corresponding author

Corresponding author. Peter Stephenson:


COPYRIGHT: © The UK Law and Society Association, 2018