Prompt B: Chain of Custody - Chain of Custody in digital forensics is commonly referred to as the

‘forensic link, paper trail’. What is CoC (Chain of Custody) and why is it important for evidence integrity
when dealing with a case involving digital evidence? Provide examples and make your response
thorough.

Chain of Custody (CoC) is the procedure for the handling and preservation of digital evidence in a
legal investigation. With Chain of Custody, there are procedures that must be carefully carried out to
ensure the documentation of evidence is securely recorded and stored (Prayudi, 2015). Chain of custody
plays a very important role in the investigation process and ensures that evidence can be accepted in a
court of law. During an investigation, CoC addresses questions such as who, when, why, how, and where
in regards to the handling of the evidence (Prayudi, 2015);
● Who is using the evidence?
● When was the evidence reviewed or opened?
● How was the evidence stored and used throughout the investigation process?
● Why was the evidence reviewed again after being safely stored?
● Where was the evidence stored throughout the investigation process?
It is important to point out that the overall scope of CoC adds integrity to digital evidence since all
individuals involved in the process of acquisition, collection, analysis of evidence, time records as well as
contextual information are taken into account when investigating the evidence.
An example of Chain of Custody in the court of law can be with video surveillance of a crime. If
the crime takes place in a convenient store, investigators must retrieve the surveillance from the crime
scene by creating a forensically-sound copy of the original footage and protecting the copied image
throughout the investigation to ensure that it is readily available to be presented in the court of law. If for
any reason, the crime scene surveillance is reviewed or moved, CoC ensures that every individual or
entity involved with the use and handling of the evidence is held accountable.

Prayudi, Y., & Sn, A. (2015). Digital chain of custody: State of the art. International Journal of Computer
Applications, 114(5).

Prompt C: Fourth Amendment and Digital Forensics - Explain the Fourth Amendment's importance
and protections in digital forensics, and some of the challenges and conflicts involved in collecting and
using digital forensics evidence.

The fourth amendment legally grants the right of the people to be secure in their persons, houses,
papers, and effects against unreasonable searches and seizures. In addition, the people shall not be
violated, and no warrants shall be issued unless there is probable cause, the warrant is supported by oath
or affirmation, and the warrant specifically describes the place to be searched, and the persons or things
to be seized.
When this amendment was created, there were no digital forensics and now the interpretation of
this amendment has raised some questions and confusion. The amendment mentions immunity against
unreasonable searches and seizures of an individual’s persons, houses, papers and effects. A person’s
computer, mobile device, emails, messages and all other digital footprints fall under this definition and can
be used against them in the court of law if seized lawfully. However, the element of privacy makes it
difficult to apply the fourth amendment to a person’s digital footprint without probable cause and a search
warrant.
In prior legal cases pertaining to digital forensics such as the People v. Carratu, a search warrant
was obtained to search and seize a laptop computer to investigate allegations of an illegal cable box
scheme (Ami-Narh, 2008). Upon searching the computer, investigators found folders and files of other
illegal activity. Although the forensic examiners found more illegal activity, it was later ruled that the new
evidence found was inadmissible in the court of law since the new findings were not mentioned or known
of in the initial search warrant (Ami-Narh, 2008). As previously mentioned, without a search warrant and
probable cause, it is impossible to present admissible evidence in the court of law. Even if a search
warrant is successfully obtained, the only admissible evidence that can be used must pertain to the
reason for the search warrant. Even with a warrant it is challenging with digital forensics. As technology
continues to grow and evolve, it is important to make revisions to any amendments that may have
loopholes or cause confusion in interpreting them.

Ami-Narh, J. T., & Williams, P. A. (2008). Digital forensics and the legal system: A dilemma of our times.