It’s easy to be overwhelmed by the amount of discovery that comes with a case, especially the cell phone extractions and reports, cell tower data, the technical jargon, navigating through a Cellebrite Reader or a 13,000 page PDF forensic report. Not to mention, the probable cause is there and a witness put your client at the scene. Why do you need to pay an expert to tell you what you already see or what the police already pointed out?
Truth is, every year of my law enforcement experience and beyond, we all have seen someone, somewhere get it wrong. We’re all human! Whether the investigation was not thorough, confirmation bias took over, the investigators being misinformed, lacking training, or whatever, something can get missed, even with a judge’s signature!
Forensic Tools Can Miss Important Data
In 2023, I worked a case for the defense that was investigated by a large police agency in North Texas with all the bells and whistles of forensic technology, trained professionals, and with the some of the best and experienced Detectives. Cellphone data was available, witnesses put the client at the scene, police had his phone extracted, cell tower data, even messages between the client and victim talking about meeting up.. Slam dunk right? Not at all… That case was dismissed solely based on cell phone location data and usage logs that were missed in the data law enforcement provided. The client was 100% innocent. The examination revealed the client was almost a mile away, making calls and going back and forth on Instagram with GPS accurately showing his location (plus corroborating evidence putting him away from the crime scene). How was this data missed?
Even the best forensic tools, which costs thousands of dollars per year, can miss important data. Did you know only 1% of apps available on iOS and Android are supported by forensic tools? Plus updated phones often relocate data to new databases, file structures, or different data stores that popular forensic tools play catch up to decode. I spend hours upon hours annually researching and testing unsupported apps determining how data is saved and interpretable. In another case, you can see where a case was blown wide open by data that I located and was not parsed by a forensic tool. At VX Digital Defense, we are not a push-button forensic shop. What the tool shows is never enough. In addition to the research, we are actively involved in training digital forensic examiners in both law enforcement and the private sector, internationally. We take this specialized field seriously.
Law Enforcement is Backlogged with Digital Forensic Cases
Law enforcement digital forensic labs and examiners across the country are backlogged and don’t have the time in every case to thoroughly analyze every case that comes across their desk. Often times, Detectives and Investigators early in their investigation provide limited information to the examiner to look for or request devices to be extracted and give the ol’, “Give me everything!” Many times, that data is put together and untrained personnel review it looking for evidence that fits or is relevant to their case. Rarely are those findings sent back to the forensic lab or examiner to verify its accuracy nor do those personnel really know what type of data is available within a digital device. It’s tough keeping up with the ever-changing apps and technology much less relying on what the tool tells you is there. It’s not malicious by any means, but the workload and inexperience in the process can affect the cases.
Having an experienced forensic examiner reviewing the case evidence and reviewing whether proper methodologies were followed is great practice. Likewise, having one that understands the nuances and expectations from a law enforcement perspective can be extremely insightful and invaluable for your case and for your client.
During the course of my career, I have had the privilege of putting some very evil people in prison, keeping some very innocent people out of jail, and wrongfully arrested people back home where they belong. The truth behind the screen and in the data is all that matters, no matter which side I was on. In the end, our standards, due diligence, and duties require us to look at every angle of a case in the best interest of justice and our clients. After all, someone’s life, livelihood, or reputation count on us!
Commentaires