|
|
| INDUSTRIAL ESCROW | eDISCOVERY & CYBERFORENSICS | DATA ESCROW |
| INVESTOR ESCROW |
|
eDiscovery and Cyberforensics |
|
|
Electronic discovery (also called e-discovery or eDiscovery) refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case. E-discovery can be carried out offline on a particular computer or it can be done in a network. Court-ordered or government sanctioned hacking for the purpose of obtaining critical evidence is also a type of e-discovery. The nature of digital data makes it extremely well-suited to investigation. For one thing, digital data can be electronically searched with ease, whereas paper documents must be scrutinized manually. Furthermore, digital data is difficult or impossible to completely destroy, particularly if it gets into a network. This is because the data appears on multiple hard drives, and because digital files, even if deleted, can be undeleted. In fact, the only reliable means of destroying data is to physically destroy any hard drive where it is found. In the process of electronic discovery, data of all types can serve as evidence. This can include text, images, calendar files, databases, spreadsheets, audio files, animation, Web sites, and computer programs. Even malware such as viruses, Trojans, and spyware can be secured and investigated. Electronic mail (e-mail) can be an especially valuable source of evidence in civil or criminal litigation, because people are often less careful in these exchanges than in hard copy correspondence such as written memos and postal letters. E-discovery is an evolving field that goes far beyond mere technology. It gives rise to multiple legal, constitutional, political, security, and personal privacy issues, many of which have yet to be resolved. Computer forensics, also called cyberforensics, is a specialized form of e-discovery in which an investigation is carried out on the contents of the hard drive of a specific computer. Computer forensics is the application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computer and who was responsible for it. Forensic investigators typically follow a standard set of procedures: After physically isolating the computer in question to make sure it cannot be accidentally contaminated, investigators make a digital copy of the hard drive. Once the original hard drive has been copied, it is locked in a safe or other secure storage facility to maintain its pristine condition. All investigation is done on the digital copy.Investigators use a variety of techniques and proprietary forensic applications to examine the hard drive copy, searching hidden folders and unallocated disk space for copies of deleted, encrypted, or damaged files. Any evidence found on the digital copy is carefully documented in a "finding report" and verified with the original in preparation for legal proceedings that involve discovery, depositions, or actual litigation. Computer forensics has become its own area of scientific expertise, with accompanying coursework and certification. |
|
|
|
Recommended Reading
How does an escrow agreement meet its legal obligation in Germany... |
|
We keep it simple |