Gathering Evidence ‘In The Cloud’

The use of cloud-systems for data storage carries with it some unique challenges for law enforcement. Attempts to investigate and gather evidence for digital crimes – particularly content offences like child pornography, raise several issues of jurisdiction, privacy and digital rights. Many challenges include:

  • Locating data – which could be across several jurisdictions and may be ‘dynamically’ stored across several servers in different locations. 
  • Separating data – as many cloud systems run VM-Ware in order to store multiple confidential accounts on one machine, gaining access to just one of these accounts without exposing confidential material of innocent users and possibly conducting an illegal search in the process.
  • Not pissing off Cloud Providers – who have an incentive to keep their servers running 24/7 and will avoid any negotiation with investigators which may result in their servers being seized or their operations interfered with.
  • Not pissing off consumers – who love privacy, although also do not read terms and conditions very often.

ArsTechnica has an interesting article on how cloud services contractor  Verizona has used a contract-out method to scan for and determine content offences on its servers. The provider began this technique in response to the PROTECT Our Children Act of 2008 which mandated that service providers report suspected child pornography. The provider uses a combination of “PhotoDNA”  technology supplied by the National Center for Missing and Exploited Children and  third-party to scan uploaded content.   Once collected, the provider is required to hand over evidence to law enforcement.