How U.S. Laws Impact Network Forensic Investigations

Instructor: Noemy Alcauter

Mayra has a BA in Technology Education and has worked as a content creator and curriculum developer for computer science and coding subjects in e-learning platforms.

This lesson describes the U.S laws that affect network forensic investigations and the importance of the Fourth Amendment within the data collection process. It mentions relevant laws concerning digital evidence collection.

Not so long ago, cellphones could only send and receive calls and text messages. Today, digital devices such as smartphones, personal computers, smart watches, and more are capable of almost anything! According to The Nielsen Total Audience Report in 2018, American adults spend over 10 hours a day in front of devices' screens. That means a lot of compiled data!

Technology—and the use of it—is advancing at a very fast rate and, unfortunately, so is misuse. Not all misuse ends in cybercrime, but when it does, computer forensics is there to apply investigational techniques to recover, collect, examine and preserve data so it can be used as evidence in a court of law. Therefore, when working on a network forensic investigation, it's important for forensic examiners to be aware of the legal requirements that apply to this field and how they may impact evidence acquisition.

Search and Seizure

Digital forensics within American law enforcement faces several challenges thanks to how our judicial and prosecutorial systems are built; an important one being how the Fourth Amendment applies to digital evidence. The Fourth Amendment protects against unreasonable search and seizure by law enforcement officers. The Fourth Amendment provides:

The right of people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

As a consequence of the unique complexion of digital evidence, Congress has passed several laws that allow both the requirements of the Fourth Amendment and the criminal investigation to be met. Some of the most relevant to digital evidence shall be addressed in this text as they relate to digital evidence acquisition.

Unlawful Access to Stored Communications Act §2701

This Act is intended to guard confidentiality and protect against intentional and unauthorized access to stored communications. It is designed to face computer hackers and spies. A violation of this law is considered if data has been obtained from a communication that is not accessible to the public or, in other words, if you face encryptions, warnings and/or passwords when attempting to access data. This applies to communications that have not yet been sent or if copies of the message are kept after its delivery.

If the Act has been violated with the intention of personal gain, commercial advantage or damage, the violator can receive prison time and a fine.

Wiretap Act §2510

The Wiretap Act is meant to protect one's privacy when using electronic means of communication. The act makes it illegal to intercept, disclose or use the information obtained through an oral, wire, or electronic communication by using another device. The government may intercept communication only if a court has previously issued an authorization; otherwise, the wiretapper may be considered responsible for breaking the Act.

Pen Registers and Trap and Trace Device Statute § 3121

The Pen Registers and Trap and Trace Device Statute is aimed to protect against data collection from telephones and internet communications without a prior court order or consent from the owner. If this rule is violated deliberately, the violator is subject to imprisonment and a fine.

Privacy Protection Act § 2000aa

In spite of any other law, the Privacy Protection Act states it is illegal for government officers and employees, in connection with the investigation, to search and seize work product materials owned by a person whose intention it is to distribute these products through public means of communication. However, search and seizure is allowed if these products are related to the performance of a crime or if immediate seizure prevents serious bodily injuries or death.

Reliable Digital Evidence

Once the evidence has been collected without violating any law, it must be considered reliable in order for it to be admissible in court. However, the nature of digital evidence allows for it to be reproduced and modified easily, which has an impact on its reliability. Therefore, and in spite of it having several differences when compared to any other evidence, it must meet the expectations of general forensics principles to confirm whether if it is admissible in Federal Court.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support