How to Authenticate Digital Evidence?

This post is also available in: עברית (Hebrew)

Given the proliferation of digital media, the question of what types of evidence are admissible in court, and how they should be handled, is increasingly complex. Cellphone video has played a pivotal role in scores of high-profile cases in the US, as have recordings of 911 calls and footage captured from police body cameras. There’s no question this evidence is valuable, but ensuring its integrity and demonstrating an unbroken chain of custody — the documentation that records the chronological sequence of the custody, control and disposition of a piece of evidence — often proves difficult.

To avoid controversies surrounding digital evidence, some public safety authorities have started turning to a seemingly unlikely solution: blockchain technology.

At its core, a blockchain is a decentralized database shared across a network. Unlike centralized databases, however, records are only accepted after attaining group consensus. It provides a way to incorporate a variety of data from multiple sources, anonymize it, track it and ensure its authenticity without the need for third-party validation.

Indeed, blockchain holds the potential to help transform public safety by improving the way agencies handle their most sensitive evidence and data, enhancing interagency cooperation and promoting greater public trust in the integrity of investigations.

Blockchain is uniquely suited to tackling this challenge, according to gcn.com. In fact, the existing US federal guidelines for handling digital evidence are surprisingly similar to the way blockchains work. When seizing a hard drive, for example, special personnel will scan the contents and use that data to generate a hash value.

In the same way blockchains use hash values to verify linked blocks, digital forensics investigators use hashes to track digital evidence. Blockchain presents multiple advantages over the current procedures. The principal advantage is the redundancy blockchain provides. Instead of relying on a team of specialists to first extract the data, then hash it, then track it, a “blockchain of custody” would allow for open submission of data to the blockchain, where it would be automatically verified by consensus, hashed and then entered into an immutable, shared public record.

Data collection by various agencies in the US has grown exponentially, but the ability to generate intelligence and then act upon this data continues to be hampered by bureaucratic inefficiencies, interagency divisions and siloed data. Establishing a unified data standard poses many challenges because it requires buy-in from so many agencies.

Blockchain circumvents this problem by enabling trustless collaboration and removing the need for centralized authority. The promise of an immutable, open public record of all data submitted could overcome a major hurdle for interagency collaboration.

Blockchain’s “smart contract” feature could ensure protocols between agencies are always followed because they would be executed automatically by the system. Basically, a smart contract is a computer protocol that facilitates, verifies or enforces the performance of a contract or contract clause. In addition to formalizing information requests and opening investigations, smart contracts might also help balance data privacy and public safety.