Cyber Forensics and Legal Considerations

Cyber Forensics and Legal Considerations: Is the Law Keeping up with Advancing Technology?
Introduction
Because of the digital age and the possibilities it has introduced, digital forensics is now a necessity within the realm of law enforcement. However, there are numerous considerations to be made within this realm: constitutional law, property law, contract law, tort law, cybercrime, criminal procedure, evidence law, and cyber war. This paper will examine how the law is only barely keeping up with advancing technology in the realm of cyber forensics and legal considerations. Specifically, it will examine the role of cyber forensics today, the role of cyber space in today’s digital world and where legislation and legal system fails to keep up with the needs of people and businesses. The paper will focus on what amendments have been made to the Constitution, what bills have been passed in relation to cyber security and cyber forensics, and what new trends in cyber crime are occurring. The paper will also focus on the reality of cyber war and what it means in the field of cyber forensics and how today’s laws fail to keep pace with the ever mounting pressures and incidences of cyber war.
The Role of Cyber Forensics
Cyber forensics is defined as the “branch of computer science that focuses on developing evidence pertained in the digital world for use in civil or criminal court proceedings” (Maragnos, Risomiliotis & Mitrou, 2012, p. 775). In the digital era, it is a highly needed field. Digital crime is one of the most common forms of crime committed today: people have the identities stolen, their accounts hacked, the digital assets frozen, their computer hardware held ransom, and so on—all because of the ability of digital criminals to use cyber tactics to infiltrate systems (Gogolin, 2010). As a result, cyber forensics is a much needed field to help law enforcement officers understand the digital footprints left behind by cyber criminals. Cyber forensics is one of the most in demand fields within the IT industry as more and more of modern society merges with the digital world—and more and more security breaches show a need for digital tools that can be used to understand the scene of the crime. As Norwich University (2019) explains “recovering deleted files, deleted passwords and checking for breaches of security for cyber-crime” are just some of the methods those enlisted in the field of cyber forensics employ. The evidence collected in cyber forensics, however, plays a big role in criminal justice: “once the evidence is collected it must be contained and translated for lawyers, judges, and juries to examine” (Norwich University, 2019). The question that many have today focuses on the extent to which legislation has kept up with the advances made in digital technology.
Cyber Space, Cyber Forensics and the Constitution
According to Andres (2015), “the fundamental constitutional dilemma associated with cyber conflict is that it occurs almost entirely within privately owned computers and networks” (p. 156). To protect the private space and intellectual property (IP), the U.S. government enacted legislation such as the Stop Online Piracy Act and the Protect IP Act, which has obliged content providers to police themselves and monitor content flow. Companies have been obliged to monitor activity going into homes. This type of surveillance was met with protest by individual users, and Congress then passed the Cyber Intelligence Sharing and Protection Act. Senator McCain introduced the SECURE IT Act in 2012 which “rather than increasing government regulation, attempted to remove legal barriers that prevented government and industry from sharing information” (Andres, 2015, p. 159). However, civil rights advocates and business advocates both opposed the bill and it died before being enacted. Since then Congress has had a difficult time legislating in such a way as to respond to those who want privacy on the Web and those who want regulation. The field of cyber forensics is thus stuck in a kind of limbo while Congress figures out what to do next.
The legal issues that crop up in relation to cyber forensics are diverse: within constitutional law, there are issues regarding privacy, search and seizure and the 1st Amendment; within the field of cybercrime, the Computer Fraud and Abuse Act is relevant; in criminal procedure, the 4th, 5th and 6th Amendments apply along with the Electronic Communications Privacy Act; in terms of property law, trade secrets and copyright encroachment are issues that need to be addressed; in contract law, identity management and agency law are issues that require consideration; tort law has a range of issues—from privacy invasion to negligence to downstream liability, defamation and Supervisory Control and Data Acquisition; evidence law issues include accurate representation, hearsay, ephemeral systems and the use of best evidence (Nance & Ryan, 2011). Nance and Ryan (2011) note in particularly that “while the U.S. Constitution provides the foundation for our legal system, the evolution of the Information Age has presented new challenges for interpretation of the constitution” (p. 3). When it comes to just the 1st Amendment, cyber forensics has run into a veritable mine field of issues that current legislation simply does not know how to tackle. The framers of the Constitution never envisioned a virtual world that would be every bit and rough and tumble as the old Wild West was—just in cyber space. Thus, “content-neutral and content-specific regulations, cyberstalking, cyberbullying, and countering hate speech” are all issues that cyber forensics has to touch on now while “pornography and child pornography, spam, and government censorship have provided the courts with a steady stream of cases involving digital and multimedia evidence, and are likely to continue to do so” (Nance & Ryan, 2011, p. 3). And this is just one small example of how legislation is attempting to come to terms of cyber forensics in the digital age.
Cyber crime is another tricky area, primarily because it is almost impossible to define the crime scene (Nance & Ryan, 2011). It is not like in a real world case where a crime scene is taped off and everyone knows the parameters and the rules. In cyber space, there is no real such thing as space—so containing a crime scene is a challenge in and of itself—which means it is also a challenge for legislators to enact rules for the field of cyber forensics to abide by. When something cannot be fully defined, it cannot be fully legislated—and so a gray space or gray zone emerges in which a great deal of liberty may be taken. How to know where jurisdiction applies and where it ends is just one of the many complicated issues that the legal world has not yet come to terms with for cyber forensics to be able to know legal boundaries. Marshall (2018) points out that “with the advent of technology and the rapid sharing of digital information, there has been a rapid development of the misuse of technology and fraudulent digital transactions” (p. 84). Local, state and federal jurisdictions, as well as international jurisdiction issues arise, which makes the job of cyber forensics investigators particularly thorny as no one knows whose responsibility it is to take the lead.
Then there are issues of property law that add to the fire: as Nance and Ryan (2011) report, “many of issues of digital forensics and property law stem from the ease at which property can be acquired, used and replicated and the challenges associated with attribution of those actions” (p. 4). With so much digital media now available on the Internet, the question of where cyber forensics comes into play and where free use of material ends is one that still remains unanswered by current legislation. On top of this is the murky shadow world of contract law in the digital space: “businesses can quickly spin up, take money, not fulfill contracts, and effectively disappear from the virtual world” (Nance & Ryan, 2011, p. 4). Cyber forensics investigators need to wrestle with problems of identity theft, identity management and contract misrepresentation. Cyber criminals are taking advantage of loopholes in legislation written by legislators who lack sufficient understanding of the digital world and therefore are not aware of the implications of laws’ effect.
Cyber forensics is, for example, particularly important in tort law. Tort law is used to resolve disputes. As Sommer (2008) notes, “civil actions to recover chiefly economic, reputational, or privacy-based damages arising from Internet communications such as email, blogs, or other Internet communications” (p. 63) are vitally important for cyber forensics investigators. An invasion of privacy, for instance, can become a dispute between two parties in a tort law case and digital forensics will more than likely be used to assist in the matter. However, as digital communications has rapidly evolved over the years, the rules and regulations regarding what it is permitted and what is not permitted have still not be defined by Congress. The EU only recently passed a law regarding the sharing of private information collected from users via the Internet in its General Data Protection Regulation (EU, 2019). The U.S. may follow suit, but until it does the problem of what is permissible and what is not in terms of sharing information via communications technology remains a gray area, legally speaking.
The technology is not stopping, though, and advancements are continuing at a rapid, dizzying pace. Now it information is being picked up and transmitted via voice to system interfaces which raises even more questions about the field of cyber forensics and what is permitted. Major corporations have invested heavily in voice-responsive digital technology: As Dumaine (2018) notes, “Amazon, Apple, and Google are investing billions to make voice recognition the main way we communicate with the Internet.” Facebook is also entering into the market as well—but each has their own approaches to the industry: Amazon is out in front with 42% of the global market for voice recognition products, but Google has a 34% share of the market with its own line of Google Home devices that use Google Assistant voice recognition technology. Likewise, “Facebook unveiled its line of Portal audio and video devices, which do some but not all of the voice-recognition tasks of its mega-cap competitors—and, notably, is powered by Alexa” (Dumaine, 2018). All of these technologies can be implemented to outfit the modern working place and workplace environments are bound to be altered by the use of each of the products and services of these major players in the market. What should be the role of cyber forensics in such an environment? What have legislators done to keep pace with this rapidly evolving digital space? The answer is confounding because it is unclear and more uncertain with each and every passing day.
Yet businesses which rely on clear regulatory policy when they establish their infrastructure are now without clear guidance as the future arrives in the present. Security is always going to be an issue whenever digital technology is used and that means companies have to have in place protective technology that reduces the risk of voice recognition software being manipulated to allow thieves and hackers to more easily penetrate and gain access to a person’s information, bank account, or personal or workplace devices. For companies, having so many pieces of their business connected through virtual assistants voice recognition software could represent a tangible threat to cyber security. Thus, while it is an innovative solution to solving time and cost issues, the downside is that it exposes a company and personnel to various risks should the technology become hacked or manipulated. The field of cyber forensics must contend with these risks as well and legal considerations have to be made in terms of where to draw the line, where to issue regulatory guidance, and where to allow a certain degree of liberty.

On top of all this is the problem of more and more malicious software showing up on apps and services that users depend on. Yet with privacy concerns still very much a going thing, the question of how a cyber forensics investigation is to be conducted makes it difficult to properly analyze these threats and trace them out to their sources. Zhou, Wang, Zhou and Jiang (2012) conducted an experiment in which they downloaded 204,040 apps from five different Android Markets in May-June 2011. Over the more than two hundred thousand apps they downloaded, there were 211 with malicious malware on them: 32 came from the official Android Market, or 0.02% of the apps were infectious and 179 of them came from other online marketplaces, with an infectious rate of around 0.35% overall. The Internet today can be a dangerous space and though most users are not inclined to think about security, the fact is that they have to be very mindful of security, especially as they are now more connected to the Web than ever before. Their mobile devices are all potential targets for cybercriminals, and that means users of mobile devices have to be up to speed and informed about the best practices when it comes to protecting their information, securing their data, and safeguarding their devices. Simply thinking that one can get by by only downloading apps from trusted sites like Google Play would be to make a crucial error in judgment.
Even respected sites have their holes, but these sites are protected from prosecution or from investigation by cyber forensics investigators because there is negligible legislation or guidelines when it comes to accountability in the Wild West of the digital space. Are companies and service providers responsible for malware infections because their systems were not up to speed with the rapid pace of advancements in the risk and threat area—which is, moreover, constantly speeding up faster and faster? Who is to be held accountable and what should be the role of the cyber forensics investigator in such a space? These legal considerations have only barely begun to be considered as most of the legislation in existence today has focused on surveillance and IP theft. Accountability and regulation standards in terms of safety and provision are difficult to assign simply because the space keeps evolving faster than anyone can define it.
Cyber War
One of the most compelling realms of cyber space today is that in which the space is considered a battlefield and cyber warfare is considered a reality. Because so many nations’ technological infrastructure is now dependent upon cyber technology, acts of war can be committed in cyber space and, without launching single missile, a nation can be taken offline and off the grid. But that is not all: As Ray Kurtzweil points out, superintelligence is also coming in the cyber space: “by the year 2045 the quantity of nonbiological intelligence on the planet will substantially exceed that of the entire human” (Shanahan, 2015, 157). As more and more data is extrapolated, more and more tests run, more and more knowledge gained, more and more invested into the AI space, into the arena of cyber technology, into the aura of meta-cognition, the world becomes a stranger and stranger place—like a sci-film that is catching up with the real world. Moreover, Nance and Ryan (2011) maintain that “research into digital evidence is likely to become increasingly challenging as infrastructure as a service (IaaS) and software as a service (SaaS) through the cloud become increasingly common” (p. 5). For the field of cyber forensics, the law has simply not kept apace—and perhaps that is intentional in one way—for when there is no sheriff in town, the town is free to conduct itself as it pleases. For the military industrial complex, having a clean slate in terms of what is permissible can cover for a multitude of infringements on privacy, infringements on any number of Amendment rights and protections, and many Americans are used to the idea of the government taking a great deal of license when it comes to cyber space. But a cyber forensics investigator has to play by the rules of the office and if those are not defined it becomes difficult to know where the moral or ethical line is to follow.
Ethical considerations have to be made especially in times when the law fails to keep apace with the changing times of the technological world. Even from a simple utilitarian ethical framework, the problem of not knowing wherein lies the greater good makes it problematic for the field of cyber forensics to operate in an ethical manner. When cyber war is a real threat that sits on the table, more may be expected of a cyber forensics investigator than he might feel comfortable doing—such as hacking into foreign systems to obtain data for the sake of national security, spreading malicious software in another nation’s infrastructure for the sake of national security, or setting up a surveillance system that is quite likely outside the realm of jurisdiction (but since jurisdiction is unclearly defined, who is to say?)—the investigator in the field of cyber forensics is suddenly faced with answering very real, very serious, and very problematic questions regarding legality, ethics, morality, and what is just. The longer the law delays in addressing these issues, the longer the realm of cyber space continues to degenerate into a wilderness of moral and ethical chaos.
Conclusion
The digital age is rapidly changing the way the world works today, which is problematic for the laws which were enacted to govern the world of yesterday. Today’s laws must be updated to address the needs of concerns of people in cyberspace. Businesses, people’s data, privacy, and information are all at risk. Legislation needs to catch up to where the digital age has taken cyber forensics today. The field of cyber forensics is dedicated to developing evidence that can be used in a court of law or in cases of dispute resolution. However, because there are many unanswered questions and unaddressed issues about what is allowed, permissible, and not advised, the field of cyber forensics exists largely under a cloud. What one person or entity may believe is advisable or acceptable can be viewed as wholly unadvisable and unacceptable by others. What role, therefore, can a cyber forensics investigator reasonably be expected to play in such an environment? The digital world has altered so many things about the modern world already—and there is still much more likely to be changed. Legislation therefore has to reflect the legal questions that have arisen.

References
Andres, R. B. (2015). National Security and US Constitutional Rights. Cybersecurity and
Human Rights in the Age of Cyberveillance, 147.
Dumaine, B. (2018). It Might Get Loud: Inside Silicon Valley’s Battle to Own Voice
Tech. Retrieved from http://fortune.com/longform/amazon-google-apple-voice-recognition/
EU. (2019). GDPR. Retrieved from https://eugdpr.org/
Gogolin, G. (2010). The digital crime tsunami. Digital Investigation, 7(1-2), 3-8.
Marangos, N., Rizomiliotis, P., & Mitrou, L. (2012, December). Digital forensics in the
cloud computing era. In 2012 IEEE Globecom Workshops (pp. 775-780). IEEE.
Marshall, H. (2018). 6 Comparative perspectives on digital forensic
technology. Emerging and Advanced Technologies in Diverse Forensic Sciences, 81-101.
Nance, K., & Ryan, D. J. (2011, January). Legal aspects of digital forensics: a research
agenda. In 2011 44th Hawaii International Conference on System Sciences (pp. 1-6). IEEE.
Norwich University. (2019). Cyber forensics. Retrieved from
https://online.norwich.edu/academic-programs/resources/role-of-computer-forensics-in-crime
Shanahan, M. (2015). The technological singularity. MIT Press.
Sommer, P. (2008). Digital Footprints: Assessing Computer Evidence. Criminal Law
Review - Special Edition 1998, 61-78.
Zhou, Y., Wang, Z., Zhou, W., & Jiang, X. (2012). Hey, you, get off of my market:
detecting malicious apps in official and alternative android markets. NDSS, 25(4), 50-52.