Wednesday, September 21, 2011

US Revolution? Privacy -v- Intrusion

US Revolution? Privacy -v- Intrusion

At DEEU research we are noticing an interesting trend in the United States pushing a revolution to claw back the rights of 'privacy' regarding mobile phone communications and GPS tracking, perhaps to counteract what appears to be the underlying suggestion of high level of 'intrusion'. A number of recent cases that have been reported are well worth reading and the rise of these cases suggest landmark judgments may not be far off. The effect of such judgments might bind the US's member states to possibly a single code of conduct. This may make sense where an operator, providing national coverage, has a uniform privacy policy as opposed to a single member state imposing local laws to such a degree that it might be possible to cause:

- the US constitution to be eroded by localised politics in a single member state
- national security may be undermined if a single member state bleeds information about a person's movements simply obtained via a production order application

The points above and below are not statements of fact but merely observations and, rather than my comments influence readers' thought-processes, below is a list of cases and some additional reading that may be of interest. The British legal system may well be interested in what is taking place and such cases can influence aspects of our case law. Mobile forensics and evidence might equally see requirements imposed as to the level of data that maybe accessed from the network and/or acquired from mobile devices. The US, whilst is still in its infancy, due to arriving fairly late to the table in these fields (but making up ground) regarding mobile phone forensics and evidence may, no doubt, want to keep an eye of how these cases impact on the area of data acquisition and harvesting.  

Mobile Phone and GPS Privacy Cases:

Further reading material

Review of Disclosure in Criminal Proceedings UK - update

Review of Disclosure in Criminal Proceedings UK - update

Review of Disclosure in Criminal Proceedings
The Rt Hon. Lord Justice Gross
September 2011

This is a review ("the review") conducted at the request of and for the Lord Chief Justice, prompted by concerns as to the operation of the disclosure regime contained in the Criminal Procedure and Investigations Act 1996, as amended ("the CPIA").

The review was established to consider the practical operation of the CPIA disclosure regime and, if appropriate, the legislative framework, with a particular focus on the proportionality of the time and costs involved in that disclosure process.

Updated Download Link - Report:
Review of disclosure in Criminal Proceedings - September 2011 (PDF 932kb)

Tuesday, September 20, 2011

7.5 trillion mobile communications

7.5 trillion mobile communications

My recent post discussed mobile growth areas, as many have at this blog (just search past posts) and highlights the current European trend with smart-phones. A recognition of the British localised trends in the mobile marketplace can be read about here: UK_CMR_2011_FINAL.pdf

A news article about an Ovum report suggests the quantity of mobile -calls -texts -images and video messages will reach 7.5 trillion this year.  Moreover, it is reported:  "In a new forecast, the independent telecoms analyst also predicts that the market will generate revenues of $153 billion this year, up 8% on last year’s performance."

From analysis of a number of cross-market conditions by various market analysts these indicators provide useful coordinates about the future of mobile forensics and evidence. It is very positive, but there is a natural consequence of that success; adjustments will need to be made. Those trends cannot help but bring change and imply there will be a need for transformation from the current investigatory set up and a shake up of the stoggy and bloated surface-level superficiality stifling and damaging the approrpriate structural processes inherent in the mobile forensics and evidence tree, perhaps illustrated by the way in which honey-fungus of the genus Armillaria variety eats at the very core of a tree.

Saturday, September 17, 2011

Review of Disclosure in Criminal Proceedings UK

Review of Disclosure in Criminal Proceedings
The Rt Hon. Lord Justice Gross
September 2011

This is a review (“the review”) conducted at the request of and for the Lord Chief Justice, prompted by concerns as to the operation of the disclosure regime contained in the Criminal Procedure and Investigations Act 1996, as amended (“the CPIA”).

Download report:

Note: Text missing from the report at paragraph xiii) end of page 6, start of page 7.

Arrhenius equation, preserving photos/videos for 100 years

Arrhenius equation, preserving photos/videos for 100 years

Arrhenius acceleration factor and accelerated temperature cycling can be applied to simulate the effects on data retention held within memory devices on their store media. We learn that to determine the relationship between the rate constant (or acceleration factor) and the activation energy and temperature of a reaction can be given by Arrhenius equation expressed as:


In order to assess preservation we are informed, during tests, data can be subjected to "temperatures and activation energies" to determine their retention qualities under the following conditions:

- Ea = Activation Energy = 1.0 ev
- Boltzmann Constant = 8.62*10-5
- Product application temperature used for this test (Ta) = 40ºC
- Product test temperature used for this test (Tt) = 125ºC
- Product's time-to-failure is exponential
- Arrhenius Acceleration Factor = 2721

It is said that using a conservative approach applied to values of "well-known" industry standard numbers for the calculation, and higher stress of 40ºC (typical archival storage temperature of 25°C +/- 10°C),  termperature cycle tests performed on n-DUTs (Device Under Test) and accelerated temperature of 125°C applied over x-hours can verify deterioration (thus preservation potential) of data occurs following tests. The output recorded can be simplified with the results entered in an Arrhenius table.

Now the question. Has 100 years has been proven possible? According to recent announcements it is said to be more than possible, devices can achieve this such as SanDisk Memory Vault™. Indeed devices like these are able to store photos and videos for 104 years, apparently.

I thought the information might be useful to discuss because I heard on BBC radio news that suggestions for firearms officers to wear video cameras to record an incident or operation had some difficulties about storage. The radio news made no further mention about the exact storage difficulties, but if the difficulties involve archive (for large-scale storage) and preservation, might the above information be of some help?

Sunday, September 11, 2011

Cybercrime: procedures, deterrent and investigation

Cybercrime: procedures, deterrent and investigation

The title cybercrime Convention on Cybercrime is not new and has had numerous airings going back to the late 1990s and early 2000s. It has largely languished there, though, until it became the economic follow-up to the war on terrorism given there has been a signifcant shift towards electronic attacks or gained perception about the potential threat for crimes to be committed using technoology.

Cybercrime isn't actually a qualification in itself of the 'actual crime' that has been or is about to be perpetrated, rather on the one hand it provides a global statement under which preventions, deterrent and investigation can be defined about crimes where technology is or can be used as a conduit for a criminal or terrorist event. The technologies that are perceived to be relevant and 'usable' for cybercrime are set out in:

Proposal for a COUNCIL FRAMEWORK DECISION on attacks against information systems

Article 2
For the purposes of this Framework Decision, the following definitions shall apply:
(a) "Electronic communications network" means transmission systems and, where applicable, switching or routing equipment and other resources which permit the conveyance of signals by wire, by radio, by optical or by other electromagnetic means, including satellite networks, fixed (circuit- and packet-switched, including Internet) and mobile terrestrial networks, electricity cable systems, to the extent that they are used for the purpose of transmitting signals, networks used for radio and television broadcasting, and cable TV networks, irrespective of the type of information conveyed"

So this represents a broad range of identified technologies (whether used in natural sciences or manmade systems) that are identified avenues for 'cybercirme' procedures, deterrent and investigation. Furthermore, and on the other hand, cybercrime equally requires the 'type' of crime (substantive or inchoate) to be identifed that has or could operate 'through' a single or combination of technologies. For instance:

- a virus that is inserted into the electronic communication messages sent via Broadband of Power Lines (BPL) that takes down or attempts to take down a power station causing blackout might range in criminal law as a type of crime indicted eg under criminal damage, ecomonic damage, computer misuse, terrorism etc
- a message mispresenting a genuine individual that allows funds to be removed from the indiviudals account using the wireless network may be indicted in criminal proceedings as a fraud etc 

In the UK, legislation covers crimes such as 'abstraction of electricity', 'obtaining a telecommunication service with the intention of avoiding payment', 'computer misuse', unlawful interception' etc. To re-write all the relevant Statutes to identify crimes like these and other as 'cybercrime' would not seem practical at all. Cybercrime, then, perhaps may well be best described for use as a 'global title' to identify a state of 'events' generated through the use of various technologies.

The International Telecommunications Union (ITU) recognises the need for cybercrime procedures, deterrent and investigation and published two highly informative draft guides that one would expect to find produced from such an experienced and authoritative organisation:


ITU toolkit cybercrime legislation.pdf

As these documents are drafts, it is clear that evolving documents will continue to refine and define 'cybercrime' but may remain unable to circumvent the identification of the actual technologies used in a crime. One possible consequence of this is that forensic exmainers and experts in their specific fields will continue to provide their services, but an adjustment to a report or opinion may be required to start with e.g.

"Cybercrime Report/Opinion: The use of  X-technology in such and such an alleged crime...."

Saturday, September 10, 2011

Smart phones overtake basic mobile phones in Europe

Smart phones overtake basic mobile phones in Europe

The Guardian newspaper, thursday 8/9/11,  reported "New data released by research company IDC show smartphone shipments up 48% compared to the same period in 2010, reaching nearly 22m, as Samsung, Apple, HTC and BlackBerry maker RIM dominated the market and Finland's Nokia saw its previous dominance wiped out. Last year smartphones made up just over a third of mobile phone sales in the region."

However, alternative research from IMS suggests that, infact, there is a SIM card sales explosion: "Of the 4.2 billion SIMs sold in 2010, 85% were to existing SIM card users, i.e. existing users of cellular handsets. This means that more than 80% of SIM-based cell phone users replaced their SIM cards last year. This may seem a little surprising as the proportion of cell phone users that replaced their actual handsets last year was much less than this. In fact at a global level, only 24% of cell phone users replaced their handsets with brand new handsets last year."

Moreover, IMS research further suggests when dealing with 4FF embedded SIMs: "With the current removable model, the volume of SIM cards sold in 2016 is set to pass 6 billion. If all cards were embedded by this time the number would be nearer 2 billion, around half what it was last year! As the SIM card market represents more than 80% of smart card volumes, this would be very bad news for many card and semiconductor suppliers."

On the basis of both reports the news in quite uplifting and a useful indicator of growth. At a time when the Prime Minister, David Cameron, looks to re-assess economic imbalance (services -v- manufacturing) in Britian, the elements to bring about the stimulus for wealth-creation, productivity and employment maybe here. Why would that be so? Because here is an area where services and manufacturing are required to forge a union in order that both can co-exist, such that they work not only in practice but in principle, too.

I am happy to revisit the sub-text of my 1988 proposal 'Putting Britain First' and reference to other reading materials if it would help put meat on the bones of this one.