There has been a trend, by both the defence and the protectution in courts, to verify or supplement evidence given in court, using Call Data Records which can provide a history of the locatation of mobile phones. Similarily, we see computers being seized in evidence re emails and website usage and regularily read about emails being used in this or that case.
It seems difficult enough to keep one's own IT systems secure from "malware" but consider a telco's (mobile/ISP/fixed network operator) position whereby all subsribers' data, at least in Ireland, has to be held for three years and, when required to do so by the law enforcement agency, the net operator must search for and release as required: subscriber details, CDRs, emails, usernames, email addresses etc. while guarenteeing the data's security, integrity and authenticity. The same network operator may also be required to provide expert witnesses to face challenges re the above in court.
Sometimes it seems difficult enough to set up an email account or a new mobile phone but consider the also the law enforcement agency officer tasked with the job of assessing what data may be relevant, what is technically or logistically possible to gather as evidence within the IT domain. If you catch a suspected child pornographer, terrorist or fraudster what should he or she be looking for on the suspects' phone, PC or smart cards. Also, what do the lawyers, judiciary envolved in these cases need to know.
Finally, what privacy laws exist to protect Joe Citizen?
On the one hand there are via databases new tools available to track and help convict criminals. On the other hand there is the potential for privacy to be intentionally or mistakenly invaded, for data to fall into the wrong hands, for identity theft.
But it's not just cops and robbers who are effected by these new issues. Anyone can get drawn into it, take for example, the case of a retailer whose premises' security cameras (CCTV) just happened to be pointed to the position of an alleged offence. The law enforcement agency may require the retailer to provide tapes/DVDs re this or that camera over any extended period in or around the alleged offence. This may cost the retailer a day or two to gather depending on the request.
The point I make is that regardless of one's views re being tracked, the fact is everybody is any time they go out, use their phone, write an email, surf the web, or buy anything with plastic. But why should one group, pay to enforce the law while other sectors aren't obliged to do so? A cost of doing business? Perhaps.
Thursday 16 November 2006
Subscribe to:
Post Comments (Atom)
1 comment:
So just how do we know that the typical cellular network does actually secure the data ? Do they employ people to guard such materials night and day ? Or do they just check now and then to see if anyone has accessed them ?
Post a Comment