Electronic evidence plays a critical role in not just investigating and prosecuting cybercrime, but increasingly also in traditional offline crimes. However, multiple different categories of electronic evidence have been defined in legal instruments, with corresponding procedural protection for obtaining it.
Non-uniform standards lead to disparities between countries, in particular in respect to privacy and data protection standards. Therefore, complications mount when individuals and/or service providers reside outside the jurisdiction where the investigation is being carried out. Moreover, new types of data, such as biometric or meta data, that are increasingly being collected and stored by service providers, add to the complexity as questions arise as to which of the existing categories of electronic evidence should these new types of data fall and what procedural protections should be afforded to such data.
To help support public and private sector exchanges on electronic evidence and to raise awareness, the Internet & Jurisdiction Policy Network has prepared a Framing Brief on Categories of Electronic Evidence. The resource includes a set of commonly used categories of electronic evidence, including subscriber information, traffic, or access to translational data and content data. It also provides an overview of the investigation trends challenging current categorization, and finally, proposes a refreshed and forward-thinking analysis of the issues at hand.
"The Framing Brief documents a growing tension between the traditional categories of electronic evidence, and new types of data and their uses. The Framing Brief is aimed at raising awareness and providing a broad overview of these tensions." said Ajith Francis, Director, Data & Jurisdiction Program.
The Framing Brief proposes key questions to frame the debate on moving forward:
• How to define the appropriate levels of protection?
• What is the future of categorization?
• Should every type of digital data be requestable?
The Framing brief was presented at RightsCon 2022 during a session organized by the Internet & Jurisdiction Policy Network, Center for Democracy & Technology (CDT), Cross-Border Data Forum, Electronic Frontier Foundation (EFF) and the Government of Canada on “How much of your data can be used against you in criminal investigations? A conversation on electronic evidence and types of user data" held on June 8, 2022. Learn more about the event here.
Learn more about the Data & Jurisdiction Program and Contact Group members here.
View previous Data & Jurisdiction Program outcomes here.