Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

June 12, 2016

Playpen (porn) and Tamper-Proof NITs (Chain of Custody)

Filed under: Cybersecurity,FBI,Government — Patrick Durusau @ 2:19 pm

Dr. Christopher Soghoian’s affidavit in UNITED STATES OF AMERICA v. EDWARD JOSEPH MATISH, III, Criminal No. 4:16cr16, Document 83-1, is a highly readable account of why the lack of encryption for the Playpen Network Investigative Technique (NIT) is fatal to the FBI’s case.

In a nutshell, the lack of encryption means that the FBI cannot prove that data from a point of origin was not changed before it reached the FBI’s computer. Anywhere along the network transmission, some third party could have changed or even inserted new content.

In legal speak, it’s call “…the chain of custody.”

Say for example a defendant is charged with illegal possession of a firearm. At trial, the state must product the firearm alleged to be in his possession at the time of his arrest. Moreover, as part of that proof, the state must prove “custody” of that gun at every step of the way.

The arresting officer testifies to the arrest and identifies the gun retrieved from the defendant. They then testify they put that gun into a bag with a label, noting the serial number and then signing the bag after sealing it. Next a crime room technician will testify they received bag # with the officer’s signature and logged it into their evidence log. And so on, up until the officer opens the bag in court and says: “This is the gun I took off of the defendant.”

Break that chain of custody and the evidence isn’t admissible.

The chain of custody doesn’t exist in the Playpen cases because the lack of encryption means the data in question could have been changed at any number of points along the way and the FBI cannot prove otherwise.

Think of it as an affirmative burden of proof. No proof of chain of custody and the evidence is not admissible.

Even a first year FBI trainee should know that rule.

Which makes the FBI’s desire to get D- quality work approved all the more puzzling.

Why not follow the rules and do good work? What so daunting about that?

Suggestions?

PS: Should the FBI need advice on following the rules on cyber-evidence matters, don’t contact the Justice Department. They have an unsavory reputation for lying to judges and just as likely would lie to the FBI. Check around for ex-U.S. attorneys with cyberlaw experience.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress