Last week I was asked to present at The Bar of Ireland in one of a 7-part series in a project sponsored by the European Commission and organised by the European Academy of Law. This one was hosted in Dublin Kings Inns and focused on the Post Covid Challenges with respect to collecting, authenticating, and evaluating online evidence.

My presentation focused on the technical dos and don’ts of collecting evidence from the Internet. It highlighted the fact that after Covid more of us are online and after going through the basics of the web I demonstrated several techniques that can be used to collect such information. I gave a quick demo of how information on webpages can be easily changed. Relying on screenshots alone for evidence is not a good idea.

Victor Voelzow, Trainer for Digital Forensics in Germany, showed how ChatGPT can draft data request orders. As well as showcasing generating accurate prose, ChatGPT also showed its limitations by quoting laws not applicable to Ireland. It seems ChatGPT is not yet localised to Irish legislature.

Klauss Hoffmann, Senior Prosecutor in Freiburg, gave a humbling account of his work in the International Criminal Court. His presentation referenced the ongoing Ukrainian war and how technology is helping document Russian war crimes.

Stanislaw Tosza, Associate Professor in Luxembourg, discussed the European Production Order and how it can be used to compel evidence collection from cloud companies. He ran through the major case law such as Belgium’s Yahoo case and FBI vs Apple; both of which were attempts by governments to compel information from corporations. ​​​​​​​

Aisling Kelly discussed the other side of the story: how corporations respond to such requests. She is the Senior Counsel in Microsoft Dublin and discussed how her team of 60 handles information requests. They are evaluated by hand and if approved, data is extracted from Microsoft services. This is not done via Microsoft Purview but by an internal system and only extracts metadata: account information, billing, location, email addresses, phone numbers and IP addresses. No content is extracted.

She contrasted EU data gathering orders to those in the US. Although she believes the US is way more advanced, she does explain that requests such as the Google’s Geofenced ‘Dragnet’ Warrantswould not be possible in the EU due to privacy considerations. In fairness to the US it has also faced US constitutional challenges.

The second day focused on how the EU can catch up. Joachim Messe (Professor of Criminal Law in Antwerp) discussed the European Investigation Order and Rainer Franosch went through a success story in which online evidence led to infiltration of criminal networks. Chatrine Rudstrom (Senior Public Prosecutor in Stockholm) and John Berry (Barrister in Dublin) rounded off the conference by discussing how such evidence can be handled and presenting in court.

The conference had a great mix of perspectives from legal to corporate and showed that although the EU has a lot of challenges ahead of it, it is producing legislation (albeit very slowly) to address them.

Filed under:

Damir Kahvedžić

Damir Kahvedžić

Damir Kahvedžić is a technology expert specializing in providing clients with technical assistance in eDiscovery and Forensics cases. He has a PhD in Cybercrime and Digital Forensics Investigations from the Centre for Cybercrime Investigation in UCD and holds a first-class Honours B.Sc in Computer Science. Experienced in the use of industry leading software, such as Relativity, EnCase, NUIX, Cellebrite, Clearwell, and Brainspace, Damir is also a PRINCE2 and PECB ISO 21500 qualified project manager. Damir has published both academic and technical papers at several international conferences and journals including the European Academy of Law, Digital Forensic Research Workshop (DFRWS), Journal of Digital Forensics and Law amongst others.