Ok Heo
ABSTRACT
The growth of mobile devices used in our daily lives can mean more than one type of digital forensic targets may exist. Unlike desktop computers and file servers, mobile devices are more often used in daily life and contain precise and detailed personal information. Accordingly, if a mobile device is confiscated and digital forensic procedures are conducted, various private information may be disclosed during the investigation process. Moreover, privacy exposure from the investigative agency is not the entire risk. For example, privacy exposure may occur when evidence is released outside the investigation agency or possibly when other case managers arbitrarily read the evidence. Additional risks may arise during storage process as well. Privacy is a fundamental right of the people protected by the Constitution. Thus, if under the confines of the law, infringement or privacy limitations are necessary then it should be done to the minimum extent possible. In this paper, we will study 1) the laws relating to digital forensic procedures in Korea, the United States, the E.U., 2) examine the types of private information that can be exposed through mobile devices, and 3) suggest passcode (which is a first-generation cryptography, based on authentication) and other encryption methods, more specifically public-key and isomorphic encryption to protect the privacy of mobile evidence.
- Goldfoot Josh. 2011. The Physical Computer and the Fourth Amendment, 16 Berkeley J. Crim. L. 112 (2011) / Berkeley Journal of Criminal Law, Vol. 16, Issue 1 (2011), pp. 112-167. Available at : http://heinonline.org/HOL/Page?handle=hein.journals/bjcl16&div=Google Scholar
- Wankyu Lee. 2015. The Method of the Presence of the Possessor in the Seizing Process and the Seizure of the Material for the Irrelevant Crime, Contemporary Review of Criminal Law (CRCL.PS) 48 (2015): 90-158, Supreme Prosecutors' Office, 2015.Google Scholar
- Federal Bureau of Investigation Internet Crime Complaint Center. 2020. Internet Crime Report 2020, Federal Bureau of Investigation. Available at : https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdfGoogle Scholar
- Min-a Kim. 2021. Legislative Cases of the US, UK, and France Related to the Search and Seizure of Digital Evidence, Latest Legislative Information Volume 157, National Assembly Library, Korea.Google Scholar
- Supreme Court en banc Order 2011Mo1839 Dated July 16, 2015, Available at : https://library.scourt.go.kr/kor/judgment/eng_judg_view.jspGoogle Scholar
- Authenticated U.S. Government Information GPO. 1992. FOURTH AMENDMENT SEARCH AND SEIZURE CONTENTS, 1197-1270, Available at: https://www.govinfo.gov/content/pkg/GPO-CONAN-1992/pdf/GPO-CONAN-1992-10-5.pdfGoogle Scholar
- Emily Berman, Digital Searches, the Fourth Amendment, and the Magistrates' Revolt, 68 Emory L. J. 49(2018). Available at: https://scholarlycommons.law.emory.edu/elj/vol68/iss1/2Google Scholar
- Sara J. Dennis, Regulating Search Warrant Execution Procedure for Stored Electronic Communications, 86 Fordham L. Rev. 3033 (2018). Available at: https://ir.lawnet.fordham.edu/flr/vol86/iss6/21Google Scholar
- Byung-min Park. 2021. Research on improving search and seizure of digital evidence : focusing on discussions of legislative measures, Judicial Policy Research Institute Research Book, (2021), 1-453Google Scholar
- BVerfG 2 BvR 1027/02 (Zweiter Senat) - Beschluss v. 12. 4. 2005. Available at: https://www.bundesverfassungsgericht.de/SharedDocs/Entscheidungen/DE/2005/04/rs20050412_2bvr102702.htmlGoogle Scholar
- Jared Olson. 2021. DFIR Advanced Smartphone Forensics, SANS DFIR. Available at : https://www.sans.org/posters/dfir-advanced-smartphone-forensics/Google Scholar
- Android Source. 2020. Full Disk Encryption. Retrieved Feb 16, 2022 from https://source.android.google.cn/security/encryption/full-disk?hl=koGoogle Scholar
- Joe Miller. 2014. Google and Apple to introduce default encryption. BBC News. Retrieved Feb 16, 2022 from https://www.bbc.com/news/technology-29276955Google Scholar
- Heather Mahalik. 2014. Open Source Mobile Device Forensics. Basis Technology Retrieved Feb 16, 2022 from https://www.nist.gov/system/files/documents/forensics/6-Mahalik_OSMF.pdfGoogle Scholar
- R.I. Ferguson, Karen Renaud, Sara Wilford, Alastair Irons. 2019. PRECEPT: a framework for ethical digital forensics investigations, Journal of Intellectual Capital Vol. 21 No. 2, 2020 pp. 257-290. DOI 10.1108/JIC-05-2019-0097Google ScholarCross Ref
- Zack Whittaker. 2016. Leaked files show what a Cellebrite phone extraction report looks like. ZDNet. Retrieved Feb 16, 2022 from https://www.zdnet.com/google-amp/article/israeli-firm-cellebrite-grab-phone-data-seconds/Google Scholar
- Expert Witness Disk Image, ASR SMART, https://www.loc.gov/preservation/digital/formats/fdd/fdd000407.shtmlGoogle Scholar
- ACCESSDATA. 2020. Imager User guide. ACCESSDATA. Retrieved Feb 16, 2022 from https://accessdata.com/product-download/ftk-imager-version-4-5Google Scholar
- Joachim Metz. 2020. EWF specification, Retrieved Feb 16, 2022 from https://github.com/libyal/libewf/blob/main/documentation/Expert%20Witness%20Compression%20Format%20(EWF).asciidocGoogle Scholar
- Michael Cohen, Simson Garfinkel, BradleySchatz. 2009. Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow, Digital Investigation Volume 6, Supplement, September 2009, Pages S57-S68. Available at : https://www.sciencedirect.com/science/article/pii/S1742287609000401Google Scholar
- Sally Vandeven. 2014. Forensic Images: For Your Viewing Pleasure, SANS, Retrieved Feb 16, 2022 from https://sansorg.egnyte.com/dl/HvbeBjwKSyGoogle Scholar
- Behrouz Forouzan. 2007. Cryptography & Network Security, McGraw-Hill Publishing, 2007, 1- 748pGoogle ScholarDigital Library
- Cheon Jeong-hee, Eo Yun-hee and Kim Jae-yun. 2018, "Privacy-Preserving Finance Data Analysis Based on Homomorphic Encryption", Financial Information Research, vol.7, no.1 pp.33-60. Available from: doi:10.35214/rfis.7.1.201802.002Google ScholarCross Ref
- van Dijk M., Gentry C., Halevi S., Vaikuntanathan V. (2010) Fully Homomorphic Encryption over the Integers. In: Gilbert H. (eds) Advances in Cryptology – EUROCRYPT 2010. EUROCRYPT 2010. Lecture Notes in Computer Science, vol 6110. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13190-5_2Google ScholarDigital Library
Index Terms
- A Study on Privacy Protection of Mobile Evidence in Relation to Criminal Investigative Procedures
Recommendations
An investigation of anonymous and spoof SMS resources used for the purposes of cyberstalking
In 2012, the United Kingdom actively sought to tackle acts of stalking through amendments to the Protection from Harassment Act 1997. Now, not only is stalking a recognised criminal offence, acts associated with stalking behaviour have finally been ...
Personal data protection in electronic business
ICEC '05: Proceedings of the 7th international conference on Electronic commerceThe paper review the personal data protection law, the right to privacy and related torts in cyberspace, the legal proposals have been suggested, it is important to construct a legal system for protection of the right to privacy. The data protection ...
Releasing Individually Identifiable Microdata with Privacy Protection Against Stochastic Threat: An Application to Health Information
The ability to collect and disseminate individually identifiable microdata is becoming increasingly important in a number of arenas. This is especially true in health care and national security, where this data is considered vital for a number of public ...
Comments