Home

News

Guilty or not? New ISO/IEC standard for credible digital evidence

by Maria Lazarte on
ISO News feeds (RSS)
digital fingerprint

A new ISO/IEC International Standard will ensure the reliability and credibility of digital evidence, which is increasingly used in court cases and legal disputes due to the development of technology and the growth of cybercrime.

Digital proof can be gathered from computers, mobile phones, mobile navigation systems, digital still and video cameras, storage media (USBs, CDs, etc.) and other similar devices. The new standard, ISO/IEC 27037:2012, Information technology – Security techniques – Guidelines for identification, collection, acquisition, and preservation of digital evidence, will ensure the integrity of such evidence for its admission in legal, disciplinary and other actions.

Maslina Daud, Project Editor of ISO/IEC 27037, says, "Digital evidence is inherently fragile, as it may be easily altered, tampered with or destroyed through improper handling or examination. ISO/IEC 27037 provides a harmonized and globally accepted methodology to safeguard its integrity and authenticity."

"Just as importantly", Ms. Daud argues, "as crime, and in particular cybercrime, increasingly takes place across borders, ISO/IEC 27037 will facilitate the exchange of digital evidence between jurisdictions by making sure that requirements and procedures are consistent."

ISO/IEC 27037 provides guidance to individuals involved in the identification, collection, acquisition and preservation of potential digital evidence such as:

  • Digital Evidence First Responders (DEFR)
  • Digital Evidence Specialists (DES)
  • Incident response specialists
  • Forensic laboratory managers

Decision-makers can rely on the standard to determine the credibility of digital evidence. It can also be used by organizations involved in protecting, analyzing and presenting digital evidence, as well as policy-making bodies creating and evaluating related procedures. The standard does not replace specific legal requirements of any jurisdiction, but is rather intended to serve as practical guidance in DEFR and DES investigations.

ISO/IEC 27037 complements other ISO/IEC IT security standards, notably ISO/IEC 27001 which outlines an information security management system and ISO/IEC 27002 which provides a code of practice for information security management.

ISO/IEC 27037:2012, Information technology – Security techniques – Guidelines for identification, collection, acquisition, and preservation of digital evidence, was developed by joint technical committee ISO/IEC JTC 1, Information technology, subcommittee SC 27, IT Security techniques. It costs 140 Swiss francs and is available from ISO national member institutes (see the complete list with contact details) and from ISO Central Secretariat through the ISO Store or by contacting the Marketing, Communication and Information department.