17 March 2009
SEAD Seminar - Evidence in the Digital Domain
Meeting room 10, JLB
12.30pm, lunch will be provided from 12noon
Prof Peter Sommer
One of the more important features of ICT is output. What do we have to do to make it robust enough to withstand legal scrutiny? ICTs may be called upon to prove a transaction has occurred, that a document or record has originated from a particular place at a particular time and has not been subsequently altered, to prove an identity and link that to a real person. Hard computer science coupled with appropriate protocols has some answers: error detection/correction, cryptographic hashes, public key infrastructures, software testing, product and system certification, EDP Audit, the procedures of forensic computing. But scientific proof upon which technical evidence depends is very different from legal proof – scientists aim for universal explanations while the courts aim to resolve a dispute or convict some-one of a crime. In the final analysis a court can treat expert evidence as simply one factor in reaching a decision and can disregard a scientific finding altogether. How then can we design ICTs to meet this challenge and give greater assurance that ICT output is legally reliable? Which of current research strands – into trust, requirements engineering, legal comparative and procedural research, jury research – assist us? Or is there an altogether simpler idea: the Multiple Witness Corroboration Model?
Bio: Peter Sommer is a Visiting Professor in the Information Systems Integrity Group in the Department of Management at the London School of Economics and also a Visiting Reader, Faculty of Mathematics, Computing and Technology, Open University. He is one of the world’s pioneers of digital evidence / computer forensics and has acted as an expert in many important criminal and civil court proceedings.
At the LSE he has helped develop the current range of Information System Security courses, with their emphases on social science, management, law and policy. At the Open University he is consultant for the Digital Investigations and Computer Forensics course, M889.
He read law at Oxford, had earlier careers as a book and electronic publisher and as a risk analyst/investigator for insurance underwriters and loss adjusters. His first digital investigation was in 1985. Legal expert witness activity has included criminal cases involving large-scale computer intrusions, Official Secrets, large-scale software piracy, indecent images of children, people trafficking, murder and terrorism. Civil instructions have covered theft of confidential information, defamation and theft of software code.
He is a former Parliamentary Specialist Advisor and sits on a number of Whitehall advisory panels. He is Joint Lead Assessor for the Computing speciality at the Council for the Registration of forensic Practitioners. He is on the Advisory Council of the Foundation for Information Policy Research and has Observer status at EURIM. The revised edition of his Directors’ and Corporate Advisors’ Guide to Digital Investigations and Evidence was published in November 2008 by the Information Assurance Advisory Council.
Save to your Calendar