Digital Forensics vs. Due Process: Conflicting Standards or Complementary Approaches?

Cybersecurity and digital forensics are closely related to current and even more to future criminal proceedings due to the fact that digital evidence is more and more dominating the body of evidence in criminal trials. It is also fair to say that digital forensics to a large extent performs in cybersecurity as a production of digital evidence. Not only in cybercrime but also in ordinary crimes like car theft, drug related crimes and forms of traditional organized crimes judicial decision-making and reasoning at trials and finally in judgments are more and more based on references to digital traces and data which are provided by forensic IT experts as exhibits. At the first glance providing digital data as evidence to criminal courts appears to be a straightforward more technical process. This paper claims that turning digital traces into digital evidence is anything but a simple and linear technical process just having to respect state-of-the-art technical standards and following rules for the chain of custody. Instead it will demonstrate that digital forensics is one part in a more complex social construction process where standards and methods of IT forensics of the 21st century meet evidentiary procedural rules in criminal justice of the 19th century, hence applied by a judiciary of the 20th century. This state of asynchrony leads to basic conflicts between digital forensics on the one side, rule of law, to process and fair trial on the other. The paper will reflect upon the central question if and how this conflict between digital forensics and traditional due process in the transition from analog to digital evidence in criminal justice proceedings can be turned into an integrated and complementary approach for the final sake of justice and security in the society. While the current situation is leading to a gap between data and judicial decision (digital divide), new standards for producing procedural truth in a comprehensible data-to-decision-cycle covering both the forensic acquisition, preparation and analysis at the pretrial stage, as well as presenting, testing (verifying/falsifying) and interpreting digital evidence at trial by judges, prosecutors and defense attorneys. Only if both sides, the forensic and judicial, are in balance the digital divide in today's criminal justice practice will fade away. Firstly, the paper will outline a conceptual view on the challenges electronic evidence based on digital code and machine language poses to a traditional judicial method of communicating evidentiary information relying on natural language and unstructured narratives in direct personal communication during trial which inevitably will lead to a paradigm shift in the judicial hermeneutic method. Criminal proceedings and judgments as their outcome are traditionally based on enlightenment principles of oral and direct communication in public hearings, hence human language and narrative is the crucial medium of communication and understanding during trial and post-trial addressing the wider public. If language at trial (which is already the case through judicial expert language) becomes exclusive, criminal proceedings lose their original sense of communicating what is 'right' and 'wrong' based on evidentiary reasoning as a rational evaluation and interpretation of legally relevant facts. If now digital evidence, produced by hard- and software applying technical standards, is not or only insufficiently communicated during trial and therefore neither understood regarding its reliability and validity by the court, prosecution and defense, nor grasped by the public, digital evidence jeopardizes the independence and autonomy of judicial decision-making at trial. As a result, the substance of rule of law will be changed since the power of decision-making is shifting away from the judiciary to digital experts. Thus, the understanding of "digital evidence" as a forensic-judicial construct leads to recognizing the substantial impact of digitization on criminal justice and the chances and risks digitization poses to modern criminal justice which is based on democratic rules and respecting human rights and individual freedom. Secondly, some light will briefly be shed on three aspects regarding the practical situation of digital evidence in Europe, it's actual risks and possible solutions. An analysis of European law-making since the Lisbon treaty shows the already well-known fact of the ubiquity of digital data in nearly all spheres of life represented in both big data as well as personalized data sets stored on mobile devices in detail. Exploring the flaws in cell phone evidence in Denmark which led to the review of 10,700 verdicts and the release of 32 prisoners show the fatal impact the digital divide in processing electronic evidence in criminal justice can have. Eventually, the judgement in the Case of Rook v. Germany at the European Court of Human Rights indicates perspectives in future dealing with digital evidence during criminal proceedings, in particular pointing out the special role defense attorneys (should) play in testing digital evidence by building up own independent resources and competencies in processing and analyzing digital data. Thirdly, against the backdrop of the above outlined conceptual framework and (selective) practical issues the paper will attempt to provide a perspective aiming at the integration of digital forensics and due process standards into a balanced and complementary approach allowing the court to reliably assess the probative value of digital data and drawing a red line for the admissibility of digital data into evidence where existing standards and tests do not allow judges an independent and informed decision, using the example of cell-site evidence. Only then the current digital gap in the processing of digital evidence in criminal justice will be closed when, in a joint effort, the IT-forensic industry in concert with law enforcement and judiciary provide reliable standards for testing electronic evidence at trial. Judicial players at trial, judges, prosecutors, defense attorneys, on the other hand, will be required to develop necessary skills and competencies to apply such standards in due process. Conclusive remarks will summarize challenging core issues but also the feasibility of "integrated forensic-judicial standards for digital evidence" which ultimately should guarantee the principles of rule of law and fair trial to safeguard in particular procedural principles such as the presumption of innocence and prevent their replacement by new concepts of risk probability and (cyber) threat scoring based on digital data.