A day in the life of evidence: Part 1

Modern policing is facing a significant shift in how evidence in a criminal investigation is managed. In the past, police precincts contained large evidence rooms,…

OpenText Security Cloud Team profile picture
OpenText Security Cloud Team

August 9, 20214 minute read

Modern policing is facing a significant shift in how evidence in a criminal investigation is managed. In the past, police precincts contained large evidence rooms, managed by evidence custodians, that housed all the evidence collected in an investigation: the smoking gun, the missing glove, witness statements, police reports and more.

But today, those traditional evidence rooms no longer fit the needs of modern policing. More than 80 percent of the evidence collected in an investigation is now digitaland law enforcement agencies worldwide are being overwhelmed by mountains of digital information associated with each case. This leaves police and law enforcement agencies facing the challenge of how to manage and collaborate on the growing volumes of increasingly complex digital evidence. It’s been said the police today aren’t just street officers—they’re data analysts as well.

The evidence lifecycle

What does the lifecycle of evidence look like? It depends on the agency and the circumstances of the crime involved, but let’s consider a simple example. When an officer is called to the scene of a crime, an incident is logged into the computer-aided dispatch system. This will ultimately become the case number under which all the evidence is filed. When officers arrive on scene, they will likely turn on their in-car video and body-worn cameras, begin taking victim and witness statements and start collecting evidence. The officer will create an incident report on a laptop or mobile device. Evidence collected at the scene can include surveillance camera footage, cell phones, suspect documents, laptops and fingerprints.

In this example, think about how much of what the officer did is in a digital format. The incident report? Check. In-car video, body camera and surveillance camera evidence? Check. Victim and witness statements? Check. Cell phone and laptop? Check. The documents? Check. Fingerprints? Check. So what happens with all those digital pieces of evidence the officer just generated?

Footage from the in-car video and body-worn camera is uploaded into a digital storage system. The incident report and victim/witness statements are captured in a records management system. The surveillance video footage is uploaded to a digital copy for further investigation. The cell phone is sent to a forensic lab to be imaged and analyzed, creating a digital evidence file. Digital copies of the documents are made and entered into a document management system. The fingerprints are sent to the technical services identification bureau and scanned into an automated fingerprint system and a digital report is generated. Forensic investigators examine the contents of the laptop and generate a digital report of suspect activity. After all this evidence has been captured, it is stored in disparate systems.

After evidence is collected and investigators have generated reports on their findings, the evidence is likely shared with prosecutors, other law enforcement agencies and investigative crime units and—potentially—the public. This collaboration of evidence can often occur across jurisdictional boundaries and even across multiple crime events.

Law enforcement challenges

This example highlights the challenges created for law enforcement. Lots of digital evidence has been generated. The evidence is stored in various places. How is chain of custody ensured? How do all the interested parties collaborate on the evidence that resides in a variety of places? Law enforcement spends a great deal of time and resources collecting and analyzing evidence. But how easy is it to search that evidence? Is this done quickly and efficiently to help close cases faster and ensure public safety?

At OpenText, we’re making the world a safer, more secure place by finding the truth in data. We invite you to visit us at security.opentext.com.

Author: Chuck Dodson, Sr. Director Market Development

With extensive experience in information security, Chuck holds GSTRT and CISM certifications and brings a wealth of experience in public security, both as a practitioner and an industry advisor. Chuck specializes in developing emerging markets and driving revenue by translating technical value to business value, ensuring customer satisfaction coupled with execution excellence.

Share this post

Share this post to x. Share to linkedin. Mail to
OpenText Security Cloud Team avatar image

OpenText Security Cloud Team

See all posts

More from the author

Dissecting IcedID behavior on an infected endpoint

Dissecting IcedID behavior on an infected endpoint

IcedID, also known as BokDot, is a banking trojan that was first discovered in 2017. It targets a victim’s financial information and it is also…

4 minute read

Technology meets tenacity

Technology meets tenacity

Technology alone won’t defeat cybercriminals. Effective cybersecurity isn’t something you buy off the shelf, set, and forget. To secure your data, you must be proactive,…

4 minute read

OpenText MxDR platform: a team player

OpenText MxDR platform: a team player

There’s a truism in the cybersecurity sector that says enterprise technology stacks are so large because the market demanded big-stack solutions. Convenience, fiscal constraints, and…

3 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.