[legalxml-enotary] FWD: Re: Digital Photos Give the Police a New Edgein Abuse Cases

[John Messing <jmessing@law-on-line.com>]

I am cross-posting this to the eNotary list because it is the sort of item that we may wish to discuss at our first meeting with regard to setting the TC's scope and requirements.


---------- Original Message ----------------------------------
From:         "Steven W. Teppler" <steppler@TIMECERTAIN.COM>
Reply-To:     "Steven W. Teppler" <steppler@TIMECERTAIN.COM>
Date:         Tue, 3 Sep 2002 18:10:34 -0400

I've been a bit hesitant to post a response to this thread because I do have
>a business as well as professional bias in this arena.  Digital evidence
>*is* easily altered.  It's zeroes and ones in a given order (note to Bob
>J. - I concede electromagnetic wave form stuff in advance ;)
>
>
>Some problems:  No mention is made as to whether the data is even signed
>digitally, much less timestamped, upon creation, receipt or transfer.  The
>argument is, of course, that physical data can be altered but that a great
>deal of deference is given to law enforcement's declarations to the
>contrary.  While I agree with this proposition and (perhaps) the care
>exercised by law enforcement in the case of physical data, there are many
>ways to forensically check that physical evidence to determine whether
>alterations were made.  The main issue both in the criminal and civil arena
>is data trustworthiness.  Further, the trust must also originate from the
>data generating device.  Or there has to be a heck of a lot of testimony
>corroborating the creation, transfer receipt and archiving of same.  For
>instance, does the data generating device (such as a digital camera) create
>output which can't be altered easily and without detection?  It appears not.
>So, even presuming the wonderful level of custodial care currently given to
>physical evidence, prosecutors are hieing to the gods of digital data
>omnipotence without understanding the nature of the beast.
>
>My apprehension here is that altered digital data will be used to "prove" up
>more than the content of an event based upon the prosecutors zeal to indict
>and convict.  I think it is absolutely shocking that such inherently
>ephemeral, unstable, and malleable digital data will be used to provide the
>foundation for seeking indictments in abuse cases without a victim's
>complaint being filed, for the most part because so much "trust" is imputed
>into the output of an untrustworthy machine deployed in an untrusted
>environment.
>
>Very Kafka-esque.
>
>That said, this underscores the need for this committee's work on the
>Digital Evidence Project to gain as many ears and eyes on the outside as
>possible, both on the criminal as well as the civil side.
>
>
>Steven
>
>
>"If the probability be called P; the injury, L; and the burden, B; liability
>depends upon whether B is less than L multiplied by P: i.e., whether B is
>less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
>  -----Original Message-----
>  From: Information Security Committee [mailto:ST-ISC@MAIL.ABANET.ORG]On
>Behalf Of Robert Jueneman
>  Sent: Tuesday, September 03, 2002 4:10 PM
>  To: ST-ISC@MAIL.ABANET.ORG
>  Subject: Re: Digital Photos Give the Police a New Edge in Abuse Cases
>
>
>  "        <<Digital Photos Give the Police a New Edge in Abuse Cases.htm>>
>
>  online at
>
>http://www.nytimes.com/2002/09/03/nyregion/03ABUS.html?pagewanted=2&todayshe
>adlines.  The NY Times requires registration for access.
>
>  an excerpt:
>          Although no major legal challenges have been mounted to the use of
>  digital photos in domestic violence cases, some people are questioning
>their
>  admissibility in court because they can be doctored, enhanced or
>manipulated
>  on a computer. "There are serious concerns," said Susan L. Hendricks,
>deputy
>  attorney in charge of the criminal defense division of the Legal Aid
>  Society, the main public defender in New York.
>          "I would be shocked if the result is that they are never admitted
>as
>  evidence," she went on, "but I think that given the ability to manipulate
>  them, the courts are going to have to be careful, or they should be."
>  "Many prosecutors say that they think the photographs will withstand
>  challenges, and that it is easy to tell if a photograph has been altered."
>
>  Yeah, right!  I saw that article this morning, and my mind immediately
>started racing. The NYT article raises some fascinating questions and
>issues, and perhaps an interesting market opportunity.
>
>  The significant benefit that is cited for the police departments is the
>ability to very rapidly transmit the digital photo to the DA's office, and
>even the judge, prior to arraignment.  When dealing with one-of-a-kind
>Polaroids, chain of custody and physical transmission problems can result in
>the photographs not being seen by the right people until as much as 30 days
>later.
>
>  But anyone with Adobe Photoshop would be perfectly capable of altering a
>digital photo with little or not chance of it being detected, unless we're
>talking about a third eye in the middle of your forehead.  This kind of
>digital retouching is done all of the time.
>
>  The key to preventing undetected evidence tampering is, of course, a
>digitally signed time stamp of a hash of the original digital image, signed
>by some trusted third party (not the police department!)
>
>  The TTP does not need to, and in many cases should not, see the actual
>photo -- all they need to sign is the hash of the photo, which can be
>transmitted independent of the photo itself.
>
>  But a trusted time stamp only proves that the photo was taken after a
>certain time, not when.  And if a sufficient amount of time elapses between
>the time the photo was really taken and the time it was timestamped, then it
>could be alleged that the photo could have been manipulated.
>
>  Now, many if not most digital cameras have built-in date/time stamps, but
>the problem is that those times can be set by the operator. So what is
>needed is a way of obtaining a time stamp more or less immediately before a
>given photo is taken, and then a second timestamp which includes the first
>timestamp plus a hash of the photo.  In that way, the interval between the
>two timestamps can be made quite small -- a minute or even several seconds.
>
>  Not just any ordinary camera will do for this, it would appear.  Instead,
>the camera has to support a real-time communications link to the
>time-stamping facility, and it has to be able to compute a hash function.
>Neither of those are particularly difficult to do, of course, but these
>functions should be reasonably tamperproof and difficult to defeat.  In
>particular, the act of exposing the picture and computing the hash of that
>picture coupled with the previous timestamp must be an atomic operation --
>it must not be possible to substitute a previously taken photo for the
>time-stamped one. Otherwise, someone could take a picture, modify it, insert
>it into the camera's memory, and arrange for the timestamp to take place,
>all within a second or two.
>
>  That requirement in turn means that the camera itself has to present an
>indisputable and unforgeable proof of origin.  That probably means that the
>camera itself has to digitally sign the image before it is timestamped by
>the TTP, in order to prove that a manufactured image wasn't created before
>the fact, and then later signed. Obviously, the private key used for this
>operation must be securely embedded in the camera itself, and not in some
>kind of a removable token.  And the act of taking the photo, computing the
>hash, and signing it must be an atomic, uninterruptible operation.
>
>  But none of these functions would be particularly difficult to incorporate
>in a modern digital camera, is someone wanted to.  And I would think that
>the market for every police department, government law enforcement agency,
>and potentially even every security camera would be sufficient to justify
>creating such a special purpose device.
>
>  Bob
>
>
>
>  Jueneman Consulting , LLC -- "Security Solutions for an Insecure World"
>  Robert R. Jueneman, President
>  1154 E. Dover Dr.
>  Provo, UT 84604
>  1-801-765-4829 (Office)
>  1-866-430-4685 (Toll Free)
>  1-801-765-4378 (Fax)
>  1-801-372-5501 (Cellular)
>  consulting@jueneman.com
>  www.jueneman.com
>
>  This message and any attached documents may contain Jueneman Consulting,
>LLC confidential or proprietary information and may be subject to privilege
>or exempt from disclosure under applicable law.  These materials are
>intended only for the use of the intended recipient.  If you are not the
>intended recipient of this electronic message, you are hereby notified that
>any use of this message is strictly prohibited.  Delivery of this message to
>any person other than the intended recipient shall not constitute any waiver
>of any privilege.  If you have received this message in error, please delete
>this message from your system and notify the sender immediately.    Thank
>you.
>
>