Athena Forensics

Computer Forensic Expert, Computer Forensics, Computer Expert, Digital Forensics, Mobile Phone Forensics, Matthew Jackson, Computer Crime, Mobile Phone Expert, Expert Witness, Computer Analysis

ACPO Guidelines for Computer Forensics

ACPO Good Practice Guide for Computer Based Electronic Evidence

All of our computer forensic experts adhere to the Association of Chief Police Officers (ACPO) Good Practice Guide for Computer Based Electronic Evidence. The main principles of the ACPO/NPCC Good Practice Guide for Computer Based Electronic Evidence are:

Principle 1: No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court.

Principle 2: In exceptional circumstances, where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.

Principle 3: An audit trail or other record of all processes applied to computer based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result.

Principle 4: The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to.

Explanation of the principles

Computer-based electronic evidence is subject to the same rules and laws that apply to documentary evidence.

The doctrine of documentary evidence may be explained thus: the onus is on the prosecution to show to the court that the evidence produced is no more and no less now than when it was first taken into the possession of police.

Operating systems and other programs frequently alter and add to the contents of electronic storage. This may happen automatically without the user necessarily being aware that the data has been changed.

In order to comply with the principles of computer-based electronic evidence, wherever practicable, an image should be made of the entire target device. Partial or selective file copying may be considered as an alternative in certain circumstances e.g. when the amount of data to be imaged makes this impracticable. However, investigators should be careful to ensure that all relevant evidence is captured if this approach is adopted.

In a minority of cases, it may not be possible to obtain an image using a recognised imaging device. In these circumstances, it may become necessary for the original machine to be accessed to recover the evidence. With this in mind, it is essential that a witness, who is competent to give evidence to a court of law, makes any such access.

It is essential to display objectivity in a court, as well as the continuity and integrity of evidence. It is also necessary to demonstrate how evidence has been recovered, showing each process through which the evidence was obtained. Evidence should be preserved to such an extent that a third party is able to repeat the same process and arrive at the same result as that presented to a court.

Expert Witness Institute - Athena Forensics The Expert Witness Institute Logo
British Computer Society Logo - Athena Forensics BCS Chartered Institute for IT Logo
Chartered Society of Forensic Science Logo - Athena Forensics Chartered Society of Forensic Science Institute Logo
ACS Registrars Logo - Athena Forensics ACS Registrars ISO 9001 Logo
UK Register of Expert Witnesses - Athena Forensics Registered UK Register of Expert Witnesses Logo
Sweet and Maxwell Checked Logo - Athena Forensics 2017 Sweet & Maxwell Logo
We offer a free initial consultation that can greatly assist in the early stages of a case. To discuss your specific requirements for a quotation or to instruct an Athena Forensics Expert please call us on 0845 882 7386, email: enquiries@athenaforensics.co.uk or click on the link below.

Contact Us

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close