- The review the material identified to confirm its relevance.
- The requirement for the C4P database to be accurate and correct.
- The images present on a hard drive will still require review or material that is not contained within the C4P database will not be identified.
Almost monthly the news includes a press release from CEOP or the National Crime Agency relating to unlawful images and the individuals attempting to find such material. The Government has also recently publicised a policy in which Service Providers automatically block the ability for the user to access pornographic websites under the proviso that, rightly or wrongly, this will prevent children from accessing such material and will prevent adults, if they were so inclined, from accessing unlawful material.Clearly, increased attention and the development of new detection techniques by the authorities will allow for the identification of such material on the Internet which would, in turn, lead to investigations by those authorities, often resulting in the seizure of computers and/or mobile phones from a suspect’s home.However, the mere presence of an unlawful image on a computer or mobile phone is commonly becoming the only evidence used to form criminal cases involving such material or to support other Charges. Significant issues, such as, how they had been created are being asked, if at all, far later in the Court process. The presence of an image does not necessarily mean that the user had deliberately created it.Having been involved in the examination of computer evidence, predominantly within legal cases, for over 12 years and experiencing the expectations of working both within a Hi-Tech Crime Unit of a Police Force and as an independent computer forensic investigator and Expert for Athena Forensics, I have seen the increase in use of digital evidence within criminal cases and the changes of the quality of the evidence that is relied upon over that time and, as a result, there is a continual movement from an original ingrained process whereby an Examiner would manually review the material in front of them to automated software based processes where the Examiner simply has to wait for results to be produced for them.Almost all of the cases involving unlawful images are based upon the initial findings of the examination of the computer evidence by Police. Clearly, these initial findings are critical to the decision as to whether charges are made against an individual as well as what Charges are brought. However, the level of detail to which evidence is initially examined by Police is frequently lacking.As an example, due to budgetary constraints and to reduce the backlog faced by Hi-Tech Crime Units, it has become frequent for software named C4P to be used by Police forces. This software automatically scans all data on a hard drive and identifies images, thereby reducing the amount of manual work involved in completing the examination of a computer. Where such an examination may previously have involved the manual review of many thousands of images, this process removes that need by comparing images on a hard drive against a database of ‘known’ images (images previously identified by that Examiner) by the software and, in the event of a match, that image is highlighted as being relevant or unlawful.However, whilst the use of this software enables the ability to identify potentially unlawful material more quickly, there is still a need to carry out some manual tasks, including: