Pencils to Processors

Data Collection at Crime Scene

Part Two “The Future is Here”

The Future

The basics of crime scene investigation in the field of law enforcement have remained largely unchanged over the years. There will never be a replacement for the experience and knowledge of a savvy investigator and his/her observational and intuitive skills. What has changed in the field of investigation is the advent of different kinds of evidence collected, and the methodology for documenting and preserving it. (Schecter, 2011)   

Advanced Response Concepts Corp has developed and deployed a tablet based solution to assist investigators in electronically documenting evidence found in the field.  The solution known as Condor™ facilitates the identification, labeling, and tracking of evidence while keeping precise attendance records at the scene.  Designed with interoperability with the U.S. Department of Justice NIEM (National Information Exchange Model) compliance system in mind Condor™ is the logical extension of the simplicity and efficacy of paper‐based notes and forms. Advanced Response Concepts has developed a twenty first century alternative allowing users to apply the same intuitive skills. Condor™ is specifically designed to enhance and augment an investigator or crime scene technician’s skill set, by creating an intuitive, user‐friendly process and workflow to improve the field based collection of data required to properly document and investigate a crime scene.

CONDOR ™ supports this process through the use of tablet data collection devices, used to enter all of the information and facts typically gathered through the observation and interview process, and typically managed on paper while in the field. The user enters relevant event data into the system where it is recorded, aggregated, and able to be used to produce detailed agency‐configurable reports to completely document investigative activities, including the collection and tracking of physical evidence artifacts.  CONDOR ™ is intended to address a number of identified needs in the forensic and law enforcement communities, including several of those identified recently in the comprehensive report published by the National Academy of Sciences;  Strengthening Forensic Science in the United States, A Path Forward. (Committee on Identifying the Needs of the Forensic Sciences Community, National Research Council, 2009)  These issues include: improving and strengthening the chain of custody, better field documentation, improved scene management and access control all of which are specifically targeted by CONDOR ™.

CONDOR ™ is a scalable and robust combination of task specific hardware and software that is designed from the user up.  This approach has allowed our development team and subject matter experts (criminal investigative practitioners) to focus on creating a tool that fits the user and requires minimal changes to their operational process or existing work flow.  This user centric focus is the key to creating a tool that “fits” the end user to the greatest extent possible, eliminating the frustrations of trying to adapt to new technologies while still maintaining a consistent, technically correct and systematic approach to processing a crime scene.

The system consists of multiple options for tablet devices used to gather, collect, record and manage information. CONDOR ™ is not bound to any specific type of hardware for user input, allowing for continued migration to newer handheld technologies as they emerge offering greater flexibility to field users.

Conclusion 

When the phrase “Use tablet computers to record crime scene information” is entered into a Google search engine the top five responses say a lot about the future of enterprise computing at crime scenes.  Result one and three focus on the article quoted in this paper referencing iPad purchases in Tennessee.  The number two result is a news article highlighting Advanced Response Concepts Condor System being deployed in Delaware.  The fourth is a website for rugged computing solutions.  What is interesting is that as you work your way down the list the links all begin to point overseas, to academic institutions, solutions in place, and ground breaking strides forward in the use of technology.  Why is US Law Enforcement failing to keep up with the times or the rest of the world in this area?

A study conducted in Great Britain by the University of Birmingham found in a side by side comparison, no discernible difference in content or quailty between reports handwritten at the crime scene and those generated using tablet computers.  They did find a significant time savings and noted users found using tablets to be easier to work with.  Tablet technology in the crime scene environment is a force multiplier.

Computers at the scene of a crime allow for instant capture of sound, video, and still images.  They allow for voice to text conversion and handwriting recognition.  Information captured can be forwarded in real time to colleagues on the street and fusion centers.  American Law enforcement has embraced technology in offensive and defensive weaponry, surveillance tools, records and laboratory management systems, everywhere it seems but where it all starts, at the scene of the crime.  Every officer on the street is seeing increasing caseloads and longer waits for court dates. In an era of ever increasing budget shortfalls and staffing cuts it would seem as though the force multiplier capability of crime scene computing is a tool whose time has come.  

In the immortal words of Sgt Joe Friday:  “This is the city. Every 24 hours a little bit of everything happens. Two million people make a lot of history in one day. They write it all down and file it away. Some of it's important, some of it isn't. Business, industry, government - you buy a three-cent stamp or an oil well - they keep records of it. Progress, money, success... and failure. A complete history of every day; some of it's public, some personal. It's all written down. In my job we catalog trouble. I'm a cop.

 

Works Cited

Byrd, M. (2010-2012). Written Documentation at a Crime Scene. Retrieved May 7, 2012, from Crime Scene Investigator Network: http://www.crime-scene-investigator.net/document.html

Carrier, B., & Spafford, E. H. (2003). Getting Physical with the Digital Investigation Process. Purdue University, Center for Education and Research in Information Assurance and Security – CERIAS. Utica: International Journal of Digital Evidence.

Committee on Identifying the Needs of the Forensic Sciences Community, National Research Council. (2009). Strengthening Forensic Science in the United States, A Path Forward. National Academy of Sciences, National Institute of Justice. Washington DC: National Academies Press.

Daigneau, E. (2011, March). Tablets: Government's Newest Tool. (E-Republic) Retrieved May 7, 2012, from Governing the States and Localities: http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html

Katims, L. (2011, January 12). IPads Helping Tenn. Police Fight Crimes on the Go . Retrieved May 7, 2012, from Government Technology Magizine: http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html

Lee, H. C., Palmbach, T., & Miller, M. T. (2001). Henry Lee's Crime Scene Handbook. San Diego, California: Elsevier Academic Press.

Mechling, J. (2011, March 9). Will the iPad, and competing tablet computers, help us manage information overload or add to the distractions? (e-Republic) Retrieved May 7, 2012, from Governing the States and Localities: http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html

Schecter, P. (2011). Crime Scene Management, Evidence Tracking System Overview and Summary. Fairfax VA: Advanced Response Concepts Corporation.

Sung, T. (1248, 1981). The Washing Away of Wrongs: Forensic Medicine in Thirteenth-Century China (Science, Medicine, and Technology in East Asia) (1981 ed.). (B. McKnight, Ed., & B. McKnight, Trans.) Center for Chinease Studies.

Taylor, S. (2012). The History of Crime Scene Investigation. Retrieved May 7, 2012, from E-How: http://www.ehow.com/about_5371617_history-crime-scene-investigation.html

Pencils to Processors, Part 1

Data Collection at Crime Scenes

Part One “Living in the Past”

 

Introduction

“Crime scene investigation, or forensic science, involves the group effort of a team of professionals who study the scene of a crime. It takes many individuals who apply a wide range of specific sciences upon every aspect of the scene to complete this investigation. Investigators collect and study evidence such as fingerprints, biologicals like body fluids or skin cells, and ballistics (trajectory dynamics). The earliest forms of forensic science date back to prehistoric times."

Modern crime scene investigation advanced rapidly through the late 1900s and the early 2000s. Using the solid foundation developed over thousands of years of forensic investigation, modern forensics built upon these technologies and expanded their application to include computer forensics, DNA forensics, entomological (insect) forensics and enhanced biological studies”. (Taylor, 2012)

The Mission Space

A crime will more often than not consist of multiple crime scenes.  Consider that an act of domestic violence can start outside of a residence and move to a room or rooms within the residence. Though the “scenes” themselves are contiguous, they can be and often are treated individually.  The more cliché example of a bank robbery could be even more complex.  The February 1997 North Hollywood shootout was an armed confrontation between two heavily armed bank robbers and officers of the Los Angeles Police Department (LAPD) in the North Hollywood district of Los Angeles.  This crime could be described as being multiple scenes over a six block area to include the bank’s ATM lobby, teller and vault areas, the initial LAPD response at Laurel Canyon, the getaway vehicle, the scene of the Phillips suicide, and many others.  

A crime scene can be defined from macroscopic and microscopic points of view.  The macroscopic view focuses on crime scenes within a crime scene in the manner of previously mentioned examples.  The microscopic view culminates in the aggregation of individual physical elements relating the crime.  Every case investigated can contain multiple macro and microscopic scenes.  The interrelations between these definitions must all be considered as each has the potential to yield information critical to the investigation and eventual prosecutorial effort.  (Lee, Palmbach, & Miller, 2001)

The Challenge

When looking at the construct of a crime scene the one universal constant is its complexity.  So why is the primary methodology of crime scene investigation still reliant on the pencil and yellow legal pad as the tool of choice?   Every law enforcement agency has a formal procedure for the method by which written documentation is recorded and used.  The primary goal of this exercise is the accurate recording of the information with an eye on the future information sharing requirements of the case and/or future potentially related cases.  The Miami Dade Police Department Crime Scene Investigations unit uses a narrative section divided into five categories.  These categories are summary, scene, processing, and evidence collected, and pending.  Miami Dade Investigator Mike Byrd relates a recent request illustrating the importance of complete, detailed, and accurate recording of investigative information: 

 “Recently I was asked to give an opinion on the crime scene portion of a cold case investigation which had occurred more than 20 years earlier. I agreed to take a look at everything to give my interpretation of the crime scene from the work product. So the reports and pictures were ordered from the original files.

When the items came in the mail the report consisted of a one page, one paragraph narrative. The scene photographs consisted of several overall prospective of a wooded area. I could be of no assistance to my fellow colleague. But the experience best illustrates how important it is to properly use the tools at hand. We are brought in to assist in the beginning stages of an investigation when very limited information is known. We should realize that our work product may need to be viewed extensively by someone years from now for interpretation.”  (Byrd, 2010-2012).

Why we still relay on century old tools to support investigations with twenty first century expectations with regard to accuracy, detail, and recall is indicative of a traditional institution still clinging to the familiarity and perceived reliability of past methods while still operating in a contemporary society. So why is this attitude prevalent?  One could argue that these are time honored traditions with a proven track record.  Modern forensics goes back centuries.  Generally speaking the first modern forensic science publication detailing an investigative technique is attributed to by Tz'u Sung.  His thirteenth century text, “Hsi Duan Yu” (the Washing Away of Wrong) was written in 1248 AD. It detailed a process of distinguishing drowning from strangulation, portions of which are still used today. (Sung, 1248, 1981)  It has been the introduction of digital forensics, digital still and video, and the leap forward in DNA evidence thanks to the Polymerase Chain Reaction (PCR) technology invented by Nobel prize winner Kary Mullis that has become the tip of the investigative spear.

Current Choices?

The use of computers in crime scene analysis and forensic investigation has been a growing phenomenon over the last twenty years.  However the use of computers at a crime scene is not as widespread as you may come to expect in this day and age.  Crime scene utilization of a tool most Americans accept as commonplace is largely restricted to the gathering and processing of digital evidence, the area some investigators refer to as the “crime scene within the crime scene”.  This additional dimension, if you will, is focused on the information that can be gleaned from a computer when it is treated as evidence.  A computer itself is, typically, only one piece of physical evidence, but it can be processed to identify thousands of pieces of digital evidence and each piece of digital evidence can be analyzed to identify ownership, location, and timing. (Carrier & Spafford, 2003) 

With increasing expectations with regard to documentation what are the options?  Law enforcement departments in two Tennessee counties have turned to the Apple® iPad®.   The Jefferson County Police Department recently purchased 19 Apple iPads, one for each officer, with a grant from the U.S. Department of Homeland Security.  In adjacent Knox County, Sheriff’s Office Major Crimes and Family Crisis units recently began using the tablet computers, and detectives have enjoyed the mobility the iPads give them.  Functionality inherent in the popular devices proved to be the selling points.  Applications, known as “Apps” from the Apple® store allow officers to leverage the touch screen to draw sketches.  Built in microphones facilitate recording testimony at crime scenes while WiFi and CDMA allow officers to send reports, share information with colleagues and investigate background information without calling dispatch. (Katims, 2011)

The iPad is an impressive device.  In 2010 the New York Times proclaimed that 2010 would be the “Year of the Tablet.” (Daigneau, 2011)  In retrospect Apple dominated the market forcing the competition to delay or table forecasted launches in a scramble to produce competitively priced and feature rich challengers.  “[iPads] could critically accelerate and improve our utilization of digital information, and through that, the performance of government. Thus, they possess great strategic potential, but they could also serve as a risky distraction”. (Mechling, 2011)  But the iPad is not without its drawbacks, as web columnist Jerry Mechling alludes to in the afore mentioned quote.  Apple® maintains strict control over application development, licensing and deployment.   The device was created to allow an individual unlimited access to information but does so in a completely closed system.  Security tools built into the device are not without their vulnerabilities.  The fact that the Apple® “Jailbreak” community often has security patches published on the web before Apple® does is indicative of the weaknesses in the Apple® armor. The simplicity of the iPad masks its transformational power.  Navigating with your fingers rather than a keyboard marks a fundamental change in user interfaces.  

Despite its success the iPad® is not the only game in town.   In the two years the iPad® has been on the street a plethora of manufactures have entered the market with strongly competitive devices and operating systems.  Enter the other industry behemoth Microsoft.  In late 2012 Microsoft® will release Windows 8 with an accompanying tablet PC version. Partnered with Nvidia®, supplying the Tegra 3™ chip to be used with ARM based hardware, Microsoft will move to level the playing field currently dominated by Apple® and protagonist Android®.  Although this does not herald a coming competitive nirvana it does open the door to adaptation of software solutions known to the public safety community as well as allowing the open source community its opportunity to make a mark.   

Works Cited - Parts One and Two

Byrd, M. (2010-2012). Written Documentation at a Crime Scene. Retrieved May 7, 2012, from Crime Scene Investigator Network: http://www.crime-scene-investigator.net/document.html

Carrier, B., & Spafford, E. H. (2003). Getting Physical with the Digital Investigation Process. Purdue University, Center for Education and Research in Information Assurance and Security – CERIAS. Utica: International Journal of Digital Evidence.

Committee on Identifying the Needs of the Forensic Sciences Community, National Research Council. (2009). Strengthening Forensic Science in the United States, A Path Forward. National Academy of Sciences, National Institute of Justice. Washington DC: National Academies Press.

Daigneau, E. (2011, March). Tablets: Government's Newest Tool. (E-Republic) Retrieved May 7, 2012, from Governing the States and Localities: http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html

Katims, L. (2011, January 12). IPads Helping Tenn. Police Fight Crimes on the Go . Retrieved May 7, 2012, from Government Technology Magizine: http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html

Lee, H. C., Palmbach, T., & Miller, M. T. (2001). Henry Lee's Crime Scene Handbook. San Diego, California: Elsevier Academic Press.

Mechling, J. (2011, March 9). Will the iPad, and competing tablet computers, help us manage information overload or add to the distractions? (e-Republic) Retrieved May 7, 2012, from Governing the States and Localities: http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html

Schecter, P. (2011). Crime Scene Management, Evidence Tracking System Overview and Summary. Fairfax: Advanced Response Concepts Corporation.

Sung, T. (1248, 1981). The Washing Away of Wrongs: Forensic Medicine in Thirteenth-Century China (Science, Medicine, and Technology in East Asia) (1981 ed.). (B. McKnight, Ed., & B. McKnight, Trans.) Center for Chinease Studies.

Taylor, S. (2012). The History of Crime Scene Investigation. Retrieved May 7, 2012, from E-How: http://www.ehow.com/about_5371617_history-crime-scene-investigation.html

Possession is nine tenths of the law? Part 2

Part Two “It’s Mine I Can Prove It.” 

Why PKI should be used to address the digital rights management question 

The second half of this essay looks at how various media providers use DRM and the limitations of the current solutions.  PKI is presented as an alternative.  I hope you enjoy the paper and encourage you to comment.

Digital Rights Management

Accepting the fact that you are really not buying anything tangible, a digital content provider like Apple® is not necessarily out to get you.  The “Terms and Conditions [for] ITunes store, Mac App Store, App Store and iBookstore” allow for content sharing on up to ten devices five of which may be a I Tunes authorized computers.  It allows burning to CD your full playlist up to seven times.  For a fee you can get additional cloud services that make accessing your purchased content even easier.  On the flip side Apple® reserves the right to change the usage rules at any time.  The Apple® business model is not about making money with the content it is about making money on the hardware.  This is not the typical hardware /software paradigm.  With the majority of companies that deal in both hardware and software the real profit is in the software and ultimately the accompanying service and support plans.  Apples approach is not unique but is atypical in the software community though it seems to be part of a consensus in the digital content management community.  "The iPod makes money. The iTunes Music Store doesn't," said Apple Senior Vice President Phil Schiller.   "It's maybe a feature your platform should offer, but it's not like you're going to make some (big) markup," Microsoft Chairman Bill Gates said at the company's July [2003] analysts' meeting in response to questions about a proposed online music store.(Fried, 2003)

You have a certain amount of freedom in using and managing the content you purchase/lease from Apple ® although you are limited to using Apple® hardware, or apple software on non Apple® hardware like PC’s and Laptops.  The Apple® formats are proprietary as is the security mechanism they use to ensure compliance with their policies. This is the difference between the underperforming subscription models like Napster, Rhapsody, and Pressplay, and the Apple a la carte model which has been copied by most of the major players in the industry today.  Security is enforced using Digital Rights Management (DRM) Digital rights management.

 “DRM is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that are not desired or intended by the content provider. DRM also includes specific instances of digital works or devices. Companies such as Amazon, AT&T, AOL, Apple Inc., BBC, Microsoft, Electronic Arts and Sony use digital rights management.” (Wikipedia, 2012)  

DRM has its detractors who often predict gloom and doom scenarios.  These scenarios often focus on a complete loss of your digital media should the DRM standard change in the future or the original service provider go out of business.  Although it does not seem likely that the world will be without the I Store™, Kindle™ store, or any of the other megalithic providers anytime soon the point is valid. Additional charges are that DRM stifles innovation and competition but perhaps the most disconcerting charge it that DRM goes beyond the constraints required by current copyright law which could be a slippery slope indeed.   

Apple has its own proprietary version of DRM known as FairPlay which is in turn only supported by Apple ® products.  This is no surprise if the afore mentioned quote by Apple Senior Vice President Phil Schiller is representative of Apples long term business model.  Apple, like other digital content providers, does have a loyal following but the question needs to be asked; are we heading for a single source world in which you must pick your provider and be satisfied with the available offerings.   What happens when your favorite author’s publisher or recording artist’s studio will not sign a contract with your provider?  Do you buy a new device every time you seek to increase the variety of your library?  To be fair to Apple® although they continue to use DRM in other media they removed FairPlay and any sort of DRM from the music tracks bought in the iTunes music library in 2009. (Apple Inc, 2012)   Apple does continue to digitally watermark its music tracks offering an excellent segue into DRM alternatives.

The pivotal issue of the digital media conundrum is the establishment of ownership and the ability to trace that ownership.  There are those who do not believe that any sort of identifier that would allow for tracing of ownership is in any way necessary or justified.  Perhaps there are merits to specific arguments in that regard however a system without ownership principles will simply result in the eventual extinction of the art form.  Individuals cannot be allowed unfettered access to works without compensation to the originator or allowed the ability to, without limitation, reproduce and distribute said material.  It is obvious that DRM is not the solution of the future.  Apple uses digital watermarking, the process by which code is buried in an underlying carrier signal allowing for the verification of the signals ownership or authenticity.  This technology has been used to track down the source of pirated movies.  Unlike the Metadata like that placed in websites to improve visibility to search engines, Digital watermarking does not change the size of the file.  One would think that this is an effective solution until the realization that digital watermarking is proprietary, and not standards driven, comes to light. A digital watermark also cannot be easily altered or added to without sacrificing some of the quality of the original file.  With this limitation it becomes problematic at best to transfer ownership of the media.

 DRM Alternatives

Other methods for establishing ownership of digital media are in use.  For example, Palm Digital Media, now known as E-reader, links the credit card information of the purchaser to the e-book copy in order to discourage distribution of the books. (Noring, 2004)  The big disadvantage is the risk to Personally Identifiable Information (PII).  The thought of using credit card information to indicate ownership of a piece of digital media is scary at best.   So what is the solution?  One proposition is that establishing ownership of digital media, securing a multibillion dollar industry and preventing hundreds of millions of dollars in fraud in the US alone, is a great argument for furthering individual digital identities in the US; enter PKI and Digital Certificates. 

Public key infrastructure (PKI) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates. 

In cryptography, a public key “certificate” (or identity certificate) is an electronic document which incorporates a digital signature to bind together a public key with an identity - information such as the name of a person or an organization, their address, and so forth. The certificate can be used to provide very strong verification that a public key belongs to an individual.

In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority. In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users (”endorsements”). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together. (Operational Research Consultants Inc., 2011)

 

This would appear to be an excellent solution for both the producers and consumers of digital media. For example if I were to buy an e-book and sign both the purchase and the resulting digital file with a public key certificate it would be the digital equivalent of signing each and every page of a hardcover novel with my name.  It does raise some rather childish euphemistic comparisons but effectively marks that digital media as mine.  More importantly unlike a five year old scribbling this book belongs to “Tommy” across the pages a digital signature can be edited, exchanged, or added to without harming the underlying file. This allows for the establishment of a chain of ownership and subsequently for the smooth and traceable exchange of ownership, even one that is temporary.  

Detractors point out that the establishment of a PKI infrastructure is overly burdensome in cost and complexity.  But this argument does not stand up to the counter which is economy of scale.  The federal government has been using PKI for years for logical access security but efforts to increase the use of this proven technology outside the federal government have been hampered by lack of broad scale adoption.  Consider that Apple has more than two hundred million devices sold worldwide and Amazon can claim more than six hundred million users.  It is not too much of an exaggeration to state that using those numbers as a starting point would drive the cost of PKI digital identities into the cost range of the Venti Café Mocha from Starbucks I purchased on the way to work this morning.  It was by the way, demonstrably not ostensibly mine. Possession is nine tenths of the law, just ask my daughter.

Works Cited

Apple Inc. (2012, January 6). Chanegs Coming to iTunes Store. Retrieved June 20, 2012, from Apple Press Information: http://www.apple.com/pr/library/2009/01/06Changes-Coming-to-the-iTunes-Store.html

Apple Inc. (2012). LICENSED APPLICATION END USER LICENSE AGREEMENT . Retrieved June 18, 2012, from www.apple.com: http://www.apple.com/legal/itunes/appstore/dev/stdeula/

http://www.apple.com/legal/itunes/appstore/dev/stdeula/

Fried, I. (2003, Oct 16). Will Itunes make Apple Shine. Retrieved June 19, 2012, from CNET: http://news.cnet.com/2100-1041-5092559.html?tag=nl

Hyde, B. (2001). THE FIRST SALE DOCTRINE AND DIGITAL. Retrieved june 20, 2012, from Duke Law Scholorship Repository: http://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=1017&context=dltr

Kunkel, J. R. (2002). Recent Developments in Shrinkwrap, Clickwrap and Browsewrap Licenses in the United States. Murdoch University Electronic Journal of Law , 9 (3).

Noring, J. (2004). The Perils of DRM Overkill For Large Publishers. Retrieved June 20, 2012, from Teleread.org: http://web.archive.org/web/20080403175200/  http://www.teleread.org/publishersdrm.htm

Operational Research Consultants Inc. (2011). Certificates and Credentials. Retrieved June 20, 2012, from ORC.Com: http://www.orc.com/certificates/

Wikipedia. (2012, June 15). Digital rights management. Retrieved June 19, 2012, from Wikipedia, The Free Encyclopedia : http://en.wikipedia.org/wiki/Digital_rights_management#cite_note-0