Abstract
A digital forensic investigation requires an investigator to examine the forensic images of the seized storage media and devices. The investigator obtains full access to all the data contained in the forensic images, including private and sensitive data belonging to the individual being investigated that may be entirely unrelated to the case. Unrestricted access to forensic images poses a significant threat to data privacy. No legal or technical structures are in place to prevent abuse.
This chapter presents the results of three surveys, one for each stakeholder group in digital forensic investigations, namely investigators, lawyers and the general public, that sought to capture their data privacy perceptions regarding the investigative process. The survey responses show a lack of professional ethics among some of the investigators, lack of legal support for lawyers to protect data privacy and confusion among the general public regarding their data privacy rights. The results highlight a pressing need for a privacy-preserving digital forensic investigation framework. To this end, a simple, yet efficient, solution is proposed that protects data privacy without hindering forensic investigations.
Chapter PDF
Similar content being viewed by others
References
Aminnezhad, A., Dehghantanha, A., Abdullah, M.: A survey of privacy issues in digital forensics. International Journal of Cyber-Security and Digital Forensics 1(4), 311–323 (2012)
Barik, M., Gupta, G., Sinha, S., Mishra, A., Mazumdar, C.: An efficient technique for enhancing forensic capabilities of the Ext2 filesystem. Digital Investigation 4(S), S55–S61 (2007)
Croft, N., Olivier, M.: Sequenced release of privacy-accurate information in a forensic investigation. Digital Investigation 7(1–2), 95–101 (2010)
Dehghantanha, A., Franke, K.: Privacy-respecting digital investigation. In: Proceedings of the Twelfth Annual International Conference on Privacy, Security and Trust, pp. 129–138 (2014)
Guo, H., Jin, B., Huang, D.: Research and review on computer forensics. In: Lai, X., Gu, D., Jin, B., Wang, Y., Li, H. (eds.) e-Forensics 2010. LNICSSITE, vol. 56, pp. 224–233. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23602-0_21
Hou, S., Sasaki, R., Uehara, T., Yiu, S.: Verifying data authenticity and integrity in server-aided confidential forensic investigation. In: Mustofa, K., Neuhold, E.J., Tjoa, A.M., Weippl, E., You, I. (eds.) ICT-EurAsia 2013. LNCS, vol. 7804, pp. 312–317. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36818-9_33
Hou, S., Uehara, T., Yiu, S., Hui, L., Chow, K.: Privacy preserving confidential forensic investigation for shared or remote servers. In: Proceedings of the Seventh International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 378–383 (2011)
Hou, S., Uehara, T., Yiu, S., Hui, L., Chow, K.: Privacy preserving multiple keyword search for confidential investigations of remote forensics. In: Proceedings of the Third International Conference on Multimedia Information Networking and Security, pp. 595–599 (2011)
Hou, S., Yiu, S., Uehara, T., Sasaki, R.: Application of secret sharing techniques in confidential forensic investigations. In: Proceedings of the Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensics, pp. 69–76 (2013)
Law, F., Chan, P., Yiu, S., Chow, K., Kwan, M., Tse, H., Lai, P.: Protecting digital data privacy in computer forensic examinations. In: Proceedings of the Sixth International Workshop on Systematic Approaches to Digital Forensic Engineering (2011)
Moore, A.: Defining privacy. Journal of Social Philosophy 39(3), 411–428 (2008)
Ruan, K., Carthy, J., Kechadi, T.: Survey of cloud forensics and critical criteria for cloud forensic capability: a preliminary analysis. In: Proceedings of the Sixth Annual Conference on Digital Forensics, Security and Law, pp. 55–69 (2011)
Ruan, K., Carthy, J., Kechadi, T., Baggili, I.: Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results. Digital Investigation 10(1), 34–43 (2013)
Seth, K.: IT Act 2000 vs. 2008 – implementation, challenges and the role of adjudicating officers. In: Proceedings of the National Seminar on Enforcement of Cyberlaw (2010)
Shebaro, B., Crandall, J.: Privacy-preserving network flow recording. Digital Investigation 8(S), S90–S100 (2011)
van Staden, W.: Protecting third party privacy in digital forensic investigations. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2013. IAICT, vol. 410, pp. 19–31. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41148-9_2
Verma, R., Govindaraj, J., Gupta, G.: Preserving dates and timestamps for incident handling in android smartphones. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2014. IAICT, vol. 433, pp. 209–225. Springer, Heidelberg (2014). doi:10.1007/978-3-662-44952-3_14
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 IFIP International Federation for Information Processing
About this paper
Cite this paper
Verma, R., Govindaraj, J., Gupta, G. (2016). Data Privacy Perceptions About Digital Forensic Investigations in India. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics XII. DigitalForensics 2016. IFIP Advances in Information and Communication Technology, vol 484. Springer, Cham. https://doi.org/10.1007/978-3-319-46279-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-46279-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-46278-3
Online ISBN: 978-3-319-46279-0
eBook Packages: Computer ScienceComputer Science (R0)