Abstract
The privacy of third parties is an important issue in digital forensic investigations. The typical steps followed during an investigation require that the equipment used during the commission of the crime be seized and analyzed in a manner that complies with accepted investigative policy and practice. The analysis of the data on the seized equipment provides the investigator, who may not necessarily be associated with a law enforcement agency, with the opportunity to access personally identifiable information of persons or entities who may not be linked to the crime; this is especially true in multi-user environments.
This paper considers the key aspects surrounding privacy protection of third parties during the post mortem data analysis phase of digital forensic investigations. It proposes a framework that helps protect privacy without reducing the effectiveness of an investigation. The design includes a profiling component that analyzes a search corpus and a filtering component that calculates the diversity in the search results. Depending on the sensitivity level, the search results are either filtered out or are presented to the investigator.
Chapter PDF
Similar content being viewed by others
References
R. Agrawal, R. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau and R. Srikant, Auditing compliance with a Hippocratic database, Proceedings of the Thirtieth International Conference on Very Large Databases, pp. 516–527, 2004.
N. Beebe and J. Clark, Dealing with terabyte data sets in digital investigations, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 3–16, 2005.
N. Beebe and J. Clark, Digital forensic text string searching: Improving information retrieval effectiveness by thematically clustering search results, Digital Investigation, vol. 4(S), pp. S49–S54, 2007.
W. Cavnar and J. Trenkle, N-gram-based text categorization, Proceedings of the Third Annual Symposium on Document Analysis and Information Retrieval, pp. 161–175, 1994.
N. Croft and M. Olivier, Sequenced release of privacy-accurate information in a forensic investigation, Digital Investigation, vol. 7(1-2), pp. 95–101, 2010.
European Parliament and Council of the European Union, Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data, EU Data Protection Directive 95/46/EC, Brussels, Belgium, 1995.
B. Fei, J. Eloff, M. Olivier, H. Tillwick and H. Venter, Using self-organizing maps for anomalous behavior detection in a computer forensic investigation, Proceedings of the Fifth Annual South African Information Security Conference, 2005.
B. Fei, J. Eloff, H. Venter and M. Olivier, Exploring forensic data with self-organizing maps, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 113–123, 2005.
S. Fischer-Hubner, IT Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms, Springer-Verlag, Berlin-Heidelberg, Germany, 2001.
P. Gladyshev, Formalizing Event Reconstruction in Digital Investigations, Ph.D. Thesis, Department of Computer Science, University College Dublin, Dublin, Ireland, 2004.
S. Johnson, Hierarchical clustering schemes, Psychometrika, vol. 32(3), pp. 241–254, 1967.
T. Kohonen, Self-Organizing Maps, Springer-Verlag, Berlin-Heidel- berg, Germany, 2001.
Minister of Justice and Constitutional Development, Protection of Personal Information Bill, Pretoria, South Africa ( www.justice.gov.za/legislation/bills/B9-2009_ProtectionOfPersonalInformation.pdf ), 2009.
Organization for Economic Cooperation and Development, OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, Technical Report, Paris, France, 1980.
G. Palmer, A Road Map for Digital Forensic Research, DFRWS Technical Report DTR-T001-01 Final, Digital Forensic Research Workshop, Utica, New York ( www.dfrws.org/2001/dfrws-rm-final.pdf ), 2001.
C. Shannon, A mathematical theory of communication, Bell System Technical Journal, vol. XXVII(3), pp. 379–423, 1948.
Technical Working Group for the Examination of Digital Evidence, Forensic Examination of Digital Evidence: A Guide for Law Enforcement, Technical Report, National Institute of Justice, Washington, DC, 2004.
R. van den Hoven van Genderen, Cyber Crime Investigation and the Protection of Personal Data and Privacy, Discussion Paper, Economic Crime Division, Council of Europe, Strasbourg, France, 2008.
W. van Staden and M. Olivier, On compound purposes and compound reasons for enabling privacy, Journal of Universal Computer Science, vol. 17(3), pp 426–450, 2011.
S. Warren and L. Brandeis, The right to privacy, Harvard Law Review, vol. IV(5), pp, 193–220, 1890.
I. Witten, Text mining, in Practical Handbook of Internet Computing, M. Singh (Ed.), Chapman and Hall/CRC Press, Boca Raton, Florida, pp. 14-1–14.22, 2005.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
van Staden, W. (2013). Protecting Third Party Privacy in Digital Forensic Investigations. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics IX. DigitalForensics 2013. IFIP Advances in Information and Communication Technology, vol 410. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41148-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-41148-9_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41147-2
Online ISBN: 978-3-642-41148-9
eBook Packages: Computer ScienceComputer Science (R0)