Digital forensic standards and digital evidence in Polish criminal proceedings. An updated definition of digital evidence in forensic science

Abstract

Digital evidence is increasingly popular in criminal proceedings - not only to those commonly referred to as 'cybercrimes'. The credibility criteria of such evidence are in theory governed by a set of basic principles developed within forensic science. According to current theoretical definitions, 'digital evidence' includes any information of probative value stored or transmitted in the form of digital data. It is expected that all digital evidence should be acquired and examined in a forensically sound manner. However, an empirical study based on polish criminal cases' files analysis shows that certain digital forensic guidelines on digital evidence are often ignored in practice, and information of digital origin are often presented only as printouts. A re-evaluation of current theoretical definition of 'digital evidence' is proposed based on a distinction between digital evidence in 'general' (sensu largo) and 'technical' (sensu stricto) sense.