Winning the Battles, Losing the War? Rethinking Methodology for Forensic Computing Research

Abstract

In the last 10 years, Forensic computing (FC) has emerged in response to the challenges of illegal, criminal and other inappropriate on-line behaviours. As awareness of the need for the accurate and legally admissible collection, collation, analysis and presentation of digital data has grown, so has recognition of the challenges this requirement poses for technical, legal and organisational responses to these on-line behaviours. Despite recognition of the multi-dimensional nature of these behaviours and the challenges faced, agreement on coherent frameworks for understanding and responding to these issues, their impacts and their interrelationships appears to remain a long way off. As a consequence, while significant advances have been made within technical, organisational and legal ‘solution centred paradigms’, the net result appears to be a case of ‘winning the battles but losing the war’ on computer misuse and e-crime. This paper examines this situation and reflects on its implications for academic researchers’ methodological approach to understanding and responding to these challenges. This paper suggests the need to reconceptualise the term ‘solution’ and advocates an additional methodological step, (that it is anticipated will generate data) for the development of a framework to map the value propositions of, and interrelationships between the individual sets of responses within the dynamically evolving FC landscape. By exposing issues, responses and underlying assumptions it is anticipated that this will improve the possibility of calibrated responses that more effectively and coherently balance the interests for security, privacy and legal admissibility.