Extracting, Preserving, and Authenticating Digital Evidence: What’s discoverable, how to obtain, and more

Daniel Larry
Daniel Larry
Envista

Larry has over twenty years of experience in digital forensics and has been with Envista Forensics for fifteen years. Larry is currently the Technical Director of the Digital Forensics practice at Envista Forensics.

Anthony Diosdi
Anthony Diosdi
Diosdi Ching & Liu, LLP

Anthony Diosdi is a partner at Diosdi Ching & Liu, LLP in San Francisco, where he focuses his practice on tax ligation and representation before various government agencies. He has substantial experience representing clients in complex civil litigation and criminal tax controversy matters.

On-Demand: August 19, 2022

Extracting, Preserving, and Authenticating Digital Evidence: What’s discoverable, how to obtain, and more

$195.00 2 hour CLE

MCLE Credit Information:

Select Your State Below to View CLE Credit Information

Can't Decide Which CLE Progam?

Access All
Federal Bar Association Programs
Co-Sponsored by myLawCLE
Only $395yr

Annual Subscription includes access to:
  • 500+ Live CLE Webinars
  • National Hot Legal Topics
  • New Laws and Regulations
  • State Specific Programs
  • All Formats: Live, Replay, & On-Demand
Subscribe Today
Training 5 or more people?

Sign-up for a law firm subscription plan and each attorney in the firm receives free access to all CLE Programs

Program Summary

Session l – Preservation and Protection of Electronic Evidence – Daniel Larry

The purpose of this class is to educate claims professionals on how digital evidence is extracted from cell phones, computers, and other electronic devices. Explanations will be given on the various methods of how this data is extracted, what is in accordance with forensic best practices, and how this evidence is properly preserved. In addition, attendees will learn about the fragile nature of digital evidence, and the extent to which this information can be changed if not handled correctly.

Given the rising instances of fake text messages and call spoofing, a section of this class will explain how this is commonly done, even by people with little technical knowledge, and how an investigation is performed to determine the authenticity of such evidence.

Using actual case examples, attendees will see how protecting digital evidence can be vital in an investigation. Upon completion of this class, attendees will have a working knowledge of how data collections are performed, how data is preserved, the types of forensic artifacts that are recoverable, how data is authenticated, and how such evidence can be used for their purposes when working on a case.

Key topics to be discussed:

  • Differences and similarities between cell phone forensics and computer forensics
    • The technology will be explained so that attendees understand the differences and similarities between cell phone forensics and computer forensics. The purpose of this explanation is so they can understand the different issues related to evidence preservation according to digital forensics best practices.
  • Forensic acquisition and preservation of digital evidence
    • The unique preservation issues concerning cell phone forensic evidence will be covered. This includes the necessary use of faraday bags to block radio waves from reaching the cell phone in order to preserve the evidence so that phones cannot be remotely wiped, and so that cell phones data is not lost via the ingestion of new data (thereby potentially deleting the oldest).
    • The three primary forms of cell phone acquisition will be explained. These include a logical, file system, and physical extraction of data. These three forms of acquisition work differently technologically speaking, but they also recover different types of data, and at different levels of depth. Using plain language, these technical concepts will be explained in an approachable manner.
    • A special explanation will be given to manual examinations. This is done in particular because this is most likely what a legal professional is likely to encounter in their daily work. This is also the most problematic form of digital evidence collection as it lacks a forensic method of verification. A manual examination is where a forensic examiner (or even layperson) has to actually take pictures of a cell phone in order to capture the data on it.
  • When Data Collection Go Won
    • In the section, the attendee will learn how data can be lost and the implications that can follow, which include the possibility for spoliation claims and sanctions. This will be explained utilizing real case examples.

Session ll – The Importance of Electronic Evidence and Digital Forensics – Anthony Diosdi

There is a tremendous knowledge gap in our legal system when it comes to matters involving digital evidence. In many cases, this knowledge gap has put attorneys in the position of not knowing that digital evidence could make a difference in their cases. The purpose of the seminar is to fill that knowledge gap so that lawyers will have a better chance to understand evidence that is involved and presented in cases and in courts.

Key topics to be discussed:

  • Pursuing computers, cloud storage, social media platforms and legacy storage for useful evidence
  • Problems of preservation and authentication
  • Best Practices for Preserving and Retrieving Deleted Data
  • Smart Phone and Mobile Device Evidence – What to Look for and Where to Find It
  • Overview on how and when to subpoena phone, social media, and other records
  • Essential rules, objections, statutes, and case law
  • What is discoverable and what is not, the proper procedures to follow
  • How a lawyer can obtain the same evidence without using a subpoena
  • Confidentiality concerns related to electronic discover

This course is co-sponsored with myLawCLE.

Date: October 17, 2022

Closed-captioning available

Speakers

Daniel Larry_Envista_FedBarDaniel Larry | Envista

Larry has over twenty years of experience in digital forensics and has been with Envista Forensics for fifteen years. Larry is currently the Technical Director of the Digital Forensics practice at Envista Forensics.

Larry holds nine certifications and has qualified and testified as an expert in computer forensics, cell phone forensics, GPS forensics, and cellular technology and call detail records analysis over seventy-five times in sixteen states and seventeen federal districts.

Larry is co-author of the book, “Digital Forensics for Legal Professionals” 2011, Syngress and is the sole author of the book, “Cell Phone Location Evidence for Legal Professionals” 2017, Academic Press.

 

Anthony-Diosdi_Diosdi-Chind-&-Liu-LLP_FedBarAnthony Diosdi | Diosdi Ching & Liu, LLP

Anthony Diosdi is a partner at Diosdi Ching & Liu, LLP in San Francisco, where he focuses his practice on tax ligation and representation before various government agencies. He has substantial experience representing clients in complex civil litigation and criminal tax controversy matters. Anthony Diosdi has represented hundreds of clients in both federal and state courts. He is a member of the California and Florida bars.

Agenda

Session l – Preservation and Protection of Electronic Evidence | 2:00pm – 3:00pm

  1. Introduction| 2:00pm – 2:10pm
  2. Forensic acquisition and preservation of digital evidence | 2:10pm – 2:35pm
  3. When Data Collection Go Won | 2:35pm – 2:55pm
  4. Q&A | 2:55pm – 3:00pm

Break | 3:00pm – 3:10pm

Session ll – The Importance of Electronic Evidence and Digital Forensics | 3:10pm – 4:10pm

  1. Overview of digital forensics | 3:10pm – 3:25pm
  2. Experts | 3:25pm – 3:40pm
  3. Motions and discovery | 3:40pm – 3:55pm
  4. Common types of digital evidence | 3:55pm – 4:10pm