Scientific Working Group on Digital Evidence explained

Abbreviation:SWGDE

The Scientific Working Group on Digital Evidence (SWGDE) is a group that brings together law enforcement, academic, and commercial organizations actively engaged in the field of digital forensics to develop cross-disciplinary guidelines and standards for the recovery, preservation, and examination of digital evidence.[1] [2] It was supported by the United States Federal Bureau of Investigation, but after 2014 is under the National Institute of Standards and Technology.[3]

History

The SWGDE was formed in 1998. Originally named the Technical Working Group (TWG) on Digital Evidence, it became SWGDE when TWGs were renamed to Scientific Working Groups (SWGs) in 1999 in order to distinguish the Federal Bureau of Investigation-supported long-term working groups from National Institute of Justice-supported short-term TWGs. SWGs are ongoing groups that meet at least once per year, and have federal, state and local members.[4] The goal of these groups is to open lines of communication between law enforcement agencies and forensic laboratories around the world while providing guidance on the use of new and innovative technologies and techniques.[5] The initial members of SWGDE were made up of the Federal Forensic Laboratories as well as representatives of several agencies that performed digital forensics outside the traditional forensic laboratory. Soon representatives from state and local agencies were invited to participate.[6] Today, the members are federal, state, and local law enforcement agencies, academic organizations, and commercial entities.[7] The first meeting of SWGDE was held in July 1998 and the group defined digital evidence as "any information of probative value that is stored or transmitted in a binary form." This includes digitized text, numerals, sound, images, and video.[8] "Binary" was later changed to "digital."[4] Some of SWGDE’s earliest work explored the principles of digital forensics and developed some baseline definitions. In 1999, at the request of the Group of Eight (G8), the International Organization on Computer Evidence (IOCE), which is no longer a functioning organization, with SWGDE contributions, authored a set of principles and definitions that the group felt were as close to universal as possible. These principles were published in the Forensic Science Communications journal and submitted to the G8; the principles were adopted by the G8 in 2001.[6] [8] By 2003, SWGDE had published guidelines for training and best practices. As a result of these efforts, the American Society of Crime Laboratory Directors (ASCLD) approved digital evidence as part of its accreditation process for crime laboratories in 2003.[9] Today, the discipline is referred to as Digital and Multimedia Evidence and comprises the sub-disciplines of computer forensics, audio, video and imaging.[10]

SWGDE Organization

The SWGDE membership presently consists of approximately seventy (maximum 100) forensic examiners, scientists, and managers from more than two dozen federal, state, and local law enforcement agencies, as well as representatives from the academic, private, and research communities. The membership elects its officers from within. SWGDE is composed of an Executive Board, eight standing committees, and ad-hoc committees appointed on an as-needed basis. The standing committees are Audio Forensics, Computer Forensics, Imaging, Photography, Quality Standards, Video, Membership, and Outreach.[7] The Imaging, Photography, and Video committees were added in June 2015, when the Scientific Working Group on Imaging Technology (SWGIT) terminated operations.[11]

SWGDE Function

SWGDE provides guidance to the digital forensic community through the publication of standards, guidelines, and best practices on its website.[12] SWGDE also encourages a number of its published documents to be used by standard developing organizations (e.g. ASTM International) in the creation of national and international standards for digital and multimedia evidence. One such document that has become an ASTM standard is the "Standard Practice for Computer Forensics" (ASTM E2763).[13] Additionally, SWGDE may answer direct inquiries using letters or position statements, which are also typically posted on the website.

Due to the rapidly evolving field of digital forensics, there is a great deal of debate regarding accreditation, certification, and proficiency testing legislation for digital forensic labs, personnel, and tools.[14] SWGDE does not accredit, certify, approve, or qualify laboratories or individuals. SWGDE promotes the establishment and maintenance of a robust quality system through the publication of relevant guidance documents and position papers, such as, guidelines for validation testing and minimum requirements for quality assurance. SWGDE documents seek to provide a framework for agencies to insert their own criteria and describe what should be included in a protocol, while not requiring a particular format or content.[15] [16] SWGDE documents are freely available to the community-at-large, with the goal that agencies wishing to create or improve digital evidence programs will thoughtfully examine and consider their guidance. Documents are first published as a draft version for comment from the public. This provides the public with an opportunity to provide feedback, changes, and objections to any portion before the document becomes final. All feedback is reviewed and, when accepted, incorporated before the document is published as a final version. SWGDE invites all interested parties to review and comment on any published draft or final documents available through its website.[7] SWGDE has published over 40 guidance documents, including joint documents with SWGIT, since its inception.[17] In addition to releasing documents, SWGDE members disseminate best practices for law enforcement professionals where digital and multimedia evidence is concerned. This is carried out by attending and lecturing at meetings and conferences of various forensic organizations that include:

A sampling of published documents

External links

Notes and References

  1. Book: John Sammons. The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics. 2012. Elsevier. 978-1-59749-661-2. 8.
  2. Scientific Working Group on Digital Evidence (SWGDE) and International Organization on Digital Evidence (IOCE). Digital Evidence: Standards and Principles . Forensic Science Communications. April 2000. 2. 2.
  3. Web site: 2014-02-07 . OSAC News . 2022-03-17 . NIST . en.
  4. Carrie Morgan Whitcomb. An Historical Perspective of Digital Evidence: A Forensic Scientist's View. International Journal of Digital Evidence . Spring 2002. 1. 1.
  5. Web site: Strengthening Forensic Science in the United States: A Path Forward . 2014-05-15. National Academies Press. 2009. Committee on Identifying the Needs of the Forensic .
  6. Book: Mark Pollitt. Michael Gertz. Integrity and Internal Control in Information Systems V. https://books.google.com/books?id=fmi0jcS0-pkC&pg=PA137. 31 May 2003. Springer. 978-1-4020-7473-8. 137–142. The Very Brief History of Digital Evidence Standards.
  7. Web site: Bylaws. 2014-05-15. 2012. Scientific Working Group on Digital Evidence. PDF. 2016-03-04. https://web.archive.org/web/20160304043406/https://www.swgde.org/documents/Current%20Documents/By%20Laws/2012-09-10%20Scientific%20Working%20Group%20on%20Digital%20Evidence%20Bylaws. dead.
  8. C. M. Whitcomb. The Evolution of Digital Evidence in Forensic Science Laboratories. The Police Chief. November 2007. 74. 11.
  9. Book: Eoghan Casey. Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. 12 April 2011. Academic Press. 978-0-08-092148-8. 12.
  10. John J. Barbara. Digital Evidence Accreditation Has Arrived. SC Magazine. October 1, 2003.
  11. Web site: SWGIT. www.swgit.org. 2016-07-08.
  12. Web site: SWGDE Homepage. 2014-05-15.
  13. Web site: ASTM E2763 – 10 Standard Practice for Computer Forensics. 2014-05-15.
  14. December 2009. From The Editor: SWGDE Weighs in on Research Council Reports. Forensic Magazine. Patrice Galvin.
  15. Book: Panagiotis Kanellis. Evangelos Kiountouzis. Nicholas Kolokotronis. Digital Crime and Forensic Science in Cyberspace. 1 January 2006. Idea Group Inc (IGI). 978-1-59140-872-7. 96.
  16. Book: John Sammons. The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics. 2012. Elsevier. 978-1-59749-661-2. 43.
  17. Web site: SWGDE Current Documents. 2014-05-15. Scientific Working Group on Digital Evidence.