Digital forensic evidence from the Australian Federal Police (AFP) has stepped closer to becoming a smoking gun after the agency's tools passed tough new data integrity checks.
The AFP last year decided to subject its evidence collection tools and processes to scrutiny by the National Association of Testing Authorities. Luckily, it passed, with the association accrediting the forensic unit with the ISO 17025 standard.
The standard has been available for about a year and the AFP said it is the only Australian agency to be accredited. It is based on existing forensics integrity standards that have been extended to fit the digital evidence collection.
Collecting evidence is relatively easy, AFP's chief of electronic evidence collection, Brian Diplock, said. The tough part is verifying the quality of the results and understanding and minimising their limitations.
"Anyone can fire up EnCase and get a result, but knowing what the results means is very important," Diplock said. "We need to understand not just the answers that forensic tools spit out, but what it means and how reliable it is."
The AFP's forensics division is subject to stricter standards than some state police forces. Still, the agency needed to be able to prove the reliability of its tools and ascertain error rates.
Digital evidence may have been previously vulnerable to an "easy line of questioning" to place doubt on its integrity, according to Diplock.
"Without [the standard we could have been subject to] a relatively easy line of questioning — what are your quality control processes and how do we know they are effective?" Diplock said.
"Accreditation is a way of circumventing some of that," he said, adding that it will give "more confidence" to evidence submitted to court.
The AFP has provided its accreditation materials to help overseas agencies become compliant with the standard.