Posts Tagged ‘Security’
Melinda Kidder: Jealous, Wanna Be Private Investigator!
Back in 2008 when Joseph Lucero and Pam Smith were in court over some differences that they had, which seemed to arise from a student-professor relationship that they had when Joseph Lucero attended MU; I knew that Melinda Kidder was not really cut out for Private Investigation work. Not REAL Private Investigation work.
I remember the day as clear as if it was yesterday. Randall Johnston and George Smith two top-notch civil attorneys in Columbia, MO. were representing Joseph Lucero. Now George Smith and Randall Johnston are some of the best civil attorneys that I know of, they just have the experience to be two of the best civil attorneys that I know! On the day that Melinda Kidder took the stand to testify for Pam Smith and Randall Johnston made her leave the courtroom crying like a little baby, YES actually broke down in tears; I knew Melinda Kidder was not cut out for Private Investigation work and this pretty well proved it. Private Investigation work requires one to be tough, “thick skinned”, hard to intimidate, and cool under pressure. Anyone that actually breaks down and cries because some attorney raised their voice at them under cross-examination, has NONE of these qualities!
What is shameful is that I got Melinda Kidder started in the Private Investigation business. Back in 2005 – 2006 I bought a desk from her, and we got to talking and I told her what I did for a living. Melinda Kidder seemed interested in what I did, and wanted to start her own Private Investigation business; so I showed her where to get an insurance bond that was required by the City of Columbia back then, where to apply, introduced her to a few attorneys, and helped her along. I have to admit, I had my reservations; I told my fiancé that she would probably cause me a few problems because she was a short, fat, lesbian and card carrying man-hater. Okay, now I seem mean, cruel, even discriminatory; don’t I? Well, just hold on a second. Not all short, fat lesbians are man-haters, and not all man-haters are short, fat lesbians, and there is certainly nothing wrong or bad with or about being short, over-weight, or a lesbian. I think a person should be free to choose their sexual orientation, I don’t think a person can control their height, and I think a person’s weight is what it is; but when you have a female that openly hates men (except for the men that have female qualities that she can like), and you have these other descriptors that also illustrate something about her personality, then it is worth mentioning in a blog post like this. So, when you have a short, fat lesbian that is a man-hater; any man that associated with her will always have a potential problem, and what happened between Melinda Kidder and I is a classic illustration of that! If you, the reader ever wonder what Melinda Kidder’s problem was with me after she got into the Private Investigation business; just ask her about this single statement listed below that she made in a letter to me in 2010:
I’ve considered whether its jealousy on my part, and perhaps I do have some jealousy that you might have more business coming in than I do.
JEALOUSY is a terrible thing. Only pathetic people would rather sit around and be jealous than to actually be what they are jealous of. Remember this; better to be the one that inspires jealousy than to be the one that is inspired by jealousy!
Just as early as 3 months ago, I tried to offer Melinda Kidder some work, think of it as an “Olive Branch”; and Melinda Kidder would not sign a Non-Disclosure Agreement; which is standard in my company before I sub-contract any work. I was going to give Melinda Kidder some of my “over-flow”; it was about 6 cases. Melinda Kidder turned the work down, and then immediately ran to one of my former employees that had bought a court action against me (THAT I JUST WON) and made her believe that I was trying to have her investigated. Melinda Kidder and one of her “cohorts” on the west coast also tried to cause some problems with some of the tools that I subscribe to in my line of work. None of this has worked, but it was not for lack of trying on her part.
Melinda Kidder had to testify in the civil action between myself and my former employee, and fortunately for her she had just enough decency in her to tell the truth under oath; although I must admit I was shocked when she did. My attorney was going to “obliterate” her on the stand, but after we saw that she actually told the truth under oath, my attorney and I made a decision not to bring out the fact that Melinda Kidder suffers from memory lapses. Just ask her. Ask Melinda if she did not get sick about 10 years ago, and if her illness did not cause her short term and long term memory problems. To any attorney that ever has a case against her, just ask her while she is on the stand about any illness she might of had, what the effects were, and if it affected her memory, and if it STILL affects her memory. Melinda Kidder does not make a good witness in any case due to her illness imposed memory problems. ATTORNEYS TAKE NOTE! I am happy to be a witness that Melinda Kidder personally told me that she contracted an illness, that she had to have a brain operation, and that it caused her and still does cause her short term and long term memory loss problems.
This is Melinda Kidder and I outside of my office back in the days she was playing along and being nice to me to “get what she could get”:
See? Short and Fat!
Now, remember that this is the Private Investigator that claims to run a company that touts having “The Investigators With Integrity”.
Stay tuned, there will be an entire series of articles on people like this, that have tried to damage my business to promote their own, and how they conspired to do so. Hopefully, this blog will give you a good idea of who to steer clear of when the need arises to do business in my profession.
RMRI, INC.’S NEW TECHNOLOGY IS PASSING ALL TESTS!
We Are In The Age Of Information
Last week I blogged about some new technology that RMRI, Inc. now has. This technology is proprietary to RMRI, Inc., so I won’t be very specific about the technology itself, however I would like to update my readership on the effectiveness of the technology based on test results at RMRI, Inc.
Not only have I been impressed with this new technology; but so has the people that have contacted me and requested that I use it to help them in their cases. I have heard nothing but good feedback from the people that have utilized this product to enhance their investigations.
In the most recent case, I was contacted by a Private Sector Fugitive Recovery Agent to assist him in locating a fugitive from justice that has a verified warrant out for their arrest. Due to the fact that this Fugitive Recovery Operation is underway as I write this; I can’t give specifics about it. I will follow up with specifics about it in a later post. However I can say this; the Private Sector Fugitive Recovery Agent contacted me at 9:00 PM on January 8, 2013 (last night) and by 9:30 PM on January 8, 2013 (30 minutes later) the Private Sector Fugitive Recovery Agent had a verified location on his Fugitive From Justice and is now making all of the arrangements to recovery this fugitive. This was all conducted from my computer at my desk. After weeks of field work, interviews, and “Address Checks” to no avail; RMRI, Inc. and the new technology that we can deploy to gather critical information on a subject was able to locate this fugitive within thirty (30) minutes!
In another case RMRI, Inc. was contacted by an attorney to run a background check on a subject. The attorney reported that she had previously had a computerized background check conducted on her subject; and did not get any current information back about her subject; but did get a good amount of historical data back pertaining to her subject. I used RMRI, Inc.’s new technology to run this attorney’s subject for background information, compiled the report along with some visual data graphs that are generated by the technology and sent all of the results over to the attorney. Within one (1) hour I received a phone call from the attorney; she said that she had never seen a report like this, and she was just “blown away” as to how much more information was found on this report in comparison to the reports she got back from ordering a Computerized Background Check from another company. She stated that she felt like she knew everything there was to know about her subject, and that now she had information that she could actually use in her case. This attorney stated that she would be calling RMRI, Inc. for all of her information needs, from this point forward.
In a third case, an Investigator from Maryland named Fred Schroeder contacted RMRI, Inc. about running some information on a few subjects of an investigation he was conducting. Within one (1) hour the Investigator had several reports pertinent to his investigation, and he was also highly impressed. This Investigator indicated that the data that he received answered a question that he would have had to research prior to receiving this report. This Investigator also indicated that he would be using RMRI, inc. for all of his information needs in the future. Below are Fred’s words as quoted from an email he replied to RMRI, Inc. with after receiving these reports:
Good Morning, Ricky.
I have finally had the chance to look over the “reports” you supplied the other day regarding our current investigation.
I am Totally Impressed with the Comprehensive Information contained in your reports. I have been a Defense Based Private Investigator for 30 years and have closely watched the evolution of Information Reports and you absolutely hit a Home Run. As a matter of fact, your report answered the next question I was going to research.The problem I’ve been having with “reports” is that maybe 10% of the information is “Real” and the other 90% based on “Speculation and Cross Over Information” gathered from other Data Bases.
Your Reports supplied 60% Real And Useful Information. We look forward to a continuing relationship.
Regards & Thank You.
Fred
Frederick W. Schroeder, 6th
Schroeder & Associates Investigative Services.
http://Schroeder6th.com
Folks; I think RMRI, Inc. has something here that can benefit the Legal and Investigative Community alike. Of course, as I have stated before there are limitations. If the data you need is not aggregated on-line; we will not be able to get this data, and there are also some limitations as to what various states make available on-line. Barring these limitations; I simply have not seen and do not know of any other source that will pull out the type of information from the Internet and compile it in as comprehensive and easy to read report with good, useful graphics as what RMRI, Inc. has rolled out. The cost of this information is a little higher than what would be paid for standard database results; however when one considers that value of having actionable intelligence that one can rely on; I believe the cost is competitive with standard database results that contain a lot of “canned data”.
Ricky B. Gurley.
NEW TECHNOLOGY AT RMRI, INC. EQUALS GREATER CAPABILITIES
We Are In The Age Of Information
As we progress in this technological world we find that information has become a commodity; and accurate, current information is a precious commodity. It is not enough to just have information on a person or a business when there is a need to investigate a person or a business, the information must be actionable! There is only one way that information is actionable and that is if it is current, accurate, and in-depth.
Today there are more files kept on consumers than ever before. We all have a file! There can be no doubt that we all have a vast amount of information that is kept about us in a file on a computer, somewhere. Rarely do we get to see all of the information that is archived and stored about us. One of the problems with accessing this information is that it is broken up into pieces and stored on various computers, depending on the category and classification of this information. There is no central repository for this information, but we are getting close to having a central repository for consumer data. So, the problem for the consumer that has a legitimate need for this information is ACCESS!
While there is no known central repository for consumer data, there is technology that can pull these files on consumers from the various storage mediums that they are housed in and combine them into one report. Even with this technology there is still a problem for the consumer. That problem is accuracy and “freshness”. In order to act on information one has to have accurate and up to date information. Personal data archived on computer systems is often “stale” and inaccurate by the time it is made available to the consumer. In order to overcome this problem, one has to have access to data coming directly from the terminal as it is being archived in the system, instead of access to “canned data” that has been archived for three (3) to six (6) months, and have the resources to check and verify the sources of information against alternate sources of the same information.
Once there is a system in place that can tackle these two (2) problems, a better, more accurate and current grade of information can be produced for those that have a legitimate need for it. RMRI, Inc. has tackled these two (2) problems! RMRI, Inc. is not relying on one (1) database to solve these problems, nor are we simply ordering a report and reselling it. We have developed a streamlined process by which multiple databases are pulled together and the information from those databases is put into a cue where it is checked for integrity and accuracy, and then all of the relevant information that has passed the necessary checks for accuracy, freshness, and integrity are then put into a consumer report with visual mapping, that is actionable!
NOW THE CONSUMER THAT HAS A LEGITIMATE AND LEGAL NEED HAS ACCESS TO GREATER, MORE ACCURATE, AND UP TO DATE INFORMATION THAN EVER BEFORE; AT AN AFFORDABLE COST!
RMRI, Inc. now has the technology to deliver actionable information to our clientele! From detailed current location information to in-depth criminal histories all the way to full, all inclusive National Comprehensive Reports that span everything from location information to utility information to asset information, criminal and civil records; and RMRI, Inc. can quickly put it at your fingertips.
RMRI, Inc. now has the latest, cutting edge technology to offer our clientele actionable investigative intelligence at competitive industry prices. Considering the value of accurate and current intelligence over stale, outdated data our clientele can expect significant long term savings in time and money when in need of investigative intelligence.
BRIEF PRICE LIST
NATIONWIDE CRIMINAL RECORD SCAN: $50.00
NATIONWIDE CIVIL RECORD SCAN: $50.00
NATIONWIDE CIVIL AND CRIMINAL RECORD SCAN: $75.00
LOCATOR REPORT: $100.00
LOCATOR REPORT WITH BUSINESS AFFILIATIONS AND EMPLOYMENT SCAN: $150.00
COMPREHENSIVE BACKGROUND SCAN: $250.00
VISUAL MAPPING: ADD $25.00
THIS IS ONLY A PARTIAL LISTING; PLEASE CALL FOR ANY CUSTOM REQUESTS
TOLL FREE: (888) 571-0958 OR CELL: (573) 529-4476
Ricky B. Gurley.
Confidentiality: Good P.I.’s Remain Silent About Their Cases And Clients!
I have been on the Internet for a very long time, probably longer than most Private Investigators have. I am always amazed at the information one can find on the Internet. Most of the information on the Internet is information that we freely give about ourselves. Between social networks, email, and the ”deep web”, we can find out almost anything about anyone. It has become accepted and even expected that the consumer will inadvertently give out private information about their self on the Internet in current times. But what about Private Investigators? One would think that a Private Investigator would be cautious of what they allow others to see about them and their business on the Internet. Sadly, this does not seem to be the case.
The Private Investigation business is a funny business, while the Private Investigator has to be able to keep his or her case information confidential, he or she also has to find an effective way to advertise or market on the Internet these days, also. Often times Private Investigators blur the lines between marketing and giving out confidential information on the Internet. I was amazed eight years ago when I found a naked picture of one Private Investigator on the Internet. Not surprisingly this Private Investigator was the very person responsible for their naked picture being on the Internet. If this Private Investigator had not sent their naked picture to other unsuspecting people of the opposite sex in email, their picture would have never been found on the Internet. This is just an example of how careless one Private Investigator had become with their information. But there are literally hundreds of examples like this where Private Investigators have shared a little too much on the Internet.
We all remember the Baby Lisa Irwin Case, and one Private Investigator’s attempt to grab some attention by proclaiming how he was working this case, then “backpedaling” and stating that he was blogging this case as an “Investigative Journalist”, right? Look at all of the information and inferences one could make from that situation. First, the question comes to mind; why wouldn’t anyone actually hire him to work this case? Second, one has to wonder was this Private Investigator using his fee based, proprietary databases to cull information on this case, while he was clearly not working as a hired Private Investigator conducting a Private Investigation? Third, was it appropriate to share the results of his investigation with the public, while the Police were conducting an investigation into the disappearance of this infant, if he was not hired by anyone to conduct this investigation? It is one thing to conduct an investigation as a hired Private Investigator where you have an obligation to your client to investigate the case and keep the information that you gather confidential; it is entirely another thing to possibly interfere with a Police investigation by conducting an investigation for the sake of blogging about your findings for a little media attention. And to this day, this Private Investigator has put himself in the unenviable position of not being able to prove that he did one single thing that helped in locating this child; the only thing he did do was make himself look like an attention starved, low-rent Private Investigator that would do anything for a little media attention.
RMRI, Inc. works a good deal of very sensitive cases that go to court and can be “life altering” to our clients if certain critical information were to come out about our cases. RMRI, Inc. has a few hard and fast rules and protocols about how we conduct business and what we choose to let the public know about our business. First, the ONLY time we are working a case is when we have a paying client, we don’t work cases for free in the hopes of getting some media attention. In all cases that go to court, we enter into a contract with the client. If the case is something simple, where a contract is not necessary (such as: serving a summons) we get an email acknowledgement or an on-line acknowledgement that we are working for the client and that the client expects any information we find in the course of doing our work to remain confidential. We NEVER speak to anyone outside of the client and our team members about an active and ongoing case. Even after a case is completely finished we have a ninety (90) day wait time before we can even acknowledge that we had any involvement with the case whatsoever, and then after that ninety (90) days we can not mention anything that identifies the case we can just speak in general terms about the case. Our approach is quite simple; “we don’t want attention, we want to be paid”. We liken our work to that of any other job, we “punch in” and work, we “punch out” and go home, and we collect our pay. We work to make a living, not for glamour and fame.
While it is true that you can find RMRI, Inc.’s company name in certain publications for attorneys and certain news papers and magazines, what you wont find is any specific information about cases we work, such as names, dates, and specific locations. While you might see a mentioning of cases on our website, what you will not see is any specific mentioning of the details of these cases unless they are over seven (7) years old. While you might see a Facebook Page for RMRI, Inc., what you won’t see is any mention of a case we are working. We make tremendous efforts and take great pains at RMRI, Inc. not to blur the lines between advertising and giving out even a hint of information about our clients and our cases. RMRI, Inc. is not so desperate for attention that we are willing to forsake our client’s privacy for some media attention.
RMRI, Inc. is made up of two (2) licensed Private Investigators, one (1) Pending Licensed Private Investigator, one (1) Process Server, two (2) Technical Consultants qualified as Expert Witnesses, and one (1) Secretary and all of our staff have committed to keeping all case and client data at RMRI, Inc. confidential. Each member is well aware that intentionally “leaking” case and/or client information outside of the confines of RMRI, Inc. is grounds for termination and possible civil action.
In Summary
A Private Investigator’s ability to keep his or her case and client information is paramount. Confidentiality in the Private Investigation Business is a justified expectation of the client. A successful and confident Private Investigator feels no need to boast about their cases or their clients. Confidentiality is the hallmark of any successful Private investigation Business. If you don’t understand confidentiality, you don’t understand the Private Investigation Business!
Cyber-Investigations For The Defense: Fair Discovery?
Last week the Missouri Lawyer’s Media did an article on a discovery issue that Prosecutors, Defense Attorneys, and Investigators have been wrestling with for a while now. In this article I was quoted by the reporter that interviewed me for this article. I wanted to take some time and elaborate a little further on my position in regards to this issue. First I’d like to present to you a copy of the article. I snipped the full article, but cropped out the other articles that were mentioned in this Trade Journal. Below is the entire article:
Lawyers Weekly Article with Rick Gurley 1
Lawyers Weekly Article with Rick Gurley 2
First of all I should state that I know some of the members of our Local Internet Crimes Task Force, and the ones that I know are good and honest people. I do trust the members of our local Internet Crimes Task Force and I don’t think they would ever do anything intentional that might send an innocent person to prison. I should caution anyone reading this that attempting to gain access to the hard drive of the investigating agency’s computer should not be the first course of action by the defense, a Digital Forensic’s Expert should first read the reports written by the Investigating Officer’s to try to determine if there is any cause to try to gain access to the investigating agency’s hard drive; often times there is no cause to do so. I should also state that I am not an attorney but I think it is also fair to state that most of the attorneys mentioned in this article are not Digital Forensics Experts either; and certainly not Merilee Crockett as evidenced by some of her statements in this article. The first quote from Merilee Crockett that I noticed was this:
A lot of people believe that once something is on a hard drive it is there forever. That’s a myth. There are no layers. It’s either there or it is not.
Well in essence that is true, but it is also over-simplistic. What is important to remember here in these types of cases is that we are dealing with Digital Evidence, and there is nothing simple about Digital Evidence. When someone tries to over-simplify how data on a computer is stored, over-written, or deleted there are a lot of key issues that get lost in the translation from complex to simple. First of all let me explain data deletion. When a file is “deleted” as the layman may believe, the file is not actually deleted initially, instead it is simply no longer linked to a “file tree” on the computer. The file is still on the computer for the time being until another file is saved and the space where that old file is at is reallocated for the new file, and then the old file gets overwritten. So often Digital Forensics Experts will say something like this to a layman as an example:
Nothing is ever deleted from a computer, it is overwritten. Think of the data on a computer as layers of information, and think of computer forensic software as a tool that can lift these layers of data to expose what you thought was once “deleted”.
Now one must understand that this quote is usually being made from a Digital Forensics Expert trying to explain data storage and deletion to a layman. This too is also an over-simplification of how data is stored, overwritten, and deleted. The difference is that what Merilee Crockett is saying here is for the purpose of trying to give an excuse as to why the defense should be hampered in discovery by limiting what can be key and important information that the defense needs, while all the Digital Forensics Expert is trying to do is give a layman an idea of what to expect in a Computer Forensic Examination. What may be the most accurate way to explain what happens is through this illustration listed below that was provided to me by a well known, and world renowned Digital Forensics Examiners and close associate of mine; Brian Ingram
Hard Drive Data Illustration by Brian Ingram
How many computer novices and laymen do you think would completely understand that illustration above? There is one thing that is clear, if there is a file that occupies a portion of a cluster on a hard drive, then there is room for data from another file on the portion of that cluster that is not occupied, that portion of the cluster that is not occupied is called “File Slack“; and it is not only possible but also likely that a completely different file may occupy this same cluster in the unused portion of this cluster or the “File Slack”. This is a completely accurate illustration of the example that Digital Experts are trying to give laymen when they explain how data is overwritten and they use an example involving “layers of data”. And if you look at the example carefully, and read closely you will see that Merilee Crockett did actually simplify this issue to the point that some key issues on how data is recovered from a hard drive are lost in her “translation” of how data is stored, over-written, and deleted from a hard drive.
There is a reason that I gave the example of how an over-simplified interpretation of an issue such as what we are addressing here can be harmful. Prosecutors typically want to try to limit as much as they can with regard to discovery in a criminal case; but I should also say that there are a few Prosecutors that also believe in “Open Discovery” and Full Disclosure. There is nothing wrong with that, the defense also does the same thing. This is a good example of attorneys doing their jobs. But when a Prosecutor tries to limit evidence that can be exculpatory to the defendant; they start to breach a more sinister area resulting in a denial of justice to the defendant. As any good attorney knows this at the very least may border on what is known as a “Brady Violation”.
One of the key points that the prosecution tries to make when arguing against the defense looking at the hard drive from the Law Enforcement Agency that conducted the forensic examination on a defendant’s hard drive is that the hard drive from the Law Enforcement Agency’s computer will contain sensitive case information from other cases. If you read what Merilee Crockett has to say in this article, she proposes the same argument:
The hard drive contains chats from ongoing investigations. It has names of potential suspects never charged with crimes. It has the photos and names of underage personas used by undercover investigators, which a disgruntled defendant could easily post online. Defense attorneys can’t prevent that from happening. They have an ethical obligation to give the client everything they can
That sounds like a good argument; doesn’t it? I’d say that if I did not know what I know about Digital Forensics, encryption, and how to safely store data I’d agree with that as a good reason NOT to have to hand over the hard drive from the Law Enforcement Agency’s computer. But the problem with this argument is that the whole issue of exposing such sensitive case information to Defense Investigators is that there are a number of remedies that can be applied here. A digital image can be transferred to a hard drive and check-summed to show that it is a true bit image of the original hard drive from the defendant and all of the notes and other such pertinent information that is gathered in the course of the investigation of the specific case in question can also be transferred to that same hard drive; thereby consolidating the case information generated from the Law Enforcement investigation onto one hard drive for the Defense Investigator and keeping all of the other non-pertinent sensitive case information protected. Encryption could also be used on the hard drive belonging to the Law Enforcement Agency to limit what is viewed to only the pertinent data that applies to the case at hand. Under the Adam Walsh Child Protection Safety Act the Defense Investigator has to view the evidence at the Law Enforcement Agency’s facility, so a Law Enforcement Officer can easily sit down and decrypt the section or sections of the hard drive that needs to be examined by the Defense Investigator, thereby protecting all of the non-pertinent sensitive case information on the hard drive in question. The court can also impose orders that limit what the Defense Investigator can discuss with the Defense Attorney and their client to only case related material. There should also be multiple computers that are being used by the Law Enforcement Agency tasked with these types of investigations that have specific purposes; for example the computer that is being used to image and analyze the defendant’s hard drive should be a stand alone computer, not attached to the Internet in any way, that has all wireless adapters turned off this way there is a minimal chance of any evidence corruption issues. The computer that is used to chat with potential offenders should also have that one specific purpose; this way with the use of encryption all chat logs for a specific case can be freely examined by the defense in these types of cases. Are some of these methods labor intensive? Sure, but we are discussing a criminal case in which there is a possibility that a person can be wrongly accused, sent to prison, put on a sex offender registry for the rest of their life, and have their entire life negatively impacted as a result; isn’t doing everything we can to eliminate that possibility worth a little more work? There are ways around this issue; IF the concern here is a level playing field for the defense?
There are always questions in these cases when it comes to best practices in the forensic analysis of the defendant’s computer, evidence preservation and storage, and evidence spoliation issues. Often times these issues are insignificant enough that the chance of them presenting a problem in a case are so unlikely that they don’t warrant any consideration. I am not saying that I don’t trust that Law Enforcement is dong the best they can to make sure that their evidence is correct, but I am saying that it is real easy to make a mistake in cases that involve digital evidence. However when these questions rise to a level of concern to cause a realistic possibility that they could impede a defendant’s right to a fair trial; if the Defense’s expert can clearly articulate the reason for that concern the court should weigh the defendant’s right to a fair trial against the possibility that the investigating agency may have to expose some of it’s sensitive data to the Defense team. In my personal opinion; if you are looking at sending a man to prison for ten (10) years, then his right to a fair trial trumps a risk of exposure of sensitive data from the investigating agency’s computer.
There are a number of questions that the Defense Investigator should be trying to answer when looking over the discovery material from the prosecution.
(1) Was the computer that was used to conduct the Digital Forensic Examination attached to the Internet?
(2) What digital forensic software was used to conduct the examination with?
(3) Was there a virus scanner used by the investigating agency to see if the defendant’s hard drive may have a virus, Trojan, or some other type of malware that could have caused any content to be downloaded to the defendant’s computer without the defendant’s knowledge? If so, what virus scanner was used, what version, was it updated, and are there any known vulnerabilities associated with the virus scanner?
(4) Are there any anti-forensic tools on the investigating agency’s computer? If there are; why are they there?
These are only a small sampling of the questions that the Defense Investigator should be asking and trying to answer by reading the discovery material. If enough of these questions are answered in such a way that they give the Defense Investigator clear concerns that may need to be further examined, then it may be necessary to ask for the hard drive from the investigating agency’s computer. The Defense Investigator should be able clearly articulate these concerns to the court and explain the impact that they may have on the evidence. If the court finds that the Defense Investigator gave a reasonable accounting to the court of his or her concerns, and the court is convinced that these concerns are realistic; then perhaps it is not such a bad thing that the Defense Investigator is given what he or she needs to further explore these concerns instead of having to be forced to trust a detective that may not even know if he or she made a mistake in how they gathered and handled the case evidence?
I have noted that Merilee Crockett has compared handing over the hard drive from the investigating agency’s computer in cases that involve digital evidence to handing over a breathalyzer machine. One difference to note in these two examples is that with regard to digital evidence, usually the defense gets a copy of a detailed report from the investigating agency that outlines their computer examination in fair detail. With breathalyzer tests, there is less detail, and less tools and procedures for the Law Enforcement Officer to detail in his or her report, thus short of a fishing expedition there usually is not enough information to articulate a need to examine the breathalyzer machine source code. In People v. Cialino, 831 N.Y.S.2nd 680, 681 (Crim. Ct. 2007) the court did not deny access to the breathalyzer source code because it was not significant to the case; the court denied access to the breathalyzer because the defense could not clearly articulate why access to the breathalyzer source code was significant to the case; this can be seen in the language the court used when the court first called the defendant’s request a “fishing expedition” but then went on to say “it is incumbent on the defendant to show that a software change has altered the reliability and accuracy of the machine” and the court said that the defendant had not provided a reasonable basis that changes in the software of the Intoxilyzer 5000 had caused it to become unreliable. So the court left the door open for the examination of the source code of the breathalyzer machine in question, but it required a clear articulation as to why it would be reasonable for the defense should be permitted to examine the source code. In cases involving digital evidence that is gathered from imaging a hard drive, the investigative agency’s digital forensic analysis report will usually allow the Defense Investigator more information on the software used, processes used, and evidence interpretations made by the Detective to form any questions that might be pertinent to the case and research these questions to see if there may be good cause and NOT just a “fishing expedition” to ask for the hard drive from the investigating agency’s computer.
In summary; I am not saying that in every case the defense should have access to the investigating agency’s computer hard drive. What I am saying is that the courts should try to be open to seriously considering any request by the defense to examine the investigating agency’s hard drive if the defense can clearly articulate a need to do so. In my mind the whole issue comes down to a balancing act; the court should balance the defendant’s right to a fair trial against the need for Law Enforcement to keep sensitive case information confidential; once a clear articulation is made by the defense that demonstrates that there are reasonable issues that need to be explored by the defense in order to defend the defendant against any evidence corruption issues that may negatively impact the defendant’s right to a fair trial.
Ricky B. Gurley
