Introduction
Today's digital world is deceiving. Like a magician
pulling an oversized scarf from his fist, the digital devices
scattered around us can hide
tremendous amounts of information in tiny places. It is sometimes mind boggling
just how much information
can be stored in such a small amount of physical space.
Indeed,
information storage has moved from ink on paper to digits in
a computer, and with that comes the need to retrieve and interpret
the ones
and zeros
making up the data. Finding this information is often a matter
of knowing
where to
look, and the search may take one beyond the usual suspects.
Desktop
and laptop computers alone contain volumes of data. But there
are many more places to look for electronic evidence during
an investigation
or lawsuit.
For example, if a computer is part of a corporate network, there
is a good
chance that relevant information may exist on a network server
or may have been backed
up on tape. Or the search may move to a personal data assistant
(PDA), such as a Palm Pilot. Even cell phones can store e-mails,
scheduling
information and
voice notes.
Following are some of the more obscure hiding places
where key pieces of evidence may be found.
Corporate Networks
Just about every corporate office today has a
computer network of some sort. Networks allow users to access
centralized database
servers
and
to read e-mail
from the Internet. They also facilitate the simple distribution
of information across multiple locations.
When dealing in corporate
settings, one may find information on a user's local computer,
on a server with private or shared
storage
or on a
backup tape.
Many corporations provide their employees with storage
space on centralized servers that are available over the network.
This
space
may be allocated
to a single
user for general storage or to a group of users to facilitate
information sharing.
Because the servers are usually backed up
to an offline storage medium, in many cases corporations encourage
their employees
to save important
data
to the centralized
server. This helps ensure that documents are not lost if a hardware
failure occurs.
The distribution of data across a network provides
investigators with several locations to search for relevant
information. Many
times information
that
has been deleted from a local computer or "user account" may
be found on a centralized server or on a backup tape.
Online/Third-Party
Data Storage
Many Internet Service Providers (ISPs) offer customers
online storage space. Users often use programs supplied by
their Internet
provider
to copy a
selection of their files to the allocated space on their ISP's
servers.
This space can range from a few to dozens of megabytes,
and can often store documents, pictures, spreadsheets or general
files.
It allows
users easy
access to their "online
files" from almost any computer connected to the Internet.
Data
may be backed up to tape (or other offline media) providing another
copy of the data stored online.
This storage space also should be searched during an investigation.
CD-ROMs,
Floppies and 'Zip Disks'
The amount of data that can be stored
on a disk seems to be forever increasing. Many now store or
backup data on "removable media," such as Zip disks
and CD-ROMs.
The Zip drive, produced by Iomega, allows the storage or backup
of information on 100-megabyte or 250-megabyte Zip disks.
The
USB (a standardized computer connection) version of the Zip drive
can be easily used with many computers to provide a central
storage
location or to
transfer large files from one computer to another.
At the same
time, CD burners have become relatively inexpensive and can
provide another means of storing or transferring files.
A typical
CD-ROM holds up to 700 megabytes of data. New DVD burners now
on the market increase that number substantially, and
their
prevalence can only
be expected
to increase as their prices decrease.
Personal Data Assistants
The use of PDAs, such as the Palm Pilot
and Windows CE devices, also is increasing as their sizes and
prices decrease.
These devices store phone numbers, addresses
and day planners, but can also hold e-mails, pictures and files.
Software, usually provided with the device, allows owners to
synchronize a PDA with a laptop or desktop computers.
Users can
even view and modify standard word processor, spreadsheet or
database files on many pocket devices.
Cell Phones and Pagers
Cell phones today have more memory than the
first computers.
This memory is used to store address and phone
books, text messages and recorded voice notes.
With the "wireless
Internet" becoming more and more popular, users
surf the Web and read e-mail from digital phones. Applications
now exist allowing users to view and store e-mails and faxes
directly to cell phones or through
service providers.
With technology advancing rapidly, the number
of functions cell phones can perform continues to increase.
In fact, market leaders
appear
to be merging
the functions
of digital phones with that of PDAs.
Cell phones also store the
most recent outgoing, incoming and missed phone calls. This
information is usually paired with the
time and
date of the
call. By searching
the memory of a cell phone, investigators may not only discover
someone's calling history but may also find text, e-mail, fax
and voice messages.
Digital Cameras/Memory Cards
Digital cameras store pictures on a
removable memory card sometimes called a "Flash
Card" or "Smart Card." In some cases, literally
hundreds of photos can be recorded to a single card. Manufactures
such as SanDisk produce memory
card readers that attach to a computer for quick downloading
of stored images.
But most are unaware that storage on these memory
cards is not limited to photos. In fact, the cards can be used
in conjunction
with the
card readers
to store
practically any type of file. With some of the cards containing
256 or more megabytes of data, their large capacity and small
size make
them
especially convenient
hiding places for information.
Conclusion
With more and more information being stored electronically,
computer and electronic discovery are becoming ever more
popular - and
necessary.
Although investigators and computer technicians will
continue to call upon the usual suspects to unearth relevant
data, other
high-tech
storage
devices
should
not be overlooked when hunting for evidence.
When properly searched,
these small devices can expose mountains of information.
(This
article is reprinted with permission from the
November 4, 2002 issue of "The New York Law Journal - Techtrends." ©2002
NLP IP Company. Further duplication without permission is prohibited.
All rights reserved.)
Back to Top