Computer Science and Crime 2016
Computer Science and Crime 2016
Computer Science and Crime 2016
The Encyclopedia of Crime and Punishment, First Edition. Edited by Wesley G. Jennings.
© 2016 John Wiley & Sons, Inc. Published 2016 by John Wiley & Sons, Inc.
DOI: 10.1002/9781118519639.wbecpx101
2 COMPUTER SCIENCE AND CRIME
From this, specialized areas of data analysis have evaluating these, a variety of factors may be used,
evolved relating to particular disciplines, such including validation testing, peer review, error
as police analytics and predictive analytics for rate assessment, standards and protocols, and
corrections. the nature of the “general acceptance” of forensic
One global paradigm or such a system of data system.
collection and analysis is the “Smart City,” its
components, and its citizens. This can be seen as
an environment that is instrumented, intercon- Data, Data Collection, Analytic, and CF
nected, and intelligent; it involves the capture and Systems
generation of data through instrumented systems,
the collection of that data through interconnected Advances in computer science systems in
instruments, and analysis by intelligent analytical criminal justice use computer engineering,
systems. The sources, collections, and analytics computer software tools and techniques, and
of information begin with the sources of the operational-search activity. All of these begin
data, from people themselves, their work, their with a structure, as with any type of investigation:
domestic life, their transport, and their social the location of evidence, the collection of the evi-
interactions. Each of these spheres of activity dence, and the analysis of that data. The growth
may collect and transmit data on activities in in ubiquitous computing, the internet of things,
different ways. the “Smart City,” and other manifestations of
Computational forensics (CF) addresses computational devices permeating all aspects
enhanced investigations of typical, traditional of life creates vast volumes of data in growing
criminal activity (Franke & Srihari, 2007). It data collections subject to analysis.
should also be considered in the context of This may be seen in the domain of transporta-
electronic informational artifacts, both as tools tion systems and the attendant data from the
and targets of crime. CF has the potential for need of people to go from one place to another
great benefits and significant risks (Franke & for work, home, and social activities. Of cars
Srihari, 2007). Those benefits include the deriva- worldwide, 60% should have connected capabil-
tion of investigative and forensic conclusions as ities by 2017 (ABI Research, 2012). Some of the
to criminal activity. Examples of types of crimes sources and types of data these systems collect
that may be subject to CF systems for crimi- and store on the local instrumentation include
nal investigations include possible contraband the Vehicle Event Data Recorders of vehicle status
exchanges over peer-to-peer networks and crim- such as braking, acceleration, and speed, onboard
inal copyright violations over networks. One key telecommunications that store telephone and
risk is the misidentification of legal activities as contact numbers, messages, and texts, and GPS
criminal, particularly where a particular forensic navigation systems that track trip data, home
technology has not been sufficiently vetted as to site, and travel path. More and more, these data
reliability. Another risk is that these technologies generation systems are interconnected for such
will give government, and others, unprecedented collection through automotive telematics using
informational profiles on the lives of average, roadside readers, satellite, or local stations. Data
innocent civilians that intrude into accepted include data for navigation, tracking, Stolen Vehi-
notions of personal privacy and autonomy. cle Slowdown, Remote Ignition Block location,
These systems and their workings are beyond speed, braking, and other third-parties services
everyday experiences. The special scrutiny of data such as Client ID, time, and location data.
expert systems under FRE 702 in the United The data are collected and transmitted via new
States requires that any conclusions based on spe- technologies and services that are offered by
cialized knowledge should show reliability across a variety of companies and government agen-
three dimensions: the validity of the principles or cies. Examples include the GM OnStar service,
theories used, the validity of the technique using Chevrolet Volt, and Nissan Carwings monitoring
those principles, and the proper use of the tech- systems, Supplemental OBD/EDR monitors,
nique against the facts needed to make a reliable insurers Travelers’ IntelliDrive and Progres-
conclusion (Giannelli & Imwinkelried, 2007). In sive’s Snapshot, and pass-by toll and fee road
COMPUTER SCIENCE AND CRIME 3
transponders. The next generation of OBD III of retrieved irrelevant documents to the total
transponder-assisted onboard monitoring will of all irrelevant documents. This determination
expand the scope of data collected and transmit- is essential for validating the IR technique and
ted. All of this locational data, transactional data, its usefulness (Singhal, 2001). For example, to
and communication content permits the creation improve efficiency against growing volumes of
of profiles of individuals in ways that previously electronic data that must be searched for contra-
would require significant police manpower. band materials like child pornography or techni-
With this growing body of information col- cal trade secrets, digital forensic tools use compu-
lected and now available for review comes the tational information retrieval methods to speed
need for systems to do that analysis efficiently. examination. These searches may be for key-
This type of review is what computational systems words in metadata relevant to the investigation,
do best, where the information is in a computable analysis of data relating to computational MD5
form and there exist algorithms or rule sets that hash file signatures for pattern match analysis, or
can sift, parse, find, and infer the meaning of the characteristic matching of image or video files.
data. Some of the earliest use of computational The computer’s ability to do statistical analysis
discovery is a discipline known as information is a powerful tool, but one that is controversial as
retrieval (IR). The IR tool examines the data and applied to issues of criminal justice ranging from
returns records that correspond to the IR search adjudication to punishment. But this type of anal-
query setting out the requirements of relevance. ysis has already made its way into judicial pro-
Those relevant terms and results may be ini- cess. The federal sentencing guidelines themselves
tially generated and reviewed by a person, but are based on a probabilistic model of sentencing
increasingly sophisticated statistical tools may behavior of the courts of the United States (Breyer,
sharpen the accuracy and power of those results. 1988). The US Sentencing Commission continu-
The forensic role of the computer science dis- ally examines sentencing data and practices and
cipline of IR in criminal investigations and trials the sentencing guidelines are modified to reflect
was addressed in the prosecution of a federal practice and law and policy changes, reflecting a
employee for accepting money to expedite visa statistical model for setting the advisory ranges
applications. The defendant had demanded the of terms of imprisonment that are consistent, cer-
government produce electronic evidence relating tain, and fair.
to consulate practices and actions regarding Corrections face a variety of needs that ana-
expedited visas and objected that the govern- lytics may enhance. The Florida Department
ment’s search term/keyword methodology was of Corrections uses its Corrections Integrated
inadequate. The District Court observed that Needs Assessment System (CINAS) to identify
determining the sufficiency of the method was and prioritize inmates as to the rehabilitative
“a complicated question involving the interplay, programs they need to reduce recidivism and
at least, of the sciences of computer technology, risks within institutions. CINAS is a predictive
statistics and linguistics” (Paul & Baron, 2007). tool using SAS statistical software and its capabil-
There has been a special topic of concern relating ities for regression and survival analysis. Subject
to electronic discovery of evidence. The Working monitoring is a primary function of correctional
Group on Electronic Discovery of the Sedona systems, from institutional control to parole
Conference is studying that subject and their and probation monitoring. Surveillance/video
work indicates how difficult this question is; analytics keyed to video sensors can alert staff
the Sedona Conference is a special commit- to improper activity by inmates while screening
tee charged with giving guidance on electronic out innocuous activity, expanding surveillance
discovery to the federal courts. without more human resources subject to dis-
Evaluation of IR tools and methods considers traction and inattention. Honeywell Corporation
the “precision,” “recall,” and “fallout” of analysis. asserts that its video analytics software can pro-
Those represent the ratio of retrieved relevant file against 35 behaviors and events in order to
documents to the total of retrieved documents, augment human monitoring.
the ratio of retrieved relevant documents to the These techniques come together in the opera-
total of all relevant documents, and the ratio tional search activity in the Russian Federation.
4 COMPUTER SCIENCE AND CRIME
This may be undertaken by public and secret law special purposes, to be connected to the switch-
enforcement agencies to protect the life, health, ing equipment telecommunication operator and
rights, and freedoms of citizens, property, secu- intended for operational-search activities carried
rity, society, and the state from criminal attacks out in the public telecommunication channels.
(Federal Law N 144-FZ, 1995). Given the nature Required access delineates both the nature of
of electronic information technologies, the group the access and types of data to be accessed, which
of search operations carried out in order to detect may then be collected and analyzed. Information
computer crimes and evidence includes: about the location of a control object, depend-
ing on the standard and the availability of such
• monitoring of mail, telegraph, and other com- information, comprises one or more types of data
munications; about the location of an object of verification.
• wiretapping; The operators of communication networks must
• interception of information from technical put in place technical means for operational and
communication channels. investigative activity, means that access all data
transmitted over the networks. The acquired
Interception of information from technical com- information, such as electronic messages, is then
munication channels relates to computer traffic given over to the control of the state agency
over the networks of electricity and postal ser- having the authority to conduct and order the
vices. An electrical connection is interpreted as search of the data. (Ministry of Communications
follows: “Any transmission or reception of signs, of the Russian Federation, 2010)
signals, writing, images and sounds by wire, The SORM system provides for computa-
radio, optical or other electromagnetic systems, tional monitoring and analysis of informational
telecommunication networks – technological and locational activities across vast volumes of
systems that provide one or more types of trans- information and actors.
missions: telephone, telegraph, fax, data and other
documentary messages, including the exchange
of information between computers, television, Conclusion
sound and other forms of radio and cable
broadcasting” (Federal Law N 126-FZ, 2003). Computational systems hold great value for the
The Russian Federal Law “On operative-search administration of justice. But, as with any expert
activity” permits the use of technical means for systems, they have risks of promising more than
monitoring all types of messages sent across they can deliver. In one narcotics prosecution a
all channels of communication. Large-scale statistical computer simulation was proffered to
dissemination of information and telecommu- demonstrate the amount of contraband involved,
nications networks and the huge number of but the court rejected that evidence. Having
crimes committed in these networks require appointed its own experts to analyze the compu-
systemic responses to crime in this area. The tational method, the court found the simulation
Law Enforcement Support System to ensure of 100,000 scenarios did nothing to actually
the operational-search actions is known by its determine a probability distribution regarding
Russian acronym “SORM.” the defendant’s actions (United States v. Shonubi,
SORM can be defined as a set of technical 1995).
means and measures intended to carry out search The court’s specialists noted “the uncritical
operations in telephone networks, mobile and acceptance of any statistical method invites us
wireless communications, and radio. SORM as to be misled. By the same token, the rejection of
a combination of hardware and software tools all statistical evidence may leave us ill-informed
and techniques captures telephone and mobile when we do not have to be.” Data analytics and
phone communications, intercepts internet traf- computational forensics will continue to grow
fic, and collects information from all forms of in importance for law enforcement and national
communication, providing long-term storage of security. They guard against any tendency toward
all information and data on subscribers. SORM a reduced reliability that may come from care-
is an automated information system suite for lessness or faux scientific methods of evaluation.
COMPUTER SCIENCE AND CRIME 5
Another issue with new “scientific” techniques Paul, G. L., & Baron, J. R. (2007). Information inflation:
lies in being beyond common experience and Can the legal system adapt? Richmond Journal of Law
tradition. Data analytics/computational forensics and Technology, 13(3), 1–41.
create evolving questions as to liberty, autonomy, Singhal, A. (2001). Modern information retrieval:
A brief overview. Retrieved May 15, 2015, from
and privacy. The sheer power of computational
http://singhal.info/ieee2001.pdf
forensics for data analysis and matching from new Srihari, S. (2010). Beyond C.S.I.: The Rise of Com-
data sources goes beyond improved investiga- putational Forensics Pattern recognition and
tions; it is a proactive tool to identify perpetrators other computational methods can reduce the bias
in ways not possible before. The power and bene- inherent in traditional criminal forensics, IEEE
fits of computational systems require we examine Spectrum. Retrieved May 15, 2015, from http://
and assure their proper use in a democratic spectrum.ieee.org/computing/software/beyond-csi-
society. As Justice Sonya Sotomayor of the US the-rise-of-computational-forensics
Supreme Court said, these systems may “alter United States v. Jones, 132 S. Ct. 945, 565 US ___ (2012).
the relationship between citizen and government United States v. Shonubi, 895 F. Supp. 460 (ED New York
1995).
in a way that is inimical to democratic society”
(United States v. Jones, 2012).
design. IEEE Internet Computing – special issue on SEMA. (2002). OBD-III frequently asked ques-
peer-to-peer networking, 6(1), 50–57. tions. Retrieved May 15, 2015, from http://lobby.
SAS. (n.d.). Florida Department of Corrections la.psu.edu/_107th/093_OBD_Service_Info/
turns to SAS® for enterprise reporting and pre- Organizational_Statements/SEMA/SEMA_OBD_
dictive analytics that improve citizen safety. frequent_questions.htm
SAS data sheet. Retrieved May 15, 2015, from Wong, J. L., Kirovski, D., & Potkonjak, M. (2004).
http://www.sas.com/success/floridadoc.html Computational forensic techniques for intellec-
Sedona Conference. (2008). The Sedona conference, tual property protection. IEEE Transactions On
best practices commentary on the use of search and Computer-Aided Design of Integrated Circuits and
information retrieval. The Sedona Conference Jour- Systems, 23(6), 987–994.
nal, 8, 189.