• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle







  • We’re talking about law enforcement agencies, not an IT department. Of course it’s technically possible to image a machine quickly. However, there are all kinds of steps and rules for chain of custody, transporting evidence, cataloging it, storing, examining it, etc. and a finite number of personnel to perform the work. Revisiting the child pornography example I used, fingerprints and DNA evidence on equipment could be quite relevant to a case. There may even be a need to examine hard drive platters (old school spinning disk, not SSD obviously) to determine if there was data deleted in the past. It’s rather simplistic to say it’s a matter of just imaging and returning as quickly as possible. I agree the equipment being gone often presents a hardship for a defendant, but arguing that it’s intentionally set up this way to inflict cruelty ignores the reality of investigations.


  • How is a law enforcement agent staring at some workstations and computers to know what equipment was involved in the alleged crime they are raiding the facility for? If the FBI was raiding a home for child abuse and pornography, there’s no way they have the access or expertise at the time of a raid to know the server in the corner is only for Mastodon, the box over there is just a Linux firewall, and that box over there is a porn server. There’s no practical way to trust a defendant on site as to what is relevant to an investigation or not. I agree that unnecessary confiscation is a problem, but in general I don’t think the ill intent is there. I’m not a law enforcement officer, nor am I lobbying in any way for them, I’m just putting myself in their shoes in this situation.