ABA Techshow

Array of cyber investigation tools comes with risks

  •  
  •  
  •  
  • Print

Techshow2021_David G. Ries

Attorney David G. Ries, a cybersecurity and data protection expert and Pittsburgh-based of counsel at Clark Hill, led “The Amazing Depth of Cyber Investigations” panel on Tuesday during the ABA Techshow 2021.

As courts rely more on digital forensic evidence in civil and criminal cases, attorneys have investigatory tools at their disposal that nevertheless raise legal and ethical concerns.

That was the theme of Tuesday’s ABA Techshow panel titled “The Amazing Depth of Cyber Investigations.” Attorney David G. Ries, a cybersecurity and data protection expert and Pittsburgh-based of counsel at Clark Hill, led the panel.

Ries showcased some of the digital tools available to those who launch cyber investigations. Probes could include forays into the dark or deep web, and use geotagging and geolocation data, he said.

“Because life is increasingly digital, the evidence of what happens is largely digital,” Ries said.

Computer forensics merges law and computer science to gather and analyze data, Ries said, and the evidence must be preserved and authenticated so it is admissible in court.

Law enforcement has frequently used geolocation data and evidence in investigations. Using the Jan. 6 U.S. Capitol attack as an example, Ries noted how a hacker had linked GPS data to users of the platform Parler, a social network that had attracted devotees of former President Donald Trump. GPS metadata was then linked to video of people who breached the building.

Follow along with the ABA Journal’s coverage of the ABA Techshow 2021 here.

The FBI made use of geolocation data to identify potential suspects in the attack, and in civil and criminal investigations, geolocation data may require a warrant or a subpoena, Ries explained.

“It’s important to understand when you scope a digital investigation, you know what information may be available,” Ries said.

Lawyers should determine if they need a court order or consent before they use the data, he added.

When a firm or lawyer launches a cyber investigation, it should comply with federal and state laws, Ries cautioned. In a paper posted before the presentation, he wrote, “there is currently a split of authority in federal courts whether a violation of a company website’s or information system’s terms of service can be a violation of the Computer Fraud and Abuse Act.”

The U.S. Supreme Court is currently considering the issue in Nathan Van Buren v. United States.

Ries said investigations into the dark or deep web, which are sometimes not easily accessible or visible, come with risks.

“Don’t do it if you don’t know what you’re doing,” Ries said. “Particularly going into the deep web, be careful about laws and regulations and potential civil liability.”

The attorney said Google hacking, or dorking, which involves using advanced search terms to access information, can also be problematic.

“Doing the search probably isn’t a problem. But if you go to a government website and you find a spreadsheet of usernames and passwords, accessing it could be,” Ries said.

Give us feedback, share a story tip or update, or report an error.