Computer Forensics Performed by Liar Catchers

A computer system never deletes files

Visable:

Invisable:

Deadlines regarding E-discovery

Rule 16; Pretrial conferences: requires opposing parties to meet and discuss a discovery plan and evaluate the protection and production of ESI within 99 days of the filing of the lawsuit.
Rule26(a); Initial disclosure of sources of discoverable information: Parties must identify all sources and types of ESI to the opposing side according to the time schedule imposed by the court.
Day 1: Lawsuit is filed
Day 99: Opposing parties must meet by this day
By Day 120: The E-discovery plan is due in court by the presenting attorneys office.

How is the data obtained?

Consent search: If an individual voluntarily agrees to the search
Plain view search: An investigator spots an object in plain view does not need search warrant.
Search incident to arrest: If suspect is arrested, law enforcement may search area within defendants immediate control
Protective sweep search: Law enforcement is permitted to sweep the entire location doing a visual inspection, and if in plain view during that search evidence can be legally seized.

What will we need to know:

1-Are we looking for financial or bank data or accounting ledgers? Child pornography, chat session, please be specific.
2-Which operating system will we be researching
3-Is there a network involved? If yes, which type? Wireless or wired? Windows/Linux based?
4- Are there any external drives to consider?
5-Are passwords or encryption involved?
6- Has Chain of custody been documented for this evidence?

Very Important to read our "Legal Disclaimer" page before making ANY decisions