When I was a digital investigator for a municipal police agency in the mid-2000s, I worked with non-technical investigators like detectives to understand the full context of every case before I started looking for digital evidence. When I recovered it from smartphones and computers, it was my turn to help them understand the digital elements of each case. I shared my findings with them on CD-ROMs, DVDs, and external hard drives. In those days, some agencies were even printing out digital evidence like text messages and images. When it was time to go through the digital evidence, I’d meet with investigators and prosecutors in person.
That workflow may have been appropriate for 2007, but so much has changed in 15 years. In 2007, only 73% of American households had a computer in them. Now, 97 percent of Americans have a cell phone and those same households contain an average of 16 connected devices. Each one is generating vast amounts of data that could be critical evidence to an investigation.
It is no longer sustainable for police agencies to continue to address digital evidence in the manner we did in 2007. Magnet Forensics is providing police leaders with a solution that allows their digital investigators to collaborate with non-technical investigators and other stakeholders in a more efficient, scalable, and secure manner.
Digital evidence was a niche element of investigations during my time as a digital investigator. Now, 90% of crimes have a digital element and the digital evidence associated to them plays a central role in prosecutions. Everything from an “internet crimes against children” investigation to a hit-and-run now relies on digital evidence. The problem is there’s often too much to handle.
While digital evidence has helped unlock countless cases, the massive disparity between the data involved and the digital investigators available to analyze it has led to the creation of multiple bottlenecks. At most agencies, they’re forming during the evidence review stage.
After digital investigators extract and analyze the data from phones, computers, and other devices, they need to share it with non-technical investigators such as detectives who have a greater context of the case. Most agencies are still having their digital investigators copy the data onto external media such as USB drives or DVDs, which pose a security risk. They’re not secure because anyone can access their contents and they’re frequently misplaced. Digital investigators either ship the data to non-technical investigators or require them to travel to headquarters and wait for a workstation to become available to review it.
Even more time is lost when non-technical investigators have the data in hand, but they struggle to understand it because of how complex it is. They often require assistance when they’re unable to locate a key piece of evidence they’re searching for among the terabytes of data. The only solution so far has been for a non-technical investigator to lose more time and wait for a digital investigator to free up and walk them through the evidence, step-by-step. When it’s time to include a prosecutor or a partner agency in these discussions, the cycle of delays begins anew.
Worst of all, it’s having a negative impact on justice. Some officers investigating crimes such as domestic disputes and cyber-bullying that are not deemed “major” by their agencies report they’re not collecting devices because of a pre-existing digital evidence backlog. Victims and witnesses are becoming hesitant to assist police when they’re made aware of how long they’ll be without their devices if they do. Police agencies cannot afford to lose so much time to inefficiencies when every hour that passes in an investigation could make a difference in saving a victim’s life or getting justice for them.
My company’s product Magnet Review is a collaborative digital investigation review platform that allows non-technical investigators and other stakeholders to securely access and analyze digital evidence from smartphones, tablets, computers, and cloud services anywhere at any time. We purpose-built the platform for non-technical investigators and they can use it to easily search through the data uploaded by digital investigators. All you need to access it is a simple web browser.
The days where your investigative team would spend hours looking for a single address or a printout of a text message in boxes of evidence are gone. So too are the days where they’d perform the same exercise in front of a computer screen, going file to file. Magnet Review removes the needle in the haystack scenario. After digital investigators recover data from phones, computers, and cloud sources and uploads it to Magnet Review, relevant images, videos, and messages from popular applications like WhatsApp can be immediately accessed by non-technical investigators. They can browse by categories, search by keyword, and filter by date and time with an easy-to-use interface and immediately find what they’re looking for while maintaining the forensic integrity of the evidence.
Collaboration between digital and non-technical investigators no longer requires travelling to headquarters. With Magnet Review, non-technical investigators can tag specific data into a variety of different categories and comment on evidence to help guide the next steps of digital investigators.
Police leaders can also choose to deploy Magnet Review in the manner that works best for them, whether it’s in the cloud or on-premises. Both approaches offer agencies increased security and compliance benefits for their digital evidence, including the use of audit logs to ensure the proper chain of custody is being kept.
Magnet Review is removing the bottleneck at the review stage of digital investigations. Non-technical investigators no longer need to wait to receive digital evidence by courier, they no longer need to travel to the office to review it and they no longer need to wait for a digital investigator to walk them through each piece of evidence. With all the data being reviewed in Magnet Review, there’s an added benefit: Agencies no longer need to spend thousands of dollars per year on external media. Magnet Review is saving agencies resources and time that can be put towards completing investigations and returning devices to witnesses and victims faster than they ever could.
In 2021, London’s Metropolitan Police, one of the largest municipal police agencies in the world with 32,500 officers, announced that it would be implementing Magnet Review. The Met turned to Magnet Review because it was struggling with the growing volume of digital evidence. The agency required a new search and review solution that would allow its non-technical investigators to cycle through those large volumes of data in an efficient and forensically sound manner.
The Met’s chief technology officer Darren Scates says Magnet Review will bring a “paradigm shift” to the agency’s digital investigations. The Met says Magnet Review will allow its investigators to complete data analysis up to three times faster and take on more cases as a result.
The Met also projects that it will be able to reduce expenditures on external media used to store and share data. By completing its digital investigations faster, the Met also says it will be able to return devices to victims and witnesses much faster, which would help increase public trust. Because the Met deploys Magnet Review in the cloud, it also expects to benefit from increased security, accessibility, and infrastructure maintenance savings.
Jad Saliba is founder and chief technology officer of Magnet Forensics.