Forensic processing must be able to stand up to inspection and challenge by the defense in a criminal prosecution. The use of “proprietary” techniques should be avoided, since vendors may not allow their techniques to be reviewed.
Here is an example where a vendor allowed their proprietary processes, in particular their product source code, to be examined as part of a criminal trial.
Let’s briefly look at the case of “State v Chun” (New Jersey). This case started off as a DWI (driving while intoxicated) case. Per the NJ statute, one of the criteria for conviction on the DWI charge is evidence that the suspect had a blood alcohol content (BAC) greater than 0.08. The evidence was produced by the prosecution via the Alcotest 7110 unit, a replacement to the traditional Breathalyzer.
During the trial, the defense challenged the validity of the BAC reading as reported by Alcotest 7110. In support of their defense, they hired a company to perform a review of the source code used by the Alcotest 7110. (A copy of the source code analysis is here. )The source code analysis reported many flaws, but ultimately none that were fatal to the prosecution.
Should the vendor have objected to the source code analysis, the usefulness of the Alcotest 7110 would have been put into jeopardy in this case and other cases.
What is the lesson here? If using a product for evidence collection, by sure that the vendor can explain how their product works, and will allow examination of the processing when necessary.