As Maria Angela Biasiotti states: “Tackling terrorism and organized crimes, including cybercrime, can be greatly improved by enabling the efficient, secure and trusted exchange of qualified information and electronic evidence among public prosecutors and law enforcement agencies of Member States, by adopting a standardized language and procedure to foster cooperation in criminal matters. In this context, the challenge is to facilitate the exchange of electronic evidence in the EU framework, making it possible to achieve improved international cooperation in the criminal sector, to include the specific context of EIO and MLA procedures that will allow a strong uniformity and harmonization for investigations procedures.”.
Based on the above, LOCARD addresses this need by providing a unique platform for exchanging this evidence. The common repository, the identity management and secure storage, auditing and trust through blockchain technology provide the backbone to realise these goals. In this regard, LOCARD is complimenting EVIDENCE. While EVIDENCE provides the guidelines, the legal and procedural path to exchange digital evidence, LOCARD will provide the technological backbone trying to address many gaps in the implementation and collection of digital evidence from the practitioner’s perspective.
We argue that the most crucial part in this process is the realisation of a chain of custody that allows for selectively sharing of information. This chain of custody will be armoured with specific tools for investigators to allow the collection of evidence from mobile devices, the cloud and streaming services. To further automate this process LOCARD will use Machine Learning and Artificial methods, to put humans out of the loop and counter the processing of Big Data. Therefore, every old/traditional crime that has digital forensics is within the scope of LOCARD. Moreover, LOCARD will address new forms of crime, related to online child exploitation, illegal streaming of copyrighted content and ransomware. Based on capabilities and its modular nature LOCARD’s platform could also be used for forensics and analysis regarding terrorist actions with the necessary adjustments e.g. proper training of neural networks, known hashes of software used by radicals.
Finally, due to the nature of cyber crime, LOCARD considers that LEAs, lawyers, and judges are not the only stakeholders in this process. The enforcement of GDPR implies further actors, therefore LOCARD adds the forensics laboratories, security consulting companies, (potential) victims (organisations which have indications of compromise of their systems or that want to monitor whether their digital content is streamed) as well as citizens in the loop.
More information will be available soon.