Ethical Dilemmas in Forensics

Most forensic “scientists” have little understanding of scientific methodology, do not design or conduct research (and do not know how to), often have not read the serious scientific literature beginning to emerge in their fields. . . . Scientific findings relevant to a given forensic science often are ignored in the conduct of everyday casework.
via: Salem Press Encyclopedia of Science
Abstract:
Although witnesses in American courtrooms are called upon to tell the truth, the whole truth, and nothing but the truth, they may be enjoined from volunteering information. A witness’s individual sense of relevance must often bow to a court’s judgment. The legal system seeks truth, yet it sometimes defers to other values, such as fairness and confidentiality, and in general demands acceptance of formalized rules of procedure. In their capacity as experts, forensic scientists typically enjoy greater latitude than ordinary witnesses in expressing opinions and making judgments in the courtroom, but they too must operate within the often cumbersome and sometimes counterintuitive requirements of the “system” of “justice.”

Definition: Principles of conduct, moral duty, and obligation that guide individuals in their decisions and actions.

Significance: As scientists, forensic scientists have a professional obligation to seek and to speak the truth about matters within their purview. As participants in a forensic process, they are subject to additional, sometimes conflicting, duties. This tension generates many ethical dilemmas.

Although witnesses in American courtrooms are called upon to tell the truth, the whole truth, and nothing but the truth, they may be enjoined from volunteering information. A witness’s individual sense of relevance must often bow to a court’s judgment. The legal system seeks truth, yet it sometimes defers to other values, such as fairness and confidentiality, and in general demands acceptance of formalized rules of procedure. In their capacity as experts, forensic scientists typically enjoy greater latitude than ordinary witnesses in expressing opinions and making judgments in the courtroom, but they too must operate within the often cumbersome and sometimes counterintuitive requirements of the “system” of “justice.”

89312142-73888.jpg
Entrance sign at the Society of Forensic Toxicologists (SOFT) Meeting, July 5, 2012. By Monika M. Wahi (Own work) [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)%5D, via Wikimedia Commons

Forensic scientists are measured against a standard of professional integrity, although the professionalization of the scientific study of crime is far from complete. Professions are substantially self-regulating, usually through agreed-upon standards and codes of ethics, and this creates the need for them to articulate appropriate expectations and the responsibility of members of professions both to act correctly themselves and to provide appropriate correction for their errant colleagues. A case in point is William Tobin’s campaign against the chemical analysis of bullet lead, also known as comparative bullet-lead analysis (CBLA).

Tobin’s Exposure of CBLA

CBLA is a technique that the Federal Bureau of Investigation (FBI) used for four decades—the investigation of the assassination of President John F. Kennedy in 1963 was an early use—to make cases against defendants when traditional firearms analysis (that is, examination of barrel rifling on bullets) was not possible. By measuring the proportions of seven trace elements (antimony, arsenic, bismuth, cadmium, copper, silver, and tin) found in the lead of a bullet in evidence, forensic scientists sought to establish the probability that the bullet came from the same provenance as a bullet in the suspect’s possession. The belief that the comparison of the chemical composition of bullets could connect two bullets rested on unexamined assumptions about the similarities and differences of the source lead from which the bullets were cast. FBI experts testified in thousands of cases that the facts ascertainable through CBLA established likely identity and therefore pointed toward the probable guilt of the accused. Sometimes, as in the case of Michael Behm, who was convicted of murder in 1997, CBLA provided essentially the only evidence of guilt.

In the 1990s, FBI metallurgist William Tobin began to question the validity of the technique. He felt strongly enough about the issue to research the matter, after his retirement in 1998, with Lawrence Livermore National Laboratory metallurgist Erik Randich. They analyzed data from two lead smelters in Alabama and Minnesota and discovered that the FBI techniques could not distinguish batches of lead produced months apart. They also discovered that differences existed within single batches. Their research was published in Forensic Science International in July 2002.

Although he still defended the technique, the director of the FBI Laboratory requested that the National Research Council (NRC) of the National Academy of Sciences review CBLA. In February 2004, the NRC report, titled Forensic Analysis: Weighing Bullet Lead Evidence, confirmed that only extremely limited claims could be made about the relationship between bullets based on CBLA. Given the NRC findings, a New Jersey appeals court overturned Behm’s conviction in March 2005. The results of the NRC study have obvious implications for many other cases as well.

In an article titled “Forensic Significance of Bullet Lead Compositions,” which appeared in the Journal of Forensic Sciences in March 2005, FBI research chemists Robert D. Koons and JoAnn Buscaglia argued that “compositional comparison of bullet lead provides a reliable, highly significant point of evidentiary comparison of potential sources of crime-related bullets.” In September of that year, however, the FBI announced that it would no longer use CBLA. (In a curious subsequent development, Tobin and a member of the NRC committee, Clifford Spiegelman, suggested that a reanalysis of the bullet fragments from the Kennedy assassination might be in order.)

An article published in New Scientist in April 2002, quoted Tobin as saying of the interpretation of bullet data based on CBLA, “It offended me as a scientist.” In fact, Tobin has a long record as a critic of FBI procedures he regards as bad science and of testimonial practices he regards as unwarranted by the scientific data. To complain about testimony that unreasonably goes beyond what the data can support is to respond equally to the demands of science and the demands of ethics. It is a feature of commonsense justice that the punishment should fit the crime, and a basic requirement of that, in turn, is that the people who are punished should be guilty. Violating that requirement is both bad science and bad ethics.

Joyce Gilchrist’s Tainted Evidence

Is it enough that the accused be guilty of some crime, or does it have to be the one in question? If the accused is guilty of the crime in question, does it matter whether the evidence actually shows that? The belief that one can convict the guilty by tweaking the evidence a little, or shading one’s testimony a bit, is among the most common sources of unethical (and, often enough, criminal) behavior on the part of forensic scientists. The cautionary tale of former Oklahoma City police Department forensic scientist Joyce Gilchrist probably falls into this category.

In May 2007, Curtis Edward McCarty, who was facing his third trial for a 1982 murder, was freed as the result of the improper handling and representation of hair evidence by Gilchrist, who apparently had tried to frame McCarty. The judge dismissed the charge despite her belief that McCarty was probably not completely innocent. This was merely the latest in a series of episodes involving Gilchrist.

Questions about the integrity of Gilchrist’s work began as early as January 1987, when a Kansas City colleague, John Wilson, complained about her to the Southwestern Association of Forensic Scientists, without result. In 1998, Robert Miller was exonerated after he had been convicted a decade earlier based in part on Gilchrist’s testimony regarding blood, semen, and hair evidence. In 1999, Gilchrist was criticized by a judge for having given false testimony (regarding semen evidence) in the rape/murder trial of Alfred Brian Mitchell in 1992. In the spring of 2000, Jeffrey Todd Pierce was ordered released after he had served a decade and a half for a rape he did not commit; he had been convicted based on Gilchrist’s testimony. In January 2001, Gilchrist was criticized for the various judicial reprimands and professional critiques her work had received. In August 2001, doubts were raised about the guilt of Malcolm Rent Johnson, who had been executed for a 1981 rape and murder; Johnson was convicted based on Gilchrist’s testimony.

A month later, in September 2001, Gilchrist was finally fired, after years of reputedly shoddy forensics work, including both mishandling and misrepresentation of evidence, on many cases in addition to those noted above. The world of criminal justice contains innumerable isolated instances of perverse idealism, self-serving cynicism, and simple incompetence, but Gilchrist is one of the most striking cases of flagrant disregard for ethics in the forensics community. Was she genuinely convinced of the guilt of those against whom she testified? (She was certainly persuasive to juries.) Was she cynically distorting her testimony, and the evidence, to help prosecutors gain convictions, or was she just incompetent?

Ethics of Competence

One may well agree with forensics ethicist Peter D. Barnett’s remark that “there is a certain baseline level of competence that every criminalist is expected to understand, and there are certain procedures and protocols that are so fundamental to the practice of criminalistics that failure to follow them is evidence of gross incompetence or malfeasance, which is unethical.” As Barnett himself notes, however, “in the practice of forensic science, the disparate educational and experiential backgrounds of workers in the field make determination of a baseline level of competence relatively difficult.”

This is a problem throughout the American criminal justice system. In June 2007, all sergeants in the New Orleans Police Department were required to attend a four-day seminar to learn how to improve their (and their subordinates’) writing of police reports. This was part of an attempt to smooth out conflicts between the department and the New Orleans district attorney’s office, which claimed that part of its difficulty in prosecuting criminals stemmed from “incomplete or vague reports” by officers. More generally, criminalists frequently lament that frontline officers are not more skilled in observing, protecting, collecting, and preserving crime scene evidence.

One certainly can (in theory) impose reasonable expectations about competence and development in forensic science. However, that is not made easy by the variety of educational backgrounds and practical experience of the people who actually work in the field. In an unflattering assessment published in 2005, Jane Campbell Moriarty and Michael J. Saks bluntly asserted that “in the forensic sciences . . . 96 percent of practitioners hold bachelor’s degrees or less.” They went on to note:

Most forensic “scientists” have little understanding of scientific methodology, do not design or conduct research (and do not know how to), often have not read the serious scientific literature beginning to emerge in their fields. . . . Scientific findings relevant to a given forensic science often are ignored in the conduct of everyday casework.

Moreover, as with the difficulty in defining the qualifications for expert testimony, the fact that crime fighting is not a natural kind of expertise has an impact. Almost any expert might be relevant to a criminal case, depending on circumstances. Given the diverse forms of knowledge relevant to the application of science to crime solving, and to the providing of suitable expert testimony, it may be that the only truly unifying factor is the application of the so-called scientific method, broadly understood as intellectual integrity—the determined effort, as physicist Richard P. Feynman put it, not to fool oneself (or others).

What is impressive about the case of William Tobin is his determination to ensure that his colleagues (or former colleagues) not testify to more than the data warrant, both out of scientific integrity and out of fairness to those whose lives are affected by what scientists say. What is appalling about the case of Joyce Gilchrist is the stubbornness of her effort to resist correction by colleagues or even by the seemingly obvious limits of the evidence itself. Sometimes the individual needs to correct the group, by exposing a bogus or complacent consensus; sometimes the group needs to correct the individual, by identifying willful deception or self-centered fantasy. Unfortunately, no formula exists to guarantee the right result, and that is why ethics remains a constant challenge to conscientious souls.

Ethical dilemmas in forensics

Related Information

  • American Academy of Forensic Sciences (AAFS)
  • American Society of Crime Laboratory Directors (ASCLD)
  • Brain-wave scanners
  • Criminal personality profiling
  • DNA database controversies
  • Ethics of DNA analysis
  • Expert witnesses in trials
  • Forensic journalism
  • Innocence Project
  • Interrogation in criminal investigations
  • Training and licensing of forensic professionals
  • Truth serum in interrogation

Last reviewed: October 2016

Bibliography

Barnett, Peter D. Ethics in Forensic Science: Professional Standards for the Practice of Criminalistics. Boca Raton: CRC, 2001. Print.

Inman, Keith, and Norah Rudin. Principles and Practice of Criminalistics: The Profession of Forensic Science. Boca Raton: CRC, 2001. Print.

Lucas, Douglas M. “The Ethical Responsibilities of the Forensic Scientist: Exploring the Limits.” Journal of Forensic Sciences 34 (1989): 719–29. Print.

Macklin, Ruth. “Ethics and Value Bias in the Forensic Sciences.” Journal of Forensic Sciences 42 (1997): 1203–206. Print.

Moriarty, Jane Campbell, and Michael J. Saks. “Forensic Science: Grand Goals, Tragic Flaws, and Judicial Gatekeeping.” Judges’ Journal 44.4 (2005): 16–33. Print.

Peterson, Joseph L., and John E. Murdock. “Forensic Science Ethics: Developing an Integrated System of Support and Enforcement.” Journal of Forensic Sciences 34 (1989): 749–62. Print.

Derived from: “Ethics.” Forensic Science. Salem Press. 2009.

 

Advertisements

Focused Digital Forensic Methodology — Forensic Focus – Articles

Abstract

Since the end of the 19th Century until the current time, law enforcement has been facing a rapid increase in computer-related crimes. In the present time, digital forensics has become an important aspect of not only law enforcement investigations, but also; counter-terrorism investigations, civil litigations, and investigating cyber-incidents. Due to rapid developing and evolving technology, these types of forensic investigations can become complex and intricate. However, creating a general framework for digital forensic professionals to follow during those investigations would lead to a successful retrieval of relevant digital evidence. The digital forensic framework or methodologies should be able to highlight all the proper phases that a digital forensic investigation would endure to ensure accurate and reliable results. One of the challenges that digital forensic professionals have been facing in the recent years is the volume of data submitted for analysis. Few digital forensic methodologies have been developed to provide a framework for the entire process and also offer techniques that would assist digital forensic professionals to reduce the amount of analyzed data. This paper proposes a methodology that focuses mostly on fulfilling the forensic aspect of digital forensic investigations, while also including techniques that can assist digital forensic practitioners in solving the data volume issue.

Focused Digital Forensic Methodology

Modern society has become very dependent on computers and technology to run all aspects of their lives. Technology has had a very positive impact on humanity, which can be easily proven with a short visit to any hospital and witnessing how computers and technology have become tools used to treat and save lives. However, computers have an indisputable disadvantage of being used as a tool to facilitate criminal activities. For instance, the sexual exploitation of children can be performed using the Internet, which would allow criminals to remain anonymous while preying on innocent children. The number of digital related crimes are increasing, which makes law enforcement agencies engaged in a constant battle against criminals who use this technology to commit crimes. As a result, digital forensics has become an important part of law enforcement investigations. Digital forensics is not only performed during law enforcement investigations but can also be conducted during the course of civil matters.

The fact that the information obtained from digital forensic investigations would and can be used as evidence during legal proceedings means that the entire process must be performed according to the legal standards. Perumal (2009) explained that the legal system requires digital forensic processes to be standardized and consistent. One of the issues that Perumal highlighted was the fact that digital evidence is very fragile and the use of improper methods could potentially alter or eliminate that evidence. There are a huge number of methodologies that have been developed all over the world, many of them were designed to target a specific type of technology (Selamat, Yusof, and Sahib, 2008). Also, many methodologies were developed to address requirements imposed by the legal system in certain jurisdictions. One of the methodologies that did not base their theory on technology or the law is the Integrated Digital Investigation Process (IDIP) Model. Carrier and Spafford (2003) explained that the IDIP Model is based on the Locard Exchange Principle, which is used to retrieve evidence from physical crime scenes. The IDIP Model uses the idea that when software programs were being executed in an electronic environment, electronic artifacts would most likely be created on the underlying device. Those artifacts can be retrieved and analyzed to obtain information about a certain incident or event.

This paper examines different literatures that present different types of digital forensic methodologies. Some of these methodologies have taken the focus away from the forensic aspect of digital forensic investigations. Instead, these methodologies have addressed crime scenes and other processes that are not related to the digital forensic field. Also, much research has been focused on creating solutions to the challenges that digital forensic practitioners are facing when conducting digital forensic investigations. One of the main challenges that multiple literatures have addressed is the constant increase in the volume of data that practitioners are acquiring and examining during investigations. This paper proposes a digital forensic methodology that would allow forensic practitioners to overcome the data volume issue and eliminate the lack of focus found in many methodologies.

Previous Work

As it was mentioned above, there are a large number of digital forensic methodologies that were developed all over the world. One of the first serious attempts to develop a standardized methodology that could be used during digital forensic investigations was in 1995. Pollitt (1995) utilized processes that were originally developed to handle physical evidence as a framework to create a methodology for digital forensic investigations. The author’s approach to creating different phases being conducted during an investigation was inspired by many factors that the legal system considers when evaluating any type of evidence. The court would evaluate; whether the seizure was properly conducted, was there any alteration that occurred with the evidence, and what methods were used to examine the evidence. The proper performance of all these steps would allow any type of evidence to be admitted by the court. Pollitt (1995) developed a methodology that consisted of four phases; acquisition, identification, evaluation, and admission as evidence. This methodology focused mostly on the forensic aspect of the investigation and did not extend to other processes that other researchers have considered in their methodology; preparation, planning, and the search of physical crime scene.

Many digital forensic methodologies were developed after Pollitt’s methodology. Some of those methodologies have used different terminology and sequencing of the phases that a forensic practitioner would have to perform throughout their investigations. Most of the methodologies have agreed on certain processes that are related to the forensic aspect of digital forensic investigations (Selamat et al., 2008). Selamat et al. studied 11 different digital forensic methodologies and concluded that all of them had common phases; preservation, collection, examination, analysis, and reporting. This means that all these researchers have agreed on these specific phases and any newly developed methodology would have to include similar phases.

According to Ruibin, Yun, and Gaertner (2005), the proper completion of any digital forensic investigation is directly related to conducting the processes that are similar to the ones highlighted by Selamat et al. (2008). Ruibin, Yun, and Gaertner also explained that in order to properly perform these phases, proper technique must be used. These techniques would ensure that the authenticity and reliability of the evidence is acceptable by the legal standards of the jurisdiction where the methodologies are being implemented. The use of the term legal is not foreign to digital forensic methodologies, as many researchers have addressed the importance of performing digital forensic investigations using the proper legal authorizations. For instance, the Integrated Digital Investigation Process (IDIP) Model has included obtaining legal authorization to perform a digital forensic investigation as one of the sub-phases of the Deployment Phase (Baryamureeba and Tushabe, 2004).

The IDIP Model was revised by Baryamureeba and Tushabe (2004) after noticing some practicality and clarity problems. Baryamureeba and Tushabe named the revised version as the Enhanced Integrated Digital Investigation Process (EIDIP) Model. In the EIDIP Model, the authors focused on two aspects, the sequence of the phases and clarity in regard to processing multiple crime scenes. The EIDIP proposed a modification to the deployment phase of the IDIP Model and included investigation of the physical and digital scenes as a way to arrive at the confirmation phase. Also, Baryamureeba and Tushabe added the Traceback phase, which aims at using information obtained from the victim’s machine to trace back other machines used to initiate the incident.

Challenges Facing Current Methodologies

Technology has been developing on two aspects; hardware and software. For instance, a mobile device hardware has seen great advances that allows these devices to be able to perform complex operations efficiently. At the same time, the software operates on mobile devices has also undergone great advancements to be able to support the consumers’ demand. However, these enormous changes in technology have affected the digital forensic methodologies, especially the ones that evolved around a certain set of technologies. Selamat et al. (2008) explained that there are many digital forensic methodologies that have been developed to target certain devices or a specific type of technology. The main problem with this type of methodology is the rapid changes of the underlying technology, which render these methodologies obsolete.

The legal system in different jurisdictions view digital forensics differently, which reflects on the methodologies used by forensic practitioners in those jurisdictions. According to Perumal (2009), “As computer forensic is a new regulation in Malaysia, there is a little consistency and standardization in the court and industry sector. As a result, it is not yet recognized as a formal ‘Scientific’ discipline in Malaysia” (p. 40). This means that the most affected jurisdictions are ones that have not developed a full understanding of computer forensics and the processes used to preserve and analyze electronic evidence. Also, the lack of understanding by the legal system would reduce the influence that the legal system has on shaping methodologies and making them acceptable by legal standards.

One of the other challenges related to digital forensic methodologies had been caused by the researchers who develop these methodologies. Some researchers have used titles and terminology in naming their methodologies that is not related to digital forensics. For instance, Baryamureeba and Tushabe (2004) named the fourth stage of the EIDIP Model as the Dynamite Phase, which includes Reconstruction and Communication as sub-phases. This lack of clarity in terminology would have a negative impact on any effort to help groups outside the digital forensic arena to have a better understanding of the processes used in the digital forensic field. As it was explained above, some jurisdictions across the globe are still unsure about digital forensics and the evidence obtained from a digital forensic investigation. This means that there would be advantages for researchers to utilize more modest and familiar terminology when addressing digital forensic methodologies. This simplicity in the terminology would assist the legal system in having a better understanding of the digital forensic processes.

The same challenges that the digital forensic field is currently facing can also be seen as challenges to digital forensic methodologies. Some of those challenges are; volume of data, encryption, anti-forensic techniques, and lack of standards. The reason these factors are perceived as challenging is because they have been slowing down the progression of digital forensic investigations. For instance, a fully encrypted computer system and an undisclosed encryption key would prevent practitioners from gaining access to the data, which ultimately imposes a challenge on the entire digital forensic process. One of the challenges that has been addressed by many researchers is the volume of data examined by forensic practitioners during digital forensic investigation. Examining a large amount of information during a digital forensic investigation would slow down the entire forensic process and affect the flow of operations for forensic laboratories.

Volume of Data

The increase in the volume of data was caused by the increasing sizes of electronic storage devices and at the same time the significant decrease in prices of those devices. According to Quick and Choo (2014), digital forensic practitioners have seen a significant increase in the amount of data that is being analyzed in every digital forensic examination. The authors explained that three factors have contributed to the volume of data that has become an issue for digital forensic practitioners; increase in the number of electronic devices for each investigation, the increase in the size of memory for those devices, and the number of investigations that require digital forensic examinations.

The significant increase in the volume of data has caused a great burden on forensic laboratories. Digital forensic practitioners are forced to spend longer times examining and analyzing larger data sets, which cause huge delays in completing digital forensic investigations. Quick and Choo (2014) explained that forensic laboratories have backlogs of work caused by the amount of time spend on each single examination. Some may argue that the increased amount of data can be an advantage as consumers are not forced to delete any data. However, Quick and Choo (2014) highlighted the seriousness of the data volume issue and stated, “Serious implications relating to increasing backlogs include; reduced sentences for convicted defendants due to the length of time waiting for results of digital forensic analysis, suspects committing suicide whilst waiting for analysis, and suspects denied access to family and children whilst waiting for analysis” (p. 274).

Current Solutions to the Data Volume Issue

Ruibin et al. (2005) offered a way to reduce the amount of data for each case by determining the relevant data based on the preliminary investigation. The relevant data for a certain case can be determined through two sources; case information and the person investigating the matter. Combining the information from both sources would assist in building a case profile, which can then be used to determine what type of information would be relevant for each forensic examination. The solution proposed by Ruibin et al. (2005) did not focus on using the technology to reduce the amount of data; however, there were other proposed solutions that suggested using technology to eliminate the data volume issue.

Neuner, Mulazzani, Schrittwieser, and Weippl (2015) proposed a technique that depends on technology to reduce the data volume. Their technique is based on the idea of file deduplication and file whitelisting. Deduplication and file whitelisting techniques would allow digital forensic practitioners to reduce the number of files that would have to be reviewed. Reducing the number of files would reduce the amount of time needed to complete the entire process. The authors defined the whitelisting technique as a way to compare a known list of hash values to the evidence and exclude any matches, as the contents of those files have already been determined. This list of hash values can either represent safe files or known contraband. The method offered by Neuner et al. (2015) is completely automated, and it would not require any human intervention, which means that no manpower is required to perform this task. Both solutions explained above are not controversial, as they utilize standard methods to locate the evidence. However, that is not the case with all solutions proposed to solve the data volume issue.

Quick and Choo (2014) explained that many researchers have addressed the issue of data volume through the use of the term sufficiency of examination. Those researchers did not focus on reducing the amount of data to be examined. Instead, they proposed limiting the search for electronic information only to the amount that would answer the main questions of the investigation. In other words, if a digital forensic practitioner examining a computer system for any evidence related to a child pornography investigation, the examination can be stopped once enough evidence was found to charge the suspect. This means that not all of the computer system would be examined and practitioners would be able to complete more examinations in a shorter period of time.

Some may argue that conducting a partial examination of the data could potentially lead to missing valuable digital evidence. For instance, in the example above concerning conducting a partial examination of child pornography evidence, conducting a full exam may lead to discovering pictures and videos of minors that are being sexually exploited. Those victims can potentially be identified and rescued. This means that conducting a partial examination of the evidence could possibly prevent those victims from being rescued. Still, assuming a full exam could lead to identifying other victims does not stand when confronted by the facts presented by Quick and Choo’s (2014), which highlighted the fact that delaying the results of a forensic exam has grievous negative effects. These effects can be seen on suspects who are waiting a long time for forensic practitioners to conclude their exams. The same goes for the victims, as they are not able to get any closure during the investigation, as they all have to await the exam to be concluded.

The Proposed Methodology

Digital forensic practitioners continue to face a great deal of pressure from the challenges explained earlier. These challenges are placing obstacles in the way of examinations, in return causing practitioners to spend an extensive amount of time working on each investigation. However, it appears that researchers have not invested much effort into creating methodologies that would support practitioners to ease the pressure and eliminate the challenges. However, some may impose a compelling argument that not all challenges can be resolved in the context of the methodologies. For instance, data encryption is one of the issues that prevents practitioners from accessing the evidence and can be categorized as a technical challenge. This means that researchers would not be able to address this challenge in the context of a digital forensic methodology as methodologies are supposed to address higher level processes that occur during digital forensic investigations. Even though this argument seems compelling, practitioners can still create methodologies that are at least capable of reducing the workload pressure away from practitioners.

Selamat et al. (2008) described the Extended Model presented by Ciardhuain (2004) as a complete framework that provides clear stages for digital forensic investigations. Ciardhuain (2004) suggested that there are multiple steps that must be taken throughout digital forensic investigations; awareness, authorization, planning, notification, search and identification of evidence, collection, transport, storage, examination, hypotheses, presentation, proof/defense, and dissemination. Selamat et al. (2008) also explained that the Extended Model included all five phases that were agreed upon by many researchers. This means the remaining phases of the Extended Model are not related to digital forensics and removing them would not affect the authenticity or reliability of the electronic evidence. However, some may argue that the Extended Model was not intend to be conducted by only digital forensic practitioners, as many phases of the model can be performed by non-digital forensic practitioners. For instance, in a criminal investigation, completing the authorization phase can be performed by law enforcement personnel to grant forensic practitioners lawful access to the evidence. This means that the Extended Model, is a framework that is not only for practitioners, but is for all investigations that involve digital evidence.

This paper proposes a new methodology, Focused Digital Forensic Methodology (FDFM), that is capable of eliminating the data volume issue and the lack of focus with the current digital forensic methodologies. The FDFM is designed to be a reflection of the current workflow of law enforcement and civil investigations. The FDFM focuses on ensuring that digital forensic investigations are being conducted properly without overloading practitioners with unrelated activities. Further, the FDFM proposes techniques to reduce the volume of data to cut on time required to complete examinations of electronic evidence, especially on larger data sets. This paper proposes a new methodology, Focused Digital Forensic Methodology (FDFM), that is capable of eliminating the data volume issue and the lack of focus with the current digital forensic methodologies. The FDFM is designed to be a reflection of the current workflow of law enforcement and civil investigations. The FDFM focuses on ensuring that digital forensic investigations are being conducted properly without overloading practitioners with unrelated activities. Further, the FDFM proposes techniques to reduce the volume of data to cut on time required to complete examinations of electronic evidence, especially on larger data sets.

A quick review of the Extended Model would lead to a conclusion that it focuses on activities related to evidence that is considered common knowledge in the law enforcement field and digital forensic field. For instance, the transportation and storage activities of the EIDIP are two parts of evidence handling that is being trained to law enforcement personnel and digital forensic practitioners. So, it would not be of value to emphasiz the idea that digital forensic practitioners must transport and store the evidence after it was collected. For that reason, the FDFM has excluded aspects that can be considered common knowledge in the digital forensic field, which are related to the proper handling of evidence.

Phases of the FDFM

The FDFM is designed in a way similar to the IDIP and EIDIP, as it is broken down into multiple phases, which are further broken down into sub-phases. The FDFM is designed in a way similar to the IDIP and EIDIP, as it is broken down into multiple phases, which are further broken down into sub-phases.

Preparation Phases. The preparation phase can be applied in two situations; when creating a new digital forensic team and after completing a digital forensic investigation. This phase is mainly aimed at ensuring that digital forensic teams, no matter what their mission might be, are capable of initiating and completing an investigation properly and without any problems. Just as the case for the EIDIP, the focus in this phase is ensuring that the forensic team is trained and equipped for their assigned mission.

Training. To ensure the forensic team is executing a forensic methodology properly, they must have all the training that would equip all team members with the knowledge needed. This training does not only focus on how to collect or search evidence properly but also trains the members on how to use the tools needed during those processes. For instance, the team should have the knowledge needed regarding the value of preserving data. They should also be able to utilize any software or hardware tools that are capable of preserving and acquiring data from different platforms.

Equipment. There are many tools that digital forensic professionals utilize during investigations that are capable of serving different purposes. One of the functions that those tools are able to accomplish is automating different processes during the investigation, and completing those jobs in a timely manner. Depending on the main mission of the forensic team, tools and equipment must be available to ensure a proper and fast completion of any digital investigation.

On-Scene Phases. This phase focuses on processes that would be accomplished in the event that a digital forensic team was called in to assist with executing search warrants or even preserving data for a civil litigation.

Physical Preservation. During this phase, digital forensic practitioners ensure that any item that may contain electronic information of value is protected. This protection would ensure that no damage would be inflected on any electronic device that can cause the loss of the information within. For instance, if a digital forensic practitioner found one of the items sought during the search of a residence, this item must be kept in a location under the control of the searching team. This means that any occupant in the residence would not be able to cause any damage to the device, which they would possibly attempt if they believed that it contained incriminating evidence.

Electronic Isolation. The other part of the preservation is ensuring that the information within the collected device is preserved by eliminating any electronic interference. An item like a mobile device would have to be isolated from the cellular network to ensure that no one is capable of damaging or changing the data remotely. The same case applies to computers or other items with network connectivity, as suspects could connect remotely to those devices and attempt to eliminate any information that is potentially damaging to their case. Electronic Isolation. The other part of the preservation is ensuring that the information within the collected device is preserved by eliminating any electronic interference. An item like a mobile device would have to be isolated from the cellular network to ensure that no one is capable of damaging or changing the data remotely. The same case applies to computers or other items with network connectivity, as suspects could connect remotely to those devices and attempt to eliminate any information that is potentially damaging to their case.

Electronic Preservation. The last part of preservation is creating a complete or partial duplicate of the targeted electronic information. The created copy would ensure that the electronic evidence is preserved in a forensic image. In the event that the devices were not supposed to be removed from the scene, forensic images would have to be created on scene, which can then be taken back to the laboratory for examination. A partial collection can also be conducted during this phase, which would be especially advantageous for civil litigation purposes. In those cases, the collection of an entire computer system is not recommended, and practitioners would have to search for and collect only the relevant data.

Laboratory Phases. These phases are conducted when the team is at the laboratory and have all the evidence or forensic images collected from the scene. Prior to interacting with the evidence, an attempt would be made to reduce the volume of data that an examiner would have to process and analyze. The reduction of data volume is crucial for cases that have a huge number of electronic devices and a large volume of storage for electronic information. As it was explained earlier, reducing the volume of data would expedite the examination of the evidence and allow for a better workflow. Once the reduction of data has been completed, examiners can begin processing and analyzing data.

Building Case Profile. This phase is somewhat similar to the creation of a case profile presented by Ruibin et al. (2005). These authors suggested using input from the investigation to identify the type of information that a digital forensic practitioner would need to focus on finding during the examination. For instance, if the case is related to pictures of evidentiary value, then a practitioner would need to be focused on reviewing all the pictures found on a device, without the need to focus on any other type of electronic information. For the FDFM, building a case profile would begin, just as the case for Ruibin et al. (2005), with obtaining information from the investigating agency regarding their investigation. The obtained information must focus specifically on the relationship between the electronic evidence and the incident under investigation. In other words, the investigating agency would have to provide information about what role the devices played in the incident. For instance, a mobile device would be submitted to the digital forensic team as part of a rape investigation. The investigating agency would have to prove how the mobile device was related to the rape incident. In these situations, the phone could have been used by the suspect to communicate with or lure the victim into a certain location. Building Case Profile. This phase is somewhat similar to the creation of a case profile presented by Ruibin et al. (2005). These authors suggested using input from the investigation to identify the type of information that a digital forensic practitioner would need to focus on finding during the examination. For instance, if the case is related to pictures of evidentiary value, then a practitioner would need to be focused on reviewing all the pictures found on a device, without the need to focus on any other type of electronic information. For the FDFM, building a case profile would begin, just as the case for Ruibin et al. (2005), with obtaining information from the investigating agency regarding their investigation. The obtained information must focus specifically on the relationship between the electronic evidence and the incident under investigation. In other words, the investigating agency would have to provide information about what role the devices played in the incident. For instance, a mobile device would be submitted to the digital forensic team as part of a rape investigation. The investigating agency would have to prove how the mobile device was related to the rape incident. In these situations, the phone could have been used by the suspect to communicate with or lure the victim into a certain location.

Once all the information was obtained regarding the investigation and the evidence, the type of data relevant to the investigation can be determined. In the example above regarding the rape case, the suspect may have used text messages to communicate with the suspect, which makes any text base communication between both parties relevant and must be reviewed and analyzed. In some cases, determining the approximate size of information sought can also be relevant and would allow for the examination to be even more focused. For instance, an investigating agency submitted one 500 gigabyte external drive and one 8 gigabyte thumb drive to the digital forensic team for examination. The investigation was seeking documents approximately 30 gigabytes in size relevant to a fraud case. In this situation, a forensic practitioner would focus on the external drive as it most likely contains the documents because it is more than 20 gigabytes in size. In the same sense, the 8-gigabyte thumb drive most likely does not have the documents because of its small size.

The next step of the case profile is determining the most relevant type of devices based on the information obtained thus far about the investigation. If the examination is seeking text-based messages sent to the victim, then it likely means that a mobile device was used to send those messages. However, this does not mean that a computer cannot be used to send such messages, but a mobile device is the most likely suspect in this situation. Then, the profile can provide further emphasis on the possibility of a mobile device being the source of the relevant messages. It is apparent from the above that building a case profile would require an experienced digital forensic practitioner, using prior experience and knowledge while building the case profile would result in a more accurate and realistic conclusion. The next step of the case profile is determining the most relevant type of devices based on the information obtained thus far about the investigation. If the examination is seeking text-based messages sent to the victim, then it likely means that a mobile device was used to send those messages. However, this does not mean that a computer cannot be used to send such messages, but a mobile device is the most likely suspect in this situation. Then, the profile can provide further emphasis on the possibility of a mobile device being the source of the relevant messages. It is apparent from the above that building a case profile would require an experienced digital forensic practitioner, using prior experience and knowledge while building the case profile would result in a more accurate and realistic conclusion.

The final step of the case profile is setting goals that the investigation is hoping to accomplish at the end of the examination. These goals are based on all the information gathered thus far and how the evidence was going to prove or disprove an incident or event. For instance, in the example of the rape investigation mentioned above, retrieving the text messages from the mobile device is the first goal to show that the suspect had lured the victim to the crime scene. The timeline of those messages is another piece of information that would corroborate the victim’s statement regarding different events prior to the incident. While examining the mobile device, these goals would make it clear to the digital forensic practitioner what the expected results following the examination of the device. The final step of the case profile is setting goals that the investigation is hoping to accomplish at the end of the examination. These goals are based on all the information gathered thus far and how the evidence was going to prove or disprove an incident or event. For instance, in the example of the rape investigation mentioned above, retrieving the text messages from the mobile device is the first goal to show that the suspect had lured the victim to the crime scene. The timeline of those messages is another piece of information that would corroborate the victim’s statement regarding different events prior to the incident. While examining the mobile device, these goals would make it clear to the digital forensic practitioner what the expected results following the examination of the device.

In civil litigation cases and even criminal cases, it would be beneficial during this phase to generate a list of keyword searches that could be used during the examination process. Those keywords must be related directly to the evidence and based on the information obtained about the evidence. When dealing with civil litigation cases, the keyword list would become the main method used to locate any responsive and relevant electronic information. The words added to the list must also be related to the goals setup to be accomplished at the end of the investigation. For instance, if the civil case is related to patent infringement, then the keywords would reveal documents or data that could prove or disprove the allegations submitted by one party against the other.

Evaluation of the Evidence. This evaluation of the evidence would have to occur based on the case profile that was created during the previous phase. The main goal of this phase is to exclude any device that does not match the case profile and most likely would not hold any information sought during the examination of the evidence. Excluding items that do not have relevant information from being examined would reduce the amount of information that a digital forensic practitioner examines in each case. This would ultimately cut on the amount of time needed to complete the examinations and give the investigators faster results. As it was explained above, the case profile would determine the type of electronic information, the timeline related to the information, the size of the electronic information, and other aspects of the evidence. Using the generated profile, the items of evidence can be listed in a way that the device most likely containing the information would be placed on the top of the list. The rest of the devices would be placed in the same way, which is based on the likelihood that they would contain the targeted data. Based on this list, the last item of the list would be least likely to contain information relevant to the investigation.

Forensic Acquisition. During this phase, any data that was not acquired or preserved on scene would be imaged. The imaging process would focus on the items that are on the top of the list that was generated during the Evaluation of the Evidence phase. This means that only items that are believed to hold the relevant data would be acquired and not the entire list of items. This would save on the storage space required to save all the forensic images to and also reduce the time required for imaging.

Partial Examination/Analysis. Many digital forensic models separate the examination phase from the analysis phase, just as the case for the Abstract Digital Forensic Model (Reith, Carr, and Gunsch, 2002). Those models assume that a digital forensic practitioner would search the evidence for any relevant data during the examination phase. Then, an analysis would be conducted during the analysis phase to determine the significance of the information found during the examination phase. In the FDFM, those two phases are combined in one phase as they cannot be separated since they occur at the exact same moment during the search for the evidence. The FDFM proposes creating a case profile prior to examining the evidence, which means that a digital forensic practitioner would know what to search for and the significance of the information beforehand. So, while searching for the evidence, examiners would be able to determine the significance of the information as it is being located.

An example of the situation explained above is the rape incident that was mentioned earlier and the mobile device that holds the information related to the incident. At the time when the practitioner they had prior knowledge that the targeted information related to luring the victim to the incident location was in the text messages. While reviewing the text messages, the digital forensic practitioner found a message that showed how the suspect and victim had met. Then, on the day of the incident, other messages were found showing how the victim was lured to the location of the incident. As the forensic practitioner is reviewing the messages, they are evaluating the information simultaneously and weighing the significance of the pieces of information as it is being found. As each text message is going to add another piece of information related to the incident. At the end of this phase, the forensic practitioner will have a full picture of what happened on that day and any other information related to the incident. It would not be practical for the forensic practitioner to go back and reanalyze information that was previously analyzed as the information was being found. It is also worth mentioning that digital forensic practitioners usually mark the relevant data as it is being found to ensure that it is being included in the final report generated by the tool used to review the evidence. An example of the situation explained above is the rape incident that was mentioned earlier and the mobile device that holds the information related to the incident. At the time when the practitioner they had prior knowledge that the targeted information related to luring the victim to the incident location was in the text messages. While reviewing the text messages, the digital forensic practitioner found a message that showed how the suspect and victim had met. Then, on the day of the incident, other messages were found showing how the victim was lured to the location of the incident. As the forensic practitioner is reviewing the messages, they are evaluating the information simultaneously and weighing the significance of the pieces of information as it is being found. As each text message is going to add another piece of information related to the incident. At the end of this phase, the forensic practitioner will have a full picture of what happened on that day and any other information related to the incident. It would not be practical for the forensic practitioner to go back and reanalyze information that was previously analyzed as the information was being found. It is also worth mentioning that digital forensic practitioners usually mark the relevant data as it is being found to ensure that it is being included in the final report generated by the tool used to review the evidence.

The FDFM suggests the use of a method that was referenced by Quick et al. (2014), which aims at conducting a partial examination and analysis of the evidence as a solution for the data volume issue. According to Quick et al. (2014), the digital forensic practitioner would be, “doing enough examination to answer the required questions, and no more” (p. 282). The same concept can be applied using the FDFM, as digital forensic practitioners conduct examinations only to accomplish the goals setup during the Building Case Profile phase. The examination would be performed in the same sequence of relevance as determined during the Evaluation of the Evidence phase. This means that the examination would begin with the more relevant items and continue down the list until all the goals are accomplished. One of the greatest benefits of conducting partial examinations of the evidence is maintaining the privacy of the owners. For instance, mobile devices contain a vast amount of private information about the owners. This means that the more information to be reviewed, the more loss of privacy that would occur. Limiting the examination to the need of the investigation would assist in maintaining a certain limit of privacy for the owner of the data.

Reporting. During this phase, all the information found during the examination would be placed in a report to inform the investigating agency of the findings. There are many report formats used by different agencies. However, all formats have one thing in common, which is that they are all driven by the findings of the examination and not opinions. Reports that are supported by solid evidence are hard to dispute, as the evidence behind the information in those reports would suppress any arguments.

Conclusions and Future Research

There are many literatures that propose different types of methodologies that have different focuses. However, many of those methodologies have included phases that are not related to the forensic aspect of those methodologies. Many researchers also addressed the issue of the volume of data that is causing huge delays with digital forensic exams. The proposed methodology, FDFM, allows digital forensic professionals to be focused more on forensics during any digital forensic investigation. This methodology has excluded any phases that were included in other methodologies and are considered common knowledge within the digital forensic field. The proposed methodology also addressed one of the biggest challenges for digital forensic investigations, which is the volume of data. The FDFM proposed two methods that would allow for reduction in the volume of data, excluding devices that do not contain relevant information and conducting partial examinations. Both techniques can be applied only after a case profile has been generated based on the information obtained by the investigating agency. Future research can be conducted by focusing on integrating other techniques to the FDFM that would eliminate other challenges of digital forensic investigations.

References

Agarwal, A., Gupta, M., & Gupta, S. (2011). Systematic digital forensic investigation model. International Journal of Computer Science and Security (IJCSS), 5(1), 118-131.

Baryamureeba, V., & Tushabe, F. (2004). The Enhanced Digital Investigation Process Model. Proceedings of the Digital Forensic Research Conference. Baltimore, MD.

Carrier, B., & Spafford, E. H. (2003). Getting physical with the Digital Investigation Process. International Journal of Digital Evidence, 2(2), 1-20.Carrier, B., & Spafford, E. H. (2003). Getting physical with the Digital Investigation Process. International Journal of Digital Evidence, 2(2), 1-20.

Ciardhuain, S. O. (2004). An extended model of cybercrime investigations. International Journal of Digital Evidence, 3(1), 1-22.

Neuner, S., Mulazzani, M., Schrittwieser, S., & Weippl, E. (2015). Gradually improving the forensic process. In the 10th International Conference on Availability, Reliability and Security, 404-410. IEEE.

Perumal, S. (2009). Digital forensic model based on Malaysian investigation process. International Journal of Computer Science and Security (IJCSS), 9(8), 38-44.

Pollitt, M. M. (1995). Computer forensics: An approach to evidence in cyberspace. In the 18th National Information Systems Security Conference, 487-491. Baltimore, MD.

Quick, D., & Choo, K. R. (2014). Impact of increasing volume of digital forensic data: A survey and future research challenges. Digital Investigation, 11(4), 273-294.

Reith, M., Carr, C., & Gunsch, G. (2002). An examination of the digital forensic models. International Journal of Digital Evidence, 1(3), 1-12.

Ruibin, G., Yun, T., & Gaertner, M. (2005). Case-relevance information investigation: binding computer intelligence to the current computer forensic framework. International Journal of Digital Evidence, 4(1), 147-67.

Selamat, S. R., Yusof, R., & Sahib, S. (2008). Mapping process of digital forensic investigation framework. International Journal of Computer Science and Network Security, 8(10), 163-169.

About the Author

Haider Khaleel is a Digital Forensics Examiner with the US Army, previously a field agent with Army CID. Haider received a Master’s Degree in Digital Forensics Science from Champlain College. The ideas presented in this article do not reflect the polices, procedure, and regulations of the author’s agency.

Correspondence concerning this article should be addressed to Haider H. Khaleel, Champlain College, Burlington, VT 05402. haider.khaleel@mymail.champlain.edu

by Haider H. Khaleel Abstract Since the end of the 19th Century until the current time, law enforcement has been facing a rapid increase in computer-related crimes. In the present time, digital forensics has become an important aspect of not only law enforcement investigations, but also; counter-terrorism investigations, civil litigations, and investigating cyber-incidents. Due to […]

via Focused Digital Forensic Methodology — Forensic Focus – Articles

Police cloned a Michigan murder victim’s fingerprint that unlocked his phone — Quartz

Cracking crime just got a lot more innovative.

Police and biometrics researchers at Michigan State University have successfully unlocked the smartphone of a murder victim by using a digitally enhanced print-out of his fingerprint.

Officers from the digital forensics and cyber-crime unit at MSU’s police department approached the college’s biometrics research lab last month, having become aware of the team’s research (pdf) on how printed fingerprints can spoof mobile-phone sensors.

Police had the fingerprints of the murder victim from a previous arrest, which they gave to the lab to 3D print in a bid to unlock the device—a Samsung Galaxy S6.

Unsure which finger was paired to the phone, the lab printed 2D and 3D replicas of all 10 of the slain man’s fingerprints. None of them unlocked the device, so the team then digitally enhanced the quality of prints by filling in the broken ridges and valleys. Rather than opting for a more expensive 3D model, they printed new 2D versions using a special conductive ink that would create an electrical circuit needed to spoof the phone sensor.

After multiple attempts—thanks to the device not requiring a passcode after a certain number of efforts—the team successfully unlocked the phone with one of the digitally enhanced 2D prints.

An MSU spokesperson told Quartz there were plans to print 3D models to test on other devices—there was no need to do so for the victim’s phone, as the 2D print was successful.

Professor Anil Jain, who led the research team at MSU, says the unlocking demonstrates “a weakness” in smartphones’ fingerprint authentication systems, and that he hoped it would “motivate phone developers to create advanced security measures for fingerprint liveness detection.” He added:

This shows that we need to understand what types of attacks are possible on fingerprint sensors, and biometrics in general, and how to fix them. If we don’t, the public will have less confidence in using biometrics. After all, biometric authentication was introduced in consumer devices to improve security.

According to MSU, this is the first time law enforcement has used such technology as part of an ongoing investigation. A spokesperson said the lead detective “even contacted the company that was asked to help with [unlocking] the San Bernardino shooter’s phone and he kept getting the same answer: can’t do it, the tech doesn’t exist. Well, the tech exists now!”

In a statement, Samsung said:

We are aware of the research from Michigan State University, but would like to remind users that it takes special equipment, supplies and conditions to simulate a person’s fingerprint, including actual possession of the fingerprint owner’s phone, to unlock the device. If there is a potential vulnerability or a new method that challenges our efforts to ensure security at any time, we will respond to issues as quickly as possible to investigate and resolve the issue

Cracking crime just got a lot more innovative. Police and biometrics researchers at Michigan State University have successfully unlocked the smartphone of a murder victim by using a digitally enhanced print-out of his fingerprint. Officers from the digital forensics and cyber-crime unit at MSU’s police department approached the college’s biometrics research lab last month, having become […]

via Police cloned a Michigan murder victim’s fingerprint that unlocked his phone — Quartz

6 Forensic Advancements via Sue Colleta

The forensic community works tirelessly to improve techniques to aid law enforcement, and much of this work is done at body farms across the country. The Texas body farm has conducted some amazing work as of late. I’ve complied my top six forensic advancements, which I think you’ll find fascinating. 6 Mind-Blowing Forensic Advancements

via 6 Mind-Blowing Forensic Advancements – by Crime Writer, Sue Coletta… — Chris The Story Reading Ape’s Blog

Press Release | Forensic Science Misconduct: A Dark and Cautionary Tale | @csidds

Integrity and Accountability—The Declining State of Physician Health and the Urgent Need for Ethical and Evidence-Based Leadership

IMG_9516“A body of men holding themselves accountable to nobody ought not to be trusted by anybody.”
― Thomas Paine 

USDTL drug testing laboratory claims to advance the”Gold Standard in Forensic Toxicology.”  “Integrity: Results that you can trust, based on solid science” is listed as a corporate value. “Unlike other laboratories, our drug and alcohol testing begins and ends with strict chain of custody.” “When people’s lives are on the line, we don’t skip steps.”  Joseph Jones, Vice President of Laboratory Operations explains the importance of chain-of-custody in this USDLT videopresentation.

Dr. Luis Sanchez, M.D. recently published an article entitled Disruptive Behaviors Among Physicians in the Journal of the American Medical Association discussing the importance of  of a “medical culture of safety” with “clear expectations and standards.”  Stressing the importance of values and codes-of-conduct in the practice of medicine, he calls on physician leaders  “commit to professional behavior.”

Sanchez is Past President of the Federation of State Physician Health Programs (FSPHP).  According to their website the FSPHP “serves as an educational resource about physician impairment, provides advocacy for physicians and their health issues at local, state, and national levels, and assists state programs in their quest to protect the public.”  In addition the FSPHP “helps to establish monitoring standards.”  The FSPHP is the umbrella organization of the individual State PHPs.

Sanchez is also the previous Medical Director of the Massachusetts state PHP, Physician Health Services, Inc. (PHS).  According to their website PHS is a “nonprofit corporation that was founded by the Massachusetts Medical Society to address issues of physician health. PHS is designed to help identify, refer to treatment, guide, and monitor the recovery of physicians and medical students with substance use disorders, behavioral health concerns, or mental or physical illness.

PHPs recommend referral of physicians if there are any concerns such as getting behind on medical records.  As PHS Associate DirectorJudith Eaton explains “when something so necessary is not getting done, it is prudent to explore what else might be going on.”  If the PHP feels that doctor needs an assessment they will send that doctor to a “PHP-approved” facility “experienced in the assessment and treatment of health care professionals.” The physician must comply with any and all recommendations of the assessment center.  To assure this the physician must sign a monitoring contract with the PHP (usually five years). USDTL is one of the labs PHPs have contracted with for forensic drug and alcohol testing.


Forensic Drug and Alcohol Tests: The Need For Integrity and Accountability of the Sample

Screen Shot 2013-09-04 at 6.14.30 PM

“Forensic” drug-testing differs from “clinical” drug-testing in how the results are used. “Clinical” tests are used for medical purposes in diagnosing and treating a patient.

A “forensic” test is used for  non-medical purposes.  It is not used for patient care, but for detecting licit and illicit substances in those who should not be using them. Pre-employment and employee assistance and professional monitoring programs are examples.Screen Shot 2014-05-08 at 2.17.18 AM

Forensic testing is held to a higher standards because the consequences of a positive result can be grave and far reaching. A positive forensic test can result in loss of rights of the individual being tested and his or her loved ones. Mistakes are unacceptable.

The Federation of State Medical Boards Policy on Physician Impairment supports this position stating “chain-of-custody forensic testing is critical” (page 14) and the “use of a Medical Review Officer (MRO) for screening samples and confirming sample results” (page 21).

Any and all drug testing requires chain-of-custody. The custody-and-control form is given the status of a legal document because it has the ability to invalidate a test that lacks complete information.  Chain-of-custody provides assures specimen integrity. It provides accountability. 

Screen Shot 2014-11-06 at 7.25.46 PM The job of the MRO is to ensure that the drug testing process is followed to the letter and reviews the Custody and Control form for accuracy.  The MRO also rules out any other possible explanations for a positive test (such as legitimately prescribed medications).  Only then is the test reported as positive.

The legal issues involved in forensic testing mandate MRO review. According to The Medical Review Officer Manual for Federal Workplace Drug Testing ProgramsScreen Shot 2013-12-19 at 12.20.46 PM

the sole responsibility of the MRO is to”ensure that his or her involvement in the review and interpretation of results is consistent with the regulations and will be forensically and scientifically supportable.”

“Fatal flaws” such as lack of chain-of-custody form, missing tamper proof seal, missing signatures, or a mismatch of the sample ID and chain of custody ID invalidate the test.   It is not reported.  Tight chain-of-custody and MRO review is critical for the accountability and integrity of the sample.

The Medical Review Officer Certification Council  provides a certification process for MROs. They Screen Shot 2014-04-30 at 12.47.25 PMalso  follow their own Code of Ethics.   In accordance with these standards PHS has an MRO to review all positive tests.  As added assurance the FSPHP guidelines state that all positive tests must be approved by the Medical Director.


Regulation and the Medical Profession–The need for Integrity and Accountability in Physician Leadership and Health Care Policy.

Screen Shot 2014-11-09 at 12.26.14 PM

Good leadership requires correct moral and ethical behavior of both the individual and the organization. .  Integrity is necessary for establishing relationships of trust.  It requires a true heart and an honest soul.  People of integrity instinctively do the “right thing” in any and all circumstances.  The majority of doctors belong to this group.

Adherence to ethical codes of the profession is a universal obligation.  It excludes all exceptions.  Without ethical integrity, falsity will flourish.

The documents below show fraud. It is intentional.  All parties involved knew what they were doing, knew it was wrong but did it anyway.  The schism between pious rhetoric and reality is wide.

Screen Shot 2014-08-20 at 12.01.33 PM

The  July 19th, 2011 fax from PHS seen below is in reference to the lab report from USDTL seen above.  In it PHS requests the report be “updated”to donor ID number “1310” and  to “reflect that the chain of custody was maintained.”

The lab report is a positive test for the alcohol biomarker (Phosphatidyl Ethanol) or PEth, an alcohol biomarker introduced by the Federation of State Physician Health programs and marketed by USDTL and other labs to detect  covert alcohol use..

There is no record of where, when or by whom it was collected.

Screen Shot 2014-11-06 at 11.17.32 PMBoth the donor ID # and chain of custody are listed as 461430.

The purpose of chain-of-custody is to document the location of  a specimen in real time.  “Updating” it is not an option.  It is prohibited.  Updating the “chain of custody to reflect that chain of custody was maintained”  is a clear indicator that it was not maintained.

ID #1310 is the unique identifier I was issued by PHS.  It is used as a unique identifier, just like a name or social security number, to link me to any sample collected for random drug and alcohol screening. #1310 identifies me as me in the chain-of-custody.    On July 1st, 2011 I had a blood test collected at Quest Diagnostics.

IMG_8756 2

The sample was collected at Quest Diagnostics on July 1, 2011 but these documents were not obtained until December 3, 2011 and were included in the “litigation packet” which documents chain-of-custody and is generated on any and all forensic drug testing.   It provides proof that the test was done on who it was supposed to have been done and that all required procedure and protocol was followed. It protects the donor form being falsely accused of illicit substance use.  In most employee drug-testing programs the litigation-packet is provided on request immediately.  It is a transparent process.  This is not the case, however, at PHS.

I requested the litigation packet immediately after the positive test was reported on July 19, 2011.  PHS first refused, then tried to dissuade me.  They finally agreed but warned there would be “unintended consequences.    The entire litigation packet can be seen here:   Litigation Packet 12:3:2011

The positive sample has no chain-of-custody linked to me, no date, and no indication where it was collected or who collected it.   In addition there was no “external” chain of custody for the sample. The custody-and-control form was missing.

With multiple fatal flaws (6/6)  rendering it invalid, USDTL should have rejected it by their own written protocol.

Screen Shot 2013-12-19 at 12.20.46 PM

USDTL did not reject it. The document below shows that USDTL added my ID # 1310 and added a collection date of July 1, 2011–the day I submitted the sample.

Screen Shot 2014-09-15 at 5.27.21 AM

“REVISED REPORT PER CLIENTS REQUEST”  

And in doing so the lab that claims “integrity” and “strict chain of custody” readily, and with no apparent compunction” manufactured a chain-of-custody and added a unique identifier by faxed request.

The litigation packet was signed by Joseph Jones on December 3, 2011.   There was no record of where the sample was from July 1st to July 8, 2011. No external chain-of-custody or custody-and-control form was evident in the litigation packet.

Screen Shot 2014-07-28 at 6.50.01 PM

The V.P. for Laboratory operations for the lab that claims “strict chain of custody” and that “doesn’t skip steps” “when “peoples lives are on the line” verified a positive test as positive with no custody and control form, no external chain of custody and 6/6 fatal flaws.  What is so shocking is that  this was done without compunction or pause.  As a forensic test ordered by a monitoring program Jones knew full well it would result in significant consequences for someone.  He knew that someones “life was on the line,” knew it was wrong, and did it anyway.

A person of conscience would never do this.  It is unethical decision making  that goes agains professional and societal norms.  A “moral disengagement” that represents a lack of empathy and a callous disregard for others.  I would not consider doing something like this for any price and here it appears to be standard operating procedure.

PHS reported the positive test to the Medical Board on July 19, 2011 Positive PEth July 19, 2011-1.  It was used as a stepping-stone to request an evaluation at one of three  “PHP-approved” facilities (Marworth, Hazelden and Bradford). The Medical Directors of all three facilities can be seen on this list list called “Like-Minded Docs.”  The MRO for PHS, Dr.Wayne Gavryck,  whose job was to review the chain-of-custody and validate its integrity before reporting it as positive is also on the list.  See this simplified schematic of how it works in Massachusetts.  It shows how this is a rigged game.

Expecting to be diagnosed with a non-existent problem and admitted for non-needed treatment I requested an evaluation at a non-12 step facility with no conflicts-of-interest.  Both PHS and the Medical Board refused this request in one of four violations of the Establishment Clause of the 1st amendment.

Screen Shot 2014-07-27 at 7.55.16 PM copy

I chose Hazelden.  The Medical Director was aware that I had just signed  a patent license agreement for an epinephrine auto-injector and he had a child with a peanut allergy.  We talked about the device and discussed the problems with current management.  I think it was because of this added personal interaction that he did not “tailor my diagnosis” as PHS most certainly requested.  Seeing me as a person rather than an object, I believe,  enabled his conscience to reject it. My discharge diagnosis found no history of alcohol issues but they could not explain the positive test. Unable to rule out that I drank in violation of my PHS contract they recommended I attend AA.

PHS mandated that I attend 3 12-step meetings per week and requested that I obtain names and phone numbers of fellow attendees so they could contact them to verify my attendance.  They also mandated that I discontinue my asthma inhalers (as the propellant contains small amounts of ethanol) that had been controlling my asthma and preventing serious attacks for the previous ten years.  I was threatened that if I had to use the inhalers or one day late on the increased payments I would be reported to the Board and lose my license.

Screen Shot 2014-11-09 at 10.03.16 PM

Screen Shot 2014-11-08 at 11.57.25 PM

Sanchez states that my request for the “litigation packet” was processed on December 5, 2011 (two days after Jones signed off on it) and adds the “testing laboratory is willing to support the test results.”

In the interim I filed a complaint with the College of American Pathologists.  I also requested the missing external chain of custody documents from Quest.

Screen Shot 2014-08-20 at 12.15.52 PM

I never received the chain of custody from Quest.  Instead I received a letter from Nina Tobin, Compliance Manager for Quest documenting all the errors but written to sound as if some sort of protocol was maintained.  Tobin claimed the specimen was inadvertently logged as a clinical specimen but sent on to USDTL a week later.  (See Quest Letter )

Screen Shot 2014-11-09 at 10.06.46 PM

The Chief of Toxicology at MGH wrote a letter to the Board documenting all of the misconduct and irregularities stating that it was an “intentional act” perpetrated by PHS.  MLLv3finalJacob_Hafter_Esq_copy.

This letter, as well as the opinions of everyone outside of PHS was ignored. So too were any opinions of my two former Associate Directors at PHS.   The e-mail below dated October 10th, 2011 is to to Drs. John Knight and J. Wesley Boyd and I am referring to their article Ethical and Managerial Considerations Regarding State Physician Health Programs  that was about to be published. We had hoped that it would draw more attention to the problems with PHPs.

Screen Shot 2014-11-10 at 10.36.13 AM

I was subsequently reported as “non-compliant” with AA meetings.    They could not give any details of where or when.  They then misrepresented a declaration of fact (I stated that I had started going to a specific meeting on a specific date) as an admission of guilt by saying I was referring to a different meeting.     10:23:12 PHS Letter to BORM-noncompliance.

My Chief at MGH, his Chief and others held a  conference with PHS and attempted to remove me from PHS and replace the monitoring contract with one of their own.  They refused.   When confronted with the fabricated test they dismissed it and focused on sending me to Kansas to one of the “disruptive physician” Psikhuskas where they are using polygraphs (despite the AMAs stance that it is junk science) and non-validated neuropsychological instruments that detect “character defects” to pathologize the normal.

I refused. Had I gone to Kansas I would have been given a false diagnosis and my career would be over. This is what they do.

Screen Shot 2014-11-08 at 12.05.52 AM

Screen Shot 2014-09-05 at 7.28.02 PM

Amy Daniels, the investigator for the College of American Pathologists contacted me in December of 2012 to see how things were going since USDTL “amended” the test.  Daniels told me that the College of American Pathologists confirmed my allegations and, as an Accrediting Agency for Forensic Toxicology mandated that USDTL correct it.  (Labs can lose accreditation if they do not comply with CAP  Standards for Forensic Drug Testing). This was done on October 4, 2012.

PHS denied any knowledge of an amended test.  I also wrote an e-mail to Joseph Jones requesting the document but he did not reply.

I contacted CAP.   On December 11, 2012 Dr. Luis Sanchez wrote a letter stating  “Yesterday, December 10 2012, Physician Health Services (PHS) received a revision to a laboratory test result”

 “The amended report indicates that the external chain of custody protocol [for that sample] was not followed per standard protocol]” 

Sanchez dismisses this test as irrelevant, rationalizing neither PHS nor the Board based any actions on the test and they would “continue to disregard” it.

Screen Shot 2014-11-08 at 1.19.44 AM

The  logic is that it was my behavior that resulted in any consequences.  My “non-compliance” in October led to my suspension and the test had nothing to do with it.   The sole reason for reporting me to the Board in 2011 was the positive test.  There is no other pretext to use.  It is misattribution of blame as without the test, now invalidated, there would have been no AA meetings to say I was non-compliant with.

In response to a civil complaint PHS, Quest and USDTL all took the position that the results of the fraudulent testing had absolutely nothing to do with anything.

And in response to the allegations of forensic fraud the labs claimed there was no forensic fraud because this was not a “Forensic” test but a “clinical” test.     The argument was that “clinical” tests do not require chain-of-custody and it was his behavior not these tests that resulted in consequences.   

As a “clinical” test I knew it was considered Protected Health Information (PHI)  under theHIPAA-Privacy Rule.  A patient must give written consent for any outside entities to see it.  Obtaining lab tests previously required the consent of both the patient and the ordering provider.  What PHS and the labs were apparently unaware of was the changes to the HIPAA-Privacy rule giving patients increased rights to access their PHI.   The changes removed the ordering provider requirements.  A patient has a right to obtain lab test results directly from the labs and has 30 days to do it.  CAP agreed.   USDTL sent me all of the documents.  They can be seen below:

August 6, 2014 to Langan with health materials.

The documents sent by USDTL are notable for two things:

1.  The e-mail from me to Joseph Jones dated December 10, 2012.  It can be seen on page 22 of the USDTL documents.  Screen Shot 2014-11-10 at 11.21.18 AM

Screen Shot 2014-11-10 at 11.22.00 AM

2. USDTL document confirming PHS knew the test was amended 67-days before they said they did.Screen Shot 2014-08-06 at 4.50.02 PM

The document shows PHS and Sanchez were aware of the invalidity of the test on October 4, 2012.   Instead of correcting things they initiated machinations to throw me under the bus.  They officially reported me to the Board for non-compliance on October 19, 2012.

The December 11, 2012 letter signed by Sanchez states “Yesterday, December 10, 2012, PHS received a “revised report” regarding the test.  The documents show he knew about it 67-days prior.

Screen Shot 2014-11-04 at 10.51.24 PM

Although USDTL complied with the HIPAA-Privacy Rule and CAP, Quest did not.   Quest Diagnostics refused to send me copies of their lab reports claiming it was confidential and protected information that required PHS consent.  Quest required I sign a consent form with multiple stipulations regarding PHS.  I refused and contacted the Department of Justice -Office of Civil Rights.  The DOJ-OCR agreed with me and I received the Quest documents

Remember a “clinical” test can only be ordered by a physician in the course of medical treatment.  It requires authorization from the patient to obtain a “clinical” specimen and it requires written authorization as to who sees it.  Referring physician was Mary Howard.

image

And below is the fax from PHS to Quest from July 1, 2011 also requested by Mary Howard.  The signature on the front is not mine.  In addition I gave the blood at 9:30 and was in my clinic at MGH at 12:23 so it couldn’t be. The WC 461430 R are dated July 2, 2011.  This is a “clinical” not “forensic” sticker.  The “R” indicates a red top tube.  The other sticker is USDTL and indicates it was logged in on July 8, 2011.

Screen Shot 2014-09-15 at 7.18.25 PM

What does it all mean?    Blood left in a red top tube ferments. This is basic chemistry.  The PEth test needs to be refrigerated and shipped overnight to prevent this.  In addition it needs to be collected with a non-alcohol wipe in a tube that has an anti-coagulant or preservative so that it does not ferment.    It requires strict procedure and protocol.

When I gave my blood on July 1st, 2011 it was as a “forensic” test per my contractual agreement with PHS.

On July 2, 2011 it was changed to “clinical.”   Why?  because “forensic” protocol would have invalidated it.

The only conceivable reason for doing this was to bypass chain-of-custody procedures.  My unique identifier #1310 was removed and the clinical specimen number was used for chain-of-custody.    The R in 461430R indicates a red top tube.

By holding on to it for one week the blood fermented.    As it was July with an average temperature close to 90 they overshot their mark a bit.   My level of 365 is consistent with heavy alcohol use–end stage half-gallon a day type drinking.

Quest then forwarded it to USDTL with specific instructions to process it as a “clinical” sample.  USDTL complied and  processed it as a clinical specimen which was reported it to PHS on July 14, 2011.

Screen Shot 2014-07-28 at 12.41.01 PM

PHS then asked USDTL to add my forensic  ID # 1310 and add a collection date of July 1, 2011 so it would appear “forensic” protocol was followed.    The reason Jones signed the “litigation packet” on December 3, 2011 was because that was when the “litigation packet” was manufactured.  A “clinical” sample does not produce one.

Screen Shot 2014-07-28 at 12.40.13 PM

USDTL willingly complied with this request.

Screen Shot 2014-08-20 at 11.59.24 AM

PHS then reported this as a “forensic” test to the Medical Board on July 19, 2011 and requested a reevaluation.

Screen Shot 2014-11-09 at 1.17.24 PM

The distinction between “forensic” and “clinical” drug and alcohol testing is black and white. PHS is a monitoring program not a treatment provider. The fact that a monitoring agency with an MRO asked the lab to process and report it as a clinical sample and then used it forensically is an extreme outlier in terms of forensic fraud. The fact that they collected it forensically, removed the forensic components and let it sit in a warehouse for a week is  abhorrent.  The fact they then specifically requested it be processed as a clinical sample deepens the malice. The fact that they then reported it to the Board as a forensic sample and maintained it was forensic up until just recently makes it egregious. But the fact that the test was changed from “positive” to “invalid” on October 4th, 2012 and they then reported me to the Board on October 8th,  2012 for “noncompliance,” suppressed it and tried to send me to Kansas where I would be given a non-existent diagnosis to delegitimize me for damage control makes it wantonly egregious.  This is political abuse of psychiatry.

Accountability requires both the provision of information and justification of what was done.

For doctors it is very difficult to obtain the information. As seen here, they put up a gauntlet to prevent the provision of what is immediate in all other drug testing programs.  I now have all of the information. What it shows is clear. This was intentional.  It was no accident.  They knew what they were doing, knew it was wrong but did it anyway.

Accountability also requires that those who commit misconduct suffer consequences. The PHPs have also put up barriers to this.    With no regulation or oversight they have no apparent accountability.

My understanding is that it works this way.   The Medical Board, Medical Society and Departments of Public Health have no oversight.   The MMS has an ethics committee but all they can do is “educate” the person if they feel there was a violation.  The DPH won’t even look at it and the Board is complicit.

My understanding is that they have convinced law enforcement that this is a “parochial” issue that is best kept within the medical community.  They have also created the impression that they are “friends” of law enforcement.  I have heard from many doctors that they have tried to report misconduct, civil rights violations and crimes to the police, AGO, and other law enforcement agencies only to be turned back over to the PHP.     By saying the physician is “impaired” it delegitimizes and invalidates the truth.  “He’s just a sick doctor,  we’ll take care of him.”  That physician then suffers consequences effectively silencing the rest.

PHS uses the Board to enforce punitive measures and temporize.   The Board puts blind faith in PHS.  Blind faith that defies common sense ( mandating phone numbers at anonymous meetings)  and disregards the law (Establishment Clause violations that are clear and well established).    The Board also temporizes to cause damage.

In my case they required a psychiatric behavioral evaluation.  I was given the choice of Kansas and a few other Like-minded assessment centers.

After petitioning for  multiple qualified psychiatrists that were summarily rejected months later for no reason one of the Board Attorneys suggested  Dr. Patricia Recupero, M.D., J.D. who is Board Certified in Forensic Psychiatry and Addiction Psychiatry.   The Board had used her in the past but not recently.  Seeing that she had been used by the Board for fit-for-duty evaluations in the past the Board accepted my petition.

Dr. Recupero wrote an 87-page report. She concluded I was safe to practice medicine without supervision, that I had never had an alcohol use, abuse or dependence problem, and that PHS request for phone numbers was inappropriate. She also documented PHS misconduct throughout my contract and concluded it was PHS actions, not mine, that led to my suspension.   What she describes is consistent with criminal harassment.  She documents the falsification of neuropsychological tests and confirms the forensic fraud.  What did the Board do?  Ignored their very own recommended and approved evaluator.

One measure of integrity is truthfulness to words and deeds.  These people claim professionalism, ethics and integrity.  The documents show otherwise.  The careers and lives of doctors are in these peoples hands.

Similar fraud is occurring across the country.  This is an example of the institutional injustice that is killing physicians.  Finding themselves entrapped with no way out, helpless and hopeless they are feeling themselves bereft of any shade of  justice and killing themselves.  These are nothing more than bullies and accountability is essential.  The “disruptive physician” moral panic has harmed the Medical Profession.

Dr. Clive Body in his book  Corporate Psychopaths   writes that “Unethical leaders create unethical followers, which in turn create unethical companies and society suffers as a result.”  And according to Dr. Robert Hare in  Without Conscience  “If we can’t spot them, we are doomed to be their victims, both as individuals and as a society. ”

Wes Boyd notes that valid complaints from physicians are often dismissed as “bellyaching” by the PHPs.  Complacent that these are just good guys helping doctors and protecting the public the complaints are dismissed, tabled, deflected or otherwise ignored.  Bellyaching??   Is this bellyaching.

It is my opinion that what you see here is indefensible  Procedurally, Ethically, and Legally.

Procedurally it goes beyond negligence and represents fraud.  It violates every procedural guideline, regulation and standard of care including their very own.

Ethically it violates everything from the Hippocratic Oath to  AMA Medical Ethics to the MRO Code of Conduct.

And where was PHS MRO Wayne Gavryck? By my count he violated at least 4 of the 6 Codes of Ethical Conduct.

Screen Shot 2014-11-10 at 1.04.20 PM

What was done here violates the most fundamental ethical principles of Medicine -Autonomy, Beneficence, Nonmaleficence and justice.

Intentionally falsifying a laboratory or diagnostic test to refer for an evaluation or support a diagnosis or give unwarranted “treatment” is unconscionable.  Abuse under the utility of  medical coloration is especially egregious.

The information provided herein should negate any “peer-review” protection or immunity afforded PHS as it is undeniably and egregiously in “bad faith.” Moreover, the ordering a “clinical” test is outside PHS scope, practice, and function of PHS. According to M.G.L. c. 111, § 203 (c):

An individual or institution, including a licensed or public hospital, physician credentialing verification service operated by a society or organization of medical professionals for the purpose of providing credentialing information to health care entities, or licensed nursing home reporting, providing information, opinion, counsel or services to a medical peer review committee, or participation in the procedures required by this section, shall not be liable in a suit for damages by reason of having furnished such information, opinion, counsel or services or by reason of such participation, provided, that such individual or institution acted in good faith and with a reasonable belief that said actions were warranted in connection with or in furtherance of the function of said committee or the procedures required by this section.

Dr. Luis Sanchez and Dr. Wayne Gavryck need to be held to the same professional standards as the rest of us.

If you can support either of them procedurally, ethically, or legally, any one of them, then I will turn in my medical license with a bow on it.  If they did not commit negligent fraud by standards of care and procedural guidelines, egregious moral disengagement in violation of ALL ethical codes for the medical profession and society and break the law then disprove me.  Just one will do.

But you can’t do this then I ask that you speak up and take a stand. Either defend them or help me hold them accountable.  If a crime is committed it needs to be addressed.  Ignoring encourages more of the same.

And if this cannot be supported procedurally, ethically or legally then I want to know what is going to be done about it?

How low does the moral compass have to go before someone takes action?

Doctors are dying across the country because of people just like this.  They have set up a scaffold that removes the usual checks and balances and removed accountability.   It is this institutional justice that is driving many doctors to suicide.

So the evidence is above.  Either defend them or help me draw unwanted attention to this culture of bullying and abuse. So I am asking you to contemplate if  what you see here is ethically, procedurally or legally sound.   If you can show just one of these then I stand corrected. But if you cannot justify this on any level then I want you to help me expose this criminal enterprise. Either defend it or fight it. Silence and obfuscation are not acceptable.

Screen Shot 2014-11-10 at 1.34.48 PM

Screen Shot 2014-11-10 at 1.36.13 PM

Screen Shot 2014-11-10 at 10.24.58 AM

Screen Shot 2013-09-04 at 2.22.36 AM

Screen Shot 2014-11-10 at 9.15.46 PMScreen Shot 2014-11-10 at 9.23.36 PMScreen Shot 2014-11-10 at 9.19.08 PMScreen Shot 2014-11-10 at 8.54.21 PMget-attachment.aspx

Screen Shot 2013-09-04 at 2.21.51 AM

Screen Shot 2014-11-07 at 8.02.36 PM

Screen Shot 2014-11-07 at 7.35.18 PM

Disrupted Physician

Press Release | Forensic Science Misconduct: A Dark and Cautionary Tale | @csidds.

capture11

Originally posted on FORENSICS in FOCUS @ CSIDDS | News and Trends:

mbAPphoto

Don’t expect a “whodunnit” version of CSI victories in this Op-ed blog article about a darker side of the forensic sciences. It is from an author with ample forensic credentials and experience from both within and outside criminal courts of the US. The article has topics ranging from the continued use of outdated or grossly over hyped “CSI” methods, ethical and moral failures in some forensic groups, to the criminal courts inability to understand much of anything about what is “real ” versus self-serving personal opinion called “science.” A measure of proof confirming these systemic problems is the article’s presenting a glimpse into the multi-million dollar costs to taxpayers for damages won by those wrongfully convicted with the help of court-qualified forensic testimony…

View original post 33 more words

The validation of the polygraph examination in forensic psychiatry

An interesting abstract to establish the validity of the use of lie detection techniques when establishing insanity.

Access the full site here.

 INTRODUCTION

There is increasing demand for psychiatric expert testimony in criminal proceedings. A person is responsible for his actions unless he is subject to the penal code, Section 34 h, insanity. Mental illness is not sufficient to determine insanity; it must be proven that the patient did not understand what he had done, did not comprehend the inappropriateness of his actions: or could not have avoided performing the deed. Opponents argue that the expert testimony is not scientific and not professional and alternatively that the mentally ill avoid responsibility even when there is no connection between the illness and the offence.

OBJECTIVES

The polygraph examination is an important instrument for confirming credibility of the testimony but it has not yet been investigated in the field of forensic psychiatry.

AIMS

To examine the validity of a polygraph examination in psychotic patients. To compare polygraph tests with psychiatric examinations.

METHODS

Patients were tested with a polygraph examination on there misjudged psychotic behaviour.

RESULTS

24 patients signed a consent form, but not all eventually participated. All patients received anti-psychotic medications. In general valid polygraph examination can be performed to patients with the psychotic illnesses (i.e. schizophrenia). Agitated or cognitive deprived patients tests were not reliable. The psychiatric examinations or the expert testimonies were in accord with the polygraph examination.

CONCLUSIONS

Preliminary data indicate that polygraph examinations are valid in patients with the psychotic illnesses. But not in agitated or cognitive deprived patients. Expert testimonies were found reliable in determining insanity.

 CAPTAIN PSYCHLITE

Psychlite

An interesting abstract to establish the validity of the use of lie detection techniques when establishing insanity.

Access the full site here.

 Introduction

There is increasing demand for psychiatric expert testimony in criminal proceedings. A person is responsible for his actions unless he is subject to the penal code, Section 34 h, insanity. Mental illness is not sufficient to determine insanity; it must be proven that the patient did not understand what he had done, did not comprehend the inappropriateness of his actions: or could not have avoided performing the deed. Opponents argue that the expert testimony is not scientific and not professional and alternatively that the mentally ill avoid responsibility even when there is no connection between the illness and the offence.

Objectives

The polygraph examination is an important instrument for confirming credibility of the testimony but it has not yet been investigated in the field of forensic psychiatry.

Aims

View original post 118 more words