Expert Witness Journal Issue 63 October 2025 - Flipbook - Page 96
Table: Core Instruments and Standards (At-a-Glance)
Instrument/Standard
Scope
Relevance to Digital Evidence
Forensic Science Regulator Act
2021 & FSR Code (2023–)
Statutory regulator & quality code
for forensic activities
Sets quality/validation/
accreditation expectations;
declarations of compliance
Criminal Procedure Rules Part
19 & Criminal Practice Directions
2023
Procedure for expert evidence
Expert duties, report content,
declarations, case management
CPIA 1996 & Code of Practice; AG’s
Disclosure Guidelines (2024)
Disclosure of unused material
Digital disclosure strategy,
schedules, reasonable lines of
enquiry
ISO/IEC 27037
Guidelines for identi昀椀cation,
collection, acquisition and
preservation
Foundational handling principles
across device types
BS 10008:2020
Evidential weight and legal
admissibility of ESI
Controls for authenticity and
integrity of electronic records
NIST SP 800‑101r1; CFTT
Mobile device forensics & tool
testing
Acquisition/examination
guidance; limitations; validation
inputs
legal tests and documentary outputs (e.g., continuity
logs, decision records, expert reports, schedules of
unused material).
6. Options and Evaluation
Where non‑compliance arises (e.g., a laboratory
process lacks accreditation or a report departs from the
Code), courts may still admit the evidence but adjust
weight and require additional safeguards: disclosure
of validation data; agreement of a single joint expert;
or limiting the scope of opinion. Prosecutors should
assess reliability case‑by‑case rather than re昀氀exively
rejecting non‑compliant evidence, while ensuring
transparency about risks and mitigations.
5. Findings and Analysis
Admissibility is rarely the hurdle; reliability and
weight are. UK law generally adopts a permissive
stance on admissibility, provided evidence is relevant
and not unfairly prejudicial. For expert opinion and
scienti昀椀c evidence, CrimPR 19 and the CPD 2023
require explicit statements of methodology, data relied
upon, uncertainties, limitations, and compliance with
applicable codes. The FSR Code adds a quality‑system
lens: accreditation where required, documented
validation, competence, impartiality, and explicit
declaration of compliance or reasoned departures.
Case Studies & Scenarios
The following short, anonymised scenarios are
designed to help general readers understand how
the legal and scienti昀椀c rules in Sections 2–6 apply
in practice. The situations map closely to real‑world
issues encountered in England and Wales. Each
scenario 昀氀ags the relevant rules and standards and
ends with plain‑language takeaways.
Chain of custody is a process, not a form. Continuity
is demonstrated through contemporaneous records:
who did what, when, why, and with what e昀昀ect on the
item or data. Good practice includes unique identi昀椀ers,
tamper-evident packaging or logical seals (cryptographic
hashes), auditable access controls, and versioned case notes.
Case Study 1 — Mobile extraction challenged for
lack of validation
Facts: A burglary suspect’s Android handset is imaged
using a commercial tool. The resulting report includes
parsed chat threads and a timeline. Defence argues the
chat parser is a new version not validated by the unit.
Issues: Reliability of the method (tool/version
validation), expert’s duty to state uncertainties, and
weight of evidence.
What the court considered: The expert’s declaration
under CrimPR Part 19/CPD 2023 and whether the
provider complied with the **FSR Code** (validation
and competence). The prosecutor disclosed available
validation data and version‑change logs and invited
defence questions.
Outcome: Evidence admitted; judge treated message
timestamps with caution until the expert produced
spot‑checks against handset artefacts (SQLite) and
server exports. Weight ultimately reduced on marginal
items.
Why this matters: Tools evolve quickly. Providers must
validate methods locally and explain any limits. Courts
rarely exclude wholesale; they adjust how much trust to
place in particular 昀椀ndings.
Tool and method validation is central to reliability.
Whether imaging a smartphone or parsing an
application database, validation must show the method
is 昀椀t for its intended use, with known error rates and
limitations. That includes updates when tools change;
open‑source and commercial tools alike require local
validation against ground‑truth datasets, not just
vendor claims.
Scope and proportionality require defensible
decisions. Especially for third‑party and victim data,
investigators and lawyers must document why a device
is examined, what is examined on it, and why narrower,
less intrusive avenues were not su昀케cient.
Disclosure in the digital age depends on early strategy.
Prosecutors and investigators should agree digital
strategies at the outset: device attribution, triage
criteria, search terms, technology aids, and schedules
that capture relevant but unused material. Defence
should be invited to particularise reasonable lines of
enquiry.
EXPERT WITNESS JOURNAL
94
OCTOBER/NOVEMBER 2025
