The answer d is correct. Answer a is wrong because employees must be informed of the monitoring if it is to be legal; Answer B is wrong because employees do not have to agree with the policy. and answer C is wrong because the results of the monitoring can be used against the employee if company policy is violated. Answer b is correct. The answer a is a client of distraction and is not part of the prudent person rule. The answer c is incorrect because there can be no guarantee that security breaches will never happen. The answer d is false because the prudent man rule does not refer to a particular standard of government, but to what other prudent people would do. To be admissible in court, the evidence must meet certain strict requirements. Evidence must be relevant, legally authorised, reliable, properly identified and properly stored. The main points of these requirements are: ethics deals with standards of conduct and considerations about what is “right” and what is “wrong”. It is difficult to establish strict ethical rules because definitions of ethical behavior are based on an individual`s experience, background, nationality, religious beliefs, culture, family values, etc.
To investigate the investigation of computer crime, it is useful to examine the motivations for committing computer crime. The main reasons are financial gain, revenge, ego or attention. The working method or modus operandi of computer criminals is aimed at creating a high probability of success of the criminal act, protecting their identity and improving their possibilities of escape. Below is a summary of the laws, regulations and guidelines that list the requirements for the protection of computer information: In a related area, the United States and many other countries have signed the Council of Europe Convention on Cybercrime. In the United States, participation in the Convention must be ratified by the Senate. Essentially, the convention requires signatory states to spy on their own residents, even if the monitored action is illegal in the country where the surveillance takes place. There are many types of legal systems in the world, and they differ in the way they handle evidence, the rights of the accused, and the role of the judiciary. Examples of these different legal systems are customary law, Islamic and other religious law, and civil law.
The common law system is used in the United States, the United Kingdom, Australia and Canada. Civil law systems are used in France, Germany and Quebec, to name a few. There are many problems associated with conducting an investigation into suspected computer crime. For example, in a business environment, an investigation should involve management, company security, human resources, legal departments, and other appropriate employees. The act of investigation can also affect critical operations. For example, it can trick a suspect into retaliating, which can compromise data, lead to a DoS, generate negative publicity, or reveal individual privacy issues. Therefore, it is important to create a plan in advance on how to deal with reports of suspected computer crimes. Prior to that, an appropriate staff committee should be established to address the following issues: The Computer Crime and Intellectual Property Division (CCIPS) of the United States Department of Justice (DOJ) has published Searching and Seusing Computers and Getting Evidence in Criminal Investigations (January 2001). The introduction to the document states: “This publication provides comprehensive guidance on the legal issues that arise when federal law enforcement officers search and seize computers and receive electronic evidence in the course of criminal investigations.
Topics include the application of the Fourth Amendment to computers and the Internet, the Electronic Communications and Data Protection Act, the protection of privacy in the workplace, the Electronic Surveillance Act and the security of evidence for information systems. The document also cites the following U.S. codes regarding the search and seizure of computers: The collection, control, storage, and preservation of evidence is extremely critical in any judicial investigation. The main types of computer evidence are computer printouts, plotter outputs, screens, and magnetic or optical memories. Since evidence involved in a computer crime can be unimportant and subject to simple changes and without traceability, evidence must be carefully manipulated and controlled throughout its lifecycle. In particular, there is a chain of evidence that must be tracked and protected. Here are the main components of this chain of evidence: So, if law enforcement is called too soon when a computer crime is suspected, law enforcement agencies will be bound by a higher standard than employees of the organization in terms of research and evidence gathering. However, there is a greater likelihood that all evidence obtained will be admissible in court because law enforcement personnel are trained to maintain the chain of evidence. As mentioned earlier, the dissemination of information and the corresponding publicity will also be beyond the control of the organization when the investigation is entrusted to law enforcement.
Conversely, if law enforcement agencies are called in too late to investigate a possible computer crime, poor management of the investigation and evidence by untrained organizational staff can reduce or eliminate the chances of successful prosecutions. If the investigation is conducted internally, the suspect should be questioned for information and to determine who committed the crime. This investigation must be planned in advance and experts must be called upon to conduct the interview. Obviously, the suspect is alerted when he is scheduled for questioning, and a common mistake in setting up and conducting the interview is providing too much information to the suspect. With this information, the suspect may try to alter additional evidence, leave the scene, or warn other co-conspirators. During the interrogation, the relevant information relating to the offence must be obtained and the questions must be written beforehand. In order to avoid the possible destruction of critical information by the suspect, the original documents should not be used to conduct the interrogation […].
