Digital Evidence and Best Evidence Rule Legal-Technological Approach headed for Digital Evidence Admissibility Review

Azhari Abdelrhman Mohammed


Computer forensic whizzes do their utmost to employ effective tools and methodologies to
extract and analyze data from storage devices used at the digital crime scene to acquire and be able to
present admissible evidence in court. This paper is an attempt and a trial to highlight the areas of
discussions and critical review of the available guidelines used to achieve successful computer crime
investigation that is compatible with best evidence rule. The enforcement of information laws is a step in
the right direction towards a knowledge-based well established cyber security, however having laws alone
isn’t enough for carrying out valid and effective confrontation against cyber criminals. Consequently this
paper studies the common factors and elements in the computer crime case with focus on best evidence
rule and suitable road map process of Digital Forensic Investigation Framework (DFIF) to maintain a
close cooperation between parties through effective use of legal concepts and technology. The paper
discusses the main challenges and basics needed to be handled, and observed closely to grasp a successful
prosecution of a cybercriminal. Basically, the paper deliberates and reviews deferent investigation
frameworks of cybercrime with emphasis on the most prominent frameworks, legal requirements,
technological, and technical practices needed over and done with studying cybercrime categories, rules of
evidence in court, employing historical critical literature review and the study of restrictions imposed over
admissibility of digital evidence.


Cybercrime, investigation framework, digital forensic, evidence, Storage Device, Data Recovery

Full Text: