Online Searches and Online Surveillance: The Use of Trojans and Other Types of Malware as Means of Obtaining Evidence in Criminal Proceedings 13 Digital Evidence and Electronic Signature Law Review 2016

13 Digital Evidence & Elec. Signature L. Rev. 88 (2016)
Online Searches and Online Surveillance: The Use of Trojans and Other Types of Malware as Means of Obtaining Evidence in Criminal Proceedings

handle is hein.journals/digiteeslr13 and id is 88 raw text is:

Introduction

The development of criminal procedure is determined
by the options made by the legislator in the constant
conflict between two of the State's constitutional
obligations: on the one hand, the obligation to
promote internal security and increase the
effectiveness in the prosecution of crimes as a means
of defending the State's institutions; on the other
hand, the obligation to safeguard the citizens'
fundamental rights against disproportionate
restrictions as a means of protecting justice and
freedom. The reconciliation of these conflicting
interests is not a matter of seeking balance between
them, as much as it is an option of policy to give
priority to one over the other in certain circumstances
and within specific constitutional limits. The factors
that guide the policy include, but are not limited to,
the seriousness of the crimes under investigation, the
means used to perpetrate them, and the difficulty in
collecting evidence.
In recent years, the rapid evolution and dissemination
of technology and its misuse by organized crime in
order to frustrate criminal investigations has led to a
growing prevalence of the first of the
abovementioned obligations over the latter, thus
justifying the repeated emergence of new and more
invasive tools for obtaining evidence. These tools
usually emerge in one of three ways: (i) either they
are used by law enforcement without a legal basis, (ii)
or they are legally framed in provisions meant for
different tools for obtaining evidence, (iii) or they are
subject to specific legislation.
This has been the case for the use of malware by law
enforcement. It has been established that this is a tool
of unparalleled effectiveness in facing the -
sometimes insurmountable - effects of anti-forensic
measures apt to hide, alter, destroy or render
impossible to obtain evidence of serious crimes. It has
also been established that the use of this technology
by law enforcement is spreading across different

countries, including in Europe. The debate should now
focus on the terms in which it may be constitutionally
viable and on the need to correctly legislate on this
matter, in order to prevent its illegal and
disproportionate use.

Malware

Malware is short for malicious software and it may be
briefly described as a 'a simple or self-replicating
program, which discreetly installs itself in a data
processing system, without the users' knowledge or
consent, with a view to either endangering data
confidentiality, data integrity and system availability
or making sure that the users are framed for a
computer crime'.' In broad terms, it includes all kinds
of software installed surreptitiously by third parties on
a computer system, which can be used to somehow
compromise its functions, circumvent its access
controls, be detrimental to its user or to the infected
computer system, monitor the user's activity or
appropriate, corrupt, delete and change computer
data.
When referring to the use of such software in criminal
investigations, the doctrine usually refers only to
Trojan horses or simply trojans. However, trojans
represent just one of many types of malware which
may be used in criminal investigations in the digital
environment, alongside, among others, logic bombs,
spyware, rootkits, viruses, worms or even the
increasingly common blended threats, which include
more than one type of malware.
Starting with the most used concept, Trojan horses,
we can seek to define them as a type of malware that
appears to be harmless and deceives the user in order
to stimulate an active conduct that will result in its
installation on the target computer system.2 This

1 Eric Filiol, Computer Viruses: from theory to application (Springer,
2005), p. 86.
2 This is often provoked by different ways of social engineering,
designed to exploit 'vulnerabilities in human beings, which are also a

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License I 88

This work is licensed under a Creative Commons Attribution -Noncom mencial- NoDerivs 3.0 Unported License

I188

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

What Is HeinOnline?

Purchase Access

Contact Us

Log In

NEED HELP?

CONTACT US

Get started

Subscribe to our Newsletter