Detecting cyber crimes that are occurring with great rapidity is a supreme challenge for law enforcement agencies around the world. In the manner that in the real world the best way of detecting involvement of an individual in a crime is if fingerprints are obtained at the scene of crime. No two persons in the entire world have similar fingerprints – they are unique and that is a scientific fact. Hence fingerprints provide the most concrete proof regarding the guilt of an offender in this the real world.
Similarly in the virtual world, the best and surest means of getting to an offender is to detect the Digital Footprints of the user concerned. Simply defined Digital Footprints are – “Digital Data that is left behind by a user each time he accesses and uses the digital space”. The Digital Footprints are also unique to each and every individual user and hence are the best tool for detection and investigation of cyber crime. The collection and identification of Digital Footprints is also a highly technology based art.
Digital Footprints can be collected by recovering Data of the user. The best place to recover and analyze this data is the Hard Drive of the Desktop or Laptop of the user. In case of Smart Phones it is the Solid State Drive or the HD card. Once this is in possession of the security agencies they can easily analyze and recover all useful data by using appropriate software and tools and can thus get at the Digital Footprints. This is a much easier and faster method of recovery of digital footprints.
In case that the Hard Drive or HD card of the user is not in the possession of the security agency, and this may be often the case when the offender is not identifiable, then the Digital Footprints are identified using the IP Address of the user concerned. IP Address is the Internet Protocol Address and it is assigned to an individual user as soon as he connects to the internet. Then as soon as we connect to the internet we also connect to a server – like FaceBook server, Google Server, Yahoo Server, Gmail Server etc. The logs of the activity of the user, based on the IP address assigned, are maintained by each of these and all other servers. The IP Address of each individual user at a particular point of time is also unique and hence the exact user can be identified and his Footprints isolated and used for investigative purposes. Thus through the Hard Drive analysis or through IP address tracing, the digital footprints of a user can be easily, surely & definitely identified.
Another interesting fact about these footprints is – that they cannot be hidden, cannot be masked, cannot be changed and cannot be even modified. Once made they remain intact over time and space. This fact ensures that a user cannot in any way influence or suppress the footprints that he has made in the digital space by any means.
Digital Footprints cannot be hidden or altered because deleting data is not destroying data and deleted data can be recovered via software. In addition formatting and fragmenting disc also does not destroy existing data but only rearranges the data and existing data can be easily recovered. Even if the user uses data eraser programs like secure wipe etc, data is still recoverable. Even if the user breaks or burns the hard drive – existing data is recoverable if small pieces of the drive are recovered. This is because data is stored in tracks and when pieces of the drive are recovered – parts of many files can be recovered and then they can be merged together to get substantial portions of the file and hence the digital footprints can be obtained rather accurately. The “smart” crook of today’s cyber space has come up with a number of tools like Proxy Servers, Firewalls, TOR networks, Multiple IP’s to mask his footprints – but as the means of crime commission improve so do the means of their prevention. Thus today even the above mentioned gizmos cannot ensure that the Digital Footprints created can go undetected. Thus the effort of all users should be to make the best possible digital footprints – one that will never land the user in any sort of problem. This fact will prevent a user and citizen from making a mistake by mistake, as that is still a mistake and the citizen is liable to prosecution under the law of the land. [Views expressed in the column are of the author himself]
(Varun Kapoor is ADG Narcotics & PRTS Indore, MP)