LEGAL ISSUES OF AUTHENTICATING DIGITAL EVIDENCE IN CYBERCRIME INVESTIGATIONS: FOREIGN EXPERIENCE AND NATIONAL PRACTICE
DOI:
https://doi.org/10.47390/ydif-y2026v2i10/n13Keywords:
digital evidence, authentication, cybercrime, chain of custody, forensic imaging, hashing, Daubert standard, Budapest Convention.Abstract
This article examines the legal and forensic problems of authenticating digital evidence in cybercrime investigations through a comparative legal analysis. The study compares the Federal Rules of Evidence, the Daubert and Frye standards, European approaches to electronic evidence, the procedural framework of the Budapest Convention and the national practice of Uzbekistan. Authentication is considered not as a single technical act, but as a continuous procedural and technical process aimed at proving the source, integrity, unchanged condition and relevance of digital evidence to the criminal event. The article analyzes the risks of manipulation, the difficulty of comparing volatile data such as RAM with an original source, errors arising from forensic tools and the problem of attributing digital activity to a specific person. The article concludes that Uzbekistan needs a unified methodological standard for authenticating digital evidence and a stronger practical use of hashing, forensic imaging and chain of custody mechanisms.
References
1. Ballou, S. (ed.). Electronic Crime Scene Investigation: A Guide for First Responders. 2nd ed. Washington, D.C.: U.S. Department of Justice / NIJ, 2008. P. 29.
2. Black’s Law Dictionary. 11th ed. St. Paul: Thomson Reuters, 2019. P. 154.
3. Casey, E. Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet. 3rd ed. Amsterdam: Academic Press / Elsevier, 2011. Pp. 47–53.
4. Council of Europe. Convention on Cybercrime (ETS No. 185). Budapest, 23 November 2001. Articles 7, 14–19.
5. Council of Europe. Explanatory Report to the Convention on Cybercrime. Strasbourg: Council of Europe, 2001. Paras. 155–170, 177–186.
6. Daubert v. Merrell Dow Pharmaceuticals, Inc., 509 U.S. 579 (1993).
7. Federal Rules of Evidence. Rules 901, 902. Legal Information Institute, Cornell Law School, 2024. URL: https://www.law.cornell.edu/rules/fre.
8. Frye v. United States, 293 F. 1013 (D.C. Cir. 1923).
9. Garfinkel, S. Digital Forensics Research: The Next 10 Years. Digital Investigation, 2010, Vol. 7 (Suppl.). Pp. S64–S73.
10. Grimm, P. W., Capra, D. J., Joseph, G. P. Authenticating Digital Evidence. Baylor Law Review, 2017, Vol. 69, No. 1. Pp. 1–58.
11. ISO/IEC 27037:2012. Information Technology — Security Techniques — Guidelines for Identification, Collection, Acquisition and Preservation of Digital Evidence. Geneva: ISO, 2012.
12. Kerr, O. S. Searches and Seizures in a Digital World. Harvard Law Review, 2005, Vol. 119, No. 2. Pp. 531–585.
13. Mason, S. (ed.). Electronic Evidence. 4th ed. London: LexisNexis, 2017. Pp. 112–115.
14. O‘zbekiston Respublikasi Jinoyat-protsessual kodeksi. 204¹–204²-moddalar.
15. Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for Electronic Evidence in Criminal Proceedings. OJ L 191, 28.7.2023. Pp. 118–178.
16. Roth, A. Machine Testimony. Yale Law Journal, 2017, Vol. 126, No. 6. Pp. 1972–2043.
17. Stallings, W. Cryptography and Network Security: Principles and Practice. 7th ed. Hoboken: Pearson, 2017. Pp. 354–358.
18. Wang, X. et al. How to Break MD5 and Other Hash Functions. Advances in Cryptology – EUROCRYPT 2005. LNCS 3494. Berlin: Springer, 2005. Pp. 19–35.
This work is licensed under a 