Computers, Court, and Fingerprints

Degrees writes "Should Law Enforcement be allowed to Photoshop fingerprints? That is the question posed in this article in the South Florida Sun-Sentinel. The suspect is charged with murder, and the evidence was circumstantial before the fingerprint enhancment. At the end, the crime scene investigators say they want encrypted cameras. The implication is they want DRM-enabled digital cameras with software for full audit-trail capability. Would that make the Photoshoping more credible? Would DRM cameras be a good thing for Joe Citizen?"

"Enhanced" evidence

[russotto]

They've tried this with audio before, notably in the Waco cases. The court rejected it then. Hopefully they will keep rejecting it. Such digital enhancement might be useful for getting leads, but the result isn't evidence; it's just a computer-assisted guess.

Re:"Enhanced" evidence

[Planesdragon]

Hmm, you can't really use it to get leads either. Any evidence that comes from inadmissable evidence is inadmissable itself.

I believe that you're wrong.

If you're given an anonymous tip, or someone takes a lie dectector test, you can't use these as evidence--but you CAN use them to get evidence.

Anything that comes from ILLEGAL police procedure is tainted. Not just inadmissable evidence.

Re:"Enhanced" evidence

[CaseyB]

Such digital enhancement might be useful for getting leads, but the result isn't evidence; it's just a computer-assisted guess.

Applying, say, a contrast filter to a digital image to bring out details is no different from the subjective treatment that a conventional photograph gets when developed in a darkroom.

I imagine that the various tests that forensic scientists perform are rigorously standardized. There's no reason that digital processes couldn't be similarly regulated. I supposed what is called for is the certification of "official" digital filters, that are analyzed and confirmed to manipulate the image in an "unbiased" fashion.

Re:"Enhanced" evidence

[Alsee]

but the result isn't evidence; it's just a computer-assisted guess.

It seems real simple to me. Give someone the evidence to enhance all they want in absolutely any manner they like. Just don't give the person doing it a copy of the suspect's fingerprint, image, voiceprint, whatever.

If the result matches the suspect and does not match anybody else then it sounds like solid evidence to me. There is no way you can photoshop someone's fingerprint into an image if you don't know what his fingerprint looks like.

Even better make it a seperate person who checks for a match. Even better give that seperate person a dozen random fingerprints and don't tell him which one is the suspect's. If he says there is a definite match AND he says it to the print that happens to be the suspect then you have a pretty damn bulletproof system. It would be pretty serious event if the expert ever reported a "definite match" to one of the extra random prints he's given.

At that point I don't care if the image was "enhanced" by a chimpanzee twiddling an etch-a-sketch.

-

NO WAY

[QuantumRiff]

I don't want them tracing those nude pictures of my 17 year old girlfriend back to me... I prefer to just put them out on gnutella for all to see anonymously! ;)

THis does absolutely nothing

[Anonymous+Butthead]

Wait... so they can crack the encryption?
Nothing is flawless, any form of encryption can be cracked.... all you need is time.

It would give the community a false sense of security. Just becasue id has DRm doesn't mean anything. Evidence should not be tampered with.... PERIOD

Re:THis does absolutely nothing

[outlier]

I think what they're actually talking about is digitally signing the original or computing some type of checksum to maintain an auditable chain of custody and to track versions of the data.

So, ideally, an officer takes a photo and it is automatically digitally signed in some form of read only storage. The image and the signature are then transferred to an electronic "vault." Any 'enhancements' would also be signed and stored in the vault. When the case goes to court, the defense is given access to all versions of the picture, and all the images are matched with their signatures to ensure that they haven't been tampered with. This way, the defense can have their own experts evaluate the 'enhancements' that the police made.

In this scenario, you never deal with concerns that encrypted images may be decrypted. You have to have confidence in the vault -- I'm guessing that a physically secured, tamper evident device with easily auditable features could be implemented (e.g, in the same manner as the FBI carnivore machines are secured at ISP sites).

I saw this on tv

[LennyDotCom]

I saw this on the discovery channnel I think they showed how all the cop did was enhance the image with photoshop. All he did was apply a custum filter to enhance the image he didn't add anything to it or change it just brought out what was there by filtering out the background. I was very obvious if you saw the show that it should be perfectly legal .

Sure...

[Grip3n]

...just as long as they don't go effect happy and start making lens flares and drop shadows and start saying "l00k 47 my 31337 gr4ph1x" during court room proceedings.

This is NOT DRM

[ChaosDiscord]

DRM is about taking options away from users. This is about providing users with a new option: a strong audit trail. You can make a copy of the image using non-auditing software, but that copy of the image would lose it's "seal of approval." The original would remain valid. The end result: cops can make any copies and image manipulations they want that may help them solve a case. But in court they'll only be able to present images with the valid audit trail, ensuring that the image was never mishandled and clearly showing what manipulations were done to it. It sounds like a great idea and I strongly support this option for users. (I am suspicious that it may not be possible... but I'm happy to let people try.)

Re:Use a real verb

[L.+VeGas]

Just google a bit and you can see he's right.

get it? google?

haa haa ha ha ah never mind

Useful... possibly

[rworne]

The only way this can be seen as useful is if the person who is "cleaning up" the fingerprint has no idea who the print belongs to and where the print came from. Considering all the prints the law enforcement must deal with, it would be hard to assume the print a tech is working on is for a high profile murder suspect or a car thief.

That way it removes the ability to "doctor" prints to match what the cops want, and it adds a valuable tool to the investigative process.

If this process involves the tech working on a print, with the "target suspect" print available to him, I'd cry foul in an instant.

Any evidence can be tampered with

[stratjakt]

Thats why the term is 'reasonable doubt'. The DNA technician can lie. The blood can be planted. You can doctor an analog photo just as easily.

I've mentioned before that I design, write, and support police records software. I know how important audit trailing is to them, I was up until 3 AM last night debugging some of it.

We've even been approached with this very idea, audit trailing and securly storing digital photos. (Not just fingerprints)

This is about showing a factual list of who had access to the photo, exactly what they changed, and when. If pixels were added, it'd be on the trail. If it was lightened, darkened, it'd be on the trail.

The reason is simple. The jackass lawyers who think the constitution spells out their job as 'get the client off, no matter what it takes'. Another rant entirely, but rigorous defence doesnt mean knowingly lying and misleading a jury.

Police are constantly accused of lying, tampering with evidence, planting evidence, in stupid cases like misdemeanor posession of pot.

So when Mr Defense gets up in front of the jury, with Mr Cop on the stand, and says "Isn't it true that anyone could have altered those photos?", "Mr Cop can say, here's an itemized list of every enhancement, change, and view of the photos since they were taken.".

If Mr. Defense is stupid enough to continue, they can present sworn depositions from people like me (who created the system) testifying to the authenticity of the data.

Of course - it'd go both ways. If Mr Defense truly thinks BeatCop O'Malley doctored the photos, someone like me could likely prove the when and how.

This isn't a bad thing, or about stripping rights. It's about helping to secure the right to a fair trial.

thoughts..

[Dr.+Awktagon]

some thoughts..

* Anytime you use encryption or digital signatures, it's not "DRM". It's not like these folks want to restrict copying of the pictures, or track people who see the photos, they do that by keeping the pictures within their labs. The encryption is so they can show in court that the picture was not tampered with. When you check the signature in your linux package files, that's not DRM, that's something for your own benefit.

* I was recently looking at Canon's latest EOS-1Ds camera, which has a "Data Verification Kit" encryption module available. You put a smart card in a reader and every shot is digitally signed in the camera. So this stuff is available and hopefully the forensic photographers will begin using it. Of course a malicious photographer might change the software in the camera somehow but hopefully the module checks for that.

* Dodge & Burn tools should probably *not* be used.. they allow you to darken/lighten specific *areas* of the photo, which could be dangerous. When enhancing evidence they should only allow *global* changes like overall brightness or contrast, etc. Or at least they should send the evidence to three or more independent labs, who don't know anything about the case, and let each version be seen in court. That way there's less of a chance that someone will doctor the evidence for a specific outcome. And of course the whole workflow needs encryption and signatures.

* Evidence can always be tampered with. The digital signatures just make it harder, and hopefully at least as hard as it is now in the non-digital world.

This is not how photographic evidence works

[Bruce+Perens]

The potential to fake a photograph has existed since the earliest days of photography. The veracity of the photograph or other scientific evidence rests on the oath taken by the photographer and other technicians involved. They are not asking for DRM, but for a digital signature generated by the camera and attesting to the time and other circumstances of the photograph. Auditing the image-processing is possible, given certified software and a circumscribed list of permitted operations. Some form of "trusted computing" could be used to avoid trivial circumventions of the list of allowed operations.

Note that this is "trusted computing" in service of the owner of the computer (in this case the police department and department of justice rather than the individual operator). The fundamental difference is that the owner of the computer is the one asking for the trusted service, rather than some other entity that does not trust the owner of the computer.

Bruce

Are you serious?

[kabir]

At first I thought this was a humor post ("AI that would prevent taking pictures of naked women"?!? I mean really.) but then it occoured to me that you might actually be serious. So, for just a moment, I'll step back from inflamatory language ("sick-men", "villany") and silly ideas (the aforementioned AI) and try to address your comment.

What you're proposing is that there should be a technological to what is, at it's heart, a moral problem. If you're looking at this from a moral/religous standpoint (and it sounds to me like you are) then you must recognize that you haven't solved anyting by taking away the option to engage in this sort of immoral behaviour (I'm assuming, for the sake of the discussion, that audit trails would, in fact, stop this sort of breach of trust from occouring - though in all honesty I think that's a deeply flawed assumption). Certainly the specific behaviour might have been prevented, but the underlying issues which allow someone to ignore or abuse their spouses trust, etc. still exist and have, in fact, been completely ignored. In the end all you'll end up doing is changing the specifics of the situation, but breaches of trust and sexual compulsion will continue. No amount of DRM can address the reasons that someone seeks out bad behaviour.

Of course, as I mentioned, DRM and/or audit trails won't do much to stop the unauthorized publication of such photos. It certaily won't stop one spouse from coercing/manipulating/etc. another to take the photos in the first place. In no way will it account for those who initially think the photos are a good idea but later change their minds. And finally, it's complete bunk to even begin to think that an audit trail will force anyone to "confront thheir odious addiction", and it certainly won't save any marriages.

The bottom line is that if a husband thinks so little of his wife and their relationship that he would violate her trust in sunch a way simply because he wouldn't get caught then the marriage is in serious trouble regardless. Technology is amazing stuff, but it's neither the cause of, nor the solution to each and every modern problem. I think people forget that too often.

The real reason

[commodoresloat]

Come on. The real reason they should not be able to Photoshop pictures of fingerprints is that they should have to use the gimp instead.