This document discusses corporate criminal liability and the importance of digital evidence and computer forensics. It outlines situations companies should avoid like criminal prosecution due to lack of employee oversight. It describes Spain's legal framework for corporate criminal liability and digital evidence. It recommends preventative measures for companies like establishing internal policies, technical/data security controls, and insurance. It outlines the stages of computer forensics including prevention, data collection/analysis, and using evidence in court. Reasons for a forensic investigation include economic impacts, identifying evidence and liabilities, and preventing corporate criminal liability.
2. www.tusconsultoreslegales.com [email_address] INTERNET/INVESTIGATION OF DIGITAL EVIDENCE/COMPUTER FORENSICS 4. PREVENTIVE ANALYSIS OF CORPORATE CRIMINAL LIABILITY 3. HOW TO PREVENT AND/OR MINIMISE CORPORATE CRIMINAL LIABILITY 2. LEGAL FRAMEWORK OF CORPORATE CRIMINAL LIABILITY AND DIGITAL EVIDENCE 6. REASONS FOR A FORENSICS INVESTIGATION 1. SITUATIONS WHICH SHOULD BE AVOIDED: REFLECTIONS 5. STAGES OF THE COMPUTER FORENSICS PROCESS
3.
4.
5.
6.
7.
8. www.tusconsultoreslegales.com [email_address] 3. HOW TO PREVENT AND/OR MINIMISE CORPORATE CRIMINAL LIABILITY PREVENTIVE MEASURES: 1- Establishing control measures: Implementing an internal corporate policy 5- Detecting and preserving evidence which allow a proactive legal defence: Minimising the consequences of the crime 2- Establishing technical and organisational measures: Complying with personal data protection obligations (Organic Law on Personal Data Projection and Implementing Legislation) 3- Implementing security certificates: Preventing identity theft COMPUTER FORENSICS 4- Establishing cover measures: Having an insurance policy which also covers legal services
9. www.tusconsultoreslegales.com [email_address] An internal corporate policy with clear guidelines, specifying the permitted use of both the company's internal and external means of communication, with the corresponding behaviours, expressly indicated, through control measures established by the employer as provided in article 20.3 of the Workers' Statute. 4. PREVENTIVE ANALYSIS OF CORPORATE CRIMINAL LIABILITY (1/3) 1- Establishing control measures: Implementing an internal corporate policy 2- Establishing technical and organisational measures: Complying with personal data protection obligations (Organic Law on Personal Data Projection and Implementing Legislation) Having complied with the obligations established by the Organic Law on Personal Data Protection and implementing regulations to establish the technical and organisational measures necessary, as well as efficient control measures in accordance with article 20.3 of the Workers' Statute which are compatible with the worker's privacy. Above all, ensuring control of both internal and external means of communication.
10.
11. www.tusconsultoreslegales.com [email_address] 4. PREVENTIVE ANALYSIS OF CORPORATE CRIMINAL LIABILITY (3/3) The detection, preservation and investigation of electronic proof or evidence which may be used to defend the company against possible criminal liability is known as COMPUTER FORENSICS. This discipline is basically divided into four major stages or processes, which can be carried out independently, or consecutively, according to the company's needs. The stages of Computer Forensics go from prevention up to implementing proof in the trial. 5- Detecting and preserving evidence which allow a legal defence oriented towards minimising possible criminal consequences COMPUTER FORENSICS
12. www.tusconsultoreslegales.com [email_address] 5. STAGES OF THE COMPUTER FORENSICS PROCESS PREVENTION FORENSIC READINESS Objective: Facilitating a possible digital investigation How: Establishing and implementing traceability procedures Example: Intrusion Detection Systems LOCATING INFORMATION E-DISCOVERY Objective: Search for specific data from a large quantity of information How: Use of search and filter mechanisms in file systems and databases Example: Search for deleted accounting data DATA ACQUISITION CHAIN OF CUSTODY Objective: Correctly initiating the chain of custody of future proof How: Bit by bit copy of digital information before a notary Example: Copies of information from a mobile telephone EVIDENCE ANALYSIS EXPERT REPORT Objective: Analysing digital information and searching for possible evidence. How: Blind and automated search for suspicious activities Example: Analysis of the PC of an ex-employee for possible information theft