Onus on Defense in Computer Crime Cases, Is Florida any Different?
In India an individual charged with a cyber crime now has to prove their innocence (Onus on IP address owner to prove innocence). Is the United States any different? I refer you to one of my earlier posts - Presumption of Innocence, Where Did It Go?
Being involved in the cyber crime world I see it all the time. IP addresses, an individual's fingerprint in cyberspace can be manipulated, spoofed, make someone virtually untraceable. So how can an ordinary individual be expected to protect themselves against a sophisticated cyber criminal and then have to prove their innocence?
Florida and the rest of the United States is not there yet, but I can assure you that an individual charged with a cyber crime case is not going to take it lying down. Yes, the State has the burden of proof and the ability and resources to secure necessary evidence, but do they always do it? IP logs are retained for a limited amount of time depending on the internet service provider ("ISP"). Yahoo!, EBAY, Facebook, Hotmail, AOL, etc., all have retention periods for logs that can range from 45 days and up. Once the data is purged, it is gone forever. Which can make defending yourself extremely difficult, if not impossible.
It has been my experience that ISP's are friendlier to law enforcement and give private attorney's the run around at every corner. So I have taken it one step further on the advice of a colleague. I have recently had a local police department investigating one of my clients served with a Brady Notice, as well as the local State Attorney's Office. The State can get the potentially exculpatory evidence with ease, which may vindicate my client; thus, close their investigation, so why wouldn't they want it? The name of the game is cover your A$$. Make sure if there is potential computer evidence out there that can help your case, it's preserved. Even if the State won't issue a subpoena, ask that a preservation letter be sent to the ISP so that they evidence can be preserved in its current state for 90 days. At least that way you have some time to fight with the ISP for the records. If you can't get it done in 90 days, on the 89th day, have the State send another one extending the time period.
Remember, it is not possible to store all the data our computers generate on a daily basis. It just doesn't make sense for the ISP's financially, so the key is preservation, because at the end of the day, you may be the one proving your client's innocence rather than the State meeting it's burden of proof.