Vern Sallee, Lieutenant, Chula Vista, California, Police Department

n the surface, the idea that a state or municipal law enforcement agency would consider outsourcing digital evidence storage to private companies seems far-fetched. As the custodians of evidence, and the chain of custody rules that go with that responsibility, law enforcement would not appear to be a likely candidate to embrace the virtual outsourcing of a portion of the evidence room. After all, police agencies have spent more than a century building bunkers to store and protect evidence and have adopted strict controls centered on the physical possession of evidence. This status quo, however, has been fundamentally changed by the proliferation of connected mobile devices, including smartphones, and the manner in which digital files are stored.

A June 2013 poll by the Pew Internet and American Life Project estimates that about 56 percent of American adults own a smartphone, a trend that necessarily affects how police agencies approach their daily interactions with the public.¹ This article explores how the growth of smartphones and other mobile devices fundamentally changes the way police agencies operate, and, consequently, how they store and manage digital evidence.

The Effects of Mobile Technology on Policing

Perhaps the most high-profile police incident impacted by the smartphone trend remains the 2009 New Years’ Day shooting of Oscar Grant by a Bay Area Rapid Transit (BART) police officer. The shooting on a train platform at the Fruitvale BART station was captured from several angles by multiple bystanders using mobile phones. In the days afterward, videos of the shooting were posted on social media sites and Internet video sites and given to local news media. The videos caused widespread community protests, both peaceful and violent, and negatively impacted the BART Police Department’s public image. They also played a significant role in the criminal trial of the police officer and the resulting civil suit.²

As a result of this incident, the BART Police Department deployed over 150 new Taser Axon body cameras to its officers in an effort to capture incidents from an officer’s perspective and stored the video on cloud servers.³ Several other agencies, including the Oakland, California, Police Department; Rialto, California, Police Department; the Lake Havasu, Arizona, Police Department; and the Chula Vista, California, Police Department, have started using body cameras for similar reasons. Police agencies using video cameras to mitigate liability and citizen’s complaints is not new; however, the manner in which agencies choose to store the data is poised to fundamentally change.

When police agencies converted from film to digital cameras at the turn of the century, it changed the way these images were captured and stored. While digital photography was an important new technology, it did not require police property rooms to fundamentally change how they stored this type of evidence. Digital photos are easily and inexpensively stored on discs or hard drives, and property rooms easily adapted to the change. In contrast, high-definition video files take up a huge amount of virtual storage space, especially since videos vary in length and can range from minutes to hours long. For example, a photo in the JPEG format, the most common photo compression format, typically takes up 1.5–2.0 megabytes (MB) of storage space on a server. In contrast, a 30-minute MP4 video, the most common digital video format, may take more than 800 MB of storage.

In the bygone era of VHS in-car videos, many vendors estimated that the average officer would record about two hours of video on a given ten-hour shift. With in-car video, a VHS tape could hold the video from three or four shifts before it had to be physically logged into evidence. In the emerging era of on-officer video cameras and small mobile devices, there are no longer tapes, and there is no longer removable media. Instead, data is stored on solid-state storage devices built into the cameras that can hold many gigabytes (GB) of data. Contemporary police video recording devices are typically downloaded via a USB cable, a docking station, or a wireless network to minimize the chances that officers can be accused of tampering with the evidence.

For example, the Chula Vista Police Department (CVPD), which has about 200 sworn officers, is currently deploying six body-worn cameras with select officers. An analysis of evidence collected to date indicates that a typical 30-minute video from a single officer takes up about 800 MB of digital storage space. Using that data, along with a conservative estimate of one hour of recording per officer, per day, if the agency’s entire patrol force was equipped in this manner, they would produce more than 35,000,000 MB of data, or 33 terabytes (TB) per year. This is the storage equivalent of approximately 17 million 2 MB JPEG photos. Such a huge amount of digital storage requires numerous specialized multiple hard drive storage servers designed to manage video and corresponding information technology (IT) support. When one considers that the data must be stored, backed up, managed, and duplicated for discovery purposes, one can see how quickly a small IT department would be overwhelmed, especially as years of data must be stored as evidence until cases are resolved. Given this scenario, large agencies like the Los Angeles Police Department (LAPD) could spend millions of dollars per year on data storage and require a small army of IT support personnel should they choose to fully deploy on-officer video cameras to mitigate liability and create an accurate record of their officers’ conduct.

While agencies may deploy video cameras with the intent to mitigate liability and reduce citizen complaints, the fact remains that every frame of video captured by every officer is potentially evidence. At the typical video frame rate of 30 frames per second, high-definition video takes up an enormous amount of virtual storage space—so much that it will quickly overwhelm the traditional evidence storage servers of even the largest agencies. Combine this with the cumbersome task of managing massive amounts of data and ensuring its availability for discovery means that police agencies will face a huge investment in traditional in-house IT just to manage the flood of potential evidence.

To store vast amounts of digital evidence, departments will need to invest resources in areas such as storage servers, backup systems, physical plants, electricity, and IT personnel to store the evidence captured by their on-officer video cameras. In times of fiscal constraint, it is important to understand the dollars funding these areas would likely be taken from resources needed to fulfill the obligations of the core mission of public safety.

Cloud-Based Solutions for Digital Evidence Storage

The conundrum facing agencies is how to balance capturing the video evidence they need without breaking the budget. The answer to the vexing issue of storing massive amounts of digital evidence is to turn to a solution that has been around for quite some time: cloud computing. There are several definitions of cloud computing; for this article, cloud computing is defined as a remotely distributed computer storage service that is hosted by a third party. The service provider is typically a private company that specializes in remote computing or storage services, such as Microsoft, Amazon, Google, or similar IT providers. The cloud services are accessed using existing broadband infrastructure with Software as a Service (SaaS) or Storage as a Service (StaaS) contracts with the third-party vendors.

Cloud computing has evolved over the last half dozen years from a technical niche for big businesses to a mainstream consumer and private sector IT solution. While cloud computing has some drawbacks, it is useful to explore the benefits of cloud computing versus traditional storage methods. It is widely recognized that cloud computing offers efficiency, agility, and innovation on a scale that most private and public entities cannot hope to achieve with traditional in-house servers. In fact, the 2011 Federal Cloud Computing Strategy, authored by the White House Office of Management and Budget (OMB), promulgates the idea that cloud computing is such a fundamental shift in IT that they strongly advocate a “Cloud First” policy for federal agencies of all stripes.⁴

While there are many benefits to cloud computing, among those that are most germane to police agencies are the cloud’s cost effectiveness, scalability, and access to innovation. The total cost of ownership for in-house servers and accompanying support is more expensive than outsourcing to private cloud providers. Estimated savings by utilizing cloud services versus in-house equipment, labor, and infrastructure range from 30 to 50 percent. Almost as important as the cost savings is the scalability of outsourcing to cloud service providers. In the legacy server model, if an agency fills up its in-house servers and needs to expand storage, it needs to budget more time, space, money, and personnel. In contrast, if an agency needs to expand or reduce storage with a cloud service provider, it can be done almost instantaneously. Finally, the best cloud service providers offer access to cutting-edge technology, redundancy, and world-class security that most public agencies could never hope to achieve on their own.

The largest cloud service providers, such as Amazon, Google, and Microsoft, have been aggressively marketing their services to government agencies. As of March 2013, Microsoft estimates that more than one million government workers have migrated to Microsoft 365 cloud applications, including major public entities such as the State of Minnesota, the City of Chicago, and the City of Seattle. Microsoft’s competitors are making similar business inroads into the public sector market.⁵

FedRAMP—U.S. Federal Government Standardizes Cloud Security

While cloud computing offers clear benefits, it also has some drawbacks, especially considering the repercussions of lost or corrupted digital evidence. Security, privacy, and discovery top the list of areas that must be well defined before transitioning to cloud-based storage of digital evidence. In an effort to establish standardized cloud security measures, the U.S. General Services Administration (GSA) administers the Federal Risk and Authorization Program (FedRAMP), which is based upon standards set by the Federal Information Security Management Act of 2002 (FISMA).⁶ According to the GSA, the goals of the FedRAMP program include

• accelerating the adoption of secure cloud solutions through reuse of assessments and authorizations;
• increasing confidence in the security of cloud solutions;
• achieving consistent security authorizations using a baseline set of agreed-upon standards and accredited independent third-party assessment organizations;
• ensuring consistent application of existing security practices;
• increasing confidence in security assessments; and
• increasing automation and near real-time data for continuous monitoring.

Under FedRAMP, once a cloud service provider (CSP) is certified, federal, state, and local government agencies can contract with the CSP knowing they have the absolute highest IT and security standards.

Common CSP cloud security measures include protection of data in transit via 256-bit Advanced Encryption Standards (AES) and by using Secure Hash Algorithim-1 (SHA-1) to verify the data blocks integrity. CSPs ensure robust physical security at their data centers and provide for logical security to prevent unauthorized internal and external access to data, and they ensure that customers’ data is appropriately segregated from other customers. As a benefit of their size and state-of-the art network infrastructure, CSPs also have the most sophisticated network security coverage available, and they are better protected against the most common hacking attacks than most local IT departments. Other security features, such as dual-factor authentication and security challenge questions, add a layer of protection to users’ log-on access. Finally, agencies can “lock down” their systems so that data can be accessed only via the agency’s Internet Protocol (IP) addresses.

The OMB is so confident of the future of outsourcing to CSP’s, they estimate that up to $20 billion of the $80 billion federal IT budget has the potential to be outsourced to cloud providers. The OMB estimates the U.S. Department of Homeland Security, U.S. Department of the Treasury, and U.S. Department of Defense have the potential to outsource more than $6 billion in cloud computing.⁷ One can imagine the security standards that must be met to satisfy the needs of the most secretive and secure departments of the federal government. OMB’s promotion of cloud solutions and setting of high security standards via the FedRAMP program bolsters the case for cloud computing as a viable solution for digital evidence storage for municipal police agencies.

Privacy is one of the other top concerns that must be taken into account when an agency is considering outsourcing digital evidence to a private cloud provider. With the recent National Security Agency (NSA) scandal involving government surveillance, the public may not be particularly keen to have potentially embarrassing evidence amassed on private cloud services at the behest of any branch of the government. Such concerns can largely be addressed by setting policies that clearly outline the access rights and security protocols to protect the evidence and citizen’s privacy.

Finally, issues surrounding chain of custody and discovery must also be addressed in any policy consideration. Under FedRAMP, there are stringent standards to ensure data integrity and agencies can be confident that their data will be secure. With regard to discovery, agencies may face a huge influx of requests from prosecutors or defense attorneys requesting digital evidence. Fortunately, cloud-based storage of digital evidence is ideal for information sharing. With cloud-based services, it is much easier to securely send a copy of digital evidence than it would be to make a physical copy and hand deliver it to the appropriate stakeholder.

Agencies can document proper chain of custody and protect their digital evidence in the cloud ecosystem by the same stringent standards that have applied to law enforcement databases for decades. The same security standards that give police officers access to local, state, and federal law enforcement databases largely apply to accessing digital evidence. Controls and user access levels can be (and must be) put in place so that most users have “view only” rights and only a very few high-level agency administrators of the program have access and authorization to delete evidence upon case resolution.

Any digital evidence management system, including those that are cloud-based, must include an audit trail, a standardized retention schedule, and policies and procedures outlining management of the evidence. Agencies will need to be vigilant to ensure that all evidence generated is easily produced for discovery and unassailable as “best evidence.” To this end, agencies will need to ensure officers are properly trained and directed to annotate any evidence they generate so it can be attributed to the proper case.

Next Steps

What will it take to make this transition a reality? First, law enforcement agencies must reach out to potential stakeholders and begin discussing the issue now. District attorneys, defense attorneys, judges, court administrators, lab managers, and police administrators all have a stake in the technology’s success. Interested agencies may start with a county-wide task force to explore a collaborative effort and negotiate favorable contracts with CSPs. Police agencies may even find their legal departments open to a cost-sharing agreement in the interest of mitigating liability, perhaps from funds traditionally set aside for settlements.

Fortunately, CSPs are available to all agencies in the United States, regardless of whether or not they serve a rural or urban area. The ability to utilize CSPs is limited only by broadband access, which should not be a barrier to most agencies. In fact, a small rural agency will likely find that utilizing a CSP will result in better service and technical support than its current setup. Additionally, agencies with multiple far-flung substations or rural deputies will have a centralized, web-based resource to store digital evidence rather than waste resources supporting multiple data centers.

Agencies should properly research and vet reliable CSPs that have tailored their service around protecting digital evidence and are FedRAMP certified. Finally, agencies will need to develop policies to ensure discovery issues are properly taken into account along with robust standards for access to ensure privacy rights are protected.

Conclusion

While police agencies struggle during lean budget times to limit liability and increase productivity, the outsourcing of digital evidence storage is clearly one way they can contain costs while enhancing the quality of their work. Over time, those leaders who are “digital immigrants,” defined as growing up in the analog age, will adapt to the “new normal” where using private CSPs is considered to be a safe and secure method of storing digital evidence. The next generation of law enforcement professionals, who will all be “digital natives,” will wonder why so much time and energy was invested in storing discs and tapes and maintaining servers before the move to the cloud.

Agencies will move toward collecting more digital evidence for a number of reasons. The unbridled fear of a domestic violence victim, the unsteady gait and slurred speech of the DUI suspect, and the physical and verbal cues of a violent suspect cannot ever be fully captured in words. Giving officers the tools to video record and document the good work they are doing will give the public more confidence in law enforcement and limit the amount of time defense attorneys quibble over “he said–she said” arguments.

In the end, judges and juries will expect to see more digital evidence, both from a citizen’s perspective and that of the officer, and cloud storage is the only cost-effective and practical way for agencies to record, store, and furnish this evidence. While the transition toward private cloud storage of digital evidence may take some time to implement, the potential to limit liability and resolve cases faster will ultimately prove the move to the cloud to be an efficient and cost-effective decision for most agencies. ♦

Notes:
¹Aaron Smith, “Smartphone Ownership 2013,” Pew Internet and American Life Project, June 5, 2013, http://pewinternet.org/Reports/2013/Smartphone-Ownership-2013.aspx (accessed February 28, 2014).
²Demian Bulwa, “Mehserle Convicted of Involuntary Manslaughter,” SFGate, July 9, 2010, http://www.sfgate.com/bayarea/article/Mehserle-convicted-of-involuntary-manslaughter-3181861.php (accessed February 28, 2014).
³Neal Ungerleider, “Taser’s New Police Glasses-Cam Lets Citizens See What Cops See,” Fast Company, February 21, 2012, http://www.fastcompany.com/1817960/tasers-new-police-glasses-cam-lets-citizens-see-what-cops-see (accessed February 28, 2014).
⁴Vivek Kundra, Federal Cloud Computing Strategy (Washington, DC: Office of Management and Budget, February 8, 2011), https://www.dhs.gov/sites/default/files/publications/digital-strategy/federal-cloud-computing-strategy.pdf (accessed February 28, 2014).
⁵“New Group of Government and Education Organizations Move to the Cloud with Microsoft Office 365,” Microsoft Corporation, http://www.microsoft.com/en-us/news/press/2013/mar13/03-27pubseccloudpr.aspx (accessed March 4, 2014).
⁶“FedRAMP: Ensuring Secure Cloud Computing for the Federal Government,” United States General Services Administration, http://www.gsa.gov/portal/category/102371 (accessed July 7, 2013).
⁷Kundra, Federal Cloud Computing Strategy.

Please cite as:

Vern Sallee, “Outsourcing the Evidence Room: Moving Digital Evidence to the Cloud,” The Police Chief 81 (April 2014): 42–46.

Top