How Regional Computer Forensics Labs uncover digital evidence to support investigations.
|RCFL examiners—all certified by the FBI—specialize in locating encrypted, deleted, or
damaged file information that could be used as evidence in an investigation.
Regional Labs Help Solve Local Crimes
In 2008, Illinois police received disturbing information about a Chicago woman who had taken a 3-year-old to a “sex party” in Indiana where the child and an 11-year-old girl were abused by three adults. However, by the time the tip was received, the crime had already occurred, and there seemed to be no evidence to support criminal charges.
But there was evidence, buried deep within the woman’s computer, and examiners from our Regional Computer Forensics Laboratory (RCFL) in Chicago found it—a deleted e-mail titled “map to the party” that contained directions to an Indiana hotel. The evidence led to charges against all three adults, who were later convicted of aggravated sexual abuse and are currently in prison serving life sentences.
“That’s just one example of what we do every day,” said John Dziedzic, a Cook County Sheriff’s Office forensic examiner who is the director of the Chicago RCFL. “Evidence we produce here—and testify to in court—is crucial in a variety of major investigations.”
The FBI established the first RCFL in San Diego in 2000, and today there are 16 Bureau-sponsored labs located around the country, staffed by agents and other federal, state, and local law enforcement agencies (see sidebar).
Each facility is a full-service forensics laboratory and training center devoted to examining digital evidence in support of investigations—everything from child pornography and terrorism to violent crime and economic espionage cases.
Using sophisticated tools and technology, RCFLs analyze evidence from all kinds of electronic devices, including computers, cell phones, video game consoles, and even reel-to-reel tapes.
“Anything that can store data electronically can be analyzed,” said Special Agent Justin Poirier, deputy director of the Chicago RCFL.
RCFL examiners—all certified by the FBI—specialize in locating encrypted, deleted, or damaged file information that could be used as evidence in an investigation.
“Digital evidence has become part of just about every type of investigation,” Poirier said, “because today everybody uses computers and portable electronics such as cell phones.”
The benefit of having a regional forensic facility, he added, is that the FBI can bring its expertise and training directly to where it is needed.
“The idea is to create regional resources,” Poirier explained. “We train the state and local examiners, who make a three-year commitment to the RCFL. When they return to their agencies, they have expertise and access they didn’t have before. And in the process, we build lasting relationships with our regional partners.”
Dziedzic added, “Instead of sending evidence to the FBI Laboratory in Quantico, we can analyze it much faster here in our own backyard.”
Chicago’s RCFL was established in 2003 and consists of five FBI employees and 13 examiners from agencies including the Chicago Police Department, Cook County Sheriff’s Office, and U.S. Customs and Border Protection. It is the only digital forensics lab in Illinois to be accredited by the American Society of Crime Laboratory Directors/Laboratory Accreditation Board.
“Accreditation is the gold standard when it comes to prosecuting cases and testifying in court,” Dziedzic said. “It means that we operate at the highest professional standards.”
“Criminals are using more sophisticated electronic methods to commit crimes,” Poirier said. “This regional approach to digital forensics—pairing the Bureau with local law enforcement to collaborate on cases—is the future for law enforcement. It really works.”