Skip to main content

About this free course

Download this course

Share this free course

Digital forensics
Digital forensics

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

3.3 Contrasting scientific conclusions with court judgments

A trial process is not an enquiry into the truth or into hypothetical issues; it is testing various versions of relevant evidence to see whether ‘on the balance of probabilities’ (in civil cases) or the higher standard of ‘beyond a reasonable doubt’ (in criminal matters) it is possible to reach a particular decision for that set of circumstances. In a famous US case, Daubert v Merrell Dow Pharmaceuticals [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] [1993], the judge said: ‘Scientific conclusions are subject to perpetual revision. Law, on the other hand, must resolve disputes finally and quickly ... Rules of Evidence [are] designed not for the exhaustive search for cosmic understanding but the particularized resolution of legal disputes.’ (The quote is from section 39.)

Two Oxford philosophers, Herbert Hart and Antony Honoré, put the matter thus: ‘The lawyer and historian are both primarily concerned to make causal statements about particulars, to establish that on some particular occasion some particular occurrence was the effect or consequence of some other particular occurrence ... whereas for the scientist the focus of attention is the discovery and the construction of theories.’

In the case of unauthorised access to a computer, the court isn’t asking a generalised question along the lines of: ‘where a computer disk’s directory says that a file was first created, does it always mean that this is the date on which the file first appeared on that hard disk?’ Rather, the court is trying to decide if a party has made unauthorised access to a computer, contrary to Section 1 of the Computer Misuse Act 1990. To prove this has indeed happened, there are a set of tests, each of which must be satisfied, before the court can be satisfied that a person has had unauthorised access to a computer. In the case of the offence just mentioned, the tests must show that:

  1. a computer was involved
  2. it was accessed
  3. it was accessed by the accused
  4. such access was unauthorised
  5. at the time of the offence the accused knew that the access was unauthorised.

You will realise that each of these five steps or tests raises several subsidiary questions, which also need to be answered.