Citizen Portal
Sign In

Webinar Q&A: experts answer practical questions on storage, warrants, accreditation and sensitive material handling

Forensic Technology Center of Excellence / ASCLAD webinar · February 2, 2026

Get AI-powered insights, summaries, and transcripts

Subscribe
AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

Panelists answered attendee questions on whether civilians can analyze child exploitation material, handling of cloud data and preservation orders, the use of kiosks and virtual machines, NAS access concerns, and accreditation implications for reporting and evidence management.

Moderator Chris Deters opened a question-and-answer session that focused on operational and legal challenges labs face when handling digital evidence. Attendees asked whether civilian personnel may analyze child sexual exploitation content; Steven Valeri said civilians can be used but only with ‘‘pretty good procedures and policies,’’ and Tim Scanlon warned some states have laws restricting who may reproduce or view such material. Chris Deters noted his office has a contracted psychologist available for staff who review disturbing material.

On the question of whether unlocking or organizing data is ‘‘analysis’’ and whether it triggers accreditation obligations, panelists said any interaction with a device begins a testing/documentation process and should be tracked. Valeri and Scanlon noted post-2017 guidance has increased documentation expectations and that detectives and laboratory staff should be notified when a device is touched.

Regarding rooting phones for physical extraction, Valeri said there is no single blanket rule; labs should use forensically accepted methods and document decisions case-by-case. On cloud data, Valeri advised that cloud‑stored information is treated as a separate location and typically requires its own warrant or a provider request; he recommended preservation orders as a practical means to prevent deletion while investigators obtain a warrant.

The panel discussed off‑site storage and NAS access. Valeri cautioned that moving evidence to third-party cloud services raises chain-of-custody and control questions; he said the forensic network should be separate from an agency’s regular IT systems so that only analysts have access. If a NAS administrator must have access, his recommendation was training and documented procedures to limit disclosure and court appearance risk.

Other practical topics covered included using kiosks or certified operators for limited, rapid extractions (call logs, recent contacts) to generate leads without full lab submission; retention policies for backup copies (panelists are developing procedures to remove evidence once cases are adjudicated); and long-running password-cracking operations, which labs may run as long as resources and case priority allow but must disclose in legal proceedings.

The session closed with the host distributing slide materials and contact emails for follow-up.