电子取证的法律规制

电子取证在世界范围内得到了日益广泛的运用,同时也引发了一系列的法律问题。本文从电子取证的基本含义切入,采取交叉研究的方法,指出我国的电子取证实务应当遵循一个抽象的司法程序模型。在此基础上,本文阐述了我国的电子取证在规制方式、规制原则与规制内容等方面遭遇的法律挑战,并逐一深入地论证了亟待采取的法律因应措施。     

英美法国家科学证据的历史沿革评述

从18世纪到20世纪,英美法国家有关科学证据的法庭运用,所表明的基本思想是,将科学证据评价的事实问题,通过三种方法转化为法律问题,以此保证法官在科学证据评价中承担更多的审查义务,以减少陪审团在科学证据判断上出错的可能性。这三种法律转化方法分别是,专家资格审查、专家证言的形式审查、专家证言的实质审查。这在20世纪的美国审判中,表现得更为突出。     

论法律事实与客观事实

法律事实与客观事实的一般关系是 ,客观事实是法律事实的基础 ,法律事实是客观事实的再现或者反映 ,法律事实必须以客观事实为追求目标。法律事实对客观事实的追求是通过一系列证据法上的制度设计实现的 ,能否最大限度地确保法律事实与客观事实相一致 ,是衡量证据规则是否成功的基本标志。法律事实一般应当与客观事实相符合 ,但由于种种原因 ,也可能产生不一致的情况 ,包括无奈的不一致、错误的不一致和有意的不一致。     

英美法国家科学证据的历史沿革评述

从18世纪到20世纪,英美法国家有关科学证据的法庭运用,所表明的基本思想是,将科学证据评价的事实问题,通过三种方法转化为法律问题,以此保证法官在科学证据评价中承担更多的审查义务,以减少陪审团在科学证据判断上出错的可能性。这三种法律转化方法分别是,专家资格审查、专家证言的形式审查、专家证言的实质审查。这在20世纪的美国审判中,表现得更为突出。     

论计算机搜查的法律规制

计算机搜查是当前司法实践中一种全新的取证措施,在世界范围内得到了日益广泛的运用,同时也引发了一系列的法律障碍。本文从计算机搜查的基本含义切入,采取比较研究的方法,指出我国实务中计算机搜查应当实现由一步式向两步式的根本性转变。在此基础上,本文阐述了我国的计算机搜查在应否申请令状、如何确定搜查范围以及维护案外人的合法权益、借助第三方的协助等方面遭遇的法律问题,并深入地论证了亟待确立的有关法律规则。     

医疗纠纷中篡改病历相关法律责任研究

病历是医院最常见的文书之一。在法律上,病历也充当着重要的证据作用。在医疗纠纷中,病历是一把双刃剑,高质量的病历可以是医务人员的保护伞,反之则会是其最大的敌人。但是在医务人员在医疗纠纷中篡改病历的现象并不少见。关于篡改的病历的证据作用以及对相关人员的处理,国内外学者存在着不同的认识。     

Design and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform

We describe the design, implementation, and evaluation of FROST—three new forensic tools for the OpenStack cloud platform. Our implementation for the OpenStack cloud platform supports an Infrastructure-as-a-Service (IaaS) cloud and provides trustworthy forensic acquisition of virtual disks, API logs, and guest firewall logs. Unlike traditional acquisition tools, FROST works at the cloud management plane rather than interacting with the operating system inside the guest virtual machines, thereby requiring no trust in the guest machine. We assume trust in the cloud provider, but FROST overcomes non-trivial challenges of remote evidence integrity by storing log data in hash trees and returning evidence with cryptographic hashes. Our tools are user-driven, allowing customers, forensic examiners, and law enforcement to conduct investigations without necessitating interaction with the cloud provider. We demonstrate how FROST's new features enable forensic investigators to obtain forensically-sound data from OpenStack clouds independent of provider interaction. Our preliminary evaluation indicates the ability of our approach to scale in a dynamic cloud environment. The design supports an extensible set of forensic objectives, including the future addition of other data preservation, discovery, real-time monitoring, metrics, auditing, and acquisition capabilities.     

Legal issues in oral fluid testing

The use of oral fluid for drugs of abuse testing has received increased attention with the availability of accurate methods for the collection and analysis of drugs in oral fluid specimens. Already used in the transportation and insurance industries, there is increasing interest in oral fluid drug testing in the workplace, schools, roadside driving under the influence of drugs, and criminal justice. Given that sanctions may accrue from positive test results, legal challenges are to be expected. However, with its established scientific base, demonstrated accuracy and reliability of collection and test methods, and current positive regulatory developments, it seems clear that the use of oral fluid as a specimen for drugs of abuse testing will be able to withstand judicial scrutiny.     

“Cloud bursts”: Emerging trends in contracting for Cloud services

Contracting for cloud based services might be said to be in its relative infancy, but such contracts as have been promulgated by the major providers have uniformly tended to be extremely restrictive in terms of the rights and means of recourse offered to customers. As contract values and service complexity “in the cloud” increase, however, more and more of such contracts are subject to review and challenge. This article accordingly considers some of the key points of common contention, and offers thoughts as to the direction of travel for such contracts in the months to come.     

Automated consent through privacy agents: Legal requirements and technical architecture

The changes imposed by new information technologies, especially pervasive computing and the Internet, require a deep reflection on the fundamental values underlying privacy and the best way to achieve their protection. The explicit consent of the data subject, which is a cornerstone of most data protection regulations, is a typical example of requirement which is very difficult to put into practice in the new world of “pervasive computing” where many data communications necessarily occur without the users' notice. In this paper, we argue that an architecture based on “Privacy Agents” can make privacy rights protection more effective, provided however that this architecture meets a number of legal requirements to ensure the validity of consent delivered through such Privacy Agents. We first present a legal analysis of consent considering successively (1) its nature; (2) its essential features (qualities and defects) and (3) its formal requirements. Then we draw the lessons of this legal analysis for the design of a valid architecture based on Privacy Agents. To conclude, we suggest an implementation of this architecture proposed in a multidisciplinary project involving lawyers and computer scientists.     

Cloud Data Imager: A unified answer to remote acquisition of cloud storage areas

The pervasive availability of cheap cloud computing services for data storage, either as persistence layer to applications or as mere object store dedicated to final users, is remarkably increasing the chance that cloud platforms potentially host evidence of criminal activity. Once presented a proper court order, cloud providers would be in the best position for extracting relevant data from their platforms in the most reliable and complete way. However, this kind of services are not so widespread to date and, therefore, the need to adopt a structured and forensically sound approach calls for innovative weaponry which leverage the data harvesting capabilities offered by the low level program interfaces exposed by providers. This paper describes the concepts and internals of the Cloud Data Imager Library, a mediation layer that offers a read only access to files and metadata of selected remote folders and currently supports access to Dropbox, Google Drive and Microsoft Skydrive storage facilities. A demo application has been build on top of the library which allows directory browsing, file content view and imaging of folder trees with export to widespread forensic formats.     

证据法学研究用语不规范问题初探

法学研究强调逻辑的严谨性以及语言的规范性,作为法学分支学科的证据法学当然亦莫能外。但是,近年来方兴起的证据法学科,在我国开展的时日尚短,且一直与传统的证据学学科之间纠缠不清,以至于我国证据法学的学科体系迟迟不能建立,甚至连作为学科基础的基本概念都未能达成共识,缺乏统一性和规范性,理论研究和证据实务中用语不规范的问题一直存在,混用、误用基本概念和术语的现象较为普遍。这不仅影响到理论研究的严谨性,甚至干扰到实务操作的实效性。     

Placing the suspect at a PC: A preliminary study involving fingerprints on keyboards and mice

Digital devices now play an important role in the lives of many in society. Whilst they are used predominantly for legitimate purposes, instances of digital crime are witnessed, where determining their usage is important to any criminal investigation. Typically, when determining who has used a digital device, digital forensic analysis is utilised, however, biological trace evidence or fingerprints residing on its surfaces may also be of value. This work provides a preliminary study which examines the potential for fingerprint recovery from computer peripherals, namely keyboards and mice. Our implementation methodology is outlined, and results discussed which indicate that print recovery is possible. Findings are intended to support those operating at-scene in an evidence collection capacity.     

BitTorrent Sync: First Impressions and Digital Forensic Implications

With professional and home Internet users becoming increasingly concerned with data protection and privacy, the privacy afforded by popular cloud file synchronisation services, such as Dropbox, OneDrive and Google Drive, is coming under scrutiny in the press. A number of these services have recently been reported as sharing information with governmental security agencies without warrants. BitTorrent Sync is seen as an alternative by many and has gathered over two million users by December 2013 (doubling since the previous month). The service is completely decentralised, offers much of the same synchronisation functionality of cloud powered services and utilises encryption for data transmission (and optionally for remote storage). The importance of understanding BitTorrent Sync and its resulting digital investigative implications for law enforcement and forensic investigators will be paramount to future investigations. This paper outlines the client application, its detected network traffic and identifies artefacts that may be of value as evidence for future digital investigations.     

构建以法律职业为目标导向的法律人才培养模式——中国法律教育改革与发展研究报告

改革开放30年来,在依法治国方略的推动下,我国逐步建立起布局、结构层次比较完整和发达的法律人才培养体系,为建设法治和繁荣法学做出了贡献。但目前仍存在着法律人才培养的层次和结构、数量和质量不能适应或满足政法队伍建设的实际要求,特别是管理体制混乱等诸多矛盾和迫切需要解决的问题。要深化法律教育体制改革,必须立足我国的历史和现实,借鉴发达国家法律人才培养经验,建立以法律职业为目标导向的法律教育管理体制和法律人才培养模式,即强化政法机关对法律教育的指导和管理职能;建立以五所政法大学和若干著名大学法学院为主干的国家级政法人才培养基地;建立学术型和职业型法律人才分类培养管理机制和基本统一的法律人才培养模式;建立二段式司法考试模式并完善考试通过之后的职业培训制度;优化全国法科学科专业布局。     

法教义学中法律解释性命题的可接受性证立

法教义学研究是对实在法尤其是实在法规则进行解释和体系化的研究,法律解释性是法教义学考察的核心命题,是对规范陈述在具体案件事实当中意义的研究。法律解释性命题的有效性证立除了需要满足自我证立的融贯性要求之外,也要符合相关理性论辩规则的规制,尤其需要满足可接受性法律证立的修辞论证需要。解释性法律命题的有效性是以法律解释结果的可接受性为基础的,阿尔尼奥的法律解释证立理论正是在此探讨理路上展开的。     

中国经济刑法法益:认知、反思与建构

当前基于秩序、利益、自由等表述的经济刑法法益学说在认知进路上存在问题,无法形成本体和功能自洽的法益观。应当承认集体法益的独立性,立足法益二元论对经济刑法法益进行本体重塑与功能展开。它勾连宪法,是保障在经济领域中实现个人自由的外部条件的统一体,也是经济秩序市场经济规范保护的客体。法益不是刑法独有的保护目标,仅根据法益标准难以有效区分刑事不法与行政不法。经济刑法的犯罪化应坚持保护适格的集体法益,同时更加注重合比例原则和明确性原则的补充与限制。经本体重塑的经济刑法法益兼具体系超越与体系内在功能,有助于在反思当下中国经济刑法立法与司法的基础上,重构经济刑法的立法理念与犯罪化标准,厘清经济犯罪的类型与解释原理。     

Heir, Celebrity, Martyr, Monster: Legal and Political Legitimacy in Shakespeare and Beyond

The seventeenth century placed Western political thought on a path increasingly concerned with ascertaining the legitimacy of a determinate individual, parliamentary or popular sovereign. As early as Shakespeare, however, a parallel literary tradition serves not to systematise, but to problematise the discourses used to assert the legitimacy with which control over law and government is exercised. This article examines discourses of legal and political legitimacy spawned in early modernity. It is argued that basic notions of ‘right’, ‘duty’, ‘justice’ and ‘power’ (corresponding, in their more vivid manifestations, to categories of ‘heir’, ‘celebrity’, ‘martyr’ and ‘monster’) combine in discrete, but always encumbered ways, to generate a variety of legitimating discourses. Whilst transcendentalist versions of those discourses begin to wane, their secular analogues acquire steadily greater force. In addition to the Shakespearean histories, works of John Milton, Pierre Corneille, Jean Racine, Friedrich Schiller and Richard Wagner are examined, along with some more contemporary or ironic renderings.

Legal and ethical considerations of biometric identity card: Case for Mauritius

The highly connected nature of the current era has raised the need for more secure systems, and hence the demand for biometric-based authentication methods. In 2013, the Mauritian Government invested massively in the collection of data, and implementation of the national biometric identity card scheme. The latter has suffered a number of contestations among the population, and several cases were consequently filed at the Supreme Court of Mauritius to oppose the use of this biometric card. The main concern was the collection of biometric data which posed threats to the privacy of individuals. Additionally, the collection and retention of biometric data lead to security issues. In this paper, the challenges with respect to the usage of the biometric card are analysed. The laws governing data protection are discussed, together with the legal framework used for data collection and retention. Following the court decisions, several amendments have been made to the existing laws in order to cater for the usage of biometric data for the public interest. Finally, recommendations are made with regards to a legal framework which will enhance the security of biometric data, and eventually encouraging public acceptance of this biometric identification system.