Law Journal of the National Academy of Internal Affairs

  • Received 28.10.2025,
  • Revised 30.01.2026,
  • Accepted 31.03.2026
  • Published 03.04.2026
Download article Download article
Volume 16, No. 1, 2026
  • electronic evidence; digital traces; forensic-by-design; international standards; state information systems; evidence; forensic copy
  • https://doi.org/10.63341/naia-chasopis/1.2026.47
  • Pages 47-64

The purpose of the study was to analyse the capabilities of digital forensics in investigating official offences by integrating international standards and forensic-by-design concepts with Ukrainian criminal procedural legislation. A comparative legal analysis of international and Ukrainian standards of digital forensics revealed a systemic gap between technical standards and procedural and judicial practice, where courts practically do not articulate the requirements for forensically correct handling of digital evidence. The systematic classification of digital traces by types of official offences in criminal legislation allowed systematising specific sources of origin, types of digital traces, and typical threats to the integrity of evidence for each element of official offence in the context of large-scale digitalisation of the public sector. The case study method was used to examine the judicial practice of Ukraine, the United States of America, and Germany regarding the use of digital evidence in cases of official offences, which made it possible to establish the absence of references to international standards of digital forensics in the motivational parts of Ukrainian court decisions and to identify gaps in the procedural design of electronic evidence that make it impossible to verify the authenticity and integrity in accordance with the requirements of ISO/IEC 27037:2012. A four-block algorithm for the digital forensics methodology for investigating official offences related to official forgery (Article 366 of the Criminal Code of Ukraine) was developed, which includes forensically oriented initial recording of the digital situation, identification of relevant sources of digital evidence, forensically correct acquisition and analysis, and presentation of evidence in court with compliance with the procedures of the chain of custody. The practical significance of the research results lies in the possibility of the use by the legislator to amend criminal procedural legislation, by law enforcement agencies to create specialised units in the field of investigating official offences using digital forensics, as well as by higher education institutions to introduce relevant educational components into legal education

References

  1. Ahmed, A.A., Farhan, K., Jabbar, W.A., Al-Othmani, A., & Abdulrahman, A.G. (2024). IoT Forensics: Current perspectives and future directions. Sensors, 24(16), article number 5210. doi: 10.3390/s24165210.
  2. Akilal, A., & Kechadi, M. (2021). An improved forensic-by-design framework for cloud computing with systems engineering standard compliance. Forensic Science International Digital Investigation, 40, article number 301315. doi: 10.1016/j.fsidi.2021.301315.
  3. Akilal, A., & Kechadi, M. (2025). Cloud digital forensic readiness: An open source approach to law enforcement request management. arXivdoi: 10.48550/arXiv.2507.04174.
  4. AlKhanafseh, M., & Surakhi, O. (2024). Evidence preservation in digital forensics: An approach using blockchain and LSTM-based steganography. Electronics, 13(18), article number 3729. doi: 10.3390/electronics13183729.
  5. Amelin, O.Y. (2024a). Certain aspects of the appointment and replacement of the prosecutor in criminal proceedings on offences in the sphere of official activity. Constitutional State, 56, 143-154. doi: 10.18524/2411-2054.2024.56.315691.
  6. Amelin, O.Y. (2024b). Realization of the functions of the prosecutor’s office as an element of the mechanism of ensuring national security of Ukraine. Constitutional State, 55, 20-28. doi: 10.18524/2411-2054.2024.55.311949.
  7. Chepurna, T. (2025). Circumstances to be established during the investigation of official criminal offenses committed by law enforcement officers. Scientific Perspectives. Series Law, 6(60). doi: 10.52058/2708-7530-2025-6(60)-1020-1031.
  8. Committee of Ministers of the Council of Europe. (2019). Electronic evidence in civil and administrative proceedings. Retrieved from https://rm.coe.int/guidelines-on-electronic-evidence-and-explanatory-memorandum/1680968ab5.
  9. Commonwealth Secretariat. (2025). Guidelines on the treatment of electronic evidence in criminal proceedings. Retrieved from https://thecommonwealth.org/publications/guidelines-treatment-electronic-evidence-criminal-proceedings.
  10. Congressional Research Service. (2021). Van Buren v. United States: Supreme Court holds accessing information on a computer for unauthorized purposes not federal crime. Retrieved from https://www.congress.gov/crs-product/LSB10616.
  11. Cyclopes. (2023). Cyclopes – fighting cybercrime – law enforcement practitioners’ network: Deliverable D4.8. Retrieved from https://backend.cyclopes-project.eu/wp-content/uploads/2025/04/Deliverable-D4.8-2nd-Annual-innovation-uptake-recommendations.pdf.
  12. Datenshutz Praxis. (2017). Data breach at the registration office: A fine! Retrieved from https://www.datenschutz-praxis.de/pleiten-pech-pannen/datenschutzverstoss-meldeamt-geldstrafe/.
  13. Daubner, L., & Matulevičius, R. (2021). Risk-oriented design approach for forensic-ready software systems. In ARES ‘21: Proceedings of the 16th international conference on availability, reliability and security (article number 48). New York: Association for Computing Machinery. doi: 10.1145/3465481.3470052.
  14. DSTU 7564:2014. (2014). Information technologies. Cryptographic information protection. Hash function. Retrieved from https://online.budstandart.com/ua/catalog/doc-page.html?id_doc=66229.
  15. DSTU ISO/IEC 27037:2017. (2017). Information technology – protection techniques – guidelines for the identification, collection, retrieval and preservation of digital evidence. Retrieved from https://online.budstandart.com/ua/catalog/doc-page?id_doc=74978.
  16. DSTU ISO/IEC 27040:2016. (2016). Information technology – protection techniques – storage security. Retrieved from https://online.budstandart.com/ua/catalog/doc-page.html?id_doc=67146.
  17. e-Estonia. (n.d.) KSI® blockchain in Estonia. Retrieved from https://e-estonia.com/wp-content/uploads/faq_ksi_blockchain.pdf.
  18. Egho-Promise, E., Idahosa, S., Asante, G., & Okungbowa, A. (2024). Digital forensic investigation standards in cloud computing. Universal Journal of Computer Sciences and Communications, 3(1), 23-45. doi: 10.31586/ujcsc.2024.923.
  19. European Network of Forensic Science Institutes. (2015). ENFSI guideline for evaluative reporting in forensic science: Strengthening the evaluation of forensic results across Europe (STEOFRAE). Retrieved https://enfsi.eu/wp-content/uploads/2016/09/m1_guideline.pdf.
  20. European Union Agency for Cybersecurity. (2025). Technical implementation guidance. Retrieved from https://www.enisa.europa.eu/sites/default/files/2025-06/ENISA_Technical_implementation_guidance_on_cybersecurity_risk_management_measures_version_1.0.pdf.
  21. Fagbola, F.I., & Venter, H.S. (2022). Smart digital forensic readiness model for shadow IoT devices. Applied Sciences, 12(2), article number 730. doi: 10.3390/app12020730.
  22. Fihurskyi, V.M. (2023). Evidence in electronic form in criminal proceedings. Galician Studies: Law Sciences, 3, 97-105. doi: 10.32782/galician_studies/law-2023-4-14.
  23. Fomina, T.H., & Rachynskyi, O.O. (2023). Electronic evidence in criminal proceedings: Problematic issues of theory and practice. Bulletin of Kharkiv National University of Internal Affairs, 102(3(Part 2)), 207-220. doi: 10.32631/v.2023.3.43.
  24. Friedl, S., & Pernul, G. (2024). IoT forensics readiness – influencing factors. Forensic Science International Digital Investigation, 49, article number 301768. doi: 10.1016/j.fsidi.2024.301768.
  25. Grispos, G., Garcia-Galan, J., Pasquale, L., & Nuseibeh, B. (2017). Are you ready? Towards the engineering of forensic-ready systems. arXivdoi: 10.48550/arXiv.1705.03250.
  26. Ismail, I., & Ariffin, K.A.Z. (2025). The admissibility of digital evidence from open-source forensic tools: Development of a framework for legal acceptance. PLoS ONE, 20(9), article number e0331683. doi: 10.1371/journal.pone.0331683.
  27. ISO/IEC 27037:2012. (2012). Information technology – security techniques – guidelines for identification, collection, acquisition and preservation of digital evidence. Retrieved from https://www.iso.org/standard/44381.html.
  28. Kalancha, I. (2025). Evidence in electronic form in the criminal proceedings of Ukraine: Identification and integrity in the light of the chain of custody concept. Science and Perspectives, 8(51), 206-230. doi: 10.52058/2695-1592-2025-8(51)-206-230.
  29. Kebande, V.R., Karie, N.M., Choo, K.R., & Alawadi, S. (2021). Digital forensic readiness intelligence crime repository. Security and Privacy, 4(3), article number e151. doi: 10.1002/spy2.151.
  30. Kent, K., & Grance, T. (2006). Guide to integrating forensic techniques into incident response. Retrieved from https://csrc.nist.gov/pubs/sp/800/86/final.
  31. Kvashuk, O.D. (2025). The use of electronic evidence in criminal proceedings. Central Ukrainian Journal of Law and Public Management, 2, 50-56. doi: 10.32782/cuj-2025-2-5.
  32. Loskutov, T., Yunin, O., Verbytskyi, V., Momotenko, T., & Smirnov, A. (2023). Methods of information security in the investigation of corruption offencesLex Humana, 16(1), 328-344.
  33. Makura, S., Venter, H.S., Kebande, V.R., Karie, N.M., Ikuesan, R.A., & Alawadi, S. (2021). Digital forensic readiness in operational cloud leveraging ISO/IEC 27043 guidelines on security monitoring. Security and Privacy, 4(3), article number e149. doi: 10.1002/spy2.149.
  34. Mastering digital forensics: An ultra-extensive guide to investigations, tools, and techniques. (n.d.). Retrieved from https://securedebug.com/digital-forensics-investigations-tools-techniques/.
  35. Milimko, L.V., & Zhydovtsev, Y.V. (2025). Electronic evidence in criminal proceedings of Ukraine. Uzhhorod National University Herald, Series Law, 3(88), 302-308. doi: 10.24144/2307-3322.2025.88.3.45.
  36. Nath, S., Summers, K., Baek, J., & Ahn, G.-J. (2024). Digital evidence chain of custody: Navigating new realities of digital forensics. In 2024 IEEE 8th international conference on trust, privacy and security in intelligent systems, and applications (TPS-ISA) (pp. 11-20). Washington: Institute of Electrical and Electronics Engineers. doi: 10.1109/TPS-ISA62245.2024.00012.
  37. Office of the Attorney General. (n.d.). Single criminal offense report. Retrieved from https://data.gov.ua/dataset/8b9b1677-2407-454a-bfa7-76eb638c0ea1.
  38. Pasquale, L., Yu, Y., Cavallaro, L., Salehie, M., Tun, T.T., & Nuseibeh, B. (2013). Engineering adaptive digital investigations using forensics requirements. In 2013 21st IEEE international requirements engineering conference (RE) (pp. 340-341). Rio de Janeiro: Institute of Electrical and Electronics Engineers. doi: 10.1109/RE.2013.6636745.
  39. Predmestnikov, O.G., & Bekhter, A.R. (2024). Use of innovative technologies in criminal procedure law: Challenges and opportunities. Uzhhorod National University Herald. Series Law, 3(82), 117-122. doi: 10.24144/2307-3322.2024.82.3.19.
  40. Safie, S.I., Zulkifli, M., Sapry, H.R., & Bashah, S.R.M. (2025). Integrating individual and organizational perspectives: A TAM-TOE framework for ISO 27037 adoption in Malaysian government digital forensics agencies. Journal of Open Innovation Technology Market and Complexity, 11(3), article number 100595. doi: 10.1016/j.joitmc.2025.100595.
  41. Scientific Working Group on Digital Evidence. (2019). SWGDE position on the use of MD5 and SHA1 hash algorithms in digital and multimedia forensics. Retrieved from https://www.swgde.org/wp-content/uploads/2023/11/2019-09-29-SWGDE-Position-on-the-Use-of-MD5-and.pdf.
  42. Supreme Anti-Corruption Court. (2025). Analysis of the implementation of judicial proceedings by the Supreme Anti-Corruption Court in 2024 (as a court of first instance). Retrieved from https://court.gov.ua/storage/portal/hcac/statistics/analyses/justice_24.pdf.
  43. Supreme Court of Ukraine. (2024). The state of the administration of justice in criminal proceedings and cases of administrative offenses by courts of general jurisdiction in 2024. Retrieved from https://court.gov.ua/storage/portal/supreme/Analyz_zdijsnenna_pravosydda_2024.pdf.