The Association of Digital Forensics, Security and Law (ADFSL)


As the world becomes increasingly dependent on technology, researchers in both industry and academia endeavor to understand how technology is used, the impact it has on everyday life, the artifact life-cycle and overall integrations of digital information. In doing so, researchers are increasingly gathering 'real-world' or 'in-the-wild' residual data, obtained from a variety of sources, without the explicit consent of the original owners. This data gathering raises significant concerns regarding privacy, ethics and legislation, as well as practical considerations concerning investigator training, data storage, overall security and data disposal. This research surveys recent studies of residual data gathered in-the-wild and analyzes the challenges that were confronted. Amalgamating these insights, the research presents a compendium of practices for addressing the issues that can arise in-the-wild when conducting residual data research. The practices identified in this research can be used to critique current projects and assess the feasibility of proposed future research.


Belanger, F., & Crossler, R. E. (2011). Privacy in the digital age: a review of information privacy research in information systems. MIS Q., 35(4), 1017-1042.

Berman, K., Glisson, W. B., & Glisson, L. M. (2015). Investigating the Impact of Global Positioning System (GPS) Evidence in Court Cases. Paper presented at the Hawaii International Conference on System Sciences (HICSS-48), Kauai, Hawaii

British Psychological Society. (2010). Code of Human Research Ethics. Retrieved from http://www.bps.org.uk/sites/default/files/documents/code_of_human_research_ethics.pdf

Chamberlain, A., Crabtree, A., Rodden, T., Jones, M., & Rogers, Y. (2012). Research in the wild: understanding 'in the wild' approaches to design and development. Paper presented at the Proceedings of the Designing Interactive Systems Conference, Newcastle Upon Tyne, United Kingdom.

Clarke, R. (1999). Internet privacy concerns confirm the case for intervention. Communications of the ACM, 42(2), 60-67. doi:10.1145/293411.293475

CMS. (2013). HIPAA - General Information. Retrieved from http://www.cms.gov/Regulations-and-Guidance/HIPAA-Administrative-Simplification/HIPAAGenInfo/index.html.

Garfinkel, S., Farrell, P., Roussev, V., & Dinolt, G. (2009). Bringing science to digital forensics with standardized forensic corpora. Digital Investigation, 6(Supplement 1), S2-S11. doi:DOI: 10.1016/j.diin.2009.06.016

Garfinkel, S. L., & Shelat, A. (2003). Remembrance of data passed: a study of disk sanitization practices. Security & Privacy, IEEE, 1(1), 17-27. Retrieved from http://ieeexplore.ieee.or/xpls/abs_all.jsp?arnumber=5558244

Gartner. (2012). Gartner Says That Consumers Will Store More Than a Third of Their Digital Content in the Cloud by 2016. Retrieved from http://www.gartner.com/it/page.jsp?id=2060215

Gartner. (2016). Gartner Says Global Smartphone Sales to Only Grow 7 Per Cent in 2016. Retrieved from http://www.gartner.com/newsroom/id/3270418

Glisson, W. B., & Storer, T. (2013). Investigating Information Security Risks of Mobile Device Use Within Organizations Paper presented at the Americas Conference on Information Systems (AMCIS). http://amcis2013.aisnet.org/

Glisson, W. B., Storer, T., Mayall, G., Moug, I., & Grispos, G. (2011). Electronic retention: what does your mobile phone reveal about you? International Journal of Information Security, 10(6), 337-349. doi:10.1007/s10207-011-0144-3

Grispos, G., Glisson, W. B., Pardue, J. H., & Dickson, M. (2015). Identifying User Behavior from Residual Data in Cloud-based Synchronized Apps. Journal of Information Systems Applied Research, 8(2), 4-14

Grispos, G., Storer, T., & Glisson, W. B. (2012). Calm Before the Storm: The Challenges of Cloud Computing in Digital Forensics (pp. 28-48): IGI Global.

Hagen, P., Robertson, T., Kan, M., & Sadler, K. (2005). Emerging research methods for understanding mobile technology use. Paper presented at the Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future, Canberra, Australia.

Health.com. (2010). 10 Jobs With High Depression Rates. Forbes. Retrieved from http://www.health.com/health/gallery/0,,20428990,00.html

Information Commissioner's Office. (2012). Guidance on the use of cloud computing. Retrieved from http://ico.org.uk/for_organisations/data_protection/topic_guides/online/cloud_computing

International Telecommunication Union. (2015). ITU releases 2015 ICT figures. Retrieved from https://www.itu.int/net/pressoffice/press_releases/2015/17.aspx

Jones, A., Dardick, G. S., Davies, G., Sutherland, I., & Valli, C. (2009). The 2008 Analysis of Information Remaining on Disks Offered for Sale on the Second Hand Market. Journal of International Commercial Law and Technology, 4(3). Retrieved from http://www.jiclt.com/index.php/jiclt/index

Jones, A., Valli, C., & Dabibi, G. (2009). The 2009 Analysis of Information Remaining on USB Storage Devices Offered for Sale on the Second Hand Market. Paper presented at the Australian Digital Forensics Conference, Perth, Australia. http://ro.ecu.edu.au/adf/61/

Jones, A., Valli, C., Sutherland, I., & Thomas, P. (2008). An Analysis of Information Remaining on Disks offered for sale on the second hand market. Journal of

Journal of Digital Forensics, Security and Law, Vol. 9(2)

Digital Security, Forensics & Law 3(1). Retrieved from http://www.jdfsl.org/Issues/JDFSL-v3n1.pdf

McMillan, J., Glisson, W. B., & Bromby, M. (2013). Investigating the Increase in Mobile Phone Evidence in Criminal Activities. Paper presented at the Hawaii International Conference on System Sciences (HICSS-46), Wailea, Hawaii.

Rogers, Y. (2011). Interaction design gone wild: striving for wild theory. interactions, 18(4), 58-62. doi:10.1145/1978822.1978834

Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: an interdisciplinary review. MIS Q., 35(4), 989-1016.

Smith, H. J., & Milberg, S. J. (1996). Information privacy: measuring individuals' concerns about organizational practices. MIS Q., 20(2), 167-196. doi:10.2307/249477

Szewczyk, P., & Sansurooah, K. (2011). A 2011 investigation into remnant data on second hand memory cards sold in Australia. Paper presented at the 9th Australian Digital Forensics Conference Perth, Western Australia.

UK Parliament. (1990, 2000). Computer Misuse Act 1990. Retrieved from http://www.opsi.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm

UK Parliament. (1998). Data Protection Act 1998. Retrieved from http://www.legislation.gov.uk/ukpga/1998/29/section/2

Wolthusen, S. D. (2009, 15-17 Sept. 2009). Overcast: Forensic Discovery in Cloud Environments. Paper presented at the IT Security Incident Management and IT Forensics, 2009. IMF '09. Fifth International Conference on.

Working Party. (2012). Opinion 05/2012 on Cloud Computing Retrieved from http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp196_en.pdf




To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.