10.2190/WR.13.2.e 00206214H6287837 5 Forensic Computing in the Workplace: Hegemony, Ideology, and the Perfect Panopticon? 167 183 20081118 20081118 20081118 20081118 00206214H6287837.pdf http://baywood.metapress.com/link.asp?target=contribution&id=00206214H6287837 2 Bernd Carsten Stahl De Montfort University, Leicester, United Kingdom Forensic computing is an emerging academic discipline and professional field. Most publications in the area concentrate on technical issues related to the provision of digital evidence that can stand up to scrutiny in a court of law. There is a generally shared assumption that forensic computing activities are legitimate and in the best interests of society. This article aims to shed doubt on that prevailing narrative. The article uses some of the concepts of critical theory as applied in critical research in information systems and critical legal studies to point to some potential problems of forensic computing in the workplace. Drawing on traditional critical theory, the article argues that forensic computing can be used as a hegemonic means to uphold ideology even when it is used in law enforcement. Further problems arise due to the use of forensic computing by private organisations. An obvious use to which forensic computing can be put in corporations is that of employee surveillance. The parallel between forensic computing and the Panopticon is explored. The article concludes by discussing the relationship between the different critical approaches and the ways in which these approaches can inform us about the future use of forensic computing in the workplace. ACPO. n.d. <b><i>Good practice guide for computer based electronic evidence.</i></b> Retrieved from <a target="_blank" href='http://www.acpo.police.uk/asp/policies/Data/gpg_computer_based_evidence_v3.pdf'>www.acpo.police.uk/asp/policies/Data/gpg_computer_based_evidence_v3.pdf</a> Adam, A. 2005. <b><i>Gender, ethics and information technology.</i></b> Basingstoke, UK: Palgrave Macmillan. Ashendon, S., & Owen, D. 1999. <b><i>Foucault contra Habermas: Recasting the dialogue between genealogy and critical theory.</i></b> London: Sage. Bloomfield, B. P., & Coombs, R. 1992. Information technology, control, and power: The centralization and decentralization debate revisited. <b><i>Journal of Management Studies</i></b>, 29: 459-484. Caloyannides, M. A. 2006. Digital "evidence" is often evidence of nothing. In P. Kanellis, E. Kiountouzis, N. Kolokotronis, & D. Martakos (Eds.), <b><i>Digital crime and forensic science in cyberspace:</i></b> 334-339. Hershey, PA: Idea Group. Casey, E. 2006. Investigating sophisticated security breaches. <b><i>Communications of the ACM</i></b>, 49(2): 48-54. Fitzpatrick, P., & Hunt, A. 1987. <b><i>Critical legal studies.</i></b> Oxford: Blackwell. Foucault, M. 1971. <b><i>L'ordre du discours.</i></b> Paris: Gallimard. Foucault, M. 1975. <b><i>Surveiller et punir: Naissance de la prison.</i></b> Paris: Gallimard. Foucault, M. 1976. <b><i>Histoire de la sexualité I: La volonté de savoir.</i></b> Paris: Gallimard. Freeden, M. 2003. <b><i>Ideology—A very short introduction.</i></b> Oxford: Oxford University Press. Gouldner, A. W. 1976. <b><i>The dialectic of ideology and technology: The origins, grammar and future of ideology.</i></b> London: Macmillan. Grint, K., & Woolgar, S. 1997. <b><i>The machine at work: Technology, work, and organization.</i></b> Cambridge, UK: Blackwell. Harris, R. 2006. Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem. <b><i>Digital Investigation</i></b>, 3: S44-S49. Harvey, L. 1990. <b><i>Critical social research.</i></b> London: Unwin Hyman. Hawkes, D. 2003. <b><i>Ideology</i></b> (2nd ed.). London: Routledge. Howcroft, D., & Trauth, E. 2005. <b><i>Handbook of critical information systems research: Theory and application.</i></b> Cheltenham, UK: Edward Elgar. Introna, L. 2001. Workplace surveillance, privacy, and distributive justice. In R. A. Spinello & H. T. Tavani (Eds.), <b><i>Readings in cyberethics</i>:</b> 418-429. Sudbury, MA: Jones and Bartlett. Kelly, M. 1994. <b><i>Critique and power: Recasting the Foucault/Habermas debate.</i></b> Cambridge, MA: MIT Press. Kelman, M. 1987. <b><i>A guide to critical legal studies.</i></b> Cambridge, MA: Harvard University Press. Kenneally, E. 2002. Computer forensics: Beyond the buzzword. <b><i>;login:</i></b>, 27(4): 8-11. Kincheloe, J. L., & McLaren, P. 2005. Rethinking critical theory and qualitative research. In N. K. Denzin & Y. S. Lincoln (Eds.), <b><i>The SAGE handbook of qualitative research</i></b> (3rd ed.): 305-342. Thousand Oaks, CA: Sage. Kohli, R., & Kettinger, W. J. 2004. Informating the clan: Controlling physicians' costs and outcomes. <b><i>MIS Quarterly</i></b>, 28(3): 363-394. Malinowski, C. 2006. Training the cyber investigator. In P. Kanellis, E. Kiountouzis, N. Kolokotronis, & D. Martakos (Eds.), <b><i>Digital crime and forensic science in cyberspace</i>:</b> 311-333. Hershey. PA: Idea Group. Mansell, W., Meteyard, B., & Thomson, A. 1999. <b><i>A critical introduction to law</i></b> (2nd ed.). London: Cavendish Publishing. McLellan, D. 1995. <b><i>Ideology</i></b> (2nd ed.). Buckingham, UK: Open University Press. Mitrakas, A., & Zaitch, D. 2006. In P. Kanellis, E. Kiountouzis, N. Kolokotronis, & D. Martakos (Eds.), <b><i>Digital crime and forensic science in cyberspace</i>:</b> 267-290. Hershey, PA: Idea Group. Mumford, E. 1999. <b><i>Dangerous decisions—Problem solving in tomorrow's world.</i></b> New York: Kluwer Academic/Plenum Publishing. Myers, M., & Rogers, M. 2004. Computer forensics: The need for standardization and certification. <b><i>International Journal of Digital Evidence</i></b>, 3(2): 1-11. Newsham, T., Palmer, C., Stamos, A., & Burns, J. 2007. <b><i>Breaking forensics software: Weaknesses in critical evidence collection.</i></b> Retrieved from <a target="_blank" href='http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Slides.BH2007.pdf'>www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Slides.BH2007.pdf</a> Nissenbaum, H. 2005. Where computer security meets national security. <b><i>Ethics and Information Technology</i></b>, 7(2): 61-73. Nye, D. 2002. The "privacy in employment" critique: A consideration of some of the arguments for "ethical" HRM professional practice. <b><i>Business Ethics: A European Review</i></b>, 11(3): 224-232. Poullet, Y. 2004. The fight against crime and/or the protection of privacy: A thorny debate! <b><i>International Review of Law, Computers and Technology</i></b>, 18(2): 251-273. Privacy Rights Clearinghouse. 2004. <b><i>A review of the fair information principles: The foundation of privacy public policy.</i></b> Retrieved from <a target="_blank" href='http://www.privacyrights.org/ar/fairinfo.htm'>www.privacyrights.org/ar/fairinfo.htm</a> Stahl, B. C. 2004. Whose discourse? A comparison of the Foucauldian and Habermasian concepts of discourse in critical IS research. <b><i>Proceedings of the Tenth Americas Conference on Information Systems:</i></b> 4329-4336. Stahl, B. C. 2006. Is forensic computing a profession? Revisiting an old debate in a new field. <b><i>Journal of Digital Forensics, Security and Law</i></b>, 1(4): 49-66. Stahl, B. C. 2007. <b><i>Prolegomena to a critical investigation of forensic computing.</i></b> Unpublished LLM thesis, De Montfort University, Leicester, UK. Stahl, B. C. 2008a. The impact of the UK Human Rights Act 1998 on privacy protection in the workplace. In R. Subramanian (Ed.), <b><i>Computer security, privacy, and politics: Current issues, challenges, and solutions:</i></b> 55-68. Hershey, PA: Idea Group. Stahl, B. C. 2008b. <b><i>Information systems: Critical perspectives.</i></b> London: Routledge. Wall, C., & Paroff, J. 2005. Cracking the computer forensics mystery. <b><i>The Computer and Internet Lawyer</i></b>, 22(4): 1-6 Weckert, J. 2005. <b><i>Electronic monitoring in the workplace: Controversies and solutions.</i></b> Hershey, PA: Idea Group.