In honor of American Archives Month 2014, we would like to introduce FRED (Forensic Recovery of Evidence Device), a valuable member of the Getty’s Institutional Records and Archives team!
FRED employs technology typically used by law enforcement agencies to investigate digital evidence to help us process born-digital archival materials. Born-digital materials are anything that has been created digitally and can include email, word processing files, photographs, audio and video files, web pages, and even digital art installations.
An unprocessed archive used to mean boxes and paper and dust. While we still have our fair share of these things in the Archives, increasingly we receive boxes with hard drives or CD’s or floppy discs. Sometimes, an archival collection will even include an entire laptop!
In the Getty’s Institutional Archives we’re currently working with departments at the Getty to archive project files that exist only on shared network drives. Some of these project archives contain over 12,000 files that have been created over the course of 15 years by a number of different people on a number of different computer systems.
Much like evidence in a criminal or civil case, we have to be able to guarantee the authenticity of our archival materials. When faced with a collection of 12,000 files, that can be a daunting task. FRED can ingest all of these files, creating an exact copy for processing and preservation purposes, while preventing any modification to the original. (Something as simple as opening or moving a file on a personal computer can change valuable data about the file such as dates created or modified.) FRED also verifies that all of the bits and bytes are accounted for by comparing the copied material to the original.
Once we’ve created our working copy, we can begin to use FRED and the accompanying forensic software, called FTK (Forensic Toolkit), to begin processing the material. Much like detectives weeding through computer systems looking for key evidence, we need to be able to access information hidden in obsolete file formats, like WordPerfect files from the ’90s, and quickly hone in on any sensitive details. FTK is able to identify and preview the contents of hundreds of file formats, including photo, audio, and video files.
We can then evaluate the material and determine what we should preserve in perpetuity and what should be weeded out (if anything). For example, we would keep the final version of a report but would probably weed out duplicates or drafts of the report. FTK also includes a powerful search function that can, among other things, pattern-search for Social Security and credit cards numbers. This allows us to flag and remove this sensitive personal information from the collection without having to look through all 12,000 files.
While procedures for processing born-digital archives are still in an early and experimental phase here at the Getty, with FRED on the case, we’re well on the road to becoming archival detectives.
Comments on this post are now closed.