Allegations have been raised that Kenya’s electoral digital systems for verifying voters, capturing, transmitting and storing election results might have been tampered with.

Bomas of Kenya, the nerve centre of tallying the presidential election, was even described as a crime scene by some.

To substantiate these allegations in court, digital evidence must be expertly collected and well-preserved.

Here, evidence refers to physical devices such as computers, mobile phones and network devices, as well as the system logs and data generated by them.

The Kiems kits, data transmission networks, system’s memory, other devices used by the staff to facilitate the election, including the data portal, may very well have been compromised – but proof is needed to back the claim.

If there is delay in its collection, the culprits can covertly conceal their tracks.

Malpractice has been suspected on the part of some of the Independent Electoral and Boundaries Commission employees.

It’s ironic that the same staff are still handling digital systems, which may be under investigation. There has not been a call for detectives to assist with the collection of evidence. How can an accused party keep custody of potentially crucial evidence?

Digital evidence collection is tricky and should only be attempted by professionals. Professionals in this field are able to perform media, network and software analyses in order to recover forensically valuable evidence.

Upon seizing the evidence, actions must be taken not to change it because if altered, it’s no longer admissible in a court of law.

All the activity relating to the seizure, access, storage and transfer of digital material must be fully documented, preserved and available for review.

Where it doesn’t make sense to cart away the original material, for example, the hard drives, a copy can be carefully made and preserved in a way that clearly shows that it represents the original.

Individuals or agencies responsible for collecting and preserving forensic evidence follow strict modus operandi.

The citizen’s role is to alert the necessary authorities so that they can get in and safeguard the evidence.

Digital evidence is not usually collected when the systems are running – unless the system is not mission-critical.

It is recommended that the systems be taken offline, a backup made, and the backup used to investigate the incident.

No matter how persuasive the evidence may be, it can be thrown out of court if somehow it was altered in one way or another during its collection. But those who maliciously alter it are culpable and liable to prosecution.

As a final note, Kenya is launching many mission-critical systems, such as the Huduma Namba.

An army of experienced and vetted forensic experts is needed to maintain their integrity. Moreover, we need to invest in people, processes and technologies to protect them.

If not, ill-meaning people will inevitably hang us out to dry.