Digital forensics examiners all confront ethical dilemmas made possible because they use privileged access to information systems and data, and because their services are almost always engaged incident to controversies. Examiners at one time or another will be exposed to trade secrets, threats to national security, information that private parties may pay handsomely for (or for the spoliation thereof), and highly personal information, including diaries, notes, personal photographs, and the like. Evidence found, overlooked, or determined not to exist by an examiner may decide the outcome of a multi-million dollar case, whether someone is imprisoned or set free, or which parent will be awarded custody of a child.

In fact, examiners are ill prepared to solve these dilemmas. The reasons include the lack of industry regulation, a paucity of ethics coverage in training curricula, and that the law applied to this subject matter is not well settled.1 Arguably, what is needed in the digital forensics profession is some combination of “good moral character,”2 an above-average understanding of evolving law, a well-drafted engagement contract, and continuing ethics training. Such a combination might equip the examiner either with the ability to answer some of the questions, or at least to spot the dilemma, so that he or she can seek advice from a mentor or legal counsel.

The profession has, for its part, endeavored to provide examiners with a framework within which the digital forensics examiner must not only recognize, classify, and manage ethical dilemmas, but also respect boundaries and honor obligations. This framework is the code of ethics, and this comment is intended to examine the need for and contours of these codes.3

The Need for Professional Ethics in Digital Forensics
The relatively recent and rapid evolution of computers and information systems has resulted in novel capabilities to store, retrieve, and process information. In just the few years preceding this writing, new fields of expertise, such as “ethical hacking” and cloud forensics4 have emerged, all of which have added to the “huge demand” for highly educated specialists in the discipline of digital forensics.5 Likewise, the capabilities made possible by the evolution of computers and information systems have given rise to novel controversies regarding boundaries and obligations, intellectual property rights, privacy rights, diplomatic relations and military affairs, critical infrastructure, and the public welfare. Although some controversies can (and should) be anticipated and prospectively addressed by contract, the remainder, whether novel or familiar, are to be resolved in civilized societies by the courts of law.6 But both civil and criminal law has failed to keep pace with technological and societal trends catalyzed by technological advances.7 For example, neither statutory language of the Electronic Communications Privacy Act nor its legislative history makes any reference to the Internet.8 And even where the law may seem certain, pursuing a judicial remedy is costly and burdensome. Consequently, certifying organizations have adopted a code of professional ethics to provide examiners with the framework necessary to avoid or mitigate liabilities likely to require judicial remedies or likely to bring disrepute to the organization.9 In this regard, the code of ethics provides articulable principles against which one’s decision-making is objectively measured. Codes of ethics serve other important interests, including presenting an image of prestige and credibility for the organization and the profession,10 eliminating unfair competition,11 and fostering cooperation among professionals.12

One way to define codes of ethics may be to suggest what the code of ethics is not: first and foremost, it should not be regarded as mere aspirational platitudes. And, it is neither an approximation of nor a substitute for the law. Rather, the code of ethics is designed to establish a minimum standard of acceptable conduct for all reasonably foreseeable activities within the profession. Such activities include: representations of one’s skills and expertise; research; interactions with clients, supervisors, government authorities, judicial officers, and attorneys; collection, preservation, and analysis of evidence; testing (i.e., validation of hardware and software tools), consultation (advising); report writing; testifying; mentoring; teaching; and continuing education. Further, as discussed above, cyber forensics involves recognizing, classifying, and managing ethical dilemmas, respecting boundaries, and honoring obligations. In light of the wide range of cyber forensics activities, one other thing to say the code is not is an exhaustive list of prohibited behaviors or of permissible behaviors.

Although codes of ethics maybe somewhat prescriptive, prohibitive, or a combination of both, they are intended to provide guidance for reasonable persons acting in good faith. What this means is that not every proper behavior can feasibly be enumerated (and if every conceivable prohibited behavior was attempted to be enumerated, the improper ones omitted might be construed as permissible loopholes).13 Therefore, codes of ethics typically are purposefully broad and vague.14 This differs significantly from the criminal law, which must be written such that a reasonable person of ordinary intelligence would understand what conduct is prohibited. And, although codes of ethics do not enumerate every possible prohibited act, they often do prescribe proper behavior in hortatory terms, and are otherwise presumptive: Examiners are presumed to possess good moral character15 and de minimus experience and training regarding, among other things: separation of duties; the criminal law applicable to digital forensics investigations; intellectual property law (e.g., trade secrets and copyright), the duty of reasonable care; the duties of loyalty, independence, and confidentiality; and contractual obligations.16

Although the code is not law,17 conduct in violation thereof is likely to harm others, and may expose the examiner to criminal liability, sanctions by a court, damages liabilities in a civil suit, or other adverse consequences. Moreover, conduct or ethical decision-making that clearly falls outside the code of ethics may be the examiner’s ruination, because reputation is the examiner’s most important asset. Thus, no less important than competence is compliance with the code, which in turn demands consistent, informed ethical decision-making.

Ethical Decision Making
As mentioned above, an examiner is uniquely situated by the nature of the work to engage in conduct that, even if not unlawful, is nonetheless tortious, in breach of contract, offensive, “improper,” or unethical. Accordingly, ethical decision-making is dictated by a varying combination of law, ethics, and morals, and the management of ethical issues is the “behavior” component about which legal, moral, and ethical obligations are chiefly concerned. But one cannot manage an issue without first successfully discerning it and classifying it. So, whereas criminal law and contract law endeavor to take the guesswork out of discernment and classification (i.e., prohibited acts are rendered in black and white), ethical problems very often appear in chiaroscuro. For this reason, effective training in professional ethics doesn’t primarily consist of rote memorization of rules, but instead must prepare the examiner in the art of ethical issue spotting. Similarly, an effective code of ethics consists not only of certain static core principles, but also may consist of components that can be adapted over time to keep pace with the law and with professional norms (“ethics”).

“Ethics” is a word derived from the ancient Greek ethikos, meaning “moral, showing moral character,” and has alternatively been defined as “a custom or usage.”18 Modernly, ethics is understood to be “[professional] norms shared by a group on a basis of mutual and usually reciprocal recognition.”19 In order to effectively spot ethical problems, an examiner must therefore be familiar with the law and professional norms governing the cyber forensics discipline, and this familiarity is one of several presumptions incorporated into the code of ethics. With this presumption in mind, ethical decision-making in digital forensics work consists of one or more of the following: 1) honesty; 2) prudence; and 3) compliance with the law and professional norms.

The first of these principles, honesty and truthfulness, is particularly vexing, because ethical decisions cannot reliably and consistently be made without good moral character, and because it is widely believed that the further one is from the adverse consequences of his or her actions, and the greater the reward, the more likely he or she will do the expedient thing.20 Although, research suggests this may be an overly pessimistic view,21 the dishonest examiner cannot be bound by any code of ethics, because the code is adopted primarily through the “honor system,” rather than reward and deterrence. Pervasive dishonesty must be dealt with through policies that are preventive (i.e., barring applicants inclined toward dishonesty prior to entry into the profession) or corrective (removing practitioners who commit acts in violation of the code), and few mechanisms are in place—other than market forces or legal action—to accomplish either. Even if the profession had robust self-regulation, the established models of other professions have been roundly criticized as corrupt or ineffective.22 Therefore, because a code of ethics requires this “good moral character” to have any efficacy, it is considered a prerequisite for every entrant into the profession (and is another presumption incorporated therein).

The second and third principles mentioned above—prudence and compliance with the law and professional norms—are of equal importance to truthfulness and honesty. Prudence does not here mean caution, but means “the ability to govern and discipline oneself by the use of reason.”23 Prudence is regarded as auriga virtutum (the charioteer of the virtues), and has been characterized as the “right reason which . . . directs the acts of justice, fortitude, temperance, and the annexed virtues.”24 Prudence guides these other virtues by setting rule and measure, and would likely be evaluated by the courts against an objective “reasonable person” standard.25 Although prudence usually comes with experience and training, it also is a presumption incorporated into the code of ethics, just as is familiarity with and fealty to the law and professional norms.

Ethics Training for the Profession
Currently, education and training in the digital forensics disciplines is focused primarily on technical competency,26 with much lesser emphasis on the significant legal and ethical challenges confronting examiners. At the time of this writing, at least one academic program does include digital forensics ethics as a separate component.27 Also, much of the informal writing on the topic of ethics is limited to the examiner’s duty to search for exculpatory evidence in addition to the evidence that tends to support the theory of the case asserted by the party who engaged the examiner.28 Therefore, until and unless digital forensics curricula uniformly implement ethics training on par with technical training, and unless new entrants to the profession are required to demonstrate competency in the topic of ethics (such as by written examination), cyber forensics examiners will remain ill-prepared to meet these legal and ethical challenges.29 And this possibility has not gone unnoticed by the courts:

One survey of civil trials estimated that experts appear in 86% of the cases with an average of 3.8 experts per trial. While expert witnesses are appearing in civil cases in increasing numbers, the topic of expert witness ethics and professionalism is largely undeveloped and there are few definitive statements about what exactly the expert witness's ethical obligations are and how they are to handle the subtle as well as the more blatant attempts to influence them . . . . Even where professional associations have established ethical guidelines for conducting investigations, forming opinions, and writing reports, very few explain how the ethical boundaries imposed on judges and lawyers may bear on the performance of their role in the legal system regardless of whether they are employed as a retained forensic expert for one of the parties or as a court-appointed expert.30

Regulation of the Profession
Some of the contemporary informal writing by respected scholars who have considered the codes of ethics in digital forensics suggests that they are inadequate at protecting the integrity of the profession:

The problem with a field like computer forensics is the lack of universally accepted standards that anyone can view and at least have an idea of the level of competency of the expert. Other experts require some sort of professional licensing specific to their field: Certified public accountants, doctors, professional engineers, lawyers[,] etc.[,] where they have had to pass some sort of board certification prior to being allowed to practice. Of course it was not always that way for those professions in the early days, before such boards and licensing bodies were formed. And that is the state of computer forensics today.31

The American Bar Association posits that “investigation and expert testimony in computer forensics and network testing should be based upon the current state of science and technology, best practices in the industry, and knowledge, skills, and education of the expert.”32 Because there are no digital forensics licensing bodies in the United States,33 qualifications are determined by reputational standing, competency tests, fealty to a code of ethics, and membership application screening by certifying organizations. The membership prerequisites designed to screen out unqualified and “unsavory” applicants are often counterparts to the codes of ethics. For example, the International Society of Forensic Computer Examiners (ISFCE) rejects applicants who have a criminal record as defined by the ISFCE for the reason that “An examiner with a criminal record may result in credibility issues in professional settings,” and therefore requires all applicants to submit to a criminal background check. Several states do, however, require digital forensics examiners to be licensed as private investigators.34 The Texas Private Security Bureau, a statutory division of the Department of Public Safety, requires applicants to pay annual fees, tender fingerprint cards, subject to a criminal background check, provide evidence of training and experience, and provide proof of liability insurance.35 And, although most private digital forensics organizations do impose a code of ethics as a condition of membership,36 there is little known about the frequency or efficacy of evangelization or enforcement. Other than the criminal or civil law remedies available in limited circumstances, the only regulatory enforcement mechanisms for regulation of the profession are “loss of reputation and business.”37 In contrast, the legal profession is regulated by states’ supreme courts, most of which have adopted the ABA model rules.38 And, although there has long been criticism of the self-regulation model,39 lawyers are generally cognizant of attorney regulation, are required to take ethics continuing education annually, and most were required to pass a course on professional responsibility in law school,40 and to take the Multistate Professional Responsibility Examination.41

Read about the legal issues surrounding Professional Ethics in the Digital Forensics Discipline in part two of this article appearing in the next issue of DFI News.


1. “Forensic” means “used in or suitable to courts of law,” Black’s Law Dictionary 721 (9th ed. 2009).which is where many cyber forensics examiners will eventually find themselves and their work subjected to the most scrutiny.  Although not all examiners will create work product for use in litigation, most will, and those who do not expect to (such as investigations in a corporate setting), may nevertheless be haled into court to explain their findings when litigation ensues.  Therefore, this comment necessarily has been drafted with the presumption that the majority of digital forensics practitioners will be engaged by an attorney, but will not have had a formal legal education.

2. Gary Palmer, A Road Map for Digital Forensic Research, DFRWS 16 (Nov. 6, 2001),  See also The Sedona Conference® Glossary:E-Discovery & Digital Information Management (3d ed. 2010), available at (last retrieved June 17, 2013  For “[f]orensics”:

The scientific examination and analysis of data held on, or retrieved from, ESI in such a way that the information can be used as evidence in a court of law. It may include the secure collection of computer data; the examination of suspect data to determine details such as origin and content; the presentation of computer based information to courts of law; and the application of a country’s laws to computer practice. Forensics may involve recreating “deleted” or missing files from hard drives, validating dates and logged in authors/editors of documents, and certifying key elements of documents and/or hardware for legal purposes.

Id. at 23.

3.The so-called “Golden Rule,” also known as the “ethic of reciprocity.” See Antony Flew, ed. (1979). “golden rule.” A Dictionary of Philosophy. London: Pan Books in association with The MacMillan Press.  at 134 (“The maxim ‘Treat others how you wish to be treated.’  Various expressions of this fundamental moral rule are to be found in tenets of most religions and creeds through the ages, testifying to its universal applicability.”).

4. See Hoffman, Kamm, Frederick, & Petry, The Ethics of Accounting and Finance: Trust, Responsibility, and Control. Westport, CT: Quorum Books, 1996), Note 25 (“Merrill Lynch chairman Daniel P. Tully asks Merrill employees to take the ‘New York Times’ test: As an employee, is there anything you do that you would not want displayed on the front page of the New York Times? This is also referred to as the “60 Minutes” or ‘Mike Wallace’ test.”).

5. These topical areas include, but are not limited to, agency law, intellectual property law, criminal law, contract law, and tort law.

6.Crossing the Line: Ethics for the Security Professional, SANS Institute (2003).

7. “Good moral character” is codified in 8 C.F.R. § 316.10 as the absence of certain enumerated offenses, behaviors, and conduct involving moral turpitude.  Rule X of the California Rules Regulating Admission to Practice Law provides that the term “good moral character” includes the qualities of honesty, fairness, candor, trustworthiness, observance of fiduciary responsibility, respect for and obedience to the laws of the state and the nation and respect for the rights of others and for the judicial process.

8. The focus of this Comment is the ethical dilemmas that occur in digital forensics work.  For a more broad discussion of computer ethics and its origin, see Official (ISC)2 Guide to the CISSP CBK: 3rd Ed. (chapter contributed by Rebecca Herold, setting forth the history of “computer ethics.”  A derivative work by the same author is found at

9. See, e.g., Office of Justice Programs, U.S. Dep’t of Justice, OMB No. 1121-0329, Solicitation: Electronic Crime and Digital Evidence Recovery(Mar. 31, 2010), available at (last retrieved June 17, 2013)(“NIJ seeks proposals for research and technology development leading to the introduction into practice of forensic tools that can overcome the challenges of the Cloud computing environment.”); Joe McKendrick, Cloud Forensics: New Practice Emerges Out of Necessity, SmartPlanet, (Jan. 31., 2011, 9:39 AM), (last retrieved June 17, 2013)

10. Nelson, Phillips, & Steuart (2010). Guide to computer forensics and investigations. (p. 508). Course Technology Ptr.

11. See generally Lon L. Fuller, Law as an Instrument of Social Control and Law as a Facilitation of Human Interaction, 1975 BYU L. Rev. 89 (1975) (positing that the law is simultaneously a means of social control, a means of facilitating human interaction, and the realization of reciprocal expectancies).

12. See, e.g., Helft & Miller, 1986 Privacy Law Is Outrun by the Web,The New York Times (January 09, 2011); Orin S. Kerr, “A User's Guide to the Stored Communications Act, and a Legislator's Guide to Amending It.” Geo Wash L. Rev. 72 (2004): 1208; The Electronic Communications Privacy Act: Promoting Security and Protecting Privacy in the Digital Age. Hearing of the Senate Committee on the Judiciary, September 22, 2010 (“[b]ringing this privacy law into the Digital Age will be one of Congress's greatest challenges . . . the ECPA is a law that is often hampered by conflicting privacy standards that create uncertainty and confusion for law enforcement, the business community and American consumers.”) (Statement of Senator Patrick Leahy (D-Vt.), Chairman, Senate Committee on the Judiciary).

13. Yonatan Lupu, “The Wiretap Act and Web Monitoring: A Breakthrough for Privacy Rights?” 9 VA. J. L. & Tech. 3 (2004); Bosset, Frankel, Friedman & Satterfield, "Private Actions Challenging Online Data Collection Practices are Increasing: Assessing The Legal Landscape," Intellectual Property & Technology Law Journal (February 2011) (“[F]ederal statutes such as the Electronic Communications Privacy Act (ECPA) and the Computer Fraud and Abuse Act (CFAA) . . . were drafted long before today’s online environment could be envisioned”).

14. See John J. Barbara, Ethical Practices in Digital Forensics: Part 1,Digital Forensic Investigator News, April 30, 2013, (last retrieved June 17, 2013) (“Through education, training, and experience, he or she develops and enhances individual technical knowledge, skills, and abilities. This maturation process needs to include adherence to an overriding code of professional conduct or a code of ethical practices. Doing so will provide guidance and direction to the examiner when confronted with moral, professional, or ethical dilemmas.”).

15. See, e.g., Luegenbiehl & Davis, Engineering Codes of Ethics: Analysis and Applications (IIT Center for the Study of Ethics in the Professions, 1986) (Referring to the "Contract with society" theory on the relation between professions and codes of ethics. “According to this approach, a code of ethics is one of those things a group must have before society will recognize it as a profession. The contents of the code are settled by considering what society would accept in exchange for such benefits of professionalism as high income and high prestige. A code is a way to win the advantages society grants only to those imposing certain restraints on themselves.”).

16. See, e.g., Official (ISC)2 Guide to the CISSP CBK: Third Ed., Steven Hernandez  (Ed.). New York: Auerbach Publications, 2012.  (“The code helps to protect professionals from certain stresses and pressures (such as the pressure to cut corners with information security to save money) by making it reasonably likely that most other members of the profession will not take advantage of the resulting conduct of such pressures. An ethics code also protects members of a profession from certain consequences of competition, and encourages cooperation and support among the professionals.”).

17. Id.

18. This author characterizes this concept as the “classic whitelist/blacklist problem.”

19. Justin P. Murphy, Expert Witnesses at Trial: Where Are the Ethics?, 14 Geo. J. Legal Ethics 217, 219 (2000)  (“Guidelines promulgated by professional organizations guidelines are often vague and broad and do little to enforce conduct by experts.”).

20. See Note 7, supra.

21.N.B., the ABA has stated that experts, unlike attorneys, do not owe a “duty of loyalty” to clients. ABA Formal Op. 97-407 (1997).  Nevertheless, the phrase, “duty of loyalty” here is meant as it is applied in trust and corporations law, to the extent that a trustee,  officer, or director is prohibited from engaging in self-dealing, and from having even a potential conflict of personal interest with those of the trust or corporation (the “appearance of impropriety” standard).

22.Consider this as this author’s inartful attempt at word play (based on Professor Larry Lessig’s “Code is Law” theory, in which code is the software and hardware that make cyberspace as it is.  Lessig, L. (2006). Code: And Other Laws of Cyberspace. (2 ed.). New York: Basic Books).

23. Hazard, Jr., Geoffrey C. (1994-1995), “Law, Morals, and Ethics,” Southern Illinois Law Journal, 19, 453

24. Ibid.

25. Maryam Kouchaki, Kristin Smith-Crowe,Arthur, P.Brief, & Carlos Sousa, Organizational Behavior and Human Decision Processes, (2013). Seeing green: Mere exposure to money triggers a business decision frame and unethical outcomes. Retrieved from Elsevier. website: (last retrieved June 17, 2013) (2013 report by University of Utah and Harvard researchers found that individuals who could gain monetarily through unethical behavior were more likely to demonstrate such behavior than those who weren't offered a financial gain).

26. In an experiment focusing on lying behavior with a minimum of social interaction, 20% were untruthful and “act in line with the assumption of payoff-maximization,” 20% were untruthful but did not maximize their payoff, but 39% of the subjects resisted monetary incentives to lie and were honest.Fischbacher, U. and Heusi, F. (2008). “Lies in disguise: An experimental study on cheating.”

Thurgau Institute of Economics Research Paper N0 40.

27. By way of example, the law profession arguably has one of the most comprehensive, uniform, and stringent moral character screening processes of any profession.  But, because entering the mind of applicants is impossible, the determination of an applicant’s moral character depends almost entirely on the applicant’s prior actions. Carol M. Langford, Barbarians at the Bar: Regulation of the Legal Profession Through the Admissions Process, 36 Hofstra L. Rev. 1193 (2008). Despite this, the general population regards lawyers as among the most untrustworthy and corrupt professions. Marc Galanter, The Faces of Mistrust: The Image of Lawyers in Public Opinion, Jokes, and Political Discourse, 66 U. Cin. L. Rev. 805, 809 (1998) (“When, in 1991, a national sample was asked to volunteer ‘what profession or type of worker do you trust the least,’ lawyers were far and away the most frequent response.”).

28. (last retrieved June 17, 2013)

29. Garrigou-Lagrange, R. (1991). The three ages of the interior life: Prelude of eternal life. (Vol. 2). Charlotte, NC: Tan Books Publishers Inc.

30. Cf. Harvard College v. Armory, 9 Pick. (26 Mass.) 446 (Mass. 1830) (articulating the “Prudent man rule,” directing trustees “to observe how men of prudence, discretion, and intelligence manage their own affairs, not in regard to speculation, but in regard to the permanent disposition of their funds, considering the probable income, as well as the probable safety of the capital to be invested.”).

31. Gilbert Whittemore, Report to the House of Delegates, 2008 A.B.A. Sec. Sci. & Tech. L. 2 available at (last retrieved June 17, 2013) (“Numerous professional certifications are available to computer forensic and network testing professionals that are based on rigorous curricula and competency examinations.”).

32. The Volgenau School of Information Technology and Engineering  of the George Mason University Department of Electrical and Computer Engineering offers a class entitled, “Legal and Ethical Issues in Computer Forensics.”

33. See, e.g., John J. Barbara, Ethical Practices in Digital Forensics: Part 2, Digital Forensic Investigator News, May 03, 2013, (last retrieved June 17, 2013)

34. Jerry Wegman, Computer Forensics: Admissibility of Evidence in Criminal Cases, 8 J. Legal Ethical & Reg. Issues 1, 2 (2005) (explaining the evolution of digital forensic experts and the legal challenges they face).

35. Kenneth C. v. Delonda R., No. VXXXXXX/02, 2006 WL 47429, at *8 (N.Y. Fam. Ct. Jan. 4, 2006).

36. Larry E. Daniel, Computer Forensics - Ethics, ExForensis Blog (October 30, 2008), (last retrieved June 17, 2013)

37. Whittemore, supra note 40, at 2. See also Murphy, Note 19, supra, at 235-36 (“[W]ithout a specific organization to oversee and comment upon current expert testimony standards or transgressions . . . it can be difficult to identify and investigate violations within a profession or appraise [sic.] its members of acceptable scientific methods and theories”).                                                                                                                           

38. Nelson, et al., supra Note 10, at 576.

39. E.g.,Mich. Comp. Laws §§ 338.821–338.823 (2011);Tex. Occ. Code §§ 1702.101, 1702.388, 1702.386 (2010); Stephen K. Lubega, Is Your Computer Forensics Expert Required to Have a PI License? 3 Myriad Litigation Solutions (Apr. 2009); John Tredennick, Collecting Computer Data in the U.S.: Pick the Wrong State and You Could Wind Up in Jail, Law Tech. Today 1–2 (July 2008).

40. Tex. Occ. Code §§ 1702.101, et seq.;Texas Administrative Code, Title 37, Part 1, Chapter 35

41. See, e.g., Code of Ethics, EC-Council, (last retrieved June 17, 2013); Code of Ethics and Professional Responsibility, Int’l Soc’y of Forensic Computer Examiners, (last retrieved June 17, 2013); HTCIA Bylaws, High Tech. Crime Investigation Ass’n (2010), (ICS)2 Code of Ethics, (ICS)2, (last retrieved June 17, 2013); Code of Ethics and Conduct, CyberSecurity Inst., (last retrieved June 17, 2013); GIAC Code of Ethics, (last retrieved June 17, 2013); New Membership: Code of Ethics, Int’l Ass’n of Computer Investigative Specialists, (last retrieved June 17, 2013).

Sean Harrington is a cyber security policy analyst and information security risk assessor in the banking industry, as well as a digital forensics examiner in private practice. He is a graduate with honors from Taft Law School, and holds the CCFP, MCSE, CISSP, CHFI, and CSOXP certifications. Harrington has served on the board of the Minnesota Chapter of the High Technology Crime Investigation Association, is a current member of InfraGard, the Financial Services Roundtable’s legislative and regulatory working groups, FS-ISAC, and is a council member of the Minnesota State Bar Association’s Computer & Technology Law Section. Harrington teaches computer forensics for Century College in Minnesota, and recently contributed a chapter on the Code of Ethics for the forthcoming Official (ISC)2® Guide to the Cyber Forensics Certified Professional CBK®, and is an instructor for the new CCFP certification.