NoLeaks
eIDAS

digital evidence service

The NoLeaks Notary service collects evidence of personal data processing on web-pages for court proceedings. The service based on open source software tool that takes digitally signed snapshots of web-pages. The project published on GitHub under GNU General Public License allowing technology experts to audit the source code and increase public awareness on the methods and the value of the inspections.

Legal basis

The service maintains the highest degree of provenance, integrity, accountability and independence of gathered evidence compliant to:

In notarization process the service applies strong cryptography, Time Stamping Authority and Public Key Infrastructure resources derived from GlobalSign - the European qualified trust service provider. The Notary builds the trust to electronic data accepted as evidence, since the integrity of the data and the identity of the signatory can be validated by the parties independently. 


$ jarsigner -verify -verbose -certs snapshot.zip
Signed by "EMAILADDRESS=info@noleaks.eu, CN=Olegs Kunicins, C=LV"
  Digest algorithm: SHA-256
  Signature algorithm: SHA256withRSA, 2048-bit key
Timestamped by "CN=Globalsign TSA for Advanced - G4, O=GlobalSign nv-sa, C=BE"
  Timestamp digest algorithm: SHA-256
  Timestamp signature algorithm: SHA256withSHA256withRSA, 3072-bit key
jar verified.

Courts should not refuse electronic evidence only because it is collected and/or submitted in an electronic form. Electronic data should be accepted as evidence unless the authenticity of such data is challenged by one of the parties.

Example of the report

Inspections

NoLeaks Notary employs standard Google's Chromium in fullscreen mode that simulates three realistic browsing sessions: first visit, returning visit and incognito visit. Each session observed by the proxy which records traffic between the browser and Internet. In contrast to its predecessors that control the browser over high-level API, NoLeaks Notary inspects all traffic, including "invisible" (favicons and requests to Google services), providing consistent digital evidence. Each snapshot of the web-page includes:

  1. Traffic inspections.
  2. Resources inspections.
  3. Visibility inspections.
  4. Modality inspections.
  5. Cookies inspections.
  6. ETags inspections.
  7. TLS Certificate inspections.
  8. Inspection artifacts such as screenshots and HTTP archives.
  9. Machine-readable Metadata in JSON format.
  10. Machine-readable JSON Schema of Metadata according to JSON Schema standard.

The Metadata refers to electronic information about other electronic data, which may reveal the identification, origin or history of the digital evidence, as well as relevant dates and times. NoLeaks Notary gathers effective Chrome options, properties of the simulated device and system properties, including OS, network configuration and execution environment.

The service performs timestamping by using Network Time Protocol and domain name resolution by using DNS-over-HTTPS. These protocols prevent manipulation of data or misconfiguration on client side. Strict distinction of the remote parties considers two requests belong to the same party if:

Development

Structured evidence allows data controllers, data protection officers and end users to understand better which information is transferred and stored during the visits without submitting the consent.

Cryptographic part of the service Signed ZIP published on Maven Repository under GNU General Public License as a standalone reusable library. The library extends standard ZipOutputStream by implementing SHA-256 signatures and trusted time stamps.

The NoLeaks welcomes all contributions in form of ideas, bug reports or coding, as well as any feedback and suggestions for improvements. Your attention is always welcome at info@noleaks.eu

© NoLeaks 2019-2024. The service provided on an 'as is' basis and without warranties of any kind, including fitness for a particular purpose, absence of defects or errors, or accuracy.