Addressing IoT (Internet of Things) technologies is becoming a crucial challenge in Digital
Forensics, showing the limits of traditional approaches and data collection techniques. Our
contribution envisages a “data governance” model based on third-party certifi cation of forensic
copies extracted from IoT devices. Within this framework, on the one hand, the certification establishes the technical standards to which manufacturers, distributors and service providers have to abide by in order to enter the EU market; on the other hand, it is eliminated the threefold conflict between the duties of investigating authorities, the interests of device manufacturers and the fundamental rights of the suspects. In conclusion are discussed benefits and disadvantages of our proposal, drawing a path for future research.
