Addressing IoT (Internet of Things) technologies is becoming a crucial challenge in Digital Forensics, showing the limits of traditional approaches and data collection techniques. Our contribution envisages a “data governance” model based on third-party certification of fo- rensic copies extracted from IoT devices. Within this framework, on the one hand, the certi- fication establishes the technical standards to which manufacturers, distributors and service providers have to abide by in order to enter the EU market; on the other hand, it is eliminated the threefold conflict between the duties of investigating authorities, the interests of device manufacturers and the fundamental rights of the suspects. In conclusion are discussed benefits and disadvantages of our proposal, drawing a path for future research.
