Digital Forensics, Computer Forensics examiner

Saint Paul, MN    •    Dallas, TX    •    San Francisco, CA


Sean L Harrington


I am an experienced digital forensics examiner with expertise in corporate fraud, labor disputes, domestic relations, child pornography investigations (including protocols under the Adam Walsh Act), the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, electronic discovery, the work product doctrine, and the attorney client privilege. My experience is derived from the disciplines of law, information technology, software engineering, regulatory compliance, risk management, and information security.  I am qualified to serve as an expert witness and court-appointed third-party neutral.  I have extensive experience in litigation support, including electronic discovery, the Rules of Evidence, the Rules of Civil Procedure, motions practice, pre-trial practice, and appellate practice.[1] 
I maintain professional credentials and certifications in the areas of digital forensics (CHFI No. ECC930566, CCFP No. 335034), information security (CISSP No. 335034), regulatory compliance (CSOXP No. 00185), and network engineering MCSE, MCP+i, No. 977426). I am licensed by the Texas Private Security Board to practice digital forensics.

Sean's Curriculum Vitae

Avvo - Rate your Lawyer. Get Free Legal Advice.



24 Mar 2015        Protecting Your Client’s Data: Ethical Obligations and Practical Tips (Minnesota CLE Family Law Institute 2015)

03 Mar 2015        Electronic Spying and Tracking Spouses in Divorce Cases: What's Legal in the Digital World? (Strafford Pub. CLE)

13 Jan 2015        The NIST Cyber Security Framework: Implications for Your Clients (Minnesota State Bar Ass’n Computer & Technology Section CLE)

06 Jan 2015        Retaliatory Hacking (a/k/a active defense and “hack back”), Winter 2015 Mid Pacific ICT Educator Conference, San Francisco

20 Aug 2014        Electronic Spying and Tracking Spouses in Divorce Cases: What's Legal in the Digital World? (Strafford Pub. CLE)

14 May 2014        “Hack Back or Active Defense?” (Secure360 conference)

01 May 2014:       Hack Back”: Legitimate Corporate Security or Risky Business? (U.S. Cyber Crime Conference)

06 Feb 2014        (ISC)²® CFCPSM CBK® Training Preview (LegalTech New York)

12 Nov 2013        “Hacking Back”: Legitimate Corporate Security or Risky Business? (Minnesota State Bar Ass’n Computer & Technology Law Section, CLE event code #185249)

04 Oct 2013         eDiscovery Conference & Symposium (William Mitchell School of Law)

18 Jun 2013        Minnesota e-Discovery Working Group presentation (2013 Minnesota State Bar Ass’n Annual Convention, Duluth, MN)

20 Dec 2012        "Employee-owned Devices in the workplace: Legal & Technological Risks" (Ramsey County Bar Ass’n)

28 Jun 2012        "Employee-owned Devices in the workplace: Legal & Technological Risks" (Ramsey County Bar Ass’n)

13 Mar 2012        "Trends in Employee-owned Devices in the workplace: Legal & Technological Risks" (Minnesota State Bar Ass’n Computer & Technology Law Section, CLE event code #165766)

08 Nov 2011        Corporate and Individual Liabilities of Releasing Vulnerable Code,” (Minnesota State Bar Ass’n Computer & Tech­­nology Law Section, CLE event code #161305)

27 Sep 2011        The Legal and Financial Consequences of Releasing Vulnerable Software  (Minneapolis Fortify User Group Con­­ference)



• Minnesota State Bar Ass’n Computer & Technology Law Section blog (since 2007),

Cyber Security Active Defense: Playing with Fire or Sound Risk Management? 20 Rich. J.L. & Tech 12 (2014)

"Professional Ethics for the Digital Forensics Discipline" Digital Forensic Investigator News (Part 1, Winter/Spring, 2014; Part 2, summer, 2014)

Official (ISC)²® Guide to the Cyberforensics Certified Professional (CFCP) CBK® (Code of Ethics chapter - July, 2014)

Using Technology to Facilitate Production of E-Discovery, 40 Wlm. Mitchell L. Rev. 588 (2014)

"Hacking Back": Legitimate Corporate Security or Risky Business? THE CIP REPORT, George Mason Univ. Center for Infrastructure Protection & Homeland Security (October, 2013)

"Incorporating Extrinsic Evidence into the Digital Forensics Investigation" Digital Forensic Investigator News (Winter/Spring, 2013)

• "Data Encryption in Criminal Cases" Forensic Focus Newsletter (April, 2012)

• Interview: Nancy Crotti, "Cloud Control: Feeling at ease with online files," Minn. Lawyer, 03/2012

Collaborating with a Digital Forensics Expert: Ultimate Tag Team or Disastrous Duo, 38 Wlm. Mitchell L. Rev. 353 (Jan., 2012)

• "AccessData FTK 4.0: Initial Impressions" (March 12, 2012).

• "Is your client an attorney? Be aware of possible constraints on your investigation. " Forensic Focus Newsletter ("Part 1," Sept. 29, 2011; "Part 2," Nov. 29, 2011).

[1] I am licensed to practice law in the state of California. For any other jurisdiction, all services provided that are "legal" in character are available only to and under the direct supervision of attorneys licensed to practice in the jurisdiction where the work is to be performed.  Further, no attorney-client relationship for California matters shall be formed without a Retainer Agreement expressly providing therefor.

Contact Information

Please send email inquiries to or call 508-361-2018, 651-760-3877.




Upcoming Presentations


try Simple Carver Suite

COMPUTER FORENSIC Minnesota, Twin cities, solo, law practice, computer forensics, digital forensics, mobile forensics, digital evidence specialists, litigation support, electronic discovery, hard drive recovery, disk recovery, data recovery service, litigation hold, legal hold, preservation memo, Motion to Image, discovery request, recover deleted files, crashed drive recovery, expert witness, FTK, computer crime, forensic analysis, cybercrime, security audits, Sarbanes-Oxley, Graham-Leachy, computer crime response, WebTracer, SilentRunner, steganography, internal investigations, insider threat, due diligence, domestic relations, fraud investigations, corporate espionage, embezzlement, infrastructure protection, private investigations, electronic data preservation, electronic analysis, intellectual property, audit trail, cyber security, harassment, identity theft, deposition, infiltration, forensic examiner, accounting fraud, assurance, behavioral science, civil proceedings, computer crime consulting, computer forensic analysis, computer fraud, corporate investigations, cyber terrorism, Cyberspace, data analysis, data discovery, data extraction, data restoration, denial of service attack, digital discovery, Digital media law Discovery, electronic evidence, Electronic forensics, Electronic legal discovery, Electronic records fraud, E-mail crime, E-mail evidence, employee malfeasance, employment litigation, encryption, Evidence Collection, hidden files, high tech crime, homeland defense, homeland security, Internet law, lost data, measure, media recovery, misappropriation, proprietary information, Risk management, threat assessment, trade secret, website audit, wiretapping, metadata, EDD, eDiscovery, e-discovery, inadvertent disclosure, unintentional disclosure, attorney client privilege, work produce privilege, fraud exception, CFCE, MCSE, CSOXP, CHFI, C|HFI, GCFA, CISSP, EnCase, EnCE, CCE, legal technology, IP trace, imaging, restoration, PGP, hacker, electronic, database, business network consulting, IT solutions, outsourcing, Microsoft Certified, on-site, backup, archival, tech support, workstation, NT, Windows 2003, Windows 7, XP, UNIX, trial exhibit, charts, graphs, timelines, Trial Director, Sanction, Verdict, audio forensics, image manipulation, audio-visual, CM/ECF, CM-ECF, File & Serve