Random access memory (RAM) meaning

Random access memory (RAM) is a device’s short-term, volatile memory that temporarily stores parts of the operating system and data for actively running applications and files, enabling very fast read/write access. It is found in computers, servers, smartphones and tablets. In legal practice it matters for electronic evidence, eDisclosure/eDiscovery, digital forensics and cybercrime investigations. RAM contents are lost when power is removed or a device is rebooted. They can nevertheless contain personal data, confidential information, encryption keys, passwords, fragments of messages and running processes. Because of this volatility, preservation usually requires live (on scene) forensic acquisition; standard forensic imaging of a powered-off device will not capture RAM. Any live capture must be justified, proportionate and recorded to maintain chain of custody and evidential integrity. “RAM” is a technical, descriptive term, not defined in legislation or case law, though it is referenced in judgments and guidance on electronic evidence. Usage and treatment are broadly consistent across England & Wales, Scotland, Northern Ireland and Ireland. Processing RAM data may constitute processing of personal data under the UK GDPR and Data Protection Act 2018 (UK) or the GDPR and Data Protection Act 2018 (Ireland), engaging disclosure, retention and minimisation obligations.