Digital Evidence and cybercrime: Admissibility and  Challenges in Indian Law 

ABSTRACT 

Due to digitalization, crime has taken new forms in India, shifting from traditional methods to  cyber-based offenses such as hacking, identity theft, phishing, online fraud, and cyberbullying.  Criminals exploit technology to commit crimes across borders, making detection and  prosecution more difficult. To address these challenges, Indian law provides specific  protections under the Information Technology (IT) Act, 2000, which deals with offenses like  unauthorized access to computer systems, data theft, and online fraud. Additionally, the Indian  Penal Code (IPC) has provisions to punish cyberstalking, online harassment, and defamation.  Law enforcement agencies are increasingly using digital tools for surveillance and  investigation, but the rapid growth of cybercrime highlights the need for stronger cybersecurity  measures and stricter enforcement of existing laws. 

INTRODUCTION 

Cybercrime refers to criminal activities carried out using computers, networks, or digital  devices, such as hacking, identity theft, phishing, and online fraud. With the rapid growth of  digitalization, these crimes have become more complex and borderless, affecting individuals,  businesses, and governments alike. In this context, digital evidence—any information stored  or transmitted in digital form, such as emails, call records, CCTV footage, or computer files—plays a crucial role in investigating and prosecuting cyber offenses. Proper collection,  preservation, and analysis of digital evidence are essential to ensure justice in the digital age. 

CYBER CRIMES 

Cybercrime refers to illegal activities carried out through computers, mobile devices, networks,  or the internet. With rapid digitalization, these crimes have become more common and  sophisticated, affecting individuals, businesses, and governments. Cybercrimes can take many  forms, including hacking, identity theft, phishing scams, financial fraud, cyberstalking,  cyberbullying, spreading viruses, and publishing obscene or defamatory content online. 

In India, the Information Technology (IT) Act, 2000 is the main law that deals with  cybercrimes. It covers offenses such as unauthorized access to computer systems, online  impersonation, data theft, and transmission of obscene material. Important sections like Section  43 (damage to computer systems), Section 66 (hacking), Section 66C (identity theft), Section  66D (cheating by impersonation), and Section 67 (publishing obscene material) provide  punishments for various offenses. The Indian Penal Code (IPC) also applies to certain digital  crimes, such as cheating, criminal intimidation, and defamation when committed through  electronic means. 

Cybercrime not only causes financial loss but also impacts mental health and national security.  With the growth of digital platforms, the need for stronger cybersecurity, digital awareness,  and effective enforcement of cyber laws has become more important than ever.

CYBER CRIME INVESTIGATION 

Cyber-crime investigation is the process of identifying, tracking, and prosecuting crimes  committed through computers, mobile devices, and digital networks. Unlike traditional crimes,  cybercrimes leave digital footprints in the form of emails, IP addresses, call records, social  media activity, and electronic transactions. Investigators collect and analyze this digital  evidence to trace the offender. 

In India, cyber-crime investigation is mainly governed by the Information Technology (IT) Act,  2000, along with relevant sections of the Indian Penal Code (IPC). Specialized Cyber Crime  Cells have been established in major cities to handle complaints related to hacking, phishing,  identity theft, online fraud, cyberstalking, and publishing obscene material online. Important  steps in investigation include registering the complaint, securing digital evidence without  tampering, tracing the source of the attack, and coordinating with internet service providers,  banks, or even international agencies if the crime crosses borders. 

Law enforcement agencies also rely on tools like computer forensics, mobile forensics, and  network analysis to gather proof. However, challenges such as encrypted communications, use  of the dark web, cross-border jurisdiction, and lack of digital awareness make cybercrime  investigation complex. Strengthening technical expertise, training police personnel, and  updating laws are essential for effective handling of cyber offenses in the digital age. 

DIGITAL EVIDENCE IN CYBER CRIME 

Digital evidence refers to any information stored, transmitted, or retrieved in digital form that  can be used in a court of law. In cybercrime cases, digital evidence plays a crucial role in  identifying offenders and proving their involvement. It may include emails, chat logs, call  records, IP addresses, CCTV footage, browsing history, mobile data, computer files, and  transaction records. 

In India, the Information Technology (IT) Act, 2000 and the Indian Evidence Act, 1872 provide  legal recognition to digital evidence. Section 65B of the Indian Evidence Act lays down the  procedure for the admissibility of electronic records in court, requiring proper certification to  ensure authenticity. During cybercrime investigations, authorities use techniques like computer  forensics, mobile forensics, and network analysis to collect and preserve digital evidence  without alteration. 

Digital evidence is vital in cases such as hacking, phishing, online fraud, cyberstalking, and  identity theft, as it helps trace the origin of the crime and establish guilt. However, challenges  such as encryption, tampering, and cross-border data storage make its collection and  verification difficult. Therefore, strict procedures and skilled investigation are essential to  maintain the integrity of digital evidence in cybercrime cases. 

Case Study: Rs 34.5 Lakh “Digital Arrest” Scam in Berhampur 

Background

• Date & Location: Registered on January 29, 2025, at the Cyber Crime & Economic  Offences Police Station in Berhampur, Odisha. 
• Incident: A victim from Kukudakhandi was duped out of ₹34.5 lakh by cybercriminals  who impersonated CBI officers, issuing a fake “digital arrest” threat to extort money  for a purported “priority investigation.” News Room Odisha 

Challenges in Implementing Cybercrime Laws and Digital Evidence  Framework 

The introduction of Bharatiya Nyaya Sanhita (BNS), 2023, Bharatiya Nagarik Suraksha  Sanhita (BNSS), 2023, and Bharatiya Sakshya Adhiniyam (BSA), 2023 marks a major shift in India’s legal  approach to 

cybercrime and digital evidence. However, effective implementation faces several legal,  technical, procedural, and infrastructural challenges. These challenges must be addressed to ensure  the new laws 

achieve their intended objectives without infringing on civil liberties or causing delays in  justice delivery. 

Legal and Procedural Challenges 

Complexity in Admissibility of Digital Evidence 

• Although BSA, 2023 simplifies some aspects of digital evidence admissibility, courts may  still struggle with verifying authenticity of electronic records.
• The removal of strict Section 65B certification requirements may create ambiguity in  courts regarding the reliability of digital evidence. 
• Judges and legal practitioners often lack technical expertise in handling digital evidence,  leading to inconsistent rulings. 

Jurisdictional Issues in Cybercrimes 

• Cybercrimes often have cross-border implications, making jurisdiction a major issue. 
• Indian law enforcement agencies face difficulties in obtaining data from foreign tech  companies like Google, Meta, or Apple.
• Mutual Legal Assistance Treaties (MLATs) with other countries are often slow, leading to  delays in cybercrime investigations. 

Lack of a Dedicated Cybercrime Legal Framework 

• While BNS, 2023 introduces provisions for cybercrimes, India lacks a comprehensive  cybercrime law similar to the General Data Protection Regulation (GDPR) in the EU or the Computer Fraud  and Abuse Act (CFAA) in the US. 
• Existing cyber laws, such as the Information Technology Act, 2000, have not been updated  to match modern AI-driven and blockchain-related cyber offenses. 

Technical and Forensic Challenges 

Difficulty in Tracing and Collecting Digital Evidence 

• Digital evidence is volatile and can be easily altered, deleted, or encrypted by  cybercriminals. 
• Law enforcement agencies lack advanced forensic tools to retrieve encrypted or deleted  data from cloud servers, dark web, and cryptocurrency transactions. 
• The absence of blockchain-based authentication mechanisms makes it difficult to prove  the integrity 

Investigation Process & Digital Evidence 

1. Initial Complaint & Registrations 

The victim’s FIR prompted an inquiry by the Berhampur Cyber Crime team,  who immediately began tracing the digital trail. News Room Odisha 

2. Identifying the Perpetrators 

Through communication metadata and account analysis, two suspects— Shishpar alias Subhash and Govindram alias Goverdhanram, both from  Jodhpur, Rajasthan—were tied to the scam. News Room Odisha 

3. Arrests & Inter-State Coordination 

One accused, Subhash, was apprehended in Gujarat (Bhuj), transferred under a  transit warrant to Berhampur. Govindram remained in custody in Rajasthan,  with arrangements underway for his questioning. News Room Odisha

The probe involved coordinated efforts between Berhampur Cyber Crime Unit,  Gujarat Police, and judicial authorities. 

4. Financial Tracing & Asset Freezing 

Investigators succeeded in freezing ₹4.5 lakh in a Bhuj cooperative bank and  ₹17.94 lakh in an SBI branch in Mehgaon. Courts ordered these funds held for  eventual return to the victim.News Room Odisha 

5. Use of Digital Evidence 

Crucial evidence likely included recorded call logs, WhatsApp communication,  bank transaction records, IP logs, and forensic data from devices. These digital  traces helped establish the fraudulent scheme and link suspects to the crime. 

While specific digital artifacts aren’t enumerated in the public report, these are  typically central in such investigations. 

Outcome & Significance 

• Successful prosecution through multi-state collaboration and robust use of digital  forensics set this case apart. 
• It highlighted the effectiveness of cyber cells in Odisha and the judicial cooperation  needed for inter-state cybercrime resolution. 
• A public advisory issued by the Berhampur SP warned citizens about similar “digital  arrest” cons and directed them to report suspicious cases via Cyber Helpline 1930 or  local police channels. NEWSROOM ODISHA 

Challenges in Admissibility & Investigation 

1. Technical Complexity – Investigators need specialized knowledge to extract and  preserve digital evidence.
2. Authentication Issues – Ensuring the evidence is genuine and not tampered with is  difficult. 
3. Section 65B Certification – Often missing or improperly prepared, leading to rejection  in court. 
4. Cross-Border Jurisdiction – Many servers and data centers are located outside India,  complicating evidence collection. 
5. Encryption & Privacy Laws – Encrypted communications and privacy concerns delay  access to critical data. 
6. Rapidly Evolving Technology – Newer forms of digital crime (e.g., deepfakes,  cryptocurrency fraud) challenge existing legal frameworks. 

Conclusion 

Digital evidence has become the backbone of cybercrime investigation in India, as most online  offenses can only be proved through electronic records. However, its admissibility in courts  depends on strict compliance with legal provisions, especially Section 65B of the Indian  Evidence Act, 1872. While landmark judgments have clarified the mandatory nature of  certification, practical challenges such as technical expertise, cross-border data issues, and  encryption continue to create hurdles. To ensure justice in the digital age, India must strengthen  its cyber forensic infrastructure, train law enforcement agencies, and update legal  frameworks in line with emerging technologies. A balanced approach—ensuring both the  reliability of digital evidence and the protection of individual rights—will be key to effectively  tackling cybercrime.