Digital Evidence and Cybercrime:  Admissibility and Challenges under  Indian Law 

Introduction 

The legal concept of proof has changed in the modern era. Courtrooms no longer relies only  on hand prints, weapons, or testimony from witnesses. Instead, virtual footprints a deleted  WhatsApp communication, an IP address, an email header or even metadata frequently play  the most important role. 

However, digital evidence is a double-edged sword. While it can reveal concealed plans and  identify hackers, it is also vulnerable to tampering, attacks, and manipulation. Its statement in  court involves careful balancing: courts must seek the truth while protecting constitutional  privileges, including privacy and due process. 

This article thoroughly examines how Indian law governs digital evidence in cases of internet  crime, addressing court legal precedent, practical and constitutional complications and  potential improvements that use worldwide the latest trends. 

Understanding Digital Evidence 

Definition: Electronic proof is information saved or transferred in binary form who may be  used in court. A few instances include email, SMS, and WhatsApp chats. 

1. Call Detail Records (CDR). 
2. CCTV footage. 
3. Collected data across several sources, includes pen drives, hard disks, and servers in the  clouds. 
4. Crypto transactions. 

Peculiar features: 

1. Volatility: It can also be removed in seconds. 
2. Reproducibility: Something may be duplicating indefinitely without degrading. 3. Hidden Layers: Metadata may point toward time, location, and authorship beyond apparent  work. 
3. Borderlessness – Data stays on servers outside India, complicating jurisdiction. These qualities make digital evidence both profitable and troublesome.

Legal Framework in India 

(a) Indian Evidence Act, 1872. 

The regular Evidence Act had been written for paper records. The sections 65 A and 65 B of  the Information Technology Act of 2000 were established to recognize electronic records. 

Section 65A: Digital information are acceptable mainly under Section 65B. Section 65B outlines the procedure for admissibility: 

The record must originate from a computer output and accompanied by a signed certificate  from a responsible official under Section 65B(4) for verification of authenticity. 

(b) Information Technology Act of 2000. 

The Information Technology Act punishes various cybercrimes and enables authorities: 

1. S. 43 & 66: Inappropriate access/hacking. 
2. S.66C targets identity theft. 
3. S.66E addresses infringement of privacy through picture capturing. 
4. S.67 prohibits transmitting indecent content online. 
5. S.4 establishes legislative acknowledgment for digital records. 

(c) Code of Criminal Procedure, 1973. 

Courts can summon electronic records under Sections 91 and 92. • Electronic records may now  accepted as papers for inquiry through variations. 

(d) Constitutional Dimension. 

Article 21 safeguards the right of existence and personal liberty, which includes the protection  of information. 

In the case of Justice K.S. Puttaswamy v. Union of India (2017), privacy became recognized  as a fundamental right, which influenced electronic evidence collecting. 

Judicial Approach in India 

Indian courts have shaped the rules of admissibility through landmark decisions: 

1. State (NCT of Delhi) v. Navjot Sandhu (2005) – Parliament Attack Case Court admitted phone call records without a Section 65B certificate.Flexible but  criticized for lowering safeguards. 
2. Anvar P.V. v. P.K. Basheer (2014) 

Overruled Navjot Sandhu. Held that certificate under Section 65B is mandatory.  Stressed statutory compliance to ensure reliability. 

3. Shafhi Mohammad v. State of Himachal Pradesh (2018) 

Relaxed requirement where party had no control over device (e.g., CCTV footage from  third-party). 

4. Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020)

Constitution Bench clarified: certificate is mandatory unless impossibility is shown. Brought finality to conflicting precedents. 

5. Justice K.S. Puttaswamy v. Union of India (2017) 

Right to privacy requires that evidence collection be lawful, necessary, and  proportionate. Relevance: unchecked surveillance or seizure of personal data may be  unconstitutional. 

6. Jagdeo Singh v. State (2015) 

Delhi HC held that the absence of a Section 65B certificate makes electronic evidence  inadmissible. 

These cases reveal a trajectory: from flexibility (Navjot Sandhu) → to rigidity (Anvar, Arjun  Panditrao) → to conditional relaxation (Shafhi Mohammad). 

Challenges in Admissibility 

1. Integrity and Tampering.Digital data may be misrepresented or changed without clear  evidence. Photoshop might alter CCTV photos and adjust hash values. 
2. Technical barriers to 65B compliance.Service providers such example WhatsApp,  Gmail, and Facebook are headquarters in foreign countries. Getting a certificate is  often problematic. Delays in MLAT (Mutual Legal Assistance Treaties) render  evidence unclear. 
3. Chain of custody issues. strict steps must be followed to protect physical evidence,  such as hashing and sealing it. 
4. In India, police at times lack forensic facilities, heightening the possibility of  contamination. 
5. Privacy vs. Public Interest. Mass surveillance, such as intercepting calls and accessing  social news outlets, is common during operations. Causes a tension between crime  control and residents’ right to privacy. 
6. Capacity gaps. Inadequate technical proficiency among judges, prosecutors, and  police. • Forensic labs are understaffed and inconsistently deployed. 

Illustrative Cases Highlighting Challenges 

Ritesh Sinha v. State of Uttar Pradesh (2019): Court allowed compelling accused to give  voice samples. Privacy concerns arose, but necessity for digital evidence was prioritized. 

Binoy Viswam v. Union of India (2017): Aadhaar-SIM linking case raised questions on  privacy vs. state surveillance. 

Selvi v. State of Karnataka (2010): Narco-analysis and brain-mapping tests held  unconstitutional, signaling caution in intrusive evidence collection. 

These cases show the judiciary’s cautious yet evolving approach.

The Justice Dilemma 

Consider the following two situations: 

1. A terror concept seen via WhatsApp conversations that were intercepted. It isn’t a Section  65B accreditation accessible, though. Is it reasonable to disregard the evidence? 
2. Emails purportedly featuring threats from the wife can be obtained by a spouse he is accused  of domestic abuse. Forensic analysis discovers that the emails were fake. Might someone’s  freedom be dictated by such evidence? 

The above scenarios illustrate their conundrum: 

Neglecting digital evidence might allow individuals to evade punishment.  Ignoring it could end up in incorrect sentences. 

Therefore, maintaining a balance between entitlements and truth is the true moral and  regulatory dilemma. 

International Comparative Perspective 

(a) US 

Submitted to Rule 901 of the Federal Rules of Evidence. Although universal, the  authentication procedure is necessary. Courts evaluate if findings is what it argues to be. A  great deal of expert testimony gets used. As a model, the 2007 case Lorraine v. Markel  American Insurance Co. set forth regulations for the presentation of digital data. 

(b) The United Kingdom 

Prosecutors apply the best testimony method, which states that evidence is admitted if it seems  to be true and reliable rather than following strict formalities. 

(c) China

Considering blockchain records to be impenetrable, they have been authorized as acceptable.  Blockchain evidence has been allowed by many kinds of Chinese judicial bodies in IP cases. 

(d) The European Union 

Strict security of information directives must be subsequently followed while gathering digital  evidence under GDPR. Strikes a balance that exists between protecting personal information  and criminal prosecution. 

India vs. World

India’s rigid Section 65B certification is stricter than the US/UK approach. This rigidity may  prioritize formalism over substantive justice.

Emerging Trends 

1. Blockchain Proof Authentication might be redefined by constant ledgers. 
2. Forensic Artificial Intelligence. Artificial intelligence (AI) platforms help in evaluating of  large amounts of digital data. But there may be the potential of prejudice. 
3. Jurisdiction & Cloud Computing. rising disagreements with regard to whether Indian courts  have the authority to direct data sharing from globally cloud firms 
4. the 2023 Digital Personal Data Protection Act. provides requirements for the necessary  handling of intimate data. affects the manner in that multimedia proof is handled by  investigating regulatory bodies. 

Suggested Reforms 

1. Adaptable Cert Need. If the truth is demonstrated in another way, amend Section 65B to  provide recipients more discretion. 
2. Standardized Rules regarding the Chain of Custody. required forensic methods for keeping,  encoding, and seizure. 
3. Building Ability. Cyber-forensics instruction ought to be a part of judicial academies.  Continuing technological upskilling is necessary for police officers. 
4. Collaboration between nationalities. Make MLAT techniques stronger. Study joining  accords like the ones like the Budapest Convention on Terrorism. 
5. Separate Sections for Cyber Evidence. Develop specialized labs at the state and presidential  levels. Give courts real-time expert help. 
6. Privacy equilibrium. Create a law requesting a judge’s approval before conducting  excessive internet searches. Use the Puttaswamy proportionate tests. 

Conclusion 

Digital evidence represents both the promise and peril of modern criminal justice. It can  decisively secure convictions in complex cybercrimes but also carries risks of manipulation,  privacy violations, and wrongful prosecution. 

Indian jurisprudence has evolved significantly from Navjot Sandhu’s flexibility to Arjun  Panditrao’s rigidity, and the constitutional shield of Puttaswamy. Yet, challenges persist: rigid  certification, lack of expertise, privacy concerns, and cross-border hurdles. 

The future lies in a balanced approach: authenticity must be ensured through forensic  safeguards, while privacy and due process must not be sacrificed at the altar of efficiency.  Comparative models from the US, UK, and China suggest that India must move towards a  flexible but secure framework one that respects both truth-seeking and rights protection. 

As technology races ahead, the Indian legal system must adapt not just to keep up, but to lead  with fairness and foresight.

References

Primary Sources 

1. Constitution of India, 1950. 
2. Indian Evidence Act, 1872. 
3. Information Technology Act, 2000. 
4. Code of Criminal Procedure, 1973. 
5. State (NCT of Delhi) v Navjot Sandhu (2005) 11 SCC 600. 
6. Anvar PV v PK Basheer (2014) 10 SCC 473. 
7. Shafhi Mohammad v State of Himachal Pradesh (2018) 2 SCC 801. 
8. Arjun Panditrao Khotkar v Kailash Kushanrao Gorantyal (2020) 7 SCC 1
9. Justice KS Puttaswamy v Union of India (2017) 10 SCC1. 
10. Selvi v State of Karnataka (2010) 7 SCC 263. 
11. Ritesh Sinha v State of Uttar Pradesh (2019) 8 SCC 1. 

Secondary Sources 

1. Apar Gupta, Information Technology Law and Practice (2nd edn, LexisNexis 2017). 
2. Sidharth Luthra and Shruti Kaushik, ‘Admissibility of Electronic Evidence in India’ (2021) 7  NUJS L Rev 45. 
3. Rahul Singh, ‘Digital Evidence in India: Challenges and Reforms’ (2020) 12 NALSAR LJ 89. Vivek Sood, Cyber Law Simplified (2nd edn, Tata McGraw Hill 2021). Daniel J Solove, Understanding Privacy (Harvard University Press 2008). 

Online Sources 

1. Ministry of Electronics & Information Technology, ‘Cyber Laws in India’  https://www.meity.gov.in/ accessed 5 September 2025. 
2. Supreme Court of India judgments portal https://main.sci.gov.in/ accessed 5 September 2025. 
3. EU GDPR Portal, ‘General Data Protection Regulation’ https://gdpr-info.eu/ accessed 5 September 2025.