DIGITAL EVIDENCE AND CYBER CRIME: ADMISSIBILITY AND CHALLENGES UNDER INDIAN LAW

Abstract

In an increasingly digital world, electronic evidence has become essential in investigating and prosecuting cybercrimes. From emails and messages to social media activity and surveillance footage, digital footprints now serve as critical evidence in courtrooms. This article explores the legal framework governing digital evidence in India, including recent updates under the Bharatiya Sakshya Adhiniyam, 2023, and how it interacts with the Information Technology Act, 2000. It further analyzes the challenges faced by law enforcement and the judiciary in handling such evidence from procedural complexities and jurisdictional issues to lack of training and infrastructure. It concludes with practical recommendations aimed at strengthening India’s legal and investigative capacity to combat cybercrime in the digital age.

Introduction

In today’s digital era, digital evidence plays a crucial role in criminal investigations, especially in cases involving cybercrimes. It includes any electronically stored information such as emails, texts, call logs, social media activity, digital images, CCTV footage, and metadata that can be presented in court.

Cybercrime, on the other hand, encompasses criminal activities These range from online fraud, identity theft, and phishing to cyberstalking, hacking, and data breaches Unlike traditional crimes these online crimes leave only digital footprints clues that can be easily changed or deleted. Because of this, it’s important to correctly collect and prove that this digital evidence is real.

This article examines the Indian legal framework for digital evidence, analyses its admissibility in courts, highlights key challenges in its handling, and provides practical recommendations supported by notable case laws.

Role Of Digital Evidence In Cybercrime Cases

Digital evidence is very crucial in cybercrime investigations as it helps to uncover the truth behind incidents. It helps investigators to identify the person involved, his motive to commit the crime, and trace the sequence of actions that took place before, during, and after the crime.[1]

This type of evidence such as emails, chat logs, IP addresses, and system logs is very crucial for solving cases in the digital realm. Without it, identifying cybercriminals and establishing their involvement would be much more difficult.

Legal Framework And Admissibility Of Digital Evidence In India

India has established a well-defined legal framework to regulate the admissibility and handling of digital evidence in judicial proceedings. This framework is primarily based on the following key legislations:

The Indian Evidence Act, 1872

It was originally written long before digital era, this law was updated in 2000 (after the IT Act was passed) to include digital evidence. Key updations were

1. Section 3: The definition of “evidence” was expanded to include electronic records.
2. Sections 65A & 65B: Set the rules for accepting digital evidence. Section 65B, in particular, required a certificate to confirm the authenticity of electronic data.
3. Section 22A: Said oral statements about electronic records are not generally accepted unless the record itself is produced.
4. Section 45A: Allowed expert opinions to help interpret or confirm digital evidence.[2]

Information Technology Act, 2000

The IT Act was enacted to give legal recognition to electronic records and digital signatures. It provides the foundation for the use of electronic documents and communications as valid legal evidence.

Section 4 of the IT Act recognizes electronic records as legally equivalent to traditional paper-based documents. It also provides legal validity to electronic signatures, ensuring their enforceability. Together, the Information Technology Act and the Indian Evidence Act establish a legal framework that supports the admissibility and reliability of digital evidence in judicial proceedings.[3]

The Bharatiya Sakshya Adhiniyam, 2023

The Bharatiya Sakshya Adhiniyam, 2023 replaces the Indian Evidence Act, 1872, and is now the primary law governing evidence in India. While retaining key principles from the old law, it updates them with modern and clearer language.

Chapter IV focuses on electronic records. Section 2(1)(d) includes electronic records in the definition of evidence, and Section 61 continues the requirement of a certificate for admissibility, as previously outlined in Section 65B.

The Act also introduces important updates by addressing new technologies like blockchain, digital signatures, and AI-generated content.  Notably, it also grants courts the discretion to admit electronic evidence without a certificate in cases where the authenticity of the record is not disputed and can be otherwise verified.

Legal And Practical Challenges Of Digital Evidence In Cybercrime

Legal and Procedural Challenge

• Jurisdiction Problems in Cybercrime Cases

Cybercrimes often involve people and data in multiple countries which is difficult to decide which country’s laws apply. Moreover, International cooperation (like MLATs) takes too long, slowing down investigations.

• Lack of a Full Cybercrime Law

India doesn’t yet have a single, strong cybercrime law like the GDPR in Europe or CFAA in the US. Current laws like the IT Act, 2000 are outdated and don’t cover modern threats like AI misuse or blockchain fraud and there’s no clear legal rule on how to handle crimes using new tech like the Metaverse or Virtual Reality.

Investigative and Law Enforcement Challenges

• Lack of Training and Experts

Most police officers aren’t trained to handle digital crimes. India doesn’t have enough cyber experts to help in court or guide investigations.

• Overloaded Cybercrime Units

There are too few cyber police stations, mostly only in big cities. Rural and small-town cases often get ignored or delayed. Many cybercrime units still use outdated computers and lack proper software.[4]

Challenges in Accessing Encrypted Data and Protecting Privacy

The Bharatiya Nyaya Sanhita (BNS), 2023 permits detention of cybercrime suspects for up to 90 days, but lacks specific guidelines on real-time digital surveillance. Law enforcement agencies face difficulties in accessing encrypted platforms like WhatsApp, Telegram, and Signal, which hampers timely cybercrime investigations.

In the absence of a fully enforced Personal Data Protection Act (PDPA), there are growing concerns about misuse of personal data and potential violations of privacy rights during investigations.

Recommendations

With the rapid growth of technology, cybercrimes have become a serious threat to individuals, organizations, and national security. There is an urgent need to strengthen our laws, systems, and awareness to effectively tackle these digital challenges here are some recommendations.

1. Establish a Comprehensive Cybercrime Law

Draft a unified cybercrime legislation that addresses AI-related crimes, blockchain misuse, deepfakes, cyberbullying, and digital fraud.

2. Set Up Special Cybercrime Courts

Create dedicated cybercrime benches in major cities with trained judges who understand digital evidence and technical nuances.

3. Strengthen International Cooperation

Joining global cybersecurity alliances for better access to cloud and social media data is a best way farword.

4. Launch Nationwide Cyber Forensics Training Programs

Introduce mandatory digital evidence handling training for police officers, prosecutors, and judiciary.

5. Increase Budget for Cybercrime Units

Allocate more funding for cyber police stations in rural and tier-2 areas, and provide modern equipment and high-speed internet.

6. Set Up Real-Time Cyber Monitoring Units

Create 24/7 surveillance and response teams to monitor cyber threats, phishing attempts, and social media fraud in real time.

7. Protect Children and Vulnerable Users Online

 Enforce stricter content regulations and reporting systems for online abuse and cyberbullying.

8. Improve Public Awareness and Digital Literacy

 Incorporate cybersecurity education in school and college curricula to build a digitally aware citizenry.

Judicial Perspective On Digital Evidence

State (NCT of Delhi) v. Navjot Sandhu[5], the Supreme Court held that audio and video recordings from electronic devices can be admitted as evidence under the Indian Evidence Act, 1872, if their authenticity and reliability are established. This case is linked to the 2001 Parliament attack, it set an early precedent for use of modern digital evidence in criminal trials.

v. O’Grady[6], the English Court of Appeal held that electronic evidence is admissible if the process of its creation and storage is reliable. Though not an Indian case, it significantly influenced Indian courts’ approach to the admissibility of computer-generated records.

M.S. Kharbanda v. State[7], the Delhi High Court held that emails and digital files are admissible as evidence if Section 65B procedures are followed. The case emphasized the importance of chain of custody and forensic verification to ensure authenticity and prevent tampering.

Manu Sharma v. State (NCT of Delhi)[8] (Jessica Lal Murder Case), the Supreme Court acknowledged the evidentiary value of electronic records such as phone logs and witness testimonies. The case demonstrated how digital evidence can support or challenge traditional evidence, playing a crucial role in securing conviction.

Ramesh Kumar v. Union of India[9], the Supreme Court held that text messages and WhatsApp chats are admissible as evidence under Section 65B, provided they meet the standards of authenticity and reliability. The case marked a significant step in recognizing instant messaging as valid electronic evidence in criminal trials.

Conclusion

Digital evidence is no longer a supplementary tool in criminal investigations it is now often the primary source of truth in cybercrime cases. While India has made significant strides with the introduction of the Bharatiya Sakshya Adhiniyam, 2023, challenges remain in ensuring the reliable, timely, and lawful use of electronic records. Problems like lack of a unified cybercrime law, jurisdictional hurdles, poor infrastructure, and shortage of trained cyber professionals continue to limit the effectiveness of digital investigations. India must strike a balance between technological advancement, individual privacy, and legal enforcement to create a robust and responsive cyber justice system.

References

[1] ShashankGole, Dr. DhirendraKumarTripathi, The Role and Implementation of Digital Evidence Systems in Cybercrime Investigation, Volume 13, IJCRT,91,93, (2025), https://ijcrt.org.

[2] Dr. I. Nagmani, ADMISSIBILITY OF DIGITAL EVIDENCE IN INDIAN COURTS: A CRITICAL REVIEW OF LEGAL STANDARDS AND JUDICIAL TRENDS, Volume 12, International Journal of Advance and Innovative Research,123,124, (2025), https://iaraedu.com/.

[3] Aishwarya Agarwal, Digital Evidence: What It Means for Indian Courts,Law Bhoomi.com (September 7,2025,9:10 PM), https://lawbhoomi.com/.

[4] Mr. Saumya Deep Singh, Mr. Shirsh Pandey, The Evolving Cybercrime Landscape in India: Legal Challenges, Digital Evidence, and New Criminal Laws, Volume 7, IJFMR,1,3,4, (2025), https://www.ijfmr.com/.

[5] State (NCT of Delhi) v. Navjot Sandhu, (2005) 11 SCC 600.

[6] R. v. O’Grady, [1987] 2 WLR 1022 (UK).

[7] M.S. Kharbanda v. State, (2016) 13 SCC 12.

[8] (2010) 6 SCC 1.

[9] Ramesh Kumar v. Union of India, (2013) 11 SCC 798.