Digital Evidence and Cybercrime: Admissibility and Challenges under Indian Law

Introduction

Today, almost everything we do leaves behind some form of digital footprint — whether it is through emails, text messages, CCTV recordings, or even data stored on the cloud. This shift has transformed the way crimes are investigated, bringing digital evidence to the forefront of modern criminal justice. Unlike physical objects or even human testimony, digital evidence is far more delicate. It can be altered, erased, or corrupted with alarming ease, which makes handling it a far greater challenge than the law originally anticipated.

The traditional rules of criminal procedure were built around tangible forms of proof like physical evidence and eyewitness accounts. But digital evidence requires a very different approach to how it is collected, preserved, and authenticated, and this often clashes with the older legal framework. This mismatch between established law and modern reality exposes some serious gaps in our system. On top of that, the sheer volume of data that investigators now have to sift through creates huge logistical and financial burdens, making the task even more complicated. In the increasing development over social media cyber crimes through phones such as harassment, stalking etc have only texts through Instagram, whatsapp and other similar social media communication as crucial proof to give cause of action. In this kind of era courts should mould laws to determine the originality and admissibility of digital evidence.

If justice is to keep pace with technology, simply updating old laws will not be enough. What is needed is a holistic approach — one that blends legal reform with advances in technology. This means rethinking how courts authenticate digital material, investing in stronger forensic tools and infrastructure, and creating rules that strike a fair balance between effective investigations and the protection of individual rights.

What is Digital Evidence?

Digital evidence is any kind of information stored or shared through electronic devices that can help in solving a legal dispute or criminal investigation. It could be something as small as a text message, an email, browsing history, a file stored on a hard drive, or even security camera footage uploaded to the cloud. Unlike physical proof such as fingerprints or documents, digital evidence usually cannot be seen or understood directly as it has to be extracted and interpreted through forensic methods.

What makes digital evidence unique is its nature. It can cross countries within seconds, making jurisdictional issues complicated for investigators. At the same time, it is fragile and can be easily altered, deleted, or destroyed. This sensitivity makes it vital to preserve such evidence carefully and quickly before it is lost.

Courts do not automatically accept digital material as evidence. Judges first check if it is relevant to the case, whether it is genuine, if it amounts to hearsay, and whether the copy produced is accurate enough to be considered an “original.” Because of these checks, investigators usually need a valid warrant before they can seize or search digital devices. Otherwise, the evidence may be ruled inadmissible.

Another challenge is that digital evidence rarely exists in a form readable by humans. For example, raw data might have to be converted into printouts or reports before it can be presented in court. To address this, modern evidentiary rules have clarified that such printouts can be treated as original documents, as long as they accurately reflect the stored data. 

In short, digital evidence is a modern tool for justice — powerful, but delicate. It must be collected and handled with great care so that it can truly serve its purpose in a court of law.

Legal Framework in India

Section 61 of Bharatiya sakshiya Adhiniyam defines “Electronic or digital record. “ 

Nothing in this Adhiniyam shall apply to deny the admissibility of an electronic or digital record in the evidence on the ground that it is an electronic or digital record and such record shall, subject to section 63, have the same legal effect, validity and enforceability as other document.
Section 2(t) of Information technology rules, 2000 defines “electronic record” 

It was stated as ”Electronic record means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche”

Admissibility of Digital Evidence: Indian Judicial Approach

State (NCT of Delhi) v. Navjot Sandhu (2005)

The Parliament attack case brought one of the earliest judicial discussions on electronic evidence in India. The Supreme Court, while examining call records and SIM card details, allowed them to be admitted in court even without the mandatory certificate under Section 65B of the Indian Evidence Act. By treating these records as secondary evidence, the Court adopted a flexible and practical approach that gave weight to the material evidence itself rather than insisting on strict procedural requirements.

Although this ruling made it easier for investigators to rely on electronic data, it was not without criticism. Many experts argued that skipping the safeguards under Section 65B left electronic records vulnerable to manipulation and reduced their reliability. The decision was later reconsidered, and its relaxed approach was firmly rejected in subsequent rulings.

Anvar P.V. v. P.K. Basheer (2014)

Nearly a decade later, the Supreme Court revisited the question of admissibility of electronic records in this landmark judgment. Departing from the Navjot Sandhu precedent, the Court held that compliance with Section 65B of the Indian Evidence Act was not optional but mandatory. For any electronic record to be admitted in evidence, it must be accompanied by a certificate explaining how the data was produced and from which device it originated.

The Court clarified that neither oral testimony nor a mere copy of the record would be enough without this certificate. In doing so, it overruled Navjot Sandhu and set out a much stricter standard, underscoring that the authenticity and integrity of digital material are too important to be compromised. This judgment marked a decisive shift in Indian law, placing electronic evidence on a more secure and trustworthy footing.

Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020)

In this case, the Supreme Court once again emphasized the strict application of Section 65B of the Indian Evidence Act regarding electronic records. The dispute arose in the context of an election petition where WhatsApp messages and call records were presented as evidence. The Court made it clear that a certificate under Section 65B is mandatory unless the original electronic device itself is produced before the court. By doing so, the Court overruled its earlier ruling in Shafhi Mohammad v. State of Himachal Pradesh, which had allowed some relaxation in special circumstances. The judgment reinforced procedural discipline and brought clarity, particularly in cases where evidence comes from third-party sources like telecom companies or online platforms.

Shafhi Mohammad v. State of Himachal Pradesh (2018)

Here, the Supreme Court had earlier taken a more flexible approach toward electronic evidence. The Court allowed digital records to be admitted without the Section 65B certificate if the party relying on the evidence did not have control over the device or system from which the data originated. This approach was meant to address practical difficulties, but it opened the door to potential risks concerning authenticity and reliability. Critics argued that it diluted the safeguards meant to prevent tampering or manipulation of electronic data. Eventually, this ruling was set aside in Arjun Panditrao, which restored the stricter evidentiary requirements first laid down in Anvar P.V. v. P.K. Basheer.

Comparative International Perspectives

In the United States, the case of Lorraine v. Markel American Insurance Co. (2007) became a landmark moment in shaping how courts deal with digital evidence. The dispute centered around a yacht damage claim, where the plaintiffs relied heavily on emails and scanned documents to prove their case. Surprisingly, the court didn’t dismiss their claims for lack of substance, but because the electronic evidence had not been authenticated in line with the Federal Rules of Evidence. Judge Paul Grimm’s comprehensive ruling highlighted that digital records must meet strict standards—relevance, authenticity, exceptions to hearsay, and the best evidence rule. His judgment turned into a guiding framework for how electronically stored information (ESI) should be treated in U.S. courts.

Across the Atlantic, in the United Kingdom, R v. Kelly & Lindsay (2000) raised a striking legal issue: could preserved human body parts be considered “property” under the Theft Act of 1968? The case involved stolen anatomical specimens, and digital photographs along with forensic records played a pivotal role. These digital materials demonstrated the scientific skill and preservation involved, convincing the court that the specimens were indeed property. Beyond redefining the scope of “property” in criminal law, the case also underscored how digital forensic evidence can decisively shape legal outcomes.

In Australia, R v. Butera (1987) tested the limits of audio evidence in a drug trafficking conspiracy trial. The prosecution presented multilingual audio recordings alongside translated transcripts. The defense challenged their accuracy, questioning whether they could be fairly admitted. The High Court held that while transcripts are not evidence on their own, they can be used to assist jurors if the recordings are properly authenticated. Translations were treated as expert testimony, demanding careful procedural safeguards. This case set an enduring precedent for admitting audio and linguistic digital evidence, particularly in complex multilingual settings.

Complexity in admitting digital evidence 

1. Procedural rigidity under the Bharatiya Sakshya Adhiniyam (BSA)

Although the Bharatiya Sakshya Adhiniyam has replaced the colonial-era Evidence Act and updated the law to accommodate electronic records, it still preserves the old requirement of certification—very similar to the earlier Section 65B. This has become one of the biggest procedural hurdles in digital litigation. Where evidence is coming from outside platforms, cloud servers, or foreign devices, it is seldom that litigants can obtain the required certificate from the custodian of the system. Thus, essential material is frequently bypassed, not because it is irrelevant, but because it does not satisfy this stringent technical requirement. Although the Bharatiya Nyaya Sanhita (BNS) is progressive in its definition and punishment of cybercrimes, admissibility of such evidence rests on its conformity to the rigorous procedural requirements of the BSA. 

2. Authenticity and integrity of electronic records

The dependability of electronic records is questioned on a daily basis as they can be modified, deleted, or even created with ease. In the BNS, in relation to cyber theft (Section 316) and cybercrime offenses (Section 111), which are criminalized, establishing that an electronic record is authentic becomes necessary. Courts have difficulty fulfilling this duty, though, when they lack standardized forensic protocols for verifying metadata, hash values, or timestamps. If the chain of custody is uncertain, or if they are presented without adequate verification, their probative value is reduced, creating great lacunae in prosecution as well as defense.

3. Gaps in technical competence among legal actors

Whereas the BNS has broadened the domain of cybercrimes, most of those responsible for upholding the law—judges, investigators, and prosecutors—have no specialist training in technology. Knowing blockchain, encrypted communication, or digital forensic imaging does not form part of general legal study. Lack of technological skill tends to leave courts devaluing or misinterpreting electronic evidence. Cases consequently get resolved not on the merits of available proof, but on the ability of lawyers to demystify the technology for the bench.

4. Inadequate forensic infrastructure

India’s forensic infrastructure remains behind the needs of contemporary digital crime. Sophisticated cyber labs are rare, and the few that do exist often grapple with archaic equipment and lack of personnel. Forensic analysis is usually delayed, weakening the probative value of digital evidence. For crimes like digital cheating (Section 318) or cybercrime by groups (Section 111), timely forensic assistance is critical. However, in the absence of regular infrastructure, justice tends to get delayed or diluted.

5. Privacy issues and constitutional protections

With the BNS bringing in new forms of cyber offenses, the use of personal digital evidence such as emails, private conversations, or CCTV signals has become more prevalent. This, however, poses immediate privacy concerns. In the lack of a structured data protection regime, the judiciary is left to walk a thin line between admitting such records and preserving constitutional rights of the individual. Such tension becomes more pronounced in situations involving illegal surveillance or coercive harvesting of data from personal devices, where the distinction between legal investigation and privacy intrusion is yet indistinct.

6. Inconsistent judicial approaches

Despite the new legal regime, Indian courts are not uniform in dealing with digital evidence. While some benches are adamant on strict procedural adherence, others permit a relaxed approach in the spirit of justice. Such inconsistency creates uncertainty and dilutes the consistency of the law. Unless the higher judiciary establishes clear, binding guidelines, the admissibility of digital records will remain case-dependent, and results will remain uncertain.

7. The challenge of cross-border evidence

Cybercrimes seldom remain within the confines of national borders. But India’s non-membership in the Budapest Convention on Cybercrime renders it increasingly difficult to retrieve data stored outside. Phishing frauds, cryptocurrency scams, and identity thefts increasingly engage servers and service providers in foreign locations. Lacking a streamlined process for global cooperation, requests for electronic records travel slowly, creating critical delays and gaps in evidence. This extremely curtails the BNS’s effectiveness in combating transnational cybercrime.

Suggestions and regulations for digital evidence in India

• Relaxation of strict certification requirements under the BSA

The Bharatiya Sakshya Adhiniyam still insists on formal certification of electronic records, which can hinder justice when the information is in foreign custody or on decentralized platforms. Rather than insisting on a certificate issued by the device custodian, the legislation could allow other forms of authentication—e.g., affidavits signed by investigating officers, automated server records, or blockchain-secured verification. Courts must be authorized to accept digital evidence if their authenticity and source are evidently credible by forensic means, even without certification. This would improve evidentiary adaptability while maintaining protection under the BNS for crimes of digital fraud, organized cybercrime, or electronic record tampering.

• Statutory endorsement of forensic validation methods

The BSA ought to clearly acknowledge technical indicators—like hash values, metadata, timestamps, and digital signatures—as evidentiary material for the verification of authenticity. These forensic markers are presently utilized in cybercrime probes in terms of the BNS (e.g., Sections 111 and 318), but do not enjoy formal evidentiary status. The institution of statutory presumption of reliability for data that had been processed via accredited forensic laboratories would minimize admissibility disputes and simplify judicial examination. This reform would also promote standardization throughout jurisdictions so that digital evidence is handled consistently and credibly.

• Compulsory digital literacy for judicial and investigative players

For the successful enforcement of the BNS’s cybercrime provisions, the legislature must include regular digital literacy training for judges, prosecutors, and police officers. Cyber courts with specialized cyber benches can be set up to deal with cases that have complicated digital evidence so as to provide domain experience and procedural certainty. Without this training, the evidentiary relevance of electronic records—particularly in cases based on encrypted communications, cryptocurrency, or AI-generated material—may be misspecified or underestimated, weakening the aims of both the BNS and BSA.

• Building forensic infrastructure and accreditation

India’s forensic capability needs to be ramped up to address the requirements of the BNS’s enlarged digital offence categories. Parliament ought to provide specific funding for state-level cyber forensic labs, with standardized procedure and accreditation guidelines. Private forensic labs need to be brought under regulation as well, so their reports can be used by courts on a consistent basis without constant admissibility hearings. This would speed up the examination of digital evidence and increase its evidentiary credibility, particularly in digital impersonation, tampering cases, as well as organized cybercrime under the BNS.

• Privacy protection in evidence gathering and usage

The BNS criminalizes numerous kinds of digital misbehavior, but the gathering and utilization of personal digital records like chats, emails, or biometric information need to be weighed against constitutional protections of privacy. The BSA ought to include a test of necessity and proportionality for admitting personal digital evidence, similar to the scrutiny put on surveillance or wiretap material. Judicial oversight must be mandatory over intrusive searches so that digital evidence cannot be weaponized against citizens lacking due process. This reform would bring the BNS’s enforcement powers into alignment with changing privacy jurisprudence.

• Uniform judicial guidelines for digital admissibility

To minimize interpretational uncertainty, the Parliament or Supreme Court must promulgate binding guidelines under the BSA for admitting electronic evidence. A codified system—akin to the U.S. Federal Rules of Evidence—would specify authentication standards, exceptions to hearsay, and best evidence rules in a digital setting. This would engender consistency among High Courts and lower courts, ensuring predictability and consistent examination of digital evidence under the BNS’s procedural and substantive provisions.

Conclusion

Digital evidence has now become the backbone of many criminal trials, especially those involving cybercrimes. Over the years, Indian courts have moved from a flexible stance in Navjot Sandhu to the stricter compliance demanded in Anvar P.V. and Arjun Panditrao. Yet, despite this evolution, several obstacles continue to limit its effective use. The rigid certification requirements, weak forensic infrastructure, lack of uniform judicial practice, and difficulties in accessing cross-border data all make the process more complex than it should be.

If India is to keep pace with the realities of the digital age, change cannot stop at updating statutory provisions. The system needs stronger forensic laboratories, better training for judges and investigators, and clear, standardized methods for verifying electronic records. At the same time, global cooperation is vital to handle crimes that spread across borders. Importantly, these reforms must go hand-in-hand with the protection of individual privacy, so that the push for efficiency does not come at the cost of constitutional freedoms. Only by striking this balance can digital evidence become a reliable tool that strengthens, rather than weakens, the pursuit of justice in the twenty-first century.

References

• State (NCT of Delhi) v. Navjot Sandhu (2005) — Indian Kanoon: https://indiankanoon.org/doc/1769219/ Indian Kanoon
• Anvar P.V. v. P.K. Basheer (2014) — PDF of the judgment: https://aphc.gov.in/docs/imp_judgements/Anvar%20PV%20case.pdf APHC
• Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) — Indian Kanoon: https://indiankanoon.org/doc/172105947/ Indian Kanoon
• Shafhi Mohammad v. State of Himachal Pradesh (2018) — Indian Kanoon: https://indiankanoon.org/doc/61591149/
• Lorraine v. Markel American Insurance Co., 2007 – LORRAINE v. MARKEL AMERICAN INS. CO | CIVIL ACTION NO. PWG-06-1893. | D. Md. | Judgment | Law | CaseMine
• R v. Kelly & Lindsay, 2000 – R v Kelly [1998] 3 All ER 741
• R v. Butera, 1987 – R v Butler – Wikipedia
• Information Technology Act, 2000, Section 2(t) – it_act_2000_updated.pdf
• Bharatiya Sakshya Adhiniyam, 2023, Section 61- India Code: Bharatiya Sakshya Adhiniyam, 2023