CHALLENGES AND LEGAL FRAMEWORK FOR THE ADMISIBILITY OF DIGITAL FORENSICS IN BORDERLESS CYBER CRIME

ABSTRACT

Cybercrime often crosses national borders, and its borderless nature makes it hard for investigators and courts to handle digital evidence. Unlike physical objects, digital evidence is fragile, easy to change or manipulate, and stored in many different countries. The Courts wants proof that such evidence is reliable and collected legally, but in case of cybercrimes is difficult when laws differ from country to country. This paper focuses on the main problems faced in accepting digital forensic evidence in the court and reviews the legal rules and regulations that apply. It also suggests practical ways to the court, how to improve and deal with such evidence, such as building stronger co-operation between countries, use of technical standards, and better training for judges and investigators to deal with such situations.

Keywords: Digital forensic, Admissibility, Jurisdictional issues, Digital evidence manipulation, Forensic procedures

INTRODUCTION

Today, crimes committed on the internet does not stay within one country. A hacker being in one country may use servers of another country and attack victims spread across the world. This global nature of cybercrime makes digital evidence extremely important. Logs, emails, chats, and data stored on servers often provide the main proof needed to catch and punish cybercriminals. But digital evidence is not like a gun, a knife, or fingerprint, it can disappear in seconds, be copied many times, or be stored on a server thousands of miles away. Because of these reasons, courts are very careful when deciding whether to allow such evidence. The challenges become even bigger in the case, when the evidence comes from outside the country where the trial is taking place. 

Courts, police, and investigators all over the world now face new kinds of crimes that never existed before the internet boom. Anyone with a computer or smartphone can connect and interact from one country to another in just seconds, without thinking about borders. For example, a person in Asia can target a victim living in Europe, using servers based in America or Africa. This makes it difficult for traditional law enforcement agencies that are used to working only within their own territories. Because cybercrime rarely respects borders, figuring out who did what, when, and where requires collecting pieces of evidence from various locations and devices, sometimes spanning multiple continents.

The difficulties mean that judges, police, and lawyers are all learning as they go, and old legal systems are struggling to keep up with the pace of change in digital crime. It is now more important than ever to find ways for different countries to work together, update laws, and train everyone involved so that digital evidence can help bring justice in cybercrime cases.

This article focuses on two main questions:

1. What problems do investigators and courts face when they try to use digital evidence in borderless cybercrime cases?
2. What legal rules currently exist to deal with these problems, and are they enough?

INTERNATIONAL RULES ON DIGITAL EVIDENCE

The Budapest Convention

The Budapest Convention on Cybercrime (2001) is the first international treaty on this subject. It tries to make sure countries use similar rules to fight cybercrime. It also gives a framework for sharing electronic evidence. More than sixty countries have joined, but not all major powers are part of it even including India. This limits its usefulness because cybercrime often involves countries outside the treaty.

Mutual Legal Assistance Treaties (MLATs)

Before the Budapest Convention, countries mainly used Mutual Legal Assistance Treaties (MLATs) to share evidence if any cybercrime happens. These treaties still exist, but they are very slow at taking any action regarding the matter. A request for evidence may take months to process, while digital data may only be available for a few days. This delay often means the evidence is lost before the investigators gets it.

New Efforts

Some regions are trying to improve such as – The European Union is working on its E-evidence Regulation, and the United States passed the CLOUD Act, which allows faster sharing of data between the U.S. and other partner countries. These are the steps in the right direction, but privacy and human rights concerns still remains.

NATIONAL RULES ON ADMISSIBILITY

• United States

In the U.S., courts use the Daubert standard to verify the admissibility of an evidence. Under this, judges decide whether expert testimony, including digital forensic evidence, is reliable. They check if the method used is tested, reviewed by other experts, has known error rates, and is generally accepted. This flexibility of rules allow new forensic techniques to be admitted, but it also means that judges must understand the technical details. The Daubert standard comes after the case of Daubert v. Merrell Dow Pharmaceuticals, 509 U.S. 579 (1993), in the U.S. Supreme Court ruled that trial judges must act as gatekeepers to ensure expert evidence, including digital forensic methods, is reliable and based on tested, peer-reviewed science with known error rates.

• India

India uses Section 65B of the Indian Evidence Act (section 63 of Bharatiya Sakshya Adhiniyam, 2023). This section requires a special certificate when electronic evidence is presented in court. Without this certificate, evidence may be rejected and cannot be presented before the court of law. In the case of Anvar P.V. v. P.K. Basheer (2014), the Supreme Court made it clear that the certificate is compulsory. This strict rule often causes problems, because genuine evidence can be excluded for small procedural errors.

• Other Countries

Different countries have different approaches regarding the admissibility of the digital evidence. The U.K., for example, focuses on whether evidence is reliable and authentic. Once admitted in the court, the weight of the evidence is decided by the judge or jury. This diversity makes cross-border cases complicated. Evidence collected legally in one country may not be accepted in another.

CHALLENGES FOCUSING ON DIGITAL EVIDENCE

1. Fragile Nature of Data – Digital evidence is simply able to be altered or removed. To prove that the data has not been altered, investigators must employ specialized techniques such as write blockers and hash values. Defense attorneys may contend that the evidence is unreliable if they did not properly do this.
2. Chain of Custody – Courts require a clear record of who handled the evidence from start to finish. With digital evidence, the chain of custody may involve police officers, forensic labs, service providers, and even foreign authorities. If this chain is broken or not well-documented, evidence may be rejected.
3. Metadata Problems – Metadata (such as timestamps, IP addresses, and geolocation) is often key in proving where and when a crime happened. But small errors like time zone differences or system clock mistakes can create confusion. Defence lawyers can use these inconsistencies to question the reliability of evidence.
4. Encryption and Disappearing Messages – Many criminals use encrypted apps or services where messages disappear quickly. Investigators may only get partial data, such as metadata instead of the actual content. Courts then face the question: is this partial evidence enough to convict someone?

HOW COURTS DEAL WITH  RELIABILITY 

1. Expert Witnesses – Digital evidence is usually explained in court by forensic experts. Judges then have to decide whether to trust these experts and their methods. In many cases, two experts may give opposite opinions. This can confuse judges who do not have technical backgrounds.
2. Strict vs. Flexible Rules – Some countries, like India, are very strict and demand formal certificates. Others, like the U.S., allow more flexibility but expect judges to carefully check the reliability of the methods used. Both approaches have pros and cons. Strict rules may block genuine evidence, while flexible rules may allow unreliable methods if judges lack technical knowledge.

PROBLEMS IN PRACTICE

1. Slow International Requests – MLAT requests are too slow for the fast-moving nature of cybercrime. Evidence may be deleted before the request is processed. This is a major reason why investigators and scholars call for new, faster systems.
2. Lack of Technical Knowledge – Many judges are not experts in technology. Expecting them to evaluate forensic tools and methods is unrealistic. Without training, judges may either reject valid evidence or accept unreliable methods.
3. Dependence on Private Companies – Much evidence is stored by private companies like Google, Meta, or Microsoft. These companies may cooperate, but they are not always obliged to. They also have their own privacy rules and business interests. This creates uncertainty for investigators.

SUGGESTIONS TO THE POSSIBLE

• Use International Standards:

Countries should adopt standards like International Organizations of Standards (ISO) and International Electro-technical Commission (IEC) for collecting and preserving evidence. Following such standards gives courts more confidence in the reliability of digital evidence.

• Training for Judges and Lawyers:

Courts should train judges, prosecutors, and defence lawyers the basic digital forensics. Specialised experts could also be appointed to guide courts.

• Faster International Cooperation:

Mutual Legal Assistant Treaties (MLATs) needs to reform and countries should create faster, transparent, and secure ways of sharing electronic evidence. Emergency preservation orders can help prevent loss of data.

• Obligations for Service Providers:

Laws should require service providers to keep certain logs for a minimum time and share them with authorities when legally requested. Transparency reports can improve trust.

• Step-by-Step Admissibility:

Courts could use a layered approach:

First, to check if the raw data is authentic or not, then, review the forensic process used; and finally, evaluate the conclusions (such as who committed the act) with the most caution.

CONCLUSION

Digital forensic evidence is vital in solving cybercrime, but it comes with serious challenges. It is fragile, easily altered, and often stored in different countries. Courts must balance the need for reliable evidence with respect for legal procedures and privacy rights.

International treaties like the Budapest Convention and national rules such as Section 65B in India or the Daubert standard in the U.S. show different approaches to the same problem. None of them fully solves the issue of borderless cybercrime.

The future lies in a mix of solutions: better international cooperation, stronger technical standards, training for legal professionals, and clearer duties for private companies. Only then can digital evidence be admitted in court with confidence, allowing justice systems to deal effectively with crimes in the digital age.

REFERENCES

• Convention on Cybercrime (Budapest Convention) (opened for signature 23 November 2001, entered into force 1 July 2004) ETS No 185, art 32
• Indian Evidence Act 1872, s 65B
• Orin S Kerr, Digital Evidence and the New Criminal Procedure (Columbia L Rev 2005) 345
• Anvar P.V. v P.K. Basheer (2014) 10 SCC 473 (India)
•  Paul Craig, ‘Theory, “Pure Theory” and Values in Public Law’ PL 440
• Council of Europe. (2001). Convention on Cybercrime (Budapest Convention). Retrieved from  https://www.coe.int/en/web/conventions/full-list?module=treaty-detail&treatynum=185
• Daubert v. Merrell Dow Pharmaceuticals, 509 U.S. 579 (1993.
• International Organization for Standardization. (2012). ISO/IEC 27037:2012: Information technology – Security techniques – Guidelines for identification, collection, acquisition and preservation of digital evidence. Geneva: ISO
• Kerr, O. S. (2005). Digital evidence and the new criminal procedure. Columbia Law Review, 105(2), 279–318