Published on: 27th November, 2025
Authored by: Nikita Kumari
Bhagat Phool Singh Mahila Vishwavidyalaya, Sonepat
Abstract
In the digital age, the proliferation of technology has transformed how crimes are committed and investigated. Cybercrimes, ranging from financial fraud and data breaches to cyberstalking, increasingly depend on digital evidence for effective adjudication. While Indian law, through the Information Technology Act, 2000, and the Indian Evidence Act, 1872, has incorporated provisions for the admissibility of electronic records, practical enforcement of these provisions has been fraught with challenges. This article examines the statutory framework, judicial trends, and hurdles surrounding the admissibility of digital evidence in India. Drawing from comparative international practices, it highlights the pressing need for reforms to ensure the integrity, reliability, and efficiency of cybercrime prosecution.
I. Introduction
The twenty-first century has ushered in an era where the majority of human activity leaves a digital footprint. From social media communications to encrypted messaging applications, every interaction generates data. Inevitably, this has altered the nature of criminal activity, giving rise to sophisticated cybercrimes such as phishing scams, ransomware attacks, and identity theft. Traditional evidentiary principles, designed for tangible documents and oral testimony, struggle to accommodate these technological realities. Indian courts are increasingly confronted with a critical question: How should digital evidence be authenticated and admitted in trials?
This paper seeks to answer that question by analyzing India’s statutory scheme and judicial responses, examining the systemic challenges that persist, and exploring lessons from international jurisdictions. The analysis demonstrates that while India has established a legal framework for digital evidence, significant procedural and practical obstacles remain. Only through comprehensive reform can the Indian legal system effectively address the evolving challenges of cybercrime in the digital era.
II. Statutory Framework
The legislative foundation for digital evidence in India rests primarily on the Indian Evidence Act, 1872,[1] as amended by the Information Technology Act, 2000.[2] Sections 65A and 65B specifically address electronic records. Section 65B(1) provides that electronic records may be admitted as evidence, provided the conditions outlined in Section 65B(2) are met. Crucially, Section 65B(4) mandates a certificate—issued by a person in charge of the computer system—attesting to the authenticity of the electronic record. This certificate must identify the electronic record, describe how it was produced, and provide details of the device used.
Additional provisions further buttress this framework. Section 67A addresses the authentication of electronic signatures, while Sections 85A through 85C create presumptions regarding secure electronic records, electronic signatures, and digital signature certificates. Together, these provisions establish a comprehensive statutory scheme for admitting electronic evidence, though their practical application has proven more complex than the legislative text suggests.
III. Judicial Interpretation
The Supreme Court of India has issued several landmark rulings clarifying the requirements for admitting electronic evidence. In Anvar P.V. v. P.K. Basheer,[3] the Court held that electronic records are admissible only if accompanied by the mandatory Section 65B(4) certificate. This decision settled earlier ambiguity and established a strict procedural requirement for authentication.
The Constitution Bench in Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal[4] reaffirmed this requirement, explicitly overruling earlier decisions such as Shafhi Mohammad v. State of Himachal Pradesh[5] that had suggested greater flexibility in admitting electronic evidence. The Court emphasized that the certificate requirement serves a crucial purpose: ensuring the reliability and authenticity of evidence that is uniquely susceptible to tampering.
Other significant cases have further developed this jurisprudence. In Tomaso Bruno v. State of Uttar Pradesh,[6] the Court highlighted the evidentiary value of electronic records in criminal trials while maintaining that procedural safeguards remain essential. This body of case law reflects the judiciary’s attempt to balance the need for flexible evidence rules in the digital age with concerns about reliability and authenticity.
IV. Challenges in Admissibility
Despite statutory clarity and judicial guidance, multiple hurdles impede the effective use of digital evidence in cybercrime cases:
1. Procedural Rigidity in Obtaining Certificates: The Section 65B(4) certificate requirement, while designed to ensure authenticity, creates significant practical difficulties. Many organizations lack designated persons who can issue such certificates, and law enforcement agencies often struggle to obtain certificates from third-party service providers, particularly foreign platforms.
2. Limited Technical Expertise: Investigators, prosecutors, and judges frequently lack the specialized knowledge required to properly collect, preserve, and evaluate digital evidence. This knowledge gap leads to inadvertent contamination of evidence, improper chain of custody documentation, and difficulty assessing the reliability of technical claims.
3. Vulnerability to Tampering: Electronic records are inherently fragile and susceptible to manipulation. Without proper forensic protocols and secure storage systems, digital evidence can be altered, deleted, or corrupted—often without leaving obvious traces. Courts must grapple with determining authenticity when the evidence itself may have been compromised.
4. Inconsistent Judicial Interpretation: Despite Supreme Court guidance, lower courts continue to apply the Section 65B requirements inconsistently. Some courts strictly enforce the certificate requirement, while others adopt more lenient approaches, creating uncertainty for litigants and law enforcement.
5. Cross-Border Jurisdictional Issues: In an increasingly globalized digital environment, critical evidence is often stored on foreign servers or held by international service providers. Obtaining such evidence requires navigating complex mutual legal assistance treaties and overcoming jurisdictional barriers, causing significant delays in investigations and prosecutions.
These challenges collectively undermine the effectiveness of India’s cybercrime enforcement regime and necessitate comprehensive reform.
V. Comparative Perspective
Examining how other jurisdictions address digital evidence illuminates potential solutions for India’s challenges. The United States adopts a more flexible approach under the Federal Rules of Evidence.[7] Rule 901 requires only that evidence be authenticated by showing it is what the proponent claims, without mandating specific certificates. Courts have discretion to determine authenticity based on circumstantial evidence, expert testimony, or distinctive characteristics of the evidence itself.
In the United Kingdom, the Police and Criminal Evidence Act, 1984,[8] emphasizes chain of custody documentation and expert testimony rather than rigid certification requirements. This approach allows for adaptability while maintaining evidentiary reliability through procedural safeguards.
China has begun experimenting with innovative technological solutions. Recent provisions recognize digital records secured through blockchain technology as admissible in court,[9] acknowledging that technological authentication can sometimes provide greater reliability than traditional methods. This forward-looking approach demonstrates how legal systems can leverage technology to solve evidentiary challenges.
These comparative examples suggest that India’s rigid certification requirement may be unnecessarily restrictive, and that greater flexibility—coupled with robust chain of custody protocols and expert testimony requirements—could better serve the goals of both justice and efficiency.
VI. Emerging Trends and Global Best Practices
Jurisdictions worldwide are increasingly adopting technological solutions to evidentiary challenges. Blockchain authentication systems provide tamper-evident records of evidence handling, creating immutable audit trails. Artificial intelligence tools assist in analyzing vast quantities of digital data, identifying patterns that would be impossible for human investigators to detect manually.
International cooperation has also expanded through frameworks such as the Budapest Convention on Cybercrime,[10] which facilitates cross-border evidence sharing and establishes common standards for digital investigations. India’s participation in such international efforts is essential for addressing transnational cybercrimes effectively.
These trends underscore a fundamental reality: legal systems must evolve alongside technology. Static procedural rules risk becoming obsolete as new technologies emerge, while flexible frameworks that embrace innovation can adapt to changing circumstances.
VII. Conclusion and Recommendations
The future of criminal justice in India hinges on adapting evidentiary frameworks to technological realities. While the current statutory scheme provides a foundation, significant reforms are necessary to address persistent challenges. This article recommends the following measures:
1. Simplify Certification Requirements: Amend Section 65B to allow alternative methods of authentication, including expert testimony, chain of custody documentation, and technological verification systems. Maintain strict authentication standards while providing greater procedural flexibility.
2. Establish Uniform Forensic Protocols: Develop standardized procedures for collecting, preserving, and analyzing digital evidence. Create accreditation systems for digital forensic laboratories and establish minimum qualifications for forensic examiners.
3. Enhance Technical Training: Implement comprehensive training programs for police, prosecutors, and judges on digital evidence issues. Establish specialized cybercrime courts with judges trained in technology matters.
4. Strengthen International Cooperation: Ratify the Budapest Convention on Cybercrime and negotiate bilateral agreements facilitating expedited evidence sharing. Develop domestic procedures for efficiently processing foreign evidence requests.
5. Adopt Technological Solutions: Explore blockchain-based evidence management systems and AI-assisted forensic tools. Encourage innovation while maintaining human oversight and accountability.
These reforms will ensure that India’s legal system remains equipped to address cybercrime’s evolving challenges. As technology continues to reshape society, the law must adapt accordingly—not by abandoning fundamental principles of justice, but by finding new ways to implement them in a digital world.
References:
[1] Indian Evidence Act, No. 1 of 1872, INDIA CODE (1872). ↩
[2] Information Technology Act, No. 21 of 2000, INDIA CODE (2000). ↩
[3] Anvar P.V. v. P.K. Basheer, (2014) 10 SCC 473 (India). ↩
[4] Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal, (2020) 7 SCC 1 (India). ↩
[5] Shafhi Mohammad v. State of Himachal Pradesh, (2018) 2 SCC 801 (India). ↩
[6] Tomaso Bruno v. State of Uttar Pradesh, (2015) 7 SCC 178 (India). ↩
[7] Fed. R. Evid. 901 (U.S.). ↩
[8] Police and Criminal Evidence Act, 1984, c. 60 (U.K.). ↩
[9] See Supreme People’s Court of China, Provisions on Several Issues Concerning the Trial of Cases by Internet Courts (2018) (China). ↩
[10] Convention on Cybercrime, Nov. 23, 2001, 2296 U.N.T.S. 167. ↩
