DIGITAL EVIDENCE AND CYBERCRIME: ADMISSIBILITY AND CHALLENGES UNDER INDIAN LAW

INTRODUCTION

The rapid advancement of technology and proliferation of the internet have transformed the way a society operates, but at the same time given rise to new forms of criminal activity.

The digital revolution has transformed every aspect of human life, but it has also ushered in new forms of crime that transcend the traditional notions of law.

Cybercrime, in its different forms like hacking, phishing, identity theft, and online fraud, now dominates the landscape of criminal justice, making digital evidence the cornerstone of modern prosecution.

India has firmly responded to this alarming upsurge in cybercrimes by enacting various concrete legislation. The first concrete step towards this was the enactment of the Information Technology Act 2000, which laid down the foundation for recognizing digital evidence and electronic records. This was strengthened by the provision of the Indian Evidence Act, which was further repealed by the Bhartiya Sakshya Adhiniyam 2024, which widened its scope.

However, due to rapid revolution and advancement of technology, the variants of cybercrimes are also changing at an alarming rate. The enactment of legislation focusing on the admission of digital evidence as reliable evidence is also not as simple and easy as it seems to be due to the problems of authenticity and chain of custody, jurisdictional hurdles, and privacy concerns. Inadequate information, a lack of specialized expertise among law enforcement, and cross-border issues further complicate the effective use in courts.

Thus, while legal reforms have laid down the foundation, the intersection of cybercrimes and digital evidence continues to demand dynamic legislative, judicial, and institutional responses to provide concrete and fair justice in this digital realm, as inferred by the words of

B.N.Srikrishna Jt. “Law has to run fast to keep pace with technology, otherwise Justice will become a casualty in the digital age.”[1]

This article aims to examine the digital evidence and cybercrime, analyze its admissibility under Indian law, and examine the challenges and refer to necessary steps to strengthen the justice system in the digital age.

UNDERSTANDING CYBER CRIME AND DIGITAL EVIDENCE

• • DIGITAL EVIDENCE

“Evidence is the basis of justice; withdraw evidence, you withdraw justice.”[2]

Evidence is derived from the Latin word evident or evidere, “ meaning to show clearly, discover clearly, or to ascertain.

According to Blackbook Law Dictionary, Evidence is something including testimony, documents, and tangible objects that tends to prove or disprove the existence of any alleged act.

“Extraordinary claims require extraordinary evidence”.Carl Sagan’s statement states that extraordinary claims should not be accepted without conclusive evidence.

Similarly, in the Indian justice system, evidence holds a pivotal role in establishing the claim and defence of both parties involved. Evidence can be of many forms, but its admissibility depends on the court’s discretionary powers, following the established rules and laws. As technology is advancing, digital evidence is considered relevant in the Indian court of justice.

According to Justice Markandey Katju, former judge of the Supreme Court, “The internet has become both boon and bane. The challenge before the courts is to separate truth from manipulation in this virtual world .”

Historically,  Evidence stored electronically has been treated as hearsay in the legal system, as there were no reliable methods to verify the accuracy of data stored in digital form.

But, the Honorable Supreme Court in Tomasso Bruno and Anr vs State of UP [3]Observed, “With increasing impact of technology in everyday life and as a result, the production of electronic evidence in cases has become relevant to establish the guilt of the accused or the liability of the defendant. And that production of scientific and electronic evidence is a great help to the investigation agency and also the prosecution .”

• DEFINITIONS

According to Section 2(t) of the Information Technology Act 2000, an “electronic record” has been defined as a data record or data generated, image or sound stored, received, or sent in an electronic form or microfilm of computer-generated microfiche.

According to Section 2(1)(d)  of Bhartiya Sakshya Adhiniyam  “document” means any matter expressed or described or otherwise recorded upon any substance by means of letters, figures or marks or any other means or by more than one of those means, intended to be used, or which may be used, for the purpose of recording that matter and includes electronic and digital records.

According to Section 2(1)(e) of Bhartiya Sakshya Adhiniyam “evidence” means and includes–

(i) all statements, including statements given electronically, which the Court permits or requires to be made before it by witnesses in relation to matters of fact under inquiry, and such statements are called oral evidence;

(ii) all documents, including electronic or digital records produced for the inspection of the Court, and such documents are called documentary evidence.

TYPES OF DIGITAL EVIDENCE

Here are some examples of Digital Evidence:-

1. Communication through text messages, emails, and other messaging platforms. It also includes social media posts, comments, messages, and content from other digital platforms.
2. Digital documents, spreadsheets, other file types, and digital photos, videos
3. Mobile devices and some digital cameras record GPS and location data, phone records, and financial transaction records
4. Fingerprints, face recognition data, etc.

CYBERCRIME

Any criminal activity that involves a computer, networked device, or any other related device can be considered cybercrime. There are some instances when cybercrimes are carried out with the intention of generating profit from the cybercrime, whereas other times a cybercrime is carried out directly to damage or disable the computer or device.

In India, cybercrimes are covered by the IT Act 2000, which deals with issues related to cybercrimes. However, in the year 2008, the Act was amended and outlined the definition and punishment of cybercrimes. Several amendments to the Indian Penal Code[4] (now repealed ) and the Reserve Bank of India Act [5]They were also made.

TYPES OF CYBERCRIMES

• Child Pornography or Child Sexually Abusive Material – It includes any material containing sexual images in any form, wherein both the child being exploited or abused may be seen.

Section 67B of the IT Act[6] States that the publication or transmission of any material depicting children in a sexually explicit act in any electronic form is punishable.

• Cyberbullying – A cyberbully is someone who harasses or bullies others using electronic devices like computers, mobile phones, laptops, etc.
• Cyberstalking- It is an act of harassing or stalking another person online using the internet and other technology.
• Cybergrooming- It involves a person building a relationship with a teenager and having a strategy of luring, teasing, and even putting pressure on them to perform a sexual act.
• Phishing, Vishing, and Smishing- Fraud involving phishing is when an email appears to be from a legitimate source but contains a malicious attachment to steal personal information.

Vishing refers to where confidential information of a victim is stolen by using their mobile phone.

Smishing is a type of fraud that uses text messages on mobile phones to deceive victims into calling fake numbers, visiting malicious websites, or downloading harmful software.

Role of Digital Evidence in Crime Investigation

Cybercrimes are one of the serious issues in India. As the technology is advancing with galloping steps, so are its misuse and criminal activities related to it.

According to the Latest published report of the National Crime Record Bureau (NCRB), there has been an upsurge of 24.4% in cybercrime cases, with cyber fraud being the most common. Extortion, 5.5% and sexual exploitation, 5.2% were other notable categories of cybercrimes. Nearly 20 lakh complaints were reported in 2024, and identified specific types of fraud like digital arrests and fake FedEx scams as major concerns.

LEGAL FRAMEWORK GOVERNING DIGITAL EVIDENCE

• Key International Institutions and Standards

1. Budapest Convention on Cybercrime (Council of Europe)[7] – Primary International treaty that worked to harmonise national laws related to cybercrime, which directly affects the handling of digital evidence in cross-border investigations
2. ISO/IEC 27037:2012[8]– This international standard provides technical guidelines for the identification, collection, acquisition, and preservation of digital evidence to ensure its reliability.
   • In India

• The Information Technology Act, 2000

The IT Act, 2000, is the cornerstone legislation for cyber law in India. It defines various cybercrimes and prescribes penalties for offences such as hacking (Section 66), identity theft (Section 66C), cheating by personation using computer resources (Section 66D), and publishing or transmitting obscene material in electronic form (Section 67). The Act also recognizes the legal validity of electronic records and digital signatures (Sections 4 and 5).

• Indian Evidence Act

It is one of the foundational legislation. Initially, it did not bear any direct provision for the admissibility of digital evidence. In the year 2000, an amendment was made, and accordingly, sections 65A and 65B were added, which gave legal recognition to digital evidence.

Section 65A: Lays down the special provisions as to evidence relating to electronic records.

Section 65B: Provides the conditions under which electronic records may be admitted as evidence in court.

• Bharitya Nagarik Suraksha Sanhita[9]

The Bharatiya  Sakshya Adhiniyam (BSA), introduced in 2023 to replace the Indian Evidence Act, is designed to address the evolving nature of evidence, particularly in the digital realm. The BSS places a significant emphasis on digital records and their admissibility, offering more clarity on the procedures to ensure the authenticity of such evidence. One of the key features of the BSS is that it incorporates digital forensics and cybersecurity frameworks into the law, making it easier for law enforcement agencies to gather and present digital evidence in court. The BSS also seeks to harmonize Indian law with international best practices, ensuring that digital evidence can be admissible not just in Indian courts but also in cross-border litigation and arbitration.

• Criminal Procedure Code[10]

Section 91 of the CrPC empowers a court or police officer to issue a summons or order for the production of any document or “thing” if it is necessary for an investigation, inquiry, or trial, and this includes digital evidence like electronic records, call data, and cloud information. While the section does not explicitly mention digital data, courts have interpreted it broadly to encompass electronic evidence, although its admissibility hinges on meeting the requirements of Section 65 of the Evidence Act, which may include a certificate to ensure authenticity.

• Bharitya Nagarik Suraksha Sanhita [11]

The Bhartiya Nagarik Suraksha Sanhita (BNSS), introduced in 2023 to replace the CrPC, is designed to address the evolving nature of evidence, particularly in the digital realm. The Bhartiya Nagarik Suraksha Sanhita (BNSS) doesn’t directly regulate digital evidence itself, but rather mandates the use of audio-video recording for key criminal procedures to ensure transparency and accurate evidence collection. Relevant sections include Section 105, which requires audio-video recording of search and seizure; Section 176(3), mandating videography of crime scenes in serious cases by forensic experts; and Section 185, which requires police to record all searches using audio-video means. These provisions ensure the integrity of digital evidence collected during these procedures.

JUDICIAL PROUNCEMENTS

Several court rulings have helped shape the jurisprudence surrounding the admissibility of digital evidence in India:

• Anvar P.V. v. P.K. Basheer & Others (2014) -In this landmark case, the Supreme Court of India clarified that for any electronic evidence to be admissible, a certificate under Section 65B is mandatory. This judgment overruled the previous ruling in State v. Navjot Sandhu[12](2005), which allowed the admissibility of electronic records without a certificate. The Anvar judgment emphasized that primary electronic evidence, such as original documents in electronic form, needs to be accompanied by a certificate from an appropriate authority to be admissible.
• Tomaso Bruno & Anr. v. State of Uttar Pradesh (2015) -In this case, the Supreme Court ruled that digital evidence, particularly CCTV footage, plays a crucial role in criminal trials. The court emphasized that the admissibility of such evidence must adhere to the provisions under Section 65B.
• Shafhi Mohammad v. State of Himachal Pradesh (2018) -The Supreme Court provided flexibility regarding the submission of certificates under Section 65B. In this case, it was ruled that if obtaining the certificate is impossible (such as in cases where the electronic evidence is not directly under the control of the party presenting it), the certificate requirement may be relaxed, especially when the integrity of the evidence can still be established.
• Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal [13](2020) -Revisiting the requirements of Section 65B, the Supreme Court reaffirmed the necessity of producing the certificate under Section 65B(4) to admit any electronic evidence. The judgment held that the certificate is mandatory unless it can be conclusively proven that obtaining it is impossible or impractical.

CHALLENGES IN ADMISSIBILITY AND HANDLING OF DIGITAL EVIDENCE

Despite the statutory framework, several challenges persist in the admissibility and handling of digital evidence in India.

Technical Challenges

• Volatility and Fragility of Digital Evidence: Because digital evidence is highly volatile and can be easily altered, deleted, or overwritten, ensuring its integrity from the point of collection to its presentation in court is a significant challenge.
• Complexity of Data Retrieval: Because retrieving data from digital devices often requires specialized technical expertise and tools, law enforcement agencies may lack the necessary resources and training.
• Encryption and Password Protection: Because many digital devices and files are protected by encryption or passwords, accessing relevant evidence may be difficult without the cooperation of the accused or third parties.

Procedural Challenges

• Chain of Custody: Because maintaining an unbroken chain of custody is crucial to establishing the authenticity and integrity of digital evidence, any lapse can render the evidence inadmissible.
• Compliance with Section 65B: Because obtaining the requisite certificate under Section 65B can be challenging, especially when the device is not in the possession of the party, this often leads to disputes over admissibility.

Jurisdictional Issues

Because digital evidence may be stored on servers located outside India, issues of jurisdiction, mutual legal assistance, and cross-border data access arise.

• Lack of Uniform Standards: Because there is no uniform standard or protocol for the collection, preservation, and analysis of digital evidence, inconsistencies arise in its handling.
• Judicial Understanding: Because the judiciary may not always possess the requisite technical expertise to appreciate the nuances of digital evidence, this can impact the quality of adjudication.
• Evolving Nature of Technology: Because technology evolves rapidly, the law often lags, leading to gaps in the legal framework.

ADDRESSING THE CHALLENGES: RECOMMENDATIONS AND BEST PRACTICES

Effectively managing electronic evidence is crucial for successful cybercrime investigations and ensuring its admissibility in court proceedings. This section outlines strategies for the effective management of electronic evidence in India.

• Early Identification and Preservation – Early identification and preservation of electronic evidence are critical to prevent its loss or alteration. Prompt action should be taken to identify potential sources of electronic evidence, such as computer systems, mobile devices, or cloud storage accounts[14]. Preservation techniques, including forensic imaging, should be employed to create exact copies of the original evidence, ensuring its integrity and authenticity.[15].
• Adherence to Legal and Procedural Requirements- Compliance with legal and procedural requirements is essential for maintaining the admissibility and reliability of electronic evidence. Law enforcement agencies and investigators should adhere to proper evidence collection, storage, and transfer procedures[16]. Maintaining a chain of custody is crucial to establishing the integrity and authenticity of the evidence.[17]. Legal permissions, warrants, and court orders must be obtained as necessary, while ensuring compliance with data protection and privacy laws.[18].
• Digital Forensics Expertise and Tools – Building digital forensics expertise and utilizing appropriate tools are key to effectively managing electronic evidence. Trained forensic examiners should be equipped with the necessary skills and knowledge to handle digital evidence[19]. Access to advanced forensic tools, software, and technologies is crucial for the extraction, analysis, and preservation of electronic evidence from various devices and formats.[20].
• Collaboration and Partnerships- Collaboration and partnerships among law enforcement agencies, forensic experts, technology specialists, and relevant stakeholders are vital for effective electronic evidence management. Developing strong networks and information-sharing mechanisms can enhance the exchange of knowledge, best practices, and emerging techniques in electronic evidence management[21]. Collaboration with international counterparts becomes crucial for cross-border investigations, requiring mutual legal assistance and cooperation agreements[22].
• Continuous Training and Capacity Building- Given the rapid evolution of technology and cybercrime methods, continuous training and capacity building are essential for investigators and forensic professionals. Regular training programs should be conducted to enhance knowledge and skills in digital forensics, evidence handling, and emerging technologies[23]. Staying updated with the latest legal and technological developments is crucial to effectively managing electronic evidence.
• Standardization and Best Practices – Establishing standardization and best practices in electronic evidence management promotes consistency, reliability, and efficiency. Developing national guidelines or frameworks specific to electronic evidence collection, preservation, and analysis can provide a unified approach[24]. These guidelines should incorporate international standards and best practices to ensure compatibility and compliance with global requirements.

CONCLUSION

Cybercrime poses significant challenges in the digital age, and effective electronic evidence management is crucial for investigating and prosecuting cybercrimes. In this research paper, we have explored the landscape of cybercrime and electronic evidence management in India.

 We discussed the types of cybercrimes prevalent in the country, the legal framework governing cybercrime, challenges in electronic evidence collection and preservation, strategies for effective electronic evidence management, noteworthy case studies, and future directions. The analysis of cybercrime trends revealed a diverse range of cybercrimes affecting individuals, businesses, and government organizations in India. The legal framework, primarily governed by the Information Technology Act, provides a foundation for addressing cybercrimes and the admissibility of electronic evidence.

However, challenges persist in the collection, preservation, and admissibility of electronic evidence, including issues related to privacy, chain of custody, authentication, and hearsay. To address these challenges, it is essential to adopt strategies such as capacity building, public-private collaboration, international cooperation, and technological advancements. The establishment of specialized cybercrime units, continuous training programs, and the promotion of research and development can enhance the capabilities of law enforcement agencies and digital forensic professionals.

Strengthening international cooperation mechanisms and engaging in information-sharing networks can facilitate cross-border investigations and the exchange of best practices.

In conclusion, India needs to continuously adapt its legal framework, build technical expertise, foster collaboration, and invest in research and development to effectively combat cybercrimes and ensure the admissibility of electronic evidence. By implementing the recommendations outlined in this paper, India can strengthen its electronic evidence management capabilities and contribute to a safer and more secure digital environment.

REFERENCES

[1] Speech at International Conference on Cyber Law,Cybersecurity

[2] Jeremy Bentham, Rationale of Judicial Evidence (1827).

[3] (2015) 7 SCC 178

[4] 1860

[5] 1934

[6] 2000

[7]  E.T.S. 185 or CETS No. 185.

[8] International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

[9] 2023

[10] 1973

[11] 2023

[12] 2005 11 SCC 600

[13] AIR 2020 SUPREME COURT 4908, AIR ONLINE 2020 SC 641

[14] Quick, D. V., & Choo, K.-K. R. (2014). Challenges in Cybercrime Investigations. In K. E. Himma, & H. T. Tavani (Eds.), The Handbook of Information and Computer Ethics (pp. 307-328). John Wiley & Sons.

[15] The Indian Evidence Act, 1872, No. 1, Acts of Parliament, 1872 (India)

[16] The Information Technology (Certifying Authorities) Rules, 2000, No. G.S.R. 27(E), Gazette of India, Extraordinary, 2000 (India).

[17] The Code of Criminal Procedure, 1973, No. 2, Acts of Parliament, 1974 (India).

[18] The Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, No. G.S.R. 472(E), Gazette of India, Extraordinary, 2009 (India)..

[19] Garfinkel, S. L. (2010). Digital Forensics Research: The Next 10 Years. Digital Investigation, 7(1-2), 64-73..

[20] Casey, E. (2011). Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet. Academic Press

[21] The National Cybercrime Training Centre (NCTC) (n.d.). Retrieved from http://www.nctc.gov.in/

[22] Chawki, M., & Chawki, H. (2017). International Cooperation against Cybercrime. In R. Broadhurst, & D. S. Wall (Eds.), Routledge International Handbook of Computer Crime and Cybercrimes (pp. 232-249). Routledge

[23] The National Institute of Electronics and Information Technology (NIELIT) (n.d.). Retrieved from https://nielit.gov.in/

[24]  The Digital Forensic Research Workshop (DFRWS) (n.d.). Retrieved from https://www.dfrws.org/