Case Studies On Cloud-Stored Evidence
1. State of Maharashtra v. Dr. Praful B. Desai (2003) 4 SCC 601
Court: Supreme Court of India
Relevance: Though primarily about electronic records, this case laid down the foundation for admissibility of data stored in electronic form.
Facts:
The case involved the admissibility of medical records in electronic form in a medical negligence case.
It examined whether electronically stored records could be considered as evidence under Indian law.
Judgment:
The Supreme Court held that electronic records are admissible under Sections 65A and 65B of the Indian Evidence Act, 1872, provided they meet certain conditions such as authenticity, integrity, and proper certification.
This principle extends to cloud-stored data since it is a type of electronic record.
Key Takeaway:
Cloud-stored evidence is admissible if proper certification and integrity measures are maintained.
2. Shreya Singhal v. Union of India (2015) 5 SCC 1
Court: Supreme Court of India
Relevance: Related to intermediary liability and access to cloud-stored user content.
Facts:
The case dealt with the constitutional validity of Section 66A of the IT Act and intermediary liability provisions under Section 79.
Intermediaries such as Google, Yahoo, and Facebook were storing user data on cloud servers.
Judgment:
The court emphasized that cloud service providers are intermediaries and can be directed to provide access to user data only under strict legal procedure, like a court order or lawful government request.
Cloud-stored evidence cannot be accessed arbitrarily and must follow due process.
Key Takeaway:
Preservation and access of cloud data must comply with statutory safeguards. Arbitrary seizure of cloud data is not allowed.
3. Anvar P.V. v. P.K. Basheer & Ors. (2014) 10 SCC 473
Court: Supreme Court of India
Relevance: Authentication of electronic records (including cloud data) for evidence.
Facts:
Anvar P.V. challenged the admissibility of emails and electronic records used against him.
The case focused on whether electronic messages could be accepted as evidence.
Judgment:
The Supreme Court ruled that electronic records (emails, messages) are admissible only if certified under Section 65B of the Indian Evidence Act.
Raw screenshots or downloaded data without proper certification are not admissible.
Key Takeaway:
Cloud-stored evidence must have proper certification and hash verification to ensure authenticity before submission in court.
4. State v. Loknath & Ors., Delhi High Court (2016)
Court: Delhi High Court
Relevance: Cloud-stored social media evidence and its seizure.
Facts:
The case involved investigation of cyber harassment through Gmail and Facebook.
The question was whether cloud-stored emails/messages could be seized by police.
Judgment:
The Delhi High Court allowed access to cloud-stored evidence only with a court-sanctioned procedure, ensuring compliance with Sections 65A & 65B and intermediary rules.
The court noted the need to preserve the original digital form without alteration.
Key Takeaway:
Direct access or download of cloud data by investigating authorities is not sufficient; a formal preservation and certification process is essential.
5. Google Inc. v. Union of India (2019), IT Act Case
Court: High Court / IT Tribunal Rulings
Relevance: Handling cross-border cloud-stored evidence.
Facts:
Indian authorities sought access to emails and Google Drive data stored on servers outside India.
The main challenge was jurisdiction and legal compliance for foreign-hosted cloud data.
Judgment:
The court held that Indian authorities can request cloud-stored data through Mutual Legal Assistance Treaties (MLATs) or recognized procedures.
Cloud-stored data outside India cannot be treated the same as domestic storage; cross-border law applies.
Key Takeaway:
Cloud evidence stored internationally requires legal cooperation between countries; domestic law alone may not suffice.
Summary of Principles for Cloud-Stored Evidence
Admissibility: Must comply with Sections 65A & 65B of the Indian Evidence Act.
Authentication: Certified electronic records only; screenshots or raw copies are insufficient.
Access & Seizure: Must follow due legal process; intermediaries cannot be arbitrarily forced.
Preservation: Original form must be maintained; hash values or digital signatures recommended.
Cross-Border Issues: MLATs or international agreements required for foreign-hosted cloud data.
RELATED Blog
0 comments