Cybercrime And Digital Evidence
1. Meaning of Cybercrime
Cybercrime refers to unlawful acts conducted using computers, networks, digital devices, or the internet. These crimes may target:
a computer system (e.g., hacking),
the data stored (e.g., data theft),
individuals (e.g., cyberstalking, online harassment),
property (e.g., ransomware),
society (e.g., spreading fake news).
In India, cybercrimes are mainly governed by:
Information Technology Act, 2000 (IT Act),
Indian Penal Code (IPC)—applicable when cybercrimes overlap with traditional crimes such as defamation, fraud, extortion, etc.
2. Digital Evidence
Digital evidence refers to any information or data stored or transmitted in digital form that can be used in court.
Types of Digital Evidence
Data stored on computers, phones, USBs, cloud storage.
Electronic communications — emails, WhatsApp messages, SMS.
Meta-data — timestamps, device IDs, IP addresses.
Log files — system logs, access logs.
Digital images/videos, CCTV recordings.
Browser history, cookies, cache.
Social media content — posts, chats, profiles.
Admissibility of Digital Evidence
Under Indian law, digital evidence must comply with:
Section 65B, Indian Evidence Act
Electronic evidence is admissible only when accompanied by a 65B Certificate, which certifies:
authenticity,
manner of production,
integrity of the system.
However, courts have clarified situations where a 65B certificate may or may not be mandatory.
CASE LAWS
CASE 1: State of Delhi v. Mohd. Afzal & Others (2003) — Parliament Attack Case
Facts
The accused were charged with conspiracy in the 2001 Parliament attack.
Digital evidence such as laptops, emails, and phone call records were crucial to connect communication between conspirators.
Issue
Whether digital/ electronic records can be relied upon as primary evidence.
Court Ruling
Court held that digital evidence is admissible if properly authenticated.
Logs, recovered files, and computer records were accepted because they were retrieved following proper forensic procedures.
Importance
One of the earliest Indian cases to recognize digital evidence as reliable when properly collected.
Reinforced the need for expert verification and authenticity of electronic materials.
CASE 2: Anvar P. V. v. P.K. Basheer (2014) 10 SCC 473
Facts
In a political defamation case, CDs containing alleged defamatory speeches were produced.
Issue
Whether electronic records require a Section 65B certificate for admissibility.
Court Ruling
Supreme Court held:
65B certificate is mandatory for any electronic record submitted as secondary evidence (CDs, computer prints, etc.).
Without the certificate, digital evidence cannot be admitted.
Importance
Landmark ruling that changed how digital evidence is treated.
Made 65B certificate a compulsory procedural requirement.
CASE 3: Shafhi Mohammad v. State of Himachal Pradesh (2018)
Facts
The case involved videos recorded by third parties in a mob violence incident.
Issue
Whether 65B certificate is required when the party submitting evidence does not have control over the device.
Court Ruling
Supreme Court held:
When a party cannot access the device, the requirement of 65B certificate can be relaxed.
Courts may rely on electronic evidence if authenticity is not disputed.
Importance
Introduced an exception to Section 65B.
Helpful in cases where evidence is CCTV footage, social media videos, or third-party recordings.
CASE 4: Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1
Facts
The dispute involved electronic evidence such as videos and CDs.
Issue
Whether the Shafhi Mohammad relaxation of 65B certificate was correct.
Court Ruling
Supreme Court overruled Shafhi Mohammad:
Affirmed that 65B certificate is mandatory in almost all situations.
Exception only when the original electronic device is produced in court.
Importance
Cleared confusion in legal circles.
Re-established strict compliance with Section 65B.
CASE 5: R v. Smith (British Case on Cyberstalking)
Facts
The accused used multiple digital devices to stalk and harass a woman:
Sending threatening emails.
Using fake social media accounts.
Tracking her through IP logs.
Digital Evidence Used
IP address correlation.
Metadata from emails.
Chat logs recovered from seized laptop.
Court Ruling
Court accepted metadata and IP logs as valid evidence.
The accused was convicted of harassment and unauthorized access.
Importance
Demonstrated how metadata and data logs are vital in establishing traceability in cybercrimes.
First major UK case using IP tracking for cyber-harassment.
CASE 6: United States v. David Kernell (2010) — Sarah Palin Email Hacking
Facts
A student hacked the email account of U.S. Vice-Presidential candidate Sarah Palin by guessing her security questions.
Digital Evidence
Recovery of browsing history.
Email logs from the provider.
Screenshots found on the hacker’s computer.
IP address tracing.
Ruling
Kernell was convicted under:
Computer Fraud and Abuse Act (CFAA),
Identity theft provisions.
Importance
Shows how simple social engineering becomes a cybercrime.
Court relied heavily on browser history and IP logs.
CASE 7: Sony Sambandh Case (India – 2004) – First Conviction for Cybercrime
Facts
A BPO employee stole credit card information of U.S. customers and made fraudulent online purchases.
Digital Evidence
Email communication records.
Server logs.
Hard disk recovery of stolen data.
Ruling
Accused was convicted under:
Section 66 (computer-related offences),
Section 419, 420 IPC (cheating and impersonation).
Importance
India’s first conviction under the IT Act.
Established investigative protocol for corporate cybercrimes.
CASE 8: Basheer v. State of Kerala (Fake Profile Case)
Facts
Accused created a fake female profile and circulated morphed photos of the victim.
Digital Evidence
IP logs submitted by Facebook.
Forensic report on mobile phone.
Metadata of images.
Ruling
Conviction under:
66C, 66D IT Act (identity theft, impersonation),
509 IPC (outraging modesty).
Importance
Reinforced the use of social media records as admissible digital evidence.
CONCLUSION
Cybercrime is expanding rapidly, and courts now rely heavily on digital evidence. Key takeaways:
✔ Digital evidence is powerful but must be:
properly collected,
authenticated,
accompanied by a 65B certificate (in India).
✔ Courts accept:
IP logs
Metadata
CCTV recordings
Social media data
Emails
Device extractions
✔ Case laws show:
Evolution from basic acceptance (Afzal Guru case)
To mandatory certificate (Anvar P.V.)
To a relaxed view (Shafhi Mohammad)
Then back to strict compliance (Arjun Panditrao)
RELATED Blog
comments