Digital Forensics And Electronic Evidence In Trials
1. Introduction: Digital Forensics and Electronic Evidence
Meaning
Digital Forensics is the scientific process of collecting, preserving, analyzing, and presenting data from digital devices (computers, mobile phones, servers, cloud, etc.) that is legally admissible in court.
Electronic Evidence refers to any information or data of probative value stored or transmitted in digital form. Examples include:
Emails, messages, or call logs
CCTV footage
Social media posts
Hard disk or mobile data
Metadata (timestamps, IP addresses, etc.)
Legal Foundation
In India, the Indian Evidence Act, 1872, was amended by the Information Technology Act, 2000 to include electronic evidence.
Relevant provisions:
Section 65A – Admissibility of electronic records.
Section 65B – Conditions for admissibility; requires a certificate for authenticity.
Sections 45A and 79A – Expert opinion and digital evidence examination.
Internationally, similar standards are found in:
Federal Rules of Evidence (USA)
UK Police and Criminal Evidence Act, 1984 (PACE)
Budapest Convention on Cybercrime (2001)
2. Process of Digital Forensics
Identification: Recognizing potential digital evidence.
Preservation: Preventing tampering — creating forensic images, maintaining chain of custody.
Collection: Acquiring data through legal procedures (search warrants, etc.).
Examination: Using forensic tools (EnCase, FTK, Cellebrite) to extract relevant information.
Analysis: Correlating data with other evidence.
Presentation: Producing reports and testifying in court.
3. Admissibility of Electronic Evidence
To be admitted, electronic evidence must be:
Authentic (not tampered with)
Relevant (related to the case)
Reliable (properly preserved)
Legally obtained (not violating privacy or procedure)
Under Section 65B(4), a certificate must accompany the evidence, stating:
The device was in lawful control of the person providing evidence.
The process of data production was reliable.
The certificate is signed by a responsible official.
4. Landmark Case Laws
Let’s now examine five detailed case laws where courts analyzed electronic evidence and forensic principles.
(1) Anvar P.V. v. P.K. Basheer (2014) 10 SCC 473
Facts:
An election petition was filed where the respondent wanted to use CDs containing songs and speeches allegedly defaming the petitioner.
Issue:
Whether electronic records (CDs) can be admitted without a Section 65B certificate.
Held:
The Supreme Court ruled that secondary electronic evidence is not admissible unless accompanied by a Section 65B(4) certificate.
The old rule in State v. Navjot Sandhu (2005) (where oral evidence was allowed) was overruled.
Only a properly certified copy is admissible unless the original device is produced.
Significance:
This case became the cornerstone for electronic evidence admissibility in India.
(2) Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1
Facts:
Video recordings from a mobile phone were sought to be admitted as evidence in an election petition.
Issue:
Can electronic evidence be admitted without a certificate under Section 65B(4)?
Held:
The Court reaffirmed Anvar P.V. but clarified that if the original device is produced (the primary evidence), a certificate is not required.
If the evidence is from a third party (e.g., telecom provider), the party can request the court to summon them for the certificate.
Significance:
This judgment harmonized procedural requirements and provided flexibility when the original device is available.
(3) Tomaso Bruno & Anr. v. State of U.P. (2015) 7 SCC 178
Facts:
The accused were foreigners charged with murder in a hotel. The hotel’s CCTV footage, which could prove their innocence, was not produced by the prosecution.
Issue:
Whether failure to produce electronic evidence affects the credibility of the prosecution.
Held:
The Court held that non-production of CCTV footage, which could have verified facts, weakens the prosecution’s case.
The Court emphasized that modern investigation must use digital forensics and available electronic evidence.
Significance:
It highlighted the duty of investigating agencies to use available technology and maintain digital records properly.
(4) State (NCT of Delhi) v. Navjot Sandhu @ Afsan Guru (2005) 11 SCC 600 (Parliament Attack Case)
Facts:
The case involved the 2001 Parliament attack; telephone records were produced as evidence.
Issue:
Whether printouts of call records without a Section 65B certificate are admissible.
Held:
The Court held that even without a 65B certificate, such records can be admitted through oral evidence under Section 63 and 65.
However, this view was later overruled by Anvar P.V.
Significance:
Though later overturned, it was the first major case where electronic evidence was discussed at length in Indian law.
(5) Riley v. California, 573 U.S. 373 (2014, U.S. Supreme Court)
Facts:
Riley was arrested, and police searched his smartphone without a warrant, finding incriminating evidence.
Issue:
Whether warrantless search and seizure of digital contents of a cell phone violates the Fourth Amendment.
Held:
The U.S. Supreme Court held that digital data is highly private, and warrants are required before accessing such data.
Recognized that digital devices are fundamentally different from physical objects.
Significance:
Established privacy standards in digital forensics, influencing courts worldwide, including India, on digital search and seizure protocols.
(6) R v. Fellows and Arnold (1997) (UK Court of Appeal)
Facts:
The defendants were charged with possessing indecent images of children on computers.
Issue:
Whether data stored electronically constitutes a “document” under UK law.
Held:
The Court held that computer data qualifies as a document and can be produced as evidence.
Set an early precedent for admitting electronic records in trials.
Significance:
Pioneered the concept of digital documents as admissible evidence under common law.
5. Challenges in Digital Evidence
Tampering and authenticity issues – Data can be easily altered.
Chain of custody – Maintaining integrity through all stages.
Jurisdiction – Data stored across borders (cloud, servers abroad).
Privacy vs. Investigation – Balancing individual rights and state interest.
Technical expertise – Courts and police require trained cyber-forensic experts.
6. Conclusion
Digital forensics has revolutionized criminal and civil trials. Courts have moved from skepticism to acceptance, but strict compliance with procedural rules (especially Section 65B) remains vital. The Anvar and Arjun Panditrao line of cases ensure that digital evidence is both technologically reliable and legally valid.
Electronic evidence today is not just supplementary — in many cases (cybercrime, financial fraud, terrorism), it is primary and decisive.
RELATED Blog
comments