SC Directs Telecos & ISPs To Maintain CDR And Other Records Seized During Investigations In A 'Segregated & Secure' Manner [Read Judgment]
The Supreme Court has issued general directions to cellular companies and internet service providers to maintain Call Detail Records (CDRs) and other relevant records for the concerned period (in tune with Section 39 of the Evidence Act) in a "segregated and secure" manner if a particular CDR or other record is seized during investigation in the said period. The bench comprising...
The Supreme Court has issued general directions to cellular companies and internet service providers to maintain Call Detail Records (CDRs) and other relevant records for the concerned period (in tune with Section 39 of the Evidence Act) in a "segregated and secure" manner if a particular CDR or other record is seized during investigation in the said period.
The bench comprising of Justices RF Nariman, S. Ravindra Bhat and V. Ramasubramaniam issued these directives in its judgment Arjun Panditrao Khotkar vs Kailash Kushanrao Gorantyal while holding that the certificate required under Section 65B(4) is a condition precedent to the admissibility of evidence by way of electronic record.
The court was answering reference on the question "Is requirement of certificate U/s 65-B(4) Evidence Act mandatory for production of electronic evidence?" A two judge bench had referred the question in view of the conflict between Shafhi Mohammad vs. State of Himachal Pradesh and Anvar P.V. vs. P.K. Basheer. The court overruled the two judge bench judgment in Shafhi Mohammad, in which it was held that, a party who is not in possession of device from which the electronic document is produced, cannot be required to produce certificate under Section 65B (4) of the Evidence Act.
The Court noted that as per Section 67C of the Information Technology Act, an intermediary shall preserve and retain such information as may be specified for such duration and in such manner and format as the Central Government may prescribe. However, the court observed that the Department of Telecommunication's license conditions generally oblige internet service providers and providers of mobile telephony to preserve and maintain electronic call records and records of logs of internet users for a limited duration of one year. If the police or other individuals (interested, or party to any form of litigation) fail to secure those records - or secure the records but fail to secure the certificate - within that period, the production of a post-dated certificate (i.e. one issued after commencement of the trial) would in all probability render the data unverifiable, the court said.
It further observed :
"This places the accused in a perilous position, as, in the event, the accused wishes to challenge the genuineness of this certificate by seeking the opinion of the Examiner of Electronic Evidence under Section 45A of the Evidence Act, the electronic record (i.e. the data as to call logs in the computer of the service provider) may be missing."
The bench then issued the above said general direction to obviate this situation and observed thus:
"To obviate this, general directions are issued to cellular companies and internet service providers to maintain CDRs and other relevant records for the concerned period (in tune with Section 39 of the Evidence Act) in a segregated and secure manner if a particular CDR or other record is seized during investigation in the said period. Concerned parties can then summon such records at the stage of defence evidence, or in the event such data is required to cross-examine a particular witness. This direction shall be applied, in criminal trials, till appropriate directions are issued under relevant terms of the applicable licenses, or under Section 67C of the Information Technology Act."
The Court also clarified that these directions shall apply in all proceedings, till rules and directions under Section 67C of the Information Technology Act and data retention conditions are formulated for compliance by telecom and internet service providers. It further directed
"Appropriate rules and directions should be framed in exercise of the Information Technology Act, by exercising powers such as in Section 67C, and also framing suitable rules for the retention of data involved in trial of offences, their segregation, rules of chain of custody, stamping and record maintenance, for the entire duration of trials and appeals, and also in regard to preservation of the meta data to avoid corruption. Likewise, appropriate rules for preservation, retrieval and production of electronic record, should be framed.
Read Judgment