How To Fulfill Requirements Of Admissibility Of Electronic Evidence Under Bhartiya Sakshay Adhiniyam, 2023?

The advent of technology has ushered in a transformative era in the legal landscape, significantly altering the nature of evidence presented in court cases. In recent years, there has been a remarkable shift towards an increasing reliance on electronic evidence. The ubiquity of digital devices and the widespread use of online platforms have generated a wealth of electronic data that now plays a pivotal role in legal proceedings. From emails and text messages to social media posts and surveillance footage, electronic evidence provides a comprehensive and often irrefutable record of events. This shift has not only streamlined the investigative process but has also presented new challenges related to the authentication, preservation, and interpretation of electronic evidence. As technology continues to evolve, the legal system grapples with adapting its frameworks to ensure a fair and just consideration of electronic evidence in courtrooms around the world.

The Indian Evidence Act, 1872 (“IEA”) contained provisions pertaining to recognition of 'electronic records' and its admissibility. Section 65B of the IEA governed the admissibility of electronic records. There was no set format as to how a certificate under Section 65B of the IEA was to be drafted and certificates under Section 65B were required to only state the following:

1. A statement to the effect identifying of the computer or the electronic device on which the electronic record was generated or stored
2. A statement to the effect that the computer or electronic device has been used regularly in the course of business and it is in working condition
3. A statement to the effect confirming that the computer was operating properly and if not, the period of non-operation.
4. A statement to the effect identifying the electronic record and describing the manner in which it was produced.

Under the provisions of The Bhartiya Sakshya Adhiniyam, 2023 (“BSA”) the admissibility of electronic records is governed by Section 63 and the conditions required to be fulfilled for its admissibility remain almost identical as the IEA (except for the addition of the words 'and an expert') . However, the major change and addition in the BSA is that, a format of the Certificate under Section 63 of the BSA, has been provided in the Schedule to the BSA. The Certificate contains two parts- Part A and Part B. Part A is to be filled by the party who is producing such electronic records, and Part B is to be filled by an expert. The lack of clarity regarding Part –B is dealt with, later.

While, the first part of the Certificate (Part A) is pretty straightforward and the details that are to be filled are basic, it is the second part of this Certificate that seems baffling and an uphill task.

So what are these terms: SHA1, SHA256 and MD5? These are cryptographic hash functions and are used to verify that a file has been unaltered. These functions are used to generate a Hash Value (which are in alphanumeric form) for any file. The purpose of using these functions is that once an alphanumeric code is generated for a file, it is bound to remain the same, until and unless the file is altered. This basically means that once the hash value of a file has been generated, it remains the same, until and unless the file has been altered or tampered with. As soon as a file is altered with, its hash value will change and will signify that the file has been changed or altered in some manner.

These are the exactly two essential ingredients of a Certificate under Section 63 of the BSA. The alphanumeric Hash Value is to be filled in the blank after “I state that the HASH value/s of the electronic/digital record/s is” and the hash function which has been used has to be checked in the checkbox. So if you used MD5 as a hash function to generate the hash value of your file, you would check the checkbox of MD5.

So how to generate a HASH Value?

For the purpose of simplicity and avoiding complex purposes, I will be only dealing on how to generate Hash Value using the MD5 hash function.

Step 1:

Download the WinMD5Free software from their website https://www.winmd5.com/. This is a free software and does not contain any adware, spyware or malware. I found this software to be optimal.

The file will be downloaded as a ZIP File on your computer. Extract the ZIP Files to any folder on the hard disk of your computer and run the .exe file.

Kindly note: This software does not require any installation.

Step 2:

Open the software WinMD5Free on your computer. A window such as this will appear :

Step 3:

Either drag and drop the file in the window or browse for the file. As soon as the File is uploaded in this window, the Hash Value is generated in the box of “Current file MD5 cheksum value:”

So taking the example in the above window, the text appearing in the “Current file MD5 cheksum value:” is “1b93a81a52454f0d2f08ef5cc4fff2cd”. This is the exact value which needs to be filled in the Certificate of Section 63 of the BSA, against “I state that the HASH value/s of the electronic/digital record/s is”.

PART-B of the Certificate under Section 63 of the BSA

The title of Part –B of the Certificate states “To be filled by the expert”. However, the BSA and its provisions are silent as to who is supposed to fill this Part-B and leave room for several possibilities:

1. This can be filled by the party filing the electronic records; or
2. This has to be filled by an expert, someone having specialized domain knowledge of computers and electronic device, at the behest of the party filing electronic records;
3. This has to be filled by an 'expert' as defined in Section 39 of the BSA, and under Section 39 (2) of the BSA, if and when the court warrants the opinion of an expert.

All the three possibilities have different repercussions in the timeline and filing of Part A and Part B of the affidavit. It would be imperative to analyze each of the scenarios and make a reasoned guess.

Scenario (i): My personal opinion is that scenario (i) is the most likely and constructive interpretation of the requirement, as this doesn't place any burden on the party filing the electronic record, to place on record a signed document of an expert, each time he files an electronic record in the legal proceedings. It is also in consonance with the requirements stated in Section 63(4) of the BSA. A person executing Part-A of the Certificate, can be considered an 'expert' if he has knowledge of his computer systems as he was the one who generated the hash code for the electronic records. Therefore, this interpretation would suggest that the person executing Part-A of the Certificate would also be eligible to Part-B. The only flaw to this interpretation is that the interpretation of the word 'expert' does not align with the definition of 'expert' as given in Section 39(1) of the BSA. The definition of 'expert' under Section 39(1) of the BSA is as follows:

“39 (1) When the Court has to form an opinion upon a point of foreign law or of science or art, or any other field, or as to identity of handwriting or finger impressions, the opinions upon that point of persons specially skilled in such foreign law, science or art, or any other field, or in questions as to identity of handwriting or finger impressions are relevant facts and such persons are called experts.”

Scenario (ii): If the interpretation in scenario (ii) is taken as true, it would mean that the person who is filing the electronic records and has executed Part-A of the Certificate, cannot execute Part-B of the certificate. It would also mean that he would have to get Part-B of the Certificate signed from another person, who has specialized domain knowledge with respect to computers and electronic records. If this interpretation, is taken to be true, would increase the time and costs taken by litigants to procure such certificates. There are also no minimum qualifications or requirements to be met, specified to consider someone as an 'expert', either in Section 63 of the BSA or in the template of the Certificate of Section 63 of BSA.

Scenario (iii): Scenario (iii) is premised upon the applicability of Section 39(2) of the BSA. Section 39(2) of the BSA states that:

Section 39 (2) When in a proceeding, the court has to form an opinion on any matter relating to any information transmitted or stored in any computer resource or any other electronic or digital form, the opinion of the Examiner of Electronic Evidence referred to in section 79A of the Information Technology Act, 2000, is a relevant fact.

Explanation.—For the purposes of this sub-section, an Examiner of Electronic Evidence shall be an expert

Therefore, if Section 39(2) is considered in light of the Certificate, it would mean that Part –B of the Certificate has to be not executed by the litigant at all. It would imply that Part-B of the Certificate is only required, when the validity of any electronic record is challenged by the other party and the Court may send such electronic records to be verified by Examiner of Electronic Evidence (who has been defined as an 'expert' in the Explanation to Section 39(2))

Conclusion: By enacting a technologically advanced requirement for admissibility of electronic records, the legislature has certainly taken a leap from its predecessor legislation. However, a cloud still looms over the requirement of an 'expert' stated in Part-B of the Certificate under Section 63 of the BSA. This is likely to be clarified, either through Rules which may be enacted later on or the judiciary may be tasked to interpret the same and cull out the most constructive interpretation, which not only safeguards the reliability of electronic records as evidence, but also ensure that the requirements are not too burdensome for a common man to comply with.

Author is an Advocate practicing in the Delhi High Court

Views Are Personal