Executive Summary
The Bharatiya Sakshya Adhiniyam (BSA), 2023, which replaced the Indian Evidence Act, 1872 from July 1, 2024, introduces a modernized framework for electronic evidence under Section 63. This practitioner's guide covers hash values, metadata preservation, WhatsApp/email evidence authentication, and court acceptance patterns post-July 2024.
Key Requirements:
- Certificate under Section 63(4) BSA mandatory for all electronic evidence
- Hash values (MD5/SHA-256) for data integrity verification
- Metadata preservation for authentication chain
- Computer/device must be operating properly during relevant period
Introduction
Digital evidence has become central to modern litigation - from WhatsApp messages in matrimonial disputes to email trails in commercial fraud. Section 63 of BSA 2023 (successor to Section 65B of the Indian Evidence Act) governs the admissibility of electronic records, but practical implementation remains challenging.
This guide provides field-level guidance for practitioners dealing with digital evidence in Indian courts.
Section 1: Legal Framework for Electronic Evidence
BSA Section 63 - Admissibility of Electronic Records
Core Provision: Any information contained in an electronic record which is printed on paper, stored, recorded or copied in optical or magnetic media or semiconductor memory which is produced by a computer or any communication device shall be deemed to be a document if the conditions in Section 63 are satisfied.
Four Mandatory Conditions (Section 63(2))
| Condition | Requirement | Practical Check |
|---|---|---|
| (a) | Computer was regularly used to create/store/process information | Employment records, system logs |
| (b) | Information was regularly fed into the computer | Input procedures documented |
| (c) | Computer was operating properly (or malfunction didn't affect accuracy) | System health reports, maintenance logs |
| (d) | Information reproduces or derives from data fed in ordinary course | Chain of custody documentation |
Comparison: BSA Section 63 vs IEA Section 65B
| Aspect | IEA Section 65B | BSA Section 63 |
|---|---|---|
| Communication devices | Not explicitly covered | Explicitly included |
| Certificate timing | Ambiguous | At each instance of submission |
| Network/cloud | Interpretation required | Explicitly covers computer networks, intermediaries |
| Certificate format | General description | Schedule format prescribed |
| Who can certify | Person in charge | Person in charge or management of relevant activities |
Certificate Requirement (Section 63(4))
The certificate must:
- Identify the electronic record containing the statement
- Describe the manner of production
- Give particulars of the device involved
- Deal with conditions in Section 63(2)
- Be signed by person in charge of computer/device or management of relevant activities
- Follow the format in the Schedule to BSA
Section 2: Hash Values and Metadata Preservation
What are Hash Values?
Hash values are unique digital fingerprints generated by cryptographic algorithms. They verify that digital evidence has not been altered.
| Algorithm | Output Length | Use Case |
|---|---|---|
| MD5 | 128-bit (32 hex characters) | Legacy systems, quick verification |
| SHA-1 | 160-bit (40 hex characters) | Deprecated, avoid for new evidence |
| SHA-256 | 256-bit (64 hex characters) | Recommended - current standard |
| SHA-512 | 512-bit (128 hex characters) | High-security applications |
Hash Value Documentation Format
File: WhatsApp_Chat_Export_20240715.txt
MD5: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
SHA-256: 1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef
Generated: 2024-07-15 14:30:22 IST
Tool: HashCalc v2.02 / certutil (Windows) / shasum (Mac/Linux)
Generated By: [Name, Designation]
Metadata Types and Importance
| Metadata Type | Information Contained | Evidentiary Value |
|---|---|---|
| File System | Created, modified, accessed dates | Timeline establishment |
| Document | Author, company, revision history | Attribution |
| Headers, routing, timestamps | Chain of transmission | |
| Image/EXIF | Camera, GPS, date, settings | Location/time proof |
| Sender, receiver, timestamps, read receipts | Communication proof |
Chain of Custody Requirements
CHAIN OF CUSTODY LOG
Evidence ID: DE-2024-001
Description: Samsung Galaxy S21, IMEI: 123456789012345
| Date | Time | Action | From | To | Signature |
|------|------|--------|------|-----|-----------|
| 15/07/24 | 10:30 | Seized | Accused | IO | [Sign] |
| 15/07/24 | 14:00 | Deposited | IO | Malkhana | [Sign] |
| 20/07/24 | 11:00 | Sent for forensics | Malkhana | CFSL | [Sign] |
| 15/08/24 | 16:00 | Returned | CFSL | Malkhana | [Sign] |
Hash at seizure: [SHA-256 value]
Hash at return: [SHA-256 value] - MATCH VERIFIED
Section 3: WhatsApp Evidence Authentication
Extraction Methods
| Method | Description | Court Acceptance |
|---|---|---|
| Screen Recording | Video of scrolling through chat | Low - easily manipulated |
| Screenshots | Static images of messages | Low - easily edited |
| WhatsApp Export | Built-in export feature (.txt + media) | Medium - no hash verification |
| Forensic Extraction | Cellebrite/Oxygen/XRY tools | High - hash verified |
| WhatsApp Business API | Server-side records (for businesses) | High - third party verification |
Certificate Format for WhatsApp Evidence
CERTIFICATE UNDER SECTION 63(4) OF BSA, 2023
I, [Name], [Designation] of [Organization/Self], hereby certify:
1. IDENTIFICATION OF ELECTRONIC RECORD:
The electronic record comprises WhatsApp chat conversation between
mobile number +91-XXXXXXXXXX and +91-XXXXXXXXXX for the period
[Start Date] to [End Date], contained in file "WhatsApp Chat with
[Contact Name].txt" and associated media files.
2. MANNER OF PRODUCTION:
The chat was exported using WhatsApp's built-in "Export Chat" feature
on [Date] at [Time] from device [Make/Model], IMEI [Number],
operating Android/iOS version [X.X].
3. DEVICE PARTICULARS:
- Device: [Make] [Model]
- IMEI/Serial: [Number]
- Operating System: [Android/iOS Version]
- WhatsApp Version: [X.X.X.X]
- Storage: [Internal/SD Card]
4. OPERATING CONDITIONS:
(a) The mobile phone was regularly used for WhatsApp communication
during the period [Date Range].
(b) Messages were received and sent in the ordinary course of
communication.
(c) The device was operating properly during the material period
with no known malfunctions affecting message storage or display.
(d) The exported chat accurately reproduces the messages as stored
on the device.
5. HASH VALUES:
- SHA-256: [64-character hash]
- File Size: [Size in bytes]
Date: [Date]
Place: [Place]
[Signature]
[Name]
[Designation/Capacity]
Court Acceptance Patterns Post-July 2024
Accepted:
- Forensically extracted WhatsApp data with hash verification
- Export files with contemporaneous certificate
- Business WhatsApp with API verification
Rejected/Challenged:
- Screenshots without certificate
- Exports without hash values
- Delayed certificates (not at time of production)
- Missing device identification
Section 4: Email Evidence Authentication
Email Header Analysis
Email headers contain critical metadata for authentication:
Return-Path: <sender@company.com>
Received: from mail.company.com (192.168.1.1)
by recipient-server.com (10.0.0.1)
for <recipient@domain.com>;
Mon, 15 Jul 2024 10:30:45 +0530
DKIM-Signature: v=1; a=rsa-sha256; d=company.com; s=selector;
b=abc123...
From: "Sender Name" <sender@company.com>
To: "Recipient Name" <recipient@domain.com>
Subject: Contract Agreement
Date: Mon, 15 Jul 2024 10:30:22 +0530
Message-ID: <unique-id@company.com>
Authentication Protocols
| Protocol | Purpose | Verification Method |
|---|---|---|
| SPF | Sender Policy Framework - authorized mail servers | DNS TXT record lookup |
| DKIM | DomainKeys Identified Mail - cryptographic signature | Public key verification |
| DMARC | Domain-based Message Authentication | Alignment check |
Server Log Requirements
For comprehensive email evidence, obtain:
- Outgoing mail server logs (sender's SMTP)
- Incoming mail server logs (recipient's MX)
- User access logs (login times, IP addresses)
- Backup tape verification (if applicable)
Section 5: Supreme Court Guidance
Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020)
Citation: Civil Appeal Nos. 20825-20826 of 2017 Judges: R.F. Nariman, S. Ravindra Bhat, V. Ramasubramanian Date: 14-07-2020
Key Holdings:
Certificate is Mandatory: Section 65B(4) certificate is a condition precedent to admissibility of electronic evidence.
No Oral Evidence Substitute: Oral evidence about electronic record contents cannot substitute for certificate.
Relaxation Possible: Court may relax requirement if:
- Original device is with opponent/third party
- Device genuinely unavailable
- But reasons must be recorded
Proof Still Required: Even with certificate, contents must be proved through witness testimony.
Impact on BSA Section 63: This judgment's principles apply to BSA Section 63 certificates with enhanced emphasis on the "at each instance" requirement.
Section 6: Court Acceptance Patterns Post-July 2024
Evidence Accepted
| Case Type | Evidence Type | Key Factor for Acceptance |
|---|---|---|
| Matrimonial | WhatsApp messages | Forensic extraction + Certificate |
| Commercial fraud | Email trail | Server logs + DKIM verification |
| Defamation | Social media posts | Platform data request + Screenshot |
| Cybercrime | IP logs | ISP records + Hash verification |
Evidence Rejected
| Case Type | Evidence Type | Reason for Rejection |
|---|---|---|
| Criminal | WhatsApp screenshots | No certificate, easily manipulated |
| Civil | Email printouts | No header analysis, no certificate |
| Matrimonial | Call recordings | No Section 63 certificate, device not produced |
| Commercial | Scanned documents | Original not shown to exist |
Common Deficiencies
- Certificate Timing: Filed later, not "at each instance"
- Device Identification: IMEI/serial number missing
- Hash Values: Not computed or documented
- Operating Condition: No evidence device was working properly
- Signatory Authority: Certificate by unauthorized person
- Chain of Custody: Gaps in evidence handling documentation
Practical Checklist for Practitioners
Pre-Collection Phase
- Identify all potential sources of electronic evidence
- Assess need for forensic expert vs. in-house collection
- Prepare evidence collection protocol
- Arrange for hash computation tools
- Brief client on preservation obligations
During Collection
- Document device identification (make, model, IMEI/serial)
- Note operating system and relevant app versions
- Compute hash values immediately upon extraction
- Photograph device and screen displays
- Record date, time, location, persons present
- Maintain chain of custody log
Post-Collection
- Prepare Section 63(4) certificate in Schedule format
- Verify hash values match original computation
- Store evidence in tamper-evident container
- Create multiple verified copies
- Prepare witness statement for certificate signatory
Court Submission
- File certificate with electronic record
- Ensure certificate accompanies each submission
- Be prepared for cross-examination on collection process
- Have forensic expert available if challenged
Conclusion
Digital evidence under BSA Section 63 requires meticulous attention to:
- Certificate compliance at each submission
- Hash value documentation for integrity
- Metadata preservation for authentication
- Chain of custody maintenance
Practitioners who master these requirements will effectively leverage digital evidence; those who neglect them risk exclusion of crucial proof.