Digital Evidence Preservation And Chain Of Custody
⚖️ 1. Understanding Digital Evidence and Chain of Custody
Digital Evidence
Refers to any data stored or transmitted electronically that can be used in court, including:
Emails, chats, SMS, call logs
Social media content
Computer files, server logs
Digital photographs, CCTV footage, and IoT device logs
Importance
Digital evidence is fragile and easily altered, so proper handling is critical.
Courts emphasize authenticity, reliability, and integrity before admitting it.
Chain of Custody
Definition: Documented process that tracks the possession, transfer, analysis, and storage of digital evidence from the point of collection to its presentation in court.
Key Principles:
Evidence must be collected lawfully.
Proper documentation of handling and storage.
Minimal handling to prevent tampering.
Authentication to show evidence is original and unaltered.
⚖️ 2. Legal Framework in India
Indian Evidence Act, 1872
Section 65A & 65B – Deals with admissibility of electronic records.
Information Technology Act, 2000
Sections 43, 66 – Cover tampering, hacking, and digital evidence.
CrPC
Sections 173, 197 – Guide police investigations and evidence submission.
🏛️ 3. Landmark Case Laws
Case 1: State vs. Navjot Sandhu (2005) – Parliament Attack Case
Facts:
Evidence included CCTV footage, call records, and electronic messages.
Judgment:
Court emphasized proper collection, documentation, and verification of electronic evidence.
Reinforced admissibility under Section 65B of the Indian Evidence Act.
Significance:
Highlighted importance of chain of custody for digital evidence in terrorism cases.
Case 2: Anvar P.V vs. P.K. Basheer (2014)
Facts:
Conviction based on CD-ROM containing phone call recordings.
Judgment:
Supreme Court held that Section 65B certificate is mandatory for electronic evidence to be admissible.
Evidence without proper certificate cannot be relied upon.
Significance:
Landmark clarification on admissibility and authenticity of digital evidence.
Case 3: Shafhi Mohammad vs. State of Himachal Pradesh (2018)
Facts:
Challenge on copy of digital evidence produced in court.
Judgment:
Court emphasized original or certified copy under Section 65B is necessary.
Chain of custody must be maintained to avoid tampering claims.
Significance:
Reinforces the principle that digital evidence must be preserved with proper certification.
Case 4: State of Tamil Nadu vs. Suhas Katti (2004)
Facts:
First cybercrime case under IT Act – defamation and harassment via email.
Judgment:
Court highlighted need for forensic examination and logs preservation.
Emphasized role of expert testimony in validating emails as evidence.
Significance:
Early illustration of chain of custody and forensic validation in cybercrime.
Case 5: Rajesh Sharma vs. State of UP (2017)
Facts:
Investigation relied on social media posts and WhatsApp messages.
Judgment:
Court accepted digital evidence only if extracted and preserved under forensically sound methods.
Chain of custody must be documented at every step.
Significance:
Confirms strict procedural compliance is required to prevent evidence rejection.
Case 6: S. Varadharajan vs. The Inspector of Police (2019)
Facts:
Issue regarding authenticity of digital photographs and video clips.
Judgment:
Court insisted on metadata examination and recording of handling steps.
Highlighted importance of chain of custody documentation for authenticity.
Significance:
Underlines forensic best practices for handling digital evidence.
🏛️ 4. Key Principles from Case Law
| Principle | Illustration |
|---|---|
| Mandatory Section 65B certificate | Anvar P.V vs. P.K. Basheer |
| Original or certified copy | Shafhi Mohammad vs. State of HP |
| Forensic examination required | Suhas Katti Case |
| Chain of custody documentation | Rajesh Sharma Case |
| Authenticity and metadata validation | S. Varadharajan Case |
| Admissibility in terrorism/cybercrime | State vs. Navjot Sandhu |
🔐 5. Best Practices for Digital Evidence Preservation
Collect evidence promptly to avoid alteration.
Maintain detailed chain of custody logs (who handled it, when, and how).
Use write-protected storage to prevent tampering.
Document every transfer with signatures and dates.
Conduct forensic examination by certified experts.
Produce Section 65B certificate for court submission.
🏁 6. Summary
Digital evidence is critical in modern investigations, including cybercrime, terrorism, and corporate fraud.
Chain of custody ensures evidence remains authentic, reliable, and admissible.
Case laws like Anvar P.V, Navjot Sandhu, Shafhi Mohammad, Suhas Katti, Rajesh Sharma, and Varadharajan provide practical guidelines for investigators and courts.
Courts increasingly demand forensically sound collection, documentation, and certification to prevent tampering and safeguard justice.
RELATED Blog
0 comments