The enforcement of the Bharatiya Nyaya Sanhita, 2023 (BNS) and the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS) on July 1, 2024, fundamentally restructured India’s criminal justice framework. In the domain of cyber crime—where digital footprints cross jurisdictional boundaries and financial fraud reaches unprecedented scales—the legal framework has become substantially more stringent. Investigating agencies now routinely invoke a matrix of provisions from both the Information Technology (IT) Act, 2000, and the newly enacted BNS. Consequently, bail jurisprudence in cyber crime cases has evolved from traditional principles of physical recovery to complex assessments of digital evidence tampering, transnational flight risks, and the newly defined thresholds of organized crime. This article provides a highly researched analysis of the emerging bail jurisprudence governing cyber offences under the IT Act and the BNS/BNSS framework as of mid-2026.

The Statutory Intersection: IT Act Vs. BNS

In contemporary cyber crime First Information Reports (FIRs), investigating agencies typically deploy a dual-statute approach. The specific provisions invoked directly dictate the rigor of the bail hearing:

• Identity Theft and Personation: Prosecuted concurrently under Section 66C/66D of the IT Act (punishable up to 3 years) and Section 319 of the BNS (Cheating by personation).
• Digital Financial Fraud (Phishing/UPI Frauds): Prosecuted under Section 318 of the BNS (Cheating), which carries a maximum punishment of up to 7 years.
• Electronic Forgery: Prosecuted under Sections 335 and 336 of the BNS (Forgery for the purpose of cheating), covering fabricated PDFs, forged emails, and altered digital records.

Historically, because IT Act offences (like Section 66D) carried lesser punishments and were often bailable, investigating agencies began heavily relying on IPC (now BNS) provisions to justify custodial interrogation and oppose regular bail applications.

The post Bail In Cyber Crime Cases: Emerging Jurisprudence Under The IT Act And BNS Provisions (Updated 2026) appeared first on Bhatt & Joshi Associates.

Part 4: The Adani Group Controversy: A Landmark Case Study in Cross-Border Securities Regulation and Corporate Governance

Introduction

The Adani Group investigation represents one of the most complex challenges to international securities enforcement in recent years. This chapter examines the intricate web of jurisdictional challenges in cross-border securities that arise when U.S. regulatory authorities attempt to extend their reach internationally. At its core, the case highlights fundamental questions about the limits of American legal authority in an era of increasingly globalized financial markets. The resolution of these jurisdictional challenges will likely have far-reaching implications for future cross-border securities investigations and enforcement actions.

Extraterritorial Application of U.S. Laws

Presumption Against Extraterritoriality

The bedrock principle governing the extraterritorial application of U.S. laws stems from a long-established presumption against extending American legal authority beyond national borders. This doctrine, forcefully articulated by Chief Justice John Roberts and deeply embedded in American jurisprudence, reflects the understanding that Congress primarily legislates with domestic concerns in mind. The presumption serves as a crucial safeguard against unintended conflicts with foreign legal systems and helps maintain the delicate balance of international relations.

Recent Supreme Court decisions have consistently reinforced this principle, emphasizing that unless Congress clearly expresses an intent for a law to apply extraterritorially, courts must presume it is primarily concerned with domestic conditions. This presumption becomes particularly significant in cases like Adani’s, where the majority of alleged conduct occurred outside U.S. borders. The doctrine requires prosecutors to establish clear statutory authority for any extraterritorial application of U.S. laws, a requirement that becomes especially challenging in complex international financial cases.

The Evolution of the “Conduct and Effects” Test

The development of the “conduct and effects” test marks a critical evolution in U.S. courts’ approach to extraterritorial jurisdiction in securities law. This test emerged from decades of judicial interpretation as courts grappled with increasingly complex international securities transactions. Under this framework, U.S. courts analyze whether the alleged conduct occurred within U.S. territory or had substantial effects on U.S. markets or investors.

In the context of the Adani investigation, the application of this test requires a detailed examination of multiple factors. Prosecutors must demonstrate either significant conduct within U.S. territory or substantial impact on U.S. markets. This might involve analyzing trading patterns on American exchanges, assessing the exposure of U.S. investors to Adani securities, or tracking complex financial transactions through U.S. banking systems. The test’s application becomes particularly nuanced when dealing with modern financial instruments and international corporate structures that blur traditional jurisdictional boundaries.

The Morrison Doctrine and Its Implications

The Supreme Court’s landmark decision in Morrison v. National Australia Bank fundamentally transformed the landscape of extraterritorial securities law enforcement. This pivotal case established a more stringent “transactional test” that significantly narrowed the scope of U.S. securities laws’ extraterritorial application. The Morrison doctrine effectively limited the reach of Section 10(b) of the Securities Exchange Act to securities listed on U.S. exchanges and domestic transactions in other securities.

The implications of Morrison for the Adani case are profound and multifaceted. While Adani Group companies’ securities are primarily listed on Indian exchanges, any secondary listings or American Depositary Receipts (ADRs) trading on U.S. exchanges would fall squarely within Morrison’s scope. Furthermore, the complex web of international transactions and corporate relationships involved in the case requires careful analysis under the Morrison framework to determine which specific transactions and conduct fall within U.S. jurisdiction.

FCPA Jurisdictional Framework

U.S. Persons and Businesses Under FCPA

The Foreign Corrupt Practices Act establishes an extraordinarily broad jurisdictional framework over U.S. persons and businesses. The statute’s comprehensive approach reflects Congress’s determination to combat international corruption through aggressive enforcement measures. When applied to complex international cases like Adani’s, this framework creates multiple pathways for establishing jurisdiction, even when the primary conduct occurs overseas.

The FCPA’s jurisdiction over U.S. persons extends globally, reaching beyond traditional territorial boundaries to encompass actions taken anywhere in the world. This expansive reach reflects the statute’s ambitious goal of preventing corruption in international business transactions. The Act’s definitions of covered persons and entities are intentionally broad, encompassing not only U.S. citizens and permanent residents but also companies organized under U.S. laws or maintaining principal places of business within U.S. territory.

Securities Issuers and Regulatory Obligations

The regulatory obligations imposed on securities issuers under the FCPA create another significant jurisdictional nexus. Companies that choose to access U.S. capital markets through securities listings subject themselves to a comprehensive regulatory regime that includes both anti-bribery provisions and stringent accounting requirements. This aspect of FCPA jurisdiction becomes particularly relevant in the Adani case, where complex corporate structures and international securities offerings intersect with U.S. financial markets.

The accounting provisions of the FCPA impose particularly far-reaching obligations on issuers. These requirements mandate the maintenance of accurate books and records, along with the implementation of adequate internal accounting controls. The scope of these provisions extends beyond traditional anti-bribery concerns, creating a broader framework for regulatory oversight. In the context of international conglomerates like Adani, these requirements can create jurisdictional hooks through corporate relationships and financial reporting obligations that might otherwise appear peripheral to U.S. interests.

International Reach and Non-U.S. Persons

The FCPA’s jurisdiction over non-U.S. persons represents one of the statute’s most ambitious assertions of extraterritorial reach. This aspect of the law has generated significant international controversy and raises complex questions about the limits of U.S. regulatory authority. The statute’s application to foreign individuals and entities requires careful analysis of territorial connections and the nature of alleged corrupt activities.

The jurisdictional reach over non-U.S. persons typically requires some territorial nexus to the United States, however minimal. This connection might be established through physical presence in U.S. territory, use of U.S. communication systems, or engagement with U.S. financial institutions. In the Adani investigation, prosecutors would need to carefully trace such connections to establish jurisdiction over foreign defendants while respecting international legal principles and diplomatic considerations.

Establishing U.S. Nexus

Financial Systems and Monetary Transactions

The global predominance of the U.S. financial system provides numerous opportunities for establishing jurisdiction in international cases. The use of U.S. dollars in international transactions typically requires clearing through U.S. correspondent banks, creating a territorial connection that courts have increasingly recognized as sufficient for jurisdictional purposes. This aspect becomes particularly relevant in complex international financial investigations like the Adani case, where multiple layers of transactions and financial relationships may create unexpected jurisdictional connections.

Modern financial transactions leave detailed electronic trails that can help establish U.S. connections. The regulatory framework governing international financial transactions, including the Bank Secrecy Act and related regulations, requires financial institutions to maintain extensive records that can later support enforcement actions. These requirements create a rich source of evidence for establishing jurisdictional connections, even in cases where the primary conduct occurred overseas.

Electronic Communications and Digital Infrastructure

The pervasive nature of modern electronic communications creates numerous opportunities for establishing U.S. jurisdiction. International business communications frequently transit through U.S. infrastructure, creating potential jurisdictional hooks that might not be immediately apparent to foreign actors. This reality becomes particularly significant in cases involving alleged securities fraud or corruption, where electronic communications often provide crucial evidence of intent and coordination.

Corporate Records and Financial Reporting

The interconnected nature of modern corporate structures creates additional avenues for establishing U.S. jurisdiction through corporate reporting relationships. The FCPA’s books and records provisions impose obligations that can cascade through corporate structures, potentially creating jurisdiction through parent-subsidiary relationships or consolidated financial reporting. These provisions become particularly relevant in cases involving complex international corporate structures like those present in the Adani investigation.

Defense Strategies in Foreign Jurisdictions

Complex Framework of Jurisdictional Defenses

Foreign defendants in cases like the Adani investigation face unique challenges when contesting U.S. jurisdiction, requiring sophisticated legal strategies that bridge multiple legal systems. The fundamental defense framework begins with constitutional due process considerations but extends into complex questions of international law and comity. These defenses must be carefully crafted to address both procedural and substantive jurisdictional challenges while preserving arguments for subsequent stages of litigation.

The constitutional dimension of  centers on the Due Process Clause’s requirement for minimum contacts with the United States. In the international business context, these challenges become particularly nuanced when dealing with corporate groups and individual officers. Courts must evaluate whether defendants have purposefully availed themselves of U.S. markets or established sufficient connections to justify the exercise of U.S. jurisdiction. This analysis becomes especially complex in cases involving international securities trading and global financial transactions.

Evidentiary Jurisdictional Challenges in Cross-Border Investigations

The collection and presentation of evidence in cross-border investigations pose unique hurdles, significantly influencing jurisdictional arguments. International evidence gathering is governed by a complex interplay of treaties, conventions, and domestic laws, which vary across jurisdictions. In the Adani case, these challenges are compounded by the necessity of coordinating across multiple legal systems while adhering to both U.S. and Indian legal frameworks.

Evidence obtained through international mechanisms must meet domestic and international legal standards to be admissible in U.S. courts. The process often involves navigating intricate diplomatic protocols and satisfying procedural requirements. Defendants may contest evidence acquired without proper adherence to international norms, potentially undermining U.S. enforcement jurisdiction. This issue becomes particularly significant when dealing with electronic records, financial documents, and witness testimonies sourced from foreign jurisdictions.

Personal Jurisdiction and Corporate Responsibility

Corporate officers and directors facing potential liability in U.S. courts must carefully consider their jurisdictional defenses within the broader context of corporate responsibility. The fiduciary shield doctrine, which can protect individual officers from personal jurisdiction based solely on corporate contacts, requires careful analysis of individual roles and responsibilities. This defense becomes particularly relevant in cases involving complex corporate structures and international business operations.

The relationship between personal jurisdiction and corporate activity presents special challenges in securities fraud cases. Courts must balance traditional notions of fairness and substantial justice with the need to effectively regulate international securities markets. Individual defendants may argue that their actions were taken entirely outside U.S. territory and that they lack sufficient personal connections to justify U.S. jurisdiction. These arguments require careful consideration of both the direct and indirect effects of alleged misconduct on U.S. markets and investors.

International Cooperation Framework

Mutual Legal Assistance Treaties and Enforcement

The effectiveness of cross-border investigations often depends heavily on international cooperation mechanisms, particularly Mutual Legal Assistance Treaties (MLATs). The U.S.-India MLAT, which provides the primary framework for bilateral legal cooperation in the Adani case, establishes specific procedures for sharing evidence and conducting joint investigations. This treaty framework must be carefully navigated to ensure effective enforcement while respecting both countries’ sovereign interests.

The practical implementation of MLAT provisions often involves complex negotiations between different legal systems and enforcement priorities. Prosecutors must balance the need for rapid information sharing with the requirement to respect formal diplomatic channels and procedural safeguards. The success of international investigations often depends on the ability to effectively coordinate across these various mechanisms while maintaining the integrity of the evidence-gathering process.

Role and Authority of Indian Regulatory Bodies

Indian regulatory authorities play a crucial role in determining the scope and effectiveness of U.S. enforcement efforts. The Securities and Exchange Board of India (SEBI), the Reserve Bank of India (RBI), and other regulatory bodies operate under domestic legal mandates that may not always align perfectly with U.S. enforcement objectives. Understanding and respecting these different regulatory frameworks becomes essential for successful cross-border investigations.

The relationship between U.S. and Indian authorities must be carefully managed to ensure effective cooperation while respecting national sovereignty. Indian authorities may need to balance multiple competing interests, including domestic economic concerns, international obligations, and regulatory independence. This delicate balance becomes particularly important in high-profile cases like the Adani investigation, where regulatory decisions can have significant economic and political implications.

Extradition Processes and Diplomatic Considerations

The potential for extradition adds another layer of complexity to international enforcement efforts. The U.S.-India Extradition Treaty provides the legal framework for such requests, but its practical application involves careful consideration of both legal requirements and diplomatic sensitivities. The treaty’s provisions must be interpreted in light of both countries’ legal traditions and enforcement priorities.

Successful extradition requires satisfaction of the dual criminality requirement, ensuring that the alleged conduct constitutes a crime in both jurisdictions. This requirement can present particular challenges in complex financial cases, where specific regulatory violations may be treated differently under different legal systems. The process also requires careful attention to procedural safeguards and human rights considerations, adding further complexity to enforcement efforts.

Conclusion: Implications of Jurisdictional Challenges in Cross-Border Securities Enforcement

The jurisdictional challenges in cross-border securities presented by the Adani case illustrate the increasing complexity of international securities enforcement in an interconnected global economy. Success in establishing and maintaining jurisdiction requires careful navigation of multiple legal frameworks, diplomatic considerations, and practical challenges. The resolution of these jurisdictional challenges in cross-border securities will likely have significant implications for future enforcement efforts and the development of international regulatory cooperation.

The case highlights the tension between aggressive enforcement of U.S. securities laws and respect for international sovereignty. As global financial markets become increasingly integrated, the need for effective cross-border enforcement mechanisms continues to grow. However, this enforcement must be balanced against principles of international comity and respect for different legal systems. The Adani case may well set important precedents for how these competing interests are balanced in future international securities investigations. 

The post Jurisdictional Challenges in Cross-Border Securities Cases appeared first on Bhatt & Joshi Associates.

Introduction

In the contemporary legal landscape, electronic evidence has become an indispensable facet of court proceedings, presenting unique challenges and opportunities for legal practitioners and adjudicators. With the pervasive use of electronic devices and digital communication platforms, questions regarding the admissibility, authenticity, and reliability of electronic evidence have assumed paramount importance within the Indian legal system. This comprehensive analysis endeavors to delve deeply into the intricate nuances surrounding electronic evidence in India, exploring pertinent statutes, landmark judgments, and emerging trends within the Indian legal framework.

Understanding Electronic Evidence in India: Foundations and Legal Framework

Electronic evidence encompasses a diverse array of digital data, including emails, text messages, social media posts, digital images, videos, and computer-generated records. Unlike traditional forms of evidence, electronic evidence poses distinct challenges due to its intangible nature, susceptibility to manipulation, and reliance on technological infrastructure. In India, the legal framework governing electronic evidence is primarily established by the Indian Evidence Act, 1872. While the Act recognizes statements in oral, documentary, or electronic form as admissible evidence under Section 17, the specific requirements and procedures for electronic evidence admissibility are delineated in Section 65B. Section 65B of the Indian Evidence Act mandates that electronic records, including computer-generated evidence, must be accompanied by a certificate to be admissible in court. This certificate, issued by a person occupying a responsible official position in relation to the operation of the relevant device, attests to the authenticity and integrity of the electronic record. Furthermore, the certificate must describe the manner in which the electronic record was produced, furnish particulars of the device involved, and comply with the conditions stipulated in Section 65B(2).

Landmark Judgments: Shaping the Discourse on Electronic Evidence in India

Landmark judgments play a pivotal role in shaping the legal discourse surrounding electronic evidence admissibility in India. One such seminal case is Shafi Mohammad Vs. The State Of Himachal Pradesh, where the Supreme Court provided seminal insights into the admissibility of electronic evidence, particularly in light of Section 65B of the Evidence Act. The court emphasized the importance of procedural compliance and the necessity of a certificate for electronic evidence admissibility, setting a precedent for subsequent cases. Another landmark judgment that merits attention is Anvar P.V. Versus P.K. Basheer & Ors, wherein the Supreme Court delved deep into the nuances of electronic evidence authentication. The court’s interpretation of Section 65B and its insistence on the indispensability of a certificate for secondary data admissibility underscored the significance of procedural rigor in electronic evidence proceedings.

Analyzing Email and WhatsApp Conversations: An Analytical Framework

The widespread use of email and messaging applications such as WhatsApp has presented novel challenges in electronic evidence admissibility. Courts have grappled with questions regarding the authentication, relevance, and admissibility of email and WhatsApp conversations as evidence. In cases such as Abdul Rahaman Kunji Vs. The State of West Bengal and Kundan Singh v. The State, courts have provided valuable elucidation on the application of Section 65B and the necessity of accompanying certificates for electronic evidence admissibility. Furthermore, the distinction between primary and secondary copies of electronic records assumes significance in determining admissibility. Courts have emphasized the need for primary evidence, such as original electronic records, to be accompanied by certificates issued under Section 65B. Secondary copies, including printouts or downloads, may also require certification to ensure their authenticity and reliability.

The Certificate Mandate and Its Implications

At the crux of electronic evidence admissibility lies the certificate mandated by Section 65B of the Evidence Act. This certificate serves as a crucial determinant of electronic evidence’s admissibility, attesting to its authenticity, integrity, and compliance with legal requirements. An in-depth analysis of Anvar P.V. vs. P.K. Basheer sheds light on the court’s interpretation of Section 65B(4) and its implications for parties seeking to produce electronic evidence.

Moreover, the certificate requirement underscores the importance of procedural rigor and technological expertise in electronic evidence proceedings. Courts must ensure that certificates are issued by competent authorities with relevant technical knowledge and expertise. Failure to comply with the certificate mandate may result in electronic evidence being deemed inadmissible, highlighting the need for meticulous adherence to procedural requirements.

Recent Developments and Emerging Trends

The rapid evolution of technology has brought about new challenges and opportunities in electronic evidence proceedings. Recent instances of leaked WhatsApp chats and social media posts obtained during investigations have highlighted the need for a robust legal framework governing electronic evidence admissibility. The Indian Evidence Act, 1872, and Section 65B have come under scrutiny in light of emerging technological trends and evolving jurisprudence. In the landmark decision of Arjun Panditrao Khotkar v. Kailash Kishanrao Goratyal, the Supreme Court provided seminal insights into the interpretation of Section 65B and its applicability to electronic evidence proceedings. The court clarified the distinction between primary and secondary evidence and emphasized the necessity of certificates for secondary copies of electronic records. Furthermore, the court underscored the importance of procedural compliance and technological expertise in electronic evidence proceedings.

Challenges and Future Directions

Despite significant progress in elucidating the legal framework surrounding electronic evidence, several challenges persist. The rapid proliferation of digital technologies, the voluminous nature of electronic data, and the evolving landscape of cyber threats pose formidable challenges for legal practitioners and courts alike. Issues such as data privacy, cybersecurity, and the authentication of electronic records continue to present complex challenges in electronic evidence proceedings. Looking ahead, it is imperative for legislators, legal practitioners, and technology experts to collaborate in addressing these challenges and adapting legal frameworks to the realities of the digital age. Efforts to streamline electronic evidence procedures, enhance technological infrastructure, and promote digital literacy among legal professionals are crucial steps in ensuring the effective administration of justice in the digital era.

Conclusion: Navigating Electronic Evidence in India

In conclusion, electronic evidence occupies a central position in contemporary legal practice, presenting both challenges and opportunities for legal practitioners and courts. Landmark judgments such as Shafi Mohammad and Anvar P.V. have provided invaluable guidance on electronic evidence admissibility, shaping the discourse surrounding this complex legal issue. The certificate mandate under Section 65B underscores the importance of procedural rigor and technological expertise in electronic evidence proceedings.

As society continues its inexorable march towards digitalization, it is essential for stakeholders to remain vigilant, adaptive, and proactive in addressing the challenges posed by electronic evidence. Efforts to enhance legal frameworks, promote digital literacy, and foster collaboration between legal and technological communities are essential in ensuring the effective administration of justice in the digital age. Through concerted efforts and a commitment to excellence, the Indian legal system can navigate the complexities of electronic evidence and uphold the principles of justice, fairness, and integrity in the digital era.

The post Electronic Evidence in India: Navigating the Legal Landscape – A Comprehensive Analysis appeared first on Bhatt & Joshi Associates.

The rapid evolution of digital technology has fundamentally transformed the landscape of legal proceedings in India. Electronic records now constitute a substantial portion of evidence presented before courts, ranging from emails and text messages to surveillance footage and call detail records. As digital devices proliferate and online transactions become ubiquitous, the authenticity and integrity of electronic evidence have emerged as paramount concerns for the judicial system. At the heart of this transformation lies a technical safeguard known as the hash value, a cryptographic fingerprint that ensures digital evidence remains unaltered from the moment of collection to its presentation in court.

Hash values serve as digital fingerprints, providing a mathematical means to verify that electronic records have not been tampered with or manipulated. This technological tool has become indispensable in establishing the chain of custody for digital evidence, addressing the inherent vulnerabilities of electronic data to modification. The legal framework governing electronic evidence in India has evolved to recognize the critical role of hash values, though significant challenges remain in standardizing their application across jurisdictions. Understanding the technical foundation, legal requirements, and practical implications of hash values is essential for legal practitioners, law enforcement agencies, and forensic experts navigating the complexities of digital evidence.

Understanding Hash Values: The Digital Fingerprint

A hash value represents a fixed-length alphanumeric string generated through the application of a mathematical algorithm to a digital file. This process, known as hashing, transforms data of any size into a unique identifier that serves as the file’s digital fingerprint. The hash function operates on the principle that identical input data will invariably produce identical hash values, while even the slightest alteration to the original data results in a completely different hash output. This deterministic property makes hash values invaluable for verifying the authenticity and integrity of electronic records in legal proceedings.

The technical characteristics of hash functions are fundamental to their reliability as evidentiary tools. Hash algorithms are designed to be computationally infeasible to reverse, meaning that deriving the original data from its hash value is virtually impossible. Additionally, collision resistance ensures that two different files cannot produce the same hash value, providing a high degree of certainty that matching hash values indicate identical files. The Information Technology Act, 2000, recognizes hash functions as algorithmic processes that map sequences of bits into smaller sets known as hash results, emphasizing their computational infeasibility for reconstruction [1].

The most commonly employed hash algorithms in forensic investigations include MD5, SHA-1, and SHA-256. While MD5 and SHA-1 have been standard algorithms for years, contemporary forensic practice increasingly favors SHA-256 due to its enhanced security features and resistance to collision attacks. The Information Technology (Certifying Authorities) Rules, 2000, specifically recognizes MD5 and SHA-2 as accepted standard digital hash functions aligned with international standards [2]. The selection of appropriate hash algorithms has become a critical consideration in ensuring the admissibility and reliability of digital evidence in Indian courts.

Legal Framework Governing Hash Values in India

The legal recognition of hash values in India stems from multiple legislative instruments that collectively establish the framework for electronic evidence. The Information Technology Act, 2000, provides the foundational recognition of hash functions within the context of digital signatures and electronic authentication. Section 3(2) of the Act mandates that authentication of electronic records shall be effected through the use of asymmetric cryptosystems and hash functions, which transform the initial electronic record into another electronic record. The explanatory provisions define hash functions with technical precision, establishing their legal validity as authentication mechanisms.

The Bharatiya Sakshya Adhiniyam, 2023, which replaced the Indian Evidence Act of 1872, represents a significant advancement in codifying the requirements for electronic evidence admissibility. Section 63 of this Act delineates the conditions under which electronic records can be admitted as evidence in court proceedings. The provision mandates that electronic records must be accompanied by a certificate in the prescribed format, which includes explicit requirements for documenting hash values. The Schedule appended to Section 63(4) specifies that parties submitting electronic evidence must provide the hash value of the electronic record along with identification of the hash function employed, such as MD5, SHA-256, or SHA-512.

The certificate requirements under the Bharatiya Sakshya Adhiniyam comprise two distinct parts. Part A must be completed by the individual or entity generating the electronic evidence, providing firsthand information about the creation, storage, and preservation of the electronic record. This section establishes the initial chain of custody and documents the hash value calculated at the time of evidence collection. Part B requires certification from an expert, as defined under Section 39 of the Act, who possesses specialized knowledge in computer systems and electronic devices. This dual certification mechanism aims to ensure both the technical accuracy of hash value generation and the reliability of the underlying electronic record.

Judicial Pronouncements on Hash Values and Electronic Evidence

The Supreme Court of India has delivered several landmark judgments that have shaped the jurisprudence surrounding digital evidence and hash values. The case of Anvar P.V. v. P.K. Basheer (2014) stands as the watershed moment in Indian electronic evidence law [3]. In this case, the Supreme Court overruled its previous decision in State (NCT of Delhi) v. Navjot Sandhu and established that electronic records can only be admitted as secondary evidence when accompanied by a certificate complying with Section 65B of the Indian Evidence Act, 1872, the predecessor provision to Section 63 of the Bharatiya Sakshya Adhiniyam.

The three-judge bench in Anvar P.V. v. P.K. Basheer emphasized that electronic records are governed by special provisions that override general documentary evidence rules. The court held that the certificate requirement is not merely procedural but constitutes a substantive safeguard against the manipulation of electronic evidence. While the judgment does not explicitly mandate hash values, it establishes stringent technical requirements for proving electronic records, creating the legal foundation for hash verification as a reliable authentication method. The court recognized that electronic evidence, being more susceptible to tampering and alteration, requires special procedural safeguards to ensure its reliability.

The Delhi High Court’s decision in Jagdeo Singh v. State (2015) provides more direct recognition of hash values in forensic examination [4]. Although the case primarily addressed failures in complying with Section 65B certification requirements, the court acknowledged the importance of documenting hash values to ensure the originality of electronic evidence and prevent allegations of tampering. The judgment underscores that proper documentation of hash values forms an integral part of establishing the chain of custody for digital evidence, particularly when multiple copies or images of storage devices are created during investigation.

Hash Values in Digital Forensic Practice

The practical application of hash values in digital forensic investigations follows established protocols designed to maintain the integrity of evidence from seizure through analysis. When law enforcement officers or forensic examiners encounter digital devices during investigations, the first critical step involves creating forensic images or clones of storage media using write-blocking devices. Write blockers are hardware or software tools that prevent any modifications to the original data during the copying process, ensuring that the source device remains untampered. The Government e-Marketplace lists various forensic write-blocking devices from manufacturers such as CRU, Logicube, and Tableau, with prices ranging from approximately eighty-six thousand rupees to over six lakh rupees, reflecting the professional-grade nature of forensic equipment.

During the imaging process, forensic tools automatically calculate and record the hash value of both the original storage device and the created forensic image. This dual hashing serves multiple purposes within the investigative framework. First, it provides mathematical proof that the forensic image is an exact duplicate of the original device, ensuring that subsequent analysis operates on an authentic copy of the evidence. Second, it establishes a verifiable record that can be presented in court to demonstrate the integrity of the evidence collection process. The Digital Evidence Investigation Manual issued by the Central Board of Direct Taxes explicitly recognizes that accessing a system or hard disk without write-protection devices causes changes in the hash value, potentially rendering the evidence inadmissible [5].

The documentation requirements for hash values extend beyond mere calculation to include comprehensive record-keeping throughout the investigative process. Forensic examiners must prepare detailed reports documenting the hash values of original devices, forensic images, and any derivative copies created for analysis. These reports typically form annexures to investigation documents or assessment orders, establishing an unbroken chain of custody. In cases where imaging cannot be performed at the seizure site, the manual prescribes that two sets of images should be created in laboratory conditions in the presence of the accused or their representative, with a panchnama recording the hash value of each imaged device. This procedural safeguard addresses concerns about potential manipulation and ensures transparency in the forensic process.

International Perspectives and Comparative Analysis

The United States legal system has developed extensive jurisprudence regarding hash values and their role in electronic evidence authentication. Federal Rule of Evidence 901(b)(4) explicitly recognizes hash values as a method for establishing the authenticity of digital evidence through distinctive characteristics. The landmark case of United States v. Cartier (2008) provides significant precedent for the reliability of hash value matching [6]. In this case, the Eighth Circuit Court of Appeals addressed the use of hash values in identifying contraband files on peer-to-peer networks. The district court found that files with identical hash values have a 99.99 percent probability of being identical, establishing a high evidentiary threshold for hash value reliability.

The Cartier case also addressed the technical question of hash collisions, where two dissimilar files might theoretically produce the same hash value. Expert testimony established that while hash collisions are theoretically possible in laboratory settings, no two dissimilar files will naturally produce identical hash values using robust algorithms. This judicial recognition of hash value reliability has influenced American forensic practice, where hashing has become a standard procedure for authenticating electronic evidence, identifying duplicate files, and establishing chains of custody. The Federal Judicial Center’s guide for federal judges defines hash values as unique numerical identifiers with mathematical properties that make the probability of collision negligible.

European jurisdictions have similarly embraced hash values as essential tools in digital forensics. The case of Dramatico Entertainment Ltd. v. British Sky Broadcasting Ltd. in the United Kingdom examined the role of hash values in identifying infringing content on peer-to-peer networks. The court recognized hash values as reference codes comprising strings of letters and numbers that uniquely identify digital files, accepting their use in establishing the presence of specific content across multiple network locations. This international convergence in recognizing hash value reliability demonstrates the universal applicability of cryptographic principles in legal contexts, regardless of jurisdictional boundaries.

Challenges and Limitations in Indian Implementation

Despite the legal recognition of hash values in Indian legislation and jurisprudence, significant practical challenges impede their consistent application across the criminal justice system. A primary obstacle lies in the absence of standardized protocols for hash value generation and documentation. While the Bharatiya Sakshya Adhiniyam mandates the inclusion of hash values in certificates accompanying electronic evidence, the Act provides limited guidance on technical standards, algorithm selection, or verification procedures. This legislative gap results in inconsistent practices across different investigating agencies and forensic laboratories, potentially compromising the reliability of electronic evidence.

The definition and qualification of electronic experts under Indian law remains ambiguous, creating uncertainty about who possesses the requisite authority to certify hash values under Part B of the Section 63 certificate. Section 39 of the Bharatiya Sakshya Adhiniyam defines experts as persons specially skilled in foreign law, science, art, or any other field, but provides no specific criteria for determining expertise in digital forensics. Unlike jurisdictions such as the United States, which maintain professional certification programs for digital forensic examiners, India lacks a standardized framework for accrediting electronic evidence experts. This absence of clear qualification standards can lead to challenges regarding the credibility and weight of expert testimony on hash values.

The technical sophistication required to understand and evaluate hash values presents challenges for judicial officers, prosecutors, and defense counsel who may lack specialized training in digital forensics. Courts must assess the reliability of hash values, the appropriateness of algorithm selection, and the validity of forensic procedures without necessarily possessing the technical background to evaluate these factors independently. This knowledge gap can result in either excessive deference to technical testimony without adequate scrutiny or unwarranted skepticism toward scientifically sound evidence. Addressing this challenge requires ongoing judicial education programs focused on digital forensics and the scientific principles underlying hash functions.

Chain of Custody and Hash Value Documentation

The concept of chain of custody assumes heightened importance in the context of digital evidence, where the ease of duplication and modification necessitates rigorous documentation at every stage. Hash values serve as the mathematical backbone of chain of custody verification, providing objective proof that evidence remains unchanged from collection through courtroom presentation. The chain of custody documentation must include hash values calculated at the point of initial seizure, during the creation of forensic images, at the commencement of analysis, and at any subsequent stages where copies are generated or evidence is transferred between custodians.

The Digital Evidence Investigation Manual prescribes specific procedures for maintaining chain of custody through hash value documentation. When digital devices are seized at investigation sites, officers must immediately calculate and record hash values using forensic tools before any analysis occurs. This initial hash value establishes the baseline against which all subsequent copies and analyses are measured. If the investigation requires transporting storage devices to forensic laboratories, the panchnama prepared at the time of seizure must document the hash value to prevent later allegations of tampering during transport. The manual emphasizes that any access to digital storage without write-protection causes changes in hash values, potentially compromising evidence integrity.

In situations where multiple parties require access to digital evidence, such as when defense counsel seeks copies for independent examination, hash values ensure that all parties work with identical data sets. The prescribed procedure involves creating multiple forensic images in the presence of the accused or their representative, with each image verified to have identical hash values to the original device. This transparent process addresses due process concerns while maintaining evidence integrity. The assessee or accused may request copies of forensic images at their cost, with the accompanying documentation including hash values that can be independently verified to confirm the copies are authentic.

Technical Considerations in Hash Algorithm Selection

The choice of hash algorithm carries significant implications for the reliability and admissibility of electronic evidence. Cryptographic hash functions differ in their mathematical properties, computational requirements, and resistance to various attack vectors. MD5, developed in the early 1990s, produces 128-bit hash values and was once the standard for forensic applications. However, researchers have demonstrated successful collision attacks against MD5, meaning that it is possible to intentionally create two different files that produce identical MD5 hash values. This vulnerability has led to the deprecation of MD5 for security-critical applications, though it remains acceptable for basic file integrity verification in low-risk scenarios.

SHA-1, producing 160-bit hash values, represented an improvement over MD5 but has similarly been compromised by advances in computational power and cryptanalytic techniques. Researchers demonstrated practical collision attacks against SHA-1 in 2017, leading major technology companies and standards bodies to recommend discontinuing its use. The current industry standard, SHA-256, is part of the SHA-2 family of algorithms and produces 256-bit hash values. The significantly longer hash length and improved mathematical properties make SHA-256 highly resistant to collision attacks with current technology. The Information Technology (Certifying Authorities) Rules, 2000, recognizes SHA-2 as an accepted standard, aligning Indian practice with international norms.

Forensic practitioners must balance security considerations against compatibility requirements when selecting hash algorithms. Many legacy forensic tools and databases may only support MD5 or SHA-1, creating practical challenges in transitioning to newer algorithms. Best practice dictates calculating multiple hash values using different algorithms for critical evidence, providing redundancy and enhancing reliability. The Bharatiya Sakshya Adhiniyam certificate format accommodates multiple hash functions by providing checkboxes for MD5, SHA-256, and SHA-512, encouraging the use of multiple hashing methods. This approach mitigates the risk that vulnerability in a single algorithm could compromise evidence admissibility.

Future Directions and Recommendations

The effective implementation of hash value requirements in Indian digital evidence practice necessitates several systemic improvements. First, establishing comprehensive technical standards and standard operating procedures for hash value generation, documentation, and verification would create consistency across investigating agencies and forensic laboratories. These standards should specify approved hash algorithms, minimum documentation requirements, acceptable forensic tools, and quality assurance protocols. The Ministry of Home Affairs or the Ministry of Electronics and Information Technology could develop these standards in consultation with forensic science institutions, judicial training institutes, and international digital forensics organizations.

Second, developing a formal certification framework for digital forensic examiners would address the current ambiguity regarding expert qualifications under Section 39 of the Bharatiya Sakshya Adhiniyam. This framework should establish educational requirements, practical training standards, continuing education obligations, and ethical guidelines for practitioners. Certification programs could be administered through government forensic science institutions or professional bodies, with periodic recertification ensuring that examiners remain current with evolving technology. Clear certification standards would enhance the credibility of expert testimony and provide courts with objective criteria for evaluating witness qualifications.

Third, comprehensive training programs for judicial officers, prosecutors, and defense counsel would bridge the knowledge gap regarding digital forensics and hash values. Judicial training institutes should incorporate modules on electronic evidence, covering the scientific principles of hash functions, the technical aspects of digital forensic examination, and the legal standards for evaluating electronic evidence. These programs should include practical demonstrations of forensic tools and techniques, enabling legal professionals to better understand the capabilities and limitations of digital evidence. Investment in judicial education will enhance the quality of courtroom determinations regarding the admissibility and weight of electronic evidence.

Conclusion

Hash values have emerged as indispensable tools in the authentication and preservation of digital evidence within the Indian legal system. These cryptographic fingerprints provide objective, verifiable proof that electronic records remain unaltered from collection through courtroom presentation, addressing fundamental concerns about the integrity of digital evidence. The legal framework established by the Information Technology Act, 2000, and refined through the Bharatiya Sakshya Adhiniyam, 2023, recognizes hash values as essential components of electronic evidence certification. Landmark judicial pronouncements, particularly Anvar P.V. v. P.K. Basheer, have established stringent requirements for electronic evidence admissibility that implicitly rely on technical safeguards such as hash verification.

Despite this legal recognition, challenges remain in implementing hash value requirements consistently and effectively across India’s criminal justice system. The absence of standardized protocols, ambiguous expert qualification criteria, and limited technical understanding among legal professionals create obstacles to the reliable use of hash values in court proceedings. Addressing these challenges requires coordinated efforts to develop technical standards, establish certification frameworks for forensic examiners, and enhance judicial education regarding digital forensics. As digital evidence continues to proliferate in legal proceedings, the importance of hash values will only increase, making their proper implementation a matter of fundamental importance to the administration of justice.

The evolution of hash value jurisprudence in India reflects broader trends in the intersection of technology and law. As investigating agencies, forensic laboratories, and courts become more sophisticated in handling electronic evidence, hash values will transition from novel technical safeguards to routine evidentiary requirements. The success of this transition depends on maintaining rigorous standards for hash value generation and documentation while ensuring that legal professionals possess the knowledge necessary to evaluate digital evidence critically. By embracing hash values as foundational tools in digital forensics, the Indian legal system can ensure that electronic evidence meets the same standards of reliability and authenticity that have long governed traditional forms of proof.

References

[1] Government of India. (2000). The Information Technology Act, 2000. Section 3(2) – Authentication of electronic records. Available at: https://www.indiacode.nic.in/bitstream/123456789/13116/1/it_act_2000_updated.pdf 

[2] Ministry of Communications and Information Technology. (2000). The Information Technology (Certifying Authorities) Rules, 2000. Rule 6 – Hash functions. Available at: https://www.lawyersclubindia.com/articles/hash-value-authentication-and-admissibility-in-indian-perspective-6934.asp 

[3] Supreme Court of India. Anvar P.V. v. P.K. Basheer & Ors., (2014) 10 SCC 473. Available at: https://indiankanoon.org/doc/187283766/ 

[4] Delhi High Court. Jagdeo Singh @ Jagga and Others v. The State, 2015. Available at: https://lextechsuite.com/Jagdeo-Singh–Jagga-and-Others-Versus-The-State-2015-02-11 

[5] Central Board of Direct Taxes. Digital Evidence Investigation Manual. Government of India. Available at: https://corpotechlegal.com/admissibility-electronic-evidence-sec-63-bsa/ 

[6] United States Court of Appeals, Eighth Circuit. United States v. Cartier, 543 F.3d 442 (8th Cir. 2008). Available at: https://caselaw.findlaw.com/court/us-8th-circuit/1302840.html 

[7] Government of India. (2023). The Bharatiya Sakshya Adhiniyam, 2023. Section 63 – Special provisions as to evidence relating to electronic record. Available at: https://corpotechlegal.com/admissibility-electronic-evidence-sec-63-bsa/ 

[8] Centre for Internet and Society. (2014). “Anvar v. Basheer and the New (Old) Law of Electronic Evidence.” Available at: https://cis-india.org/internet-governance/blog/anvar-v-basheer-new-old-law-of-electronic-evidence 

[9] LiveLaw. (2024). “Does PV Anwar Judgment Mandating S.65B Evidence Act Certificate For Electronic Evidence Apply Retrospectively?” Available at: https://www.livelaw.in/top-stories/does-pv-anwar-judgment-mandating-s65b-evidence-act-certificate-for-electronic-evidence-apply-retrospectively-supreme-court-to-decide-266611 

The post Hash Value in Digital Evidence Under Section 65B Indian Evidence Act appeared first on Bhatt & Joshi Associates.