1

Aspects of e-mail as evidence in India INTRODUCTI ON With the advent of the internet, man received a powerful tool in communication and expression of ideas. Email

was a particularly powerful one as it provided an instant variant of the older posted mails (now called snail mail), and facilities such as attachments and chat have only served to make it more and more powerful.

Soon after the advent of email, its quick and efficient nature began to be used by criminals for planning and conducting various crimes. Even terrorist activities are nowadays planned over the internet, making this facility, once intended to be a convenience, a highly capable and dangerous means to ensure the planning and execution of various nefarious activities that may be planned.

In when the first cases came to courts all over the world in relation to criminal activities being conducted by terrorists, it was found- much to the horror of the courts- that there were no existing laws that could deal with the issue of email being a source of evidence. Even if various terms that were used in the law were interpreted in the context of electronic evidence, admissibility remained a major issue.

Similar problems were also faced by courts and judges in India, who were finding it difficult to fit email (or indeed any electronic evidence) into the ambit of the existing evidentiary framework. In order to combat such an eventuality, the Information Technology Act was passed in 2000 and certain changes were brought about to the existing criminal justice framework to ensure that the future was secure. Specifically, certain sections of the Procedure codes were amended, as were certain provisions of the Indian Evidence Act.

As stated earlier, this paper aims to look at the effect that such amendments have had on the law relating to email as evidence in India, and aims to point out any loopholes that may exist in the law as it exists currently. Further, it will look at the current status of the law with respect to other countries and traces out certain improvements that may be made to the law.

T HE LAW IN INDIA AND ITS ASPECTS A number of amendments were made to the Evidence Act in 2000 in order to bring it up to date with trends in

electronic evidence. These changes were made along with the passing of the Information Technology Act, 2000, which created an entirely new set of crimes in India known as cyber crimes. The provisions of the IT Act were to be bolstered by the Evidence Act. The changes made to the Evidence Act relevant in application to emails are as follows:

(1) Definition of Evidence: The definition of Documentary evidence was expanded to include electronic records. (2) Definition of Admission: was expanded to include admissions in form of electronic documents. (3) Addition of S.22-A: It was added to limit the relevance of oral admissions as to the contents of electronic

records to when the genuineness of the electronic record is questioned. (4) Addition of S.65-A and S.65-B: Section 65-A refers to the provisions of S.65-B for the proving of electronic

records. Section 65-B talks about the admissibility of electronic records. The conditions for admissibility of information

are as follows: (1) The computer was regularly used by a person having lawful control over the use of the computer. (2) The information required or derived was regularly fed into the computer in the ordinary course of the said

activities. (3) The Computer was operating properly, or if not, the defect did not affect the electronic record or the accuracy

of the contents. The information contained in the electronic record reproduces or is derived from such information on a computer

in the ordinary course of nature. The section also goes on to assume that transactions in multiple computers can be considered to be from one

computer for the purpose of investigation. Further, the computer output once taken out must be certified by a person occupying a responsible official position in relation to the managing of such electronic evidence.[1]

(1) Section 85-B (a): This sub-section lays down the presumption that a court shall presume that a secure electronic record is secure since the time when it was first secured.

(2) Section 88-A: This is the only section that directly deals with emails as such. It states that the presumption that exists in the court is that an email first sent by the originator is presumed to be the same as the one that is received. However, the courts will not make any presumptions as to who sent the message.

One major problem that exists with the amended provisions is that there is great emphasis in the substantive provisions on the computer itself and not the data that is retrieved from it. For example, there is only one substantive provision that deals directly with email or other media such as chat which are not stored on the computer of entry of data but on the server. Further, now that torrents have come into being, the data only exists in the internet, not on any specific computer. This shows how technology is moving ahead and law is falling behind.

The second major problem that exists is treating email as analogous to ordinary mail. While physical evidence has been well understood by the all parties in the court process for centuries, email is non-physical electronic concept whose public perception can be measured in less than two decades.

It is human nature to draw analogies between new concepts and old as an aid to understanding. This is true of email in the legal process where it is explained and examined in terms of its similarity with conventional mail[2]. There is

2

always a danger with this approach that the analogy can be stretched beyond the point where it truly relates to the newer concept.

To demonstrate this point, consider the following scenarios that are eminently possible in the email world, but beyond comprehension in the world of conventional mail[3]:

(1) Mail is not stolen, diverted or lost but simply spontaneously deletes itself due to viruses; (2) Between one letter and the next, the sorting off ice relocates itself to another country (and therefore

jurisdiction); (3) A mail is altered, its envelope changed, the postmark tampered with and no physical evidence is produced, as

the IP Address may vary from place to place; (4) A single letter is simultaneously delivered to multiple recipients; and (5) The same mail appears visually different to two different viewers. These are merely a few of the reasons why email should not be treated evidentially in the same manner as real

mail. The that precedes Mail may be a small one, but its effect is huge. The lack of reference to email except in Section 88-A causes a number of problems. With respect to admissibility,

it leaves room for a defence counsel to argue that the material is not admissible simply because the section dealing with the admissibility of electronic records For instance, Sections 65-B (2) (a) says that a condition for admissibility is that the data was entered regularly. This may be true in the case of a plan being made on the computer on software, but sending the plan itself, which will constitute conclusive proof of conspiracy, does not require regular use or even use in the ordinary course of the said activities (as in 65-B (2) (b) or (d)).

Further, Section 65-B (2) (c) talks about the computer not working properly, and that making the electronic evidence inadmissible in case the information is affected. The lack of such a section in case of email is problematic. Not making the evidence inadmissible when the email server is inaccessible can create problems in court. The problem of hacking or viruses destroying the emails has not been dealt with in India[4].

In Section 39, the onus is on the court to decide what part of the series of letters (emails) is necessary. This is not an equitable way, as both parties might separately have important information which supports their cause. In such a situation, it would be best to allow both parties to choose their relevant parts separately and then ask the court to look into the relevance of statements. This way, the court will not miss out on any revelation that might be made by the parties in either case, and will be able to meet the stated purpose of the section i.e. to grasp the full understanding of the nature and effect of the statement, and of the circumstances under which it was made.

Focus entirely on the computer and not on other media such as emails and chat which are not stored in the computer but on a server, which is not the computer in which the data is entered. The definition of computer may be extended to include server, as it is not necessarily the computer in which the entry is being made. But this has not been done. The term computer itself is not defined in Section 3 of the Evidence Act. This is a major loophole.

Further, nowadays, it is not only computers but also phones and Personal Digital Assistants (PDAs) which can send emails and perform functions as computers. Whether they can be considered to be computers is difficult to imagine, especially with the lack of any amendments whatsoever[5]. Further, no express reference to emails as such or other electronic media such as chat can be problematic, as criminals may be exempted purely on the basis of the fact that phones/PDAs dont fall into the ambit of computers. The Parliament Attack case[6] - State vs Navjot Sandhu @ Afsan Guru and Shaukat Hussain Guru vs State- had Justices Reddy and Naolekar recognizing cell phone messages as admissible evidence. That itself is laudable, as Sections 65-A and B were bought in to consider the electronic evidence, but whether this extends to emails sent from phones remains to be seen. Another approach that was taken by the court was to take the aid of the Information Technology Act 2000. SMSs were considered in the Shivani Bhatnagar case[7] for the first time to be electronic records as per Section 2 (t)[8] of the IT Act. However, this again is problematic for email, as electronic records do not necessarily have to mean electronic records that exist in a machine. Further, even Section 44 of the POTA Act has recently made electronic evidence admissible[9]

One approach that the court could take in this case is to not consider Section 65-B and other associated Sections is to consider email produced as real evidence. It involves not seeing what the computer produces but simply what is attained out of it to see whether or not there is evidence[10]]. This approach was seen in the case of R. vs Wood[11], in which the court said that the computer being used as a calculator could make it admissible. Similarly, a cellphone or PDA being used as a forwarding device as opposed to a creator of the email could be grounds for including it as evidence.

Another such case was Castle vs Cross[12], in which the prosecution sought to rely on a print-out of an automatic breath-testing device, which was considered to be a computer.

However, just because a particular email is admissible doesnt make it the best possible evidence. Gopal Subhramaniam stated in his submissions in the Parliament Attack case that admissibility and credibility are two distinct aspects, as pointed out by Mr. Gopal Subramanium. So, even if it is admitted doesnt automatically mean that it is considered as valid evidence. Material admitted must be relevant and must not be hearsay evidence as it is inadmissible in most cases in India. However, it may be repelled on grounds of the mail being more prejudicial to the cause of the defendant than probative in nature, in which case the value of the email as evidence will be severely dented[13]. It may also be called prejudicial if it releases too much personal information about the defendant without enough substantive evidence being seen[14]. There has been no litigation in India laying down the line between prejudicial and probative. In the UK however, that case of People vs Miller[15] laid down that email messages between a wife and a husband are not prejudicial merely because they are sexually explicit.

3

IMPROVMENTS FROM FORE IGN CASES The law in India needs to be more regimented in a number of ways. For instance, in the United States, the

standard for admissibility was well set for computer technology in civil litigation on the following grounds[16]: (1) Whether the evidence is relevant, material and competent; (2) Whether the evidence is best evidence; (3) Whether the evidence is hearsay/not hearsay; and (4) Whether or not the evidence is authentic. There has been a lot of litigation in deciding the authenticity of emails. In India, for the checking of the computer

and authenticating of any electronic evidence, the computer is usually sent to the National Informatics Center in Nagpur- a process which stalls litigation at the expense of distance, time, lack of expertise and overall cost[17]. As a result of this, documents, let alone emails are not properly authenticated. In the Forbes Patvolk[18] case, a Chennai Tax Tribunal rejected an email saying it was not signed by authority. In the Ridhi Sidhi Furniture case[19], an email was rejected on the grounds that the name of the sender of the email was blocked in copies supplied to the importer and the address of the person sending the quotation was not known as well.

Grounds of challenge of relevance have also been clearly defined in the United States in the case of Strauss vs Microsoft Corporation[20] as follows:

(a) Integrity of the data (b) Integrity of the hardware/software (c) Security of the system Though the court did not mention this, computer emails can be challenged on grounds of it being hearsay

evidence as well[21]. But such use in India has not yet been identified. Deletion of emails is another problem which the Indian Courts havent dealt with yet which has been seen abroad.

There is a possibility that the deletion of mails has not yet been noticed as well. It has been held that the remnants of a deleted email remain on the hard disk and the email account itself[22]. Sophisticated technologies do exist that could make recovery possible even when a computers hard disk has been formatted completely[23]. Hidden and deleted files were in fact recovered and admitted to the court in the Canadian case of Commonwealth vs Copenhefer[24]. However, that is not a hard and fast rule. Until such time as the majority of international software developers agree new protocols that enforce different rules, investigators and legal practitioners must accept that sometimes logs and audit trails are not kept, and that almost nothing in the email world can be taken for granted. There is no recognition in India of such problems. The British Standards Institution, in their 1999 Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically, have this to say with respect to audit trail data[25]:

When preparing information for use as evidence, it is often necessary to provide further supporting information. This information may include details such as date of storage of the information, details of the movement of information from medium to medium and evidence of the controlled operation of the system. These details are known as audit trail information. The audit trail as defined for the Code consists of the aggregate of the information necessary to provide a historical record of all significant events associated with stored information and the information management system.

Intent and knowledge is also specifically recognized abroad in case of emails. In the case of State vs Branbury[26], emails were recovered which stated that drug dealers did not want the police to find out about their drug trade. This was held as adequate evidence. A similar parallel has been seen in the yet undecided case of Binayak Sen[27].

No provision or recognition yet exists either in the Evidence Act or by the court about emails forming proof of evidence of character, as in S.140[28], as it only talks about a Witness to Character, and not Proof of Character. However, in the United States, there are express provisions talking about discovery of the character of a person through email. This is bound to face challenge in India on grounds of probative and prejudicial evidence[29][29]. There are three categories laid down abroad, which are as follows:

(1) Character of Accused (2) Character of alleged victim (3) Character of witness. CONCLUSION It is evident that email as evidence in India has not reached or been used to its full potential just yet. The

government and the courts have chosen to ignore the obvious possibilities that email offers as evidence and have elected to stick to the straight and narrow. Further, the amended sections of the Evidence Act are poorly worded and difficult to understand without muddling up their true intent and as a result, are difficult to interpret as well. The gulf between the legal and technical worlds needs to the bridged, as was done very well in the case of R. vs Rowe[30][30]. The evidence in India may be considered not adequate as the courts might find it too difficult to understand[31][31] due to the lack of competence of judges.

It is obvious that the sections of the Evidence Act need to be amended to properly include within their ambit all the possibilities that email offers as evidence such as its immortality as well as its potential as smoking gun evidence, which is something that is increasingly common for all computer based evidence[32][32]. As has been stressed by this paper, there is a huge problem in India regarding the very approach to electronic evidence, as the law relies more on the device producing the data than the data itself, which is hugely problematic with chat and email as they neednt exist in a computer but in the internet itself.

Even though computers are now an integral part of our lives, it appears that there is still a gulf between the legal and technical worlds that must be narrowed. All parties on the prosecution side from the police through to the judiciary

4

need to become more aware of the implications of electronic evidence especially email. Any forensic computer evidence offered by either side must take full account of the implications of email validity, its true source, destination and the myriad pathways between the two. More importantly, it must take into account the ease with which email can be use by both sides, and make the best use of the email itself to meet the ends of justice.

[1] This principle has been developed in English Law and has been used in a number of cases. R.vs Shephard, (1993) 96 Cr App R 345 HL. Also see Cf. Darby vs DPP. [2] Lincoln, ODonnel, Authenticating Email Discovery as Evidence, http://www.law.com/jsp/legaltechnology/pubArticleLT.jsp?id=1186736525985. [3] Bowles, Belfeild, Cooper, Datasec White Paper on the Evidential Aspects of Email, http://www.itsecurity.com/specs/email-security/. [4] Computers are not infallible. They often have bugs the phenomenon of a virus can affect a computer. Therefore, they must be seen as imperfect devices. R vs Minors and Harper, (1989) 90 Cr App R 102, 103-104. [5] The law of evidence must be adapted to the realities of contemporary business practice. Mainframe computers, minicomputers and microcomputers play a pervasive role in out society. R. vs Minors and Harpers, (1989) 90 Cr App R 102, 103-104. [6] State vs Afzal Guru 2005 INDLAW SC 1026 [7] Shivani Bhatnagar Case: A Timeline, http://www.ndtv.com/convergence/ndtv/story.aspx?id=NEWEN20080044298. [8] (t) electronic record means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated microfilm. [9] 44. Protection of information collected: (1) The contents of any wire, electronic or oral communication intercepted by any means authorised by this Chapter shall, as far as possible, be recorded on tape or wire or other comparable device and shall be done in such manner as to protect the recording from editing or other alterations. [10] Pg.697, Howard, Bagshaw and ors., Phipson on Evidence, 15th Edn. (2000). [11] R vs Wood (1982) 76 Cr App R 23. [12] Castle vs Cross (1984) WLR 1372 DC; Cf. Garner vs DPP (1989) Crim LR 583 DC. [13] Aruna Kumari. vs State of Andhra Pradesh, AIR 1988 SC 227. [14] 94th Report of the Law Commission of India 1983, http://lawcommissionofindia.nic.in/51-100/Report94.pdf. [15] People vs Miller 2003 WL 2146. [16] 71 Am. Jur. Trials 111. [17] Shefali Dash, Naina Pandita, NIC Services for Medical and Health Services in India, http://openmed.nic.in/736/01/apt04.pdf. [18] Michael Arkfeild, India-Email Inadmissible, http://arkfeld.blogs.com/ede/2004/08/india_email_ina.html. [19] Commissioner of Customs, Mumbai vs Ridhi Sidhi Furniture Fittings, 2002(144)ELT444(Tri-Mumbai). [20] Strauss vs Microsoft Corporation, 1995 WL 326492, at *3 (S.D.N.Y.). [21] Monotype Corp. PLC vs International Typeface Corp., 43 F. 3d 443 (9th Cir. 1994) [22] Mcneil, Kort, Discovery of Email & other Computerized Information, 31 Ariz. Atty. 31. [23] Goldstein, Electronic Mail: Computer messages present Knotty Issues of Discovery, New York LJ (Feb. 8, 1999). [24] Commonwealth vs Copenhefer, 587 A.2d 1353, 1356 (Pa. 1991) [25] Allen, Dyer, Galbraith, Mayon-White, Peggram, Shipman and Smith , Legal Admissibility and Evidential Weight of Information Stored Electronically, British Standards Institution (1999) (DISC PD 008), http://www.bsiglobal.com/Portfolio+of+Products+and+Services/Books+Guides/Doc+Management/pd0008.xalte [26] State v. Banbury, 2003-Ohio-5175 [27] PUCL Meeting with Chattisgarh CM, http://www.pucl.org/Topics/Human-rights/2007/sen-cm-meeting.html. [28] 140. Witness to character - Witnesses to character may be cross-examined and re-examined. [29] Supra note 11. [30] 12 C.C.C. (2d) 24 [31] Clive Walker, Crime, Criminal Justice and the Internet. 1st Ed. 1998, Sweet & Maxwell, London. [32] Desktop Clock of a computer was seen to be the recorder of the time of commission of the crime; People vs Hawkins 51 N. E. Rep. (N. Y.) 257.