ABSTRACT
The growing reliance on digital transactions and records has underscored the need for robust methods to authenticate electronic evidence within India’s legal framework. This paper critically analyzes the role of asymmetric cryptosystems and hash functions in verifying the authenticity and integrity of electronic records, focusing on their implementation under Section 65B of the Indian Evidence Act, 1872. Asymmetric cryptography, through digital signatures, and hash functions provide essential safeguards against tampering by ensuring data origin and integrity. However, the study reveals significant challenges in their practical application, including technical vulnerabilities, inconsistent judicial interpretations of certification requirements, regulatory ambiguity, and limited technical expertise within the judiciary. Landmark judgments such as Anvar P.V. v. P.K. Basheer and Arjun PanditraoKhotkar v. Kailash KushanraoGorantyal illustrate the evolving but inconsistent application of cryptographic authentication in Indian courts. Furthermore, the paper highlights operational and economic barriers that hinder widespread adoption among smaller entities. To address these challenges, the study proposes a hybrid approach combining blockchain with traditional cryptography, clearer guidelines for Section 65B certification, judicial training on cryptographic methods, and cost-effective solutions for small businesses and individuals. The analysis concludes that while asymmetric cryptosystems and hash functions are vital for digital evidence, aligning technological measures with consistent legal standards and improved technical understanding is essential to ensure the reliable and uniform admissibility of electronic records, thereby strengthening trust in India’s digital legal ecosystem.
INTRODUCTION
The digitalization of information and transactions has transformed the way evidence is managed, stored, and authenticated, making the verification of electronic records crucial under Indian Evidence Law. [1]The inherent risk of electronic records being modified or tampered with requires robust mechanisms to establish their authenticity in legal settings. Recognizing this need, India introduced significant changes to its legal framework through the Information Technology Act, 2000, which amended the Indian Evidence Act, 1872. These amendments included the addition of Section 65B, setting forth specific conditions that electronic records must satisfy to be considered admissible evidence in court.
Under Section 65B, electronic records can only be deemed admissible if they meet certain procedural requirements. This provision aims to ensure that digital evidence presented in court has not been altered, thus safeguarding its integrity. However, merely meeting the requirements of Section 65B does not guarantee that an electronic record is authentic; it merely enables it to be considered. For authenticating such records, courts rely heavily on digital signatures and data integrity mechanisms provided by cryptographic technologies.
Asymmetric cryptography, also known as public-key cryptography, plays a pivotal role in this authentication process. By using a pair of keys—public and private—a sender can create a digital signature that allows the receiver to verify the origin and integrity of the message or document. This digital signature, recognized under Indian law, provides a method for validating the authenticity of the electronic record and is an essential component of ensuring that the document remains unchanged.
Hash functions complement this process by creating a unique “digital fingerprint” for a document or piece of data. Even the slightest alteration in the electronic record changes the hash, making it an effective tool for verifying data integrity. Together, digital signatures and hash functions establish a framework for maintaining and verifying the authenticity of electronic records.
Despite the clear advantages of these cryptographic methods, several challenges affect their implementation in India.[2] These include the technical complexity of setting up and maintaining secure cryptographic systems, the varied understanding and application of Section 65B across different judicial rulings, and compliance issues among individuals and organizations. Courts have, on occasion, differed in their interpretation of what qualifies as a valid electronic record under Section 65B, adding further uncertainty.
This paper examines these challenges to electronic record admissibility in India and discusses potential advancements that could enhance the robustness and reliability of electronic evidence authentication, thereby strengthening the legal framework surrounding digital evidence in the Indian judiciary.[3]
[1]S. Sundaram, Information Technology Act, 2000: A Comprehensive Guide, 3rd ed. (Bharati Law House, 2015)
[2]TechCrunch India, “Understanding Digital Signatures and Their Legal Implications,” TechCrunch India (2024), https://techcrunch.com/india/digital-signatures.
[3]R. Chakraborty, “Electronic Evidence and Admissibility in Indian Courts: Challenges and Remedies,” Journal of Information Technology and Law, 12(2), 113-129 (2020), at 120.