IT Law

The 21st century blessed mankind with internet .With internet mankind received an effective tool for communication and expression of ideas. Email was a particularly powerful one as it provided an instant variant to the posted mails .E-mail was one of the first uses of the Internet and is the most popular use. Soon after the dawn of email, its fast and proficient nature began to be used for many illegal purposes. Today even terrorist activities are planned over the internet, making this a means to ensure the scheduling and finishing of various criminal activities that may be planned.   

When the first cases came to courts all over the world in relation to criminal activities being conducted by terrorists, it was found that there were no existing laws that could deal with the issue of email being a source of evidence. Even if various terms that were used in the law were interpreted in the context of electronic evidence, admissibility remained an issue of concern. This article aims to look at the law relating to email as evidence in India, US, UK, and Canada and aims to point out any loopholes that may exist in the law as it exists currently.
In India the concept of e mail was not covered by any legislation for a long time. The courts had difficulty to make room for email (or any electronic evidence) into the scope and ambit of the existing evidentiary framework. To solve this, the InformationTechnology Act was passed in 2000 and certain definite changes were brought to the existing criminal justice framework related to electronic evidence . Specifically, certain sections of the Procedure codes were amended, as were certain provisions of the Indian Evidence Act.  
A number of amendments were made to the Evidence Act in 2000, these changes were made along with the passing of the Information Technology Act, 2000, which created an entirely new set of crimes in India known as cyber crimes. The provisions of the IT Act were to be bolstered by the Evidence Act. The changes made to the Evidence Act relevant in application to emails are as follows:  

(1)        Evidence: The definition of Documentary evidence was expanded to include electronic records.
(2)       Admission: was expanded to include admissions in form of electronic documents.
(3)       Addition of S.22-A: It was added to limit the relevance of oral admissions as to the contents of electronic records to when the genuineness of the electronic record is questioned.
(4)       Addition of S.65-A and S.65-B:  Section 65-A refers to the provisions of S.65-B for the proving of electronic records. Section 65-B talks about the admissibility of electronic records. The conditions for admissibility of information are as follows:
(1)        The computer was regularly used by a person having lawful control over the use of the computer.
(2)        The information required or derived was regularly fed into the computer in the ordinary course of the said activities.
(3)        The Computer was operating properly, or if not, the defect did not affect the electronic record or the accuracy of the contents.   
The section also goes on to assume that transactions in multiple computers can be considered to be from one computer for the purpose of investigation. Further, the computer output once taken out must be certified by a person occupying a responsible official position in relation to the managing of such electronic evidence[1].  
(5)        Section 85-B (a): This sub-section lays down the presumption that a court shall presume that a secure electronic record is secure since the time when it was first secured. 
(6)      Section 88-A: This is the only section that directly deals with emails as such. It states that the presumption that exists in the court is that an email first sent by the originator is presumed to be the same as the one that is received .The courts will not make any presumptions as to who sent the message.   
One problem that is there with the amended provisions is that there is emphasis on the computer and not the data that is retrieved from it. There is only one provision that deals directly with email or other media such as chat which are not stored on the computer of entry of data but on the server. 

The second major problem that exists is treating email as equivalent to ordinary mail.The lack of reference to email except in Section 88-A causes a number of problems. Sections 65-B (2) (a) says that a condition for admissibility is that the data was entered regularly. This may be accurate in the case of a plan being made on the computer, but sending the plan itself, which will constitute conclusive proof of conspiracy, does not require regular use or even use in the ordinary course of the said activities (as in 65-B (2) (b) or (d)).Section 65-B (2) (c) talks about the computer not working properly, and that making the electronic evidence inadmissible in case the information is affected. The lack of such a section in case of email is an issue of concern. In Section 39, the onus is on the court to decide what part of the series of letters (emails) is necessary. This is not an unbiased way, as both parties might separately have important information which supports their cause. In such a situation, it would be best to allow both parties to choose their relevant parts separately and then ask the court to look into the relevance of statements. 

In the Parliament Attack case[2], Justices Reddy and Naolekar recognized cell phone messages as admissible evidence. Another approach that was taken by the court was to take the aid of the Information Technology Act 2000. SMSs were considered in the Shivani Bhatnagar case[3] for the first time to be electronic records as per Section 2 (t)[4] of the IT Act. Section 44 of the POTA Act has recently made electronic evidence admissible[5].   
But because a particular email is admissible does not make it the best possible evidence. Gopal Subhramaniam stated in his submissions in the Parliament Attack case that admissibility and credibility are two distinct aspects, so, even if it is admitted it does not automatically mean that it is considered as valid evidence. Material admitted must be relevant and must not be hearsay evidence as it is inadmissible in most cases in India. However, it may be repelled on grounds of the mail being more prejudicial to the cause of the defendant than probative in nature, in which case the value of the email as evidence will be severely dented[6]. It may also be called prejudicial if it releases too much personal information about the defendant without enough substantive evidence being seen[7]

In India, for checking the computer and authenticating of any electronic evidence, the computer is usually sent to the National Informatics Center in Nagpur- a process which stalls litigation at the expense of distance, time, lack of expertise and overall cost[8]. As a result of this, documents, let alone emails are not properly authenticated.  In the Forbes Patvolk[9] case, a Chennai Tax Tribunal rejected an email saying it was not signed by authority. In the Ridhi Sidhi Furniture case[10], an email was rejected on the grounds that the name of the sender of the email was blocked in copies supplied to the importer and the address of the person sending the quotation was not known as well.   

Deletion of emails is another problem which the Indian Courts have not dealt with yet which has been seen abroad. There is a possibility that the deletion of mails has not yet been noticed as well.  It has been held that the remnants of a deleted email remain on the hard disk and the email account itself. No provision or recognition yet exists either in the Evidence Act or by the court about emails forming proof of evidence of character, as in S.140[11], as it only talks about a Witness to Character, and not Proof of Character
 It is evident that email as evidence in India has not reached or been used to its full potential as of now .The sections of the Evidence Act need to be amended to properly include within their ambit all the possibilities that email offers as evidence such as its immortality as well as its potential as smoking gun evidence, which is something that is increasingly common for all computer based evidence[12]

In United States, the standard for admissibility was well set for computer technology in civil litigation on the following grounds[13]:
(1)        Whether the evidence is relevant, material and competent;
(2)        Whether the evidence is best evidence;
(3)        Whether the evidence is hearsay/not hearsay; and
(4)        Whether or not the evidence is authentic.   
Grounds of challenge of relevance have also been clearly defined in the United States in the case of Strauss vs Microsoft Corporation[14] as follows:
(a)        Integrity of the data
(b)        Integrity of the hardware/software
(c)        Security of the system  
Courts in United States have applied the Federal Rules of Evidence to digital evidence. During this process the courts have observed that digital evidence is more voluminous, more difficult to destroy, easily modified, easily duplicated, potentially more expressive, and more readily available.

For an e mail to be admissibility its authenticity is to be proved before the court of law.As with any evidence, the proponent of digital evidence must lay the proper foundation. Courts largely concerned themselves with the reliability of such digital evidence. As such, early court decisions required that authentication called "for a more comprehensive foundation."[15] .As courts, like society, became more familiar with digital documents, they backed away from the higher standard. Courts have since held "computer data compilations… should be treated as any other record."[16]
The Federal Rules of Evidence rule 1001(3) states "if data are stored in a computer…, any printout or other output readable by sight, shown to reflect the data accurately, is an ‘original.’"In Aguimatang v. California State Lottery, the court gave near per se treatment to the admissibility of digital evidence stating "the computer printout does not violate the best evidence rule, because a computer printout is considered an ‘original.’"[17]
With regard to hearsay evidence ,Hearsay is a "statement, other than one made by the declarant while testifying at the trial… offered in evidence to prove the truth of the matter asserted." A declarant is a person. Therefore, courts have held that digital evidence is not hearsay when it is "the by-product of a machine operation which uses for its input ‘statements’ entered into the machine" and was "was generated solely by the electrical and mechanical operations of the computer and telephone equipment."[18] .Where the evidence is not offered to prove the truth of the statements, digital evidence is not hearsay.While a chatroom log may contain many out of court statements, which would otherwise be hearsay, they may be used for other purposes, including as a party admission[19].
Hearsay recognizes a number of exceptions. Proponents of digital evidence seek admission under the business records exception. In Monotype Corp. PLC v. International Typeface Corp, the plaintiffs relied on the business records exception to attempt to admit two e-mails as evidence that the defendants had infringed their copyright only to have it excluded by the court. The court noted that the e-mail was not created "in the regular course of the third party’s business."[20]
Even though computers are now an integral part of our lives, it appears that there is still a gulf between the legal and technical worlds that must be narrowed. All parties on the prosecution side to the judiciary need to become more aware of the implications of electronic evidence. Any forensic computer evidence offered by either side must take full account of the implications of email validity, its true source, destination and the myriad pathways between the two. More importantly, it must take into account the ease with which email can be use by both sides, and make the best use of the email itself to meet the ends of justice.   

[1] This principle has been developed in English Law and has been used in a number of cases.  R.vs Shephard, (1993) 96 Cr App R 345 HL. Also see Cf. Darby vs DPP
[2] State vs Afzal Guru 2005 INDLAW SC 1026
[4] (t)  electronic record means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated microfilm.
[5] Sec44. Protection of information collected: (1) The contents of any wire, electronic or oral communication intercepted by any means authorised by this Chapter shall, as far as possible, be recorded on tape or wire or other comparable device and shall be done in such manner as to protect the recording from editing or other alterations.
[6] Aruna Kumari. vs State of Andhra Pradesh, AIR 1988 SC 227.
[7] 94th Report of the Law Commission of India 1983,
[8] Shefali Dash, Naina Pandita, NIC Services for Medical and Health Services in India,
[9] Michael Arkfeild, India-Email Inadmissible,
[10] Commissioner of Customs, Mumbai vs Ridhi Sidhi Furniture Fittings, 2002(144)ELT444(Tri-Mumbai).

[11] 140. Witness to character - Witnesses to character may be cross-examined and re-examined
[12] Desktop Clock of a computer was seen to be the recorder of the time of commission of the crime; People vs Hawkins 51 N. E. Rep. (N. Y.) 257.
[13] 71 Am. Jur. Trials 111
[14] Strauss vs Microsoft Corporation, 1995 WL 326492, at *3 (S.D.N.Y.).

[15] US v. Scholle, 553 F.2d 1109 (8th Cir. 1976).
[16] US v. Vela, 673 F.2d 86, 90 (5th Cir. 1982)
[17] 234 Cal. App. 3d 769, 798.
[18] State v. Armstead, 432 So.2d 837, 839 (La. 1983).

[19] US v. Simpson, 152 F.3s 1241 (10th Cir. 1998).
[20] 43 F.3d 443 (9th Cir. 1994).