Why hash value calculation at scene of offense is required?
With rapid rise in cyber crimes and vulnerability of data to tampering, integrity of the whole investigation can be questioned in courts through procedural limitations and related aspects. Thus, it becomes essential to have an unquestionable method of authentication at the disposal of law enforcement and calculation of hash function serves the purpose, efficiently.
The document aims to analyses the feasibility and multi-faceted utility of hash value calculation with regards to data integrity and admissibility in courts through application of Information Technology Act, 2000 and Indian Evidence Act, 1872.
As per section 85B of Indian Evidence Act, 1872, lack of alteration as well as authenticity and integrity of a secure electronic record can be presumed by law unless proven otherwise. Section 14 of IT Act, 2000 provides the definition of such secure electronic record while section 16 empowers the Govt. to prescribe security procedures for securing an electronic record. Since no procedure has been prescribed in pursuance of the said section, and on account of alternatives thereto, the existing best practice, i.e., using asymmetric crypto system and calculation of the hash function under section 3 of IT Act, 2000 can be said to be a reasonable security procedure.
Section 65 B (Indian Evidence Act, 1872): Admissibility of Electronic Records
(5) For the purposes of this section
(a) Information shall be taken to be supplied to a computer if it is supplied thereto in any appropriate form and whether it is so supplied directly or (with or without human intervention) by means of any appropriate equipment;
(b) A computer output shall be taken to have been produced by a computer whether it was produced by it directly or (with or without any human intervention) by other means of any appropriate equipment.
The main points that Digital Task Force makes here are:
a) Section 65B of Indian Evidence Act refer to the special provisions of the Act in respect of Electronic Documents. Though Section 65 is referring to “Secondary” documents in paper form, there is no such distinction made as to the electronic document.
b) There is no need to distinguish Primary and Secondary and all documents need to be interpreted by a human being which takes the form of a Section 65B certificate.
c) A “Hard disk” which may contain an electronic document also cannot be considered the “Primary Document” since it is only a “Container” and the real Electronic document is an expression in binary language which cannot be read by a human being and needs to be interpreted with the assistance of a binary reading device
d) Section 65B explains the conditions under which an electronic document can be considered as “Admissible” in a Court as a “Document” and it needs to be suitably confirmed for the Court to accept the document, which is often termed as “Section 65B certificate or Statement”
e) Section 65B refers to a process of producing a “Computer Output” of the electronic document which is the evidence to be admitted and such computer output can be either in the form of a “Print Out” or a “Copy”.
f) There is a “Process” by which the electronic document becomes the “Computer output” and Section 65B identifies this as the subject activity which needs to be conducted by a person having lawful control over the computer producing such output and that during the period of such production, the Computer should be working properly etc.
g) The focus of Section 65B is the activity of conversion of the electronic document residing inside a system which can be seen by an observer into a “Computer Output”.
h) The other clarifications contained in the Section 65B such as that the Computer Output could be produced by a combination of computers, acting in succession etc. as relating to dynamic creation of an electronic document from a data base and routing it through multiple devices onto a final visible form in the computer of the observer and thereafter its porting into a Printer.
It is very important that the legal fraternity and the Judiciary interprets the section properly. Any interpretation that only a “Server Administrator” can provide a certificate under Section 65B is considered incorrect. The server administrator can however provide the certificate but it is not mandatory. The Section 65B certifier is like a photographer who captures a photograph of an event and confirms the process of taking the photograph though he may not be aware of who is there in the picture and what they are doing. It is left to other “Experts” to interpret the “Content” and impute meaning as only a subject matter expert can do.