1

NATIONAL LAW SCHOOL OF INDIA UNIVERSITY

BANGALORE

PROJECT ON

“ELECTRONIC EVIDENCE”

SUBJECT: E-commerce & IT law

TRIMESTER-IV

2013-14

UNDER THE SUPERVISION OF

Prof. S.B.N. Prakash

National Law School of India University, Bangalore

SUBMITTED BY:-Ronak Karanpuria

LL.M. (Business Law)

Student ID No.: 534

2

Acknowledgement

I express my deep sense of obligation and gratitude to Prof. S.B.N.Prakash, National Law

School of India University, Bangalore, for his invaluable guidance and persistent

encouragement in the preparation of this project work.

I am deeply indebted to all the Indian and foreign writers and judges whose writings and

decisions have been duly cited in this work and have given me inspiration and light during

preparation of this work.

3

RESEARCH METHODOLOGY

Aim and Objective

The Aim of the research paper is to determine the scope of “Electronic Evidence” w.r.t.

modern digital environment.

Research Question

The researcher will address electronic evidence in context with its relevance,

authenticity, hearsay, originality or duplicate documentation, and unfair

prejudice about its admissibility in normal court procedure.

Research Methodology

In this paper the researcher has primarily used descriptive and analytical methodology

of research. The researcher mainly relied upon the secondary sources which include

books, Reports, Journal, magazines, online articles and legal databases.

Scope

The scope of this paper is to find out the legal aspects of electronic evidence

Limitation.

The field study would have been desirable but due to paucity of time this paper is

limited only to the theoretical aspect of electronic evidence which have been gathered

from various sources including books, articles, and journals.

Sources

In this paper various secondary source have used by the research student in the form of

books, article from various journals and also internet sources have been used.

Mode of Citation

A Uniform mode of citation is followed throughout this paper.

4

TABLE OF CONTENT

S.NO. PARTICULARS PAGE NO.

1 INTRODUCTION 5

2 TYPES OF ELECTRONIC EVIDENCE 6

3 ASSESSING ELECTRONIC EVIDENCE 7

4 TECHNO-LEGAL PREREQUISITES FOR ELECTRONIC EVIDENCE A. Recognition Of Electronic Record B. Recognition Of Digital Signature C. Retention Of Electronic Record

9

4 ELECTRONIC EVIDENCE : ADMISSIBILITY 12

5 CLOUD COMPUTING 17

6 CONCLUSION 19

7 BIBLIOGRAPHY 20

5

Introduction

The court proceedings and the judicial system is based on the facts and the evidence

as produced before courts. Even in the era of kings and rulers, when any matter laid

before them each party were insisted to have proceed with facts and evidence they

have to prove their allegations or strategy. Same analogy has been adopted by

Panchayats & courts although with care and caution due to high technological

advancement, with this aspects one has to see the rights of individual, rights of victim,

admissibility of evidence and to support & strengthen the coordination and

cooperation between investigating and prosecution and to prevent miscarriage of

justice. However, with the advent of new technologies, regulatory agencies are

increasingly harnessing the power of digital technologies to meet the informational

demands of rulemaking and to expand public involvement in policymaking.

Governments are increasingly adopting technological means, shifting from walls to

webs.1

With the advancement, evidence although primarily of two types: oral &

documentary with a new form annexed i.e. electronic evidence, court & lawyers has

to adhere caution while dealing with electronic evidence2 due to the intricacy &

technicality involved, which needed a experts to determine the correctness of data.

While the admissibility of electronic evidence is big issue before courts.

With globalisation & internet age, people are sharing resources, google, facebook, to

kindle and different business gadgets etc. knowledge and data are the key business

assets, to be developed and protected and transaction in seconds from one place to

another where everything on paper is not possible, with technology data security is a

crucial issue, electronic data flows from one part of the world to another i.e. cross

borders, passing different law jurisdiction involving different internet and privacy

1 Thomas Friedman, The Lexus & The Olive Tree: Understanding Globalization 39-58 (1999) 2 As a general rule, "electronic evidence" can be any information created or stored in digital form whenever a computer is used to accomplish a task. As this broad definition suggests, electronic evidence may exist whenever a person enters information into a computer, a computer generates information in response to a request by an operator, or a computer uses or processes information. Electronic evidence, therefore, may include information databases, operating systems, applications programs, "computer-generated models", electronic and voice mail messages and records, and other information or "instructions residing in computer memory.

6

issues, it is necessary to have proper inquiry and understanding of technology and

also proper law to keep in check of the crimes committed by this technology.

Type of Electronic evidence

As a general rule, "electronic evidence" can be any information created or stored in

digital form whenever a computer is used to accomplish a task Forms of electronic

evidence3. Email, Word processor, Electronic Spreadsheet files, Relational database

(record) file, Software source code, Various image files (.tiff, .jpeg), Web browser

bookmarks / cookies / cache Memory, Calendar; to-do-list, contact list, Voice mail.

Electronic evidence is a burning issue mainly due to the high-value fraud, industrial

espionage, defamation, theft of intellectual property, software counterfeiting and

piracy, disputes over software ownership, regulatory disputes, solicitors’ disciplinary

proceedings, and global computer misuse, and phishing, theft of trade secrets,

defamation and state corruption. Then in case, whether an electronic transaction has

taken place or an event within cyberspace has occurred is to be known or alternatively,

can you prove that they cannot have happened? A critical feature of the vast majority

of computer systems is the ability to produce evidence. Computer or electronic

devices has been common place of court battle for electronic evidence.4 People

routinely use computers, particularly e-mail, to send draft, informal, or "uncensored"

messages they would never "put in writing." As a result, computerized records often

contain insights into "corporate knowledge and behavior" and "off-the-cuff' remarks

that people would never record on paper. Such remarks are often damaging in

litigation.5

Where litigation or criminal prosecution is in prospect there is a further requirement

on those who run or own computers: the need to identify and preserve digital material

3 See, e.g., Susan E. Davis, Elementary Discovery, My Dear Watson, CAL. LAW., Mar. 1996, at 53, 53 (discussing different forms of electronic evidence); 4 Bills v. Kennecott Corp., 108 F.R.D. 459, 462 (D. Utah 1985). 5 See, e.g., Anthony J. Dreyer, Note, When The Postman Beeps Twice: The Admissibility of Electronic Mail Under The Business Records Exception of The Federal Rules of Evidence, 64 FORDHAM L. REV. 2285, 2289 (1996)

7

which the legal system says should be disclosed to opponents in civil litigation and to

defendants accused of crimes.

An important question raised is why evidence required at all, mainly due to wide

range of commercial activities going on around the world, for example in disputed

transactions, in allegations of employee misbehaviour, to show compliance with legal

and regulatory rules, to avoid charges of negligence or breach of contract, to assist law

enforcement in criminal and anti-terrorist investigations, to meet disclosure

requirements in civil claims, to support insurance claims after a loss.

Due to the fact that electronic evidence or mainly digital evidence is highly volatile

and easily compromised by poor handling, chances of success in litigation heavily

depends on the weight of the evidence supported by relevant facts.

Effective combating of cybercrimes requires prompt discovery, safe custody and

present in acceptable form in a court, as the number of criminals uses computers,

laptops, network servers and cellular phones in commission of their crimes is

increasing alarmingly.

Assessing Electronic Evidence

Electronic evidence is mainly information or data of investigative value that is stored

on or transmitted by an electronic device6.

According to Black's law dictionary, evidence is "any species of proof, or probative matter,

legally presented at the trial of an issue, by the act of parties and through the medium of

witnesses, records, documents, exhibits, concrete objects, etc. for the purpose of inducing belief

in the minds of the court or jury as their contention."

As a general rule, "electronic evidence" can be any information created or stored in digital

form that is relevant to a case. This includes, but is not limited to, emails, text documents,

spreadsheets, images and graphics, database files, deleted files, and data back-ups. Electronic

evidence may be located on floppy disks, zip disks, hard drives, tape drives, CD-ROMs or

DVDs, as well as portable electronic devices such as PDAs and cellular phones.7

6 http://www.nij.gov/topics/forensics/evidence/digital/digital-glossary.htm 7 http://www.setecinvestigations.com/resources/faqs.php

8

Electronic evidence in criminal and civil proceedings is problematic, any contract

which is concluded by affixing electronic signatures is electronic agreement8 and

admissible9 in court but presumption10 regarding person cannot be setout. Mindful of

emerging new technologies, it is essential to consider the nature and some of the

special characteristics of electronic evidence that raise legitimate concerns about its

accuracy and authenticity. Now that formal conditions to the admissibility of

electronic evidence have been removed11, the increasing complexity and

sophistication of rapidly-developing technology necessitates a shift from concerns

about exclusion and admissibility subject to overly-technical requirements towards a

more precise focus on issues relevant to establishing authenticity and suitable weight

for the evidence which it generates.

The main characteristic of electronic record12 it about its intangibility and which raise

concerns about the accuracy and authenticity, where transient nature of data, difficult

to store, copy, create and easy to manipulate and easy to be modified and tampered

raise several issues in court about its veracity and even slightest distortion can create

problem in investigation and extremely vulnerable to claims, errors and fabrication.

8 Section 84A of the Evidence Act provides for the presumption that a contract has been concluded where the parties' digital signatures are affixed to an electronic record that purports to be an agreement 9 Section 85B of the Evidence Act provides that where a security procedure has been applied to an electronic record at a specific time, the record is deemed to be a secure electronic record from such time until the time of verification. Unless the contrary is proved, the court is to presume that a secure electronic record has not been altered since obtaining secure status. The provisions relating to a secure digital signature are set out in Section 15 of the IT Act. A secure digital signature is a digital signature which, by application of a security procedure agreed by the parties at the time that it was affixed, is: • unique to the subscriber affixing it; • capable of identifying such subscriber; and • created by a means under the exclusive control of the subscriber and linked to the electronic record to which it relates in such a manner that if the electronic record as altered, the digital signature would be invalidated. 10 Under the provisions of Section 88A, it is presumed that an electronic message forwarded by a sender through an electronic mail server to an addressee corresponds with the message fed into the sender's computer for transmission. However, there is no presumption regarding the person who sent the message. This provision presumes only the authenticity of the electronic message and not the sender of the message. 11 Section 65-A, 65-B (Admissibility of Electronic Records) 12 "electronic record" means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche

9

Techno-Legal Prerequisites for Electronic Evidence

A. Recognition of Electronic Records

The purpose of the various electronic commerce statutes can briefly be stated as

creating legal recognition for electronic records, electronic signatures, and electronic

contracts and ensuring that the medium in which a record, signature, or contract is

created, presented or retained does not affect its legal significance.13 Section 4 sets

forth the fundamental premise of the ITA, namely that the medium in which a record,

signature, or contract is created, presented or retained does not affect its legal

significance because the substantive law governing the underlying transaction may

require non-electronic records or signatures. The section achieves its purposes by

simply overriding the substantive law on these requirements. The aforementioned

section contains two prerequisites before legal recognition may be imparted to

electronic records. These prerequisites are: (a) rendered or made available in an

electronic form, and (b) accessible to be used for a subsequent reference. The first

requirement is fulfilled when the electronic record is within the meaning of section

2(1)(r) of the ITA. The second requirement is satisfied when the record is catalogued

or made available. The rationale behind the second requirement is that electronic data

is intangible and by its very nature transient, thus it is expedient to require it to be

available for future reference. The aforementioned section is in pari materia with a

provision of the Uniform Electronic Transactions Act14. It simply mandates that courts

recognize the legitimacy of electronic signatures when considering whether the

requirement of a signed writing has been met. In the case of Orissa Consumers

Association v. Orissa Electricity Regulatory Commission15, the Orissa High Court

considered the legal recognition of records as per the ITA and stated that the

requirements of publication contained in the Orissa Electricity Regulatory

Commission (Terms and Conditions for Determination of Tariff for Retail Sale of

Electricity) Regulations, The court noted that the publication of the draft Regulations

13 Henry D. Gabriel, The Fear Of The Unknown: The Need To Provide Special Procedural Protections In International Electronic Commerce, 50 LoY. L. REv. 307, 310 (2004). 14 Uniform Electronic Transactions Act Section 7 (Nat'l Conference of Comm'rs on Unif. State Laws 1999) (U.S.) [hereinafter UETA]. 15 AIR 2005 Ori 11

10

by putting the same in the website of the Commission would be a publication of the

draft Regulations within the meaning of Section 23 of the Central General Clauses Act,

1897.

B. Recognition Of Digital Signatures

Section 5 chooses a technology-based approach promoting a highly regulatory and

prescriptive standard, granting functional equivalence only to digital signatures.

Section 5 applies the same principle as adopted by the preceding section, granting

legal recognition to digital signatures where statutes require when any matter or

document requires authentication by affixing a signature. The explanation to the

section couches the term "signature” in a plenary context, including its grammatical

and cognate expressions. The prerequisites which must be satisfied for the application

of the section are: (a) a law should require that information, matter or document shall

be signed or bear the signature of a person, (b) a digital signature is affixed in place of

such signature, and (c) the digital signature is affixed in a manner prescribed by the

central government. Take the illustration of the Bureau of Indian Standards Act,

198616, which provides that the authentication of orders and other instruments

issued by the Bureau shall be authenticated by the signature of such officer or officers

as may be authorised by the Bureau in this behalf Thus if the Bureau decides to affix

a digital signature to its orders the mere factum that the statute from which it derives

its power does not expressly provide for affixing a digital signature will not impart

any defect to its orders. The draft amendments17, with the objective of technological

neutrality, suggest substituting the term "digital" with "electronic". The amendments

also make provisions to ensure that the electronic signature affixed is reliable. There

is a proposition to add another sub-section, which prescribes the minimum standards

of reliability. The proposed standards are: (a) the electronic data in relation to which

the Electronic Signature is affixed is linked to the signatory and to no others, (b) the

Electronic Signature creation code given is unique to the signatory, and (c) any

16 The Bureau of Indian Standards Act, ch. VII, §36 (1986) (India) available at http://www.bis.org.in/bs/bisact.htm 17 Expert Committee on Review of the IT Act 2000, Report of the Expert Committee: Full Text (Proposed Aug. 29, 2005), available at http://www.mit.gov.in/itact2OOO/ITAct.doc [hereinafter Proposed Amendments to IT Act 2000].

11

alteration to the Electronic Signature or to the electronic data in relation to which the

signature is affixed made after the time of signing is detectable. The comments to this

sub-section specify that they are being added to define the reliability of Electronic

Signatures and to allow only those technologies which conform to those conditions

in line with UNICITRAL Model Law of Electronic Commerce.

C. Retention Of Electronic Records

A record is any documentary material, regardless of physical form, that has the

following three characteristics: (a) it is generated or received by [an entity] in

connection with transacting its business or is related to its legal obligations, (b) it is

retained for any period of time, and (c) necessary to be preserved as legal evidence of

the [entity]'s activities or as historical reference18. Records retention is unconcerned

with the genesis of records, but takes up matters after creation. Records retention

principally concerns the retention period: that is, the duration of a record's life.19

Records retention has various objectives which include: (a) maintaining an

institutional policy memory, (b) enhancing the body of knowledge in a factual and

scientific sense, (c) maintaining official records for possible use as evidence in legal

proceedings, (d) promoting efficiency and effectiveness of agency operations, and (d)

increasing the return on investment from information in government records which

has long-term value.20 Governments and business are increasingly relying upon

electronic records. One of the benefits of electronic records is that archiving them is

much more economical than paper. A minimum standard of records retention is

especially important with respect to electronic data since its being intangible

renders it highly susceptible to a partial or complete loss of accessibility, integrity

or/and identification. For example, if data is stored on a Compact Disk Read Only

Memory (CDROM) the reliability and storage life expectancy of the storage media is

secure for at least three to five years, with some estimates reaching as high as twenty

18 PHYLLIS M. LYBARGER, RECORDS RETENTION SCHEDULING 1 (1980). 19 Richard J. Peltz, Arkansas's Public Records Retention Program: Finding The FOIA S Absent Partner, 28 U. ARK. LITTLE ROCK L. REV. 175, 180 (2006). 20 Henry H. Perritt, Jr., Electronic Records Management & Archives, 53 U. PITT. L. REv. 963, 965 (1992).

12

years. Thus it becomes expedient to have minimum policy standards for the retention

of electronic records. The ITA under section 7 sets forth the basic rules regarding the

retention of electronic records. It applies to the retention of records that originally exist

in electronic form, as well as to the electronic retention of records that originally exist

in paper form or on other tangible media.

The section does not prescribe for any specified period for retention of an electronic

record but provides minimum standards for records retention "when any law

provides that documents, records or information shall be retained for any specific

period". These minimum standards are contained in section 7(1) and relate to:

1. Accessibility - Records retention in archives is ineffective unless the archived

records can be accessed. The technical issues with legal implications relating to

accessibility include ease of alteration and physical deterioration. Thus section 7(1)(a)

provides for making records, "accessible so as to be usable for a subsequent reference".

2. Format Integrity -The integrity of the format in which the information was

originally generated is important because changes in format can affect the material

characteristics of the record. With several versions of software available for

performing the same task, section 7(1)(b) prescribes that, even if there is a change in

format, the electronic record shall be "in a format which can be demonstrated to

represent accurately the information originally generated, sent or received".

3. Identification - It is imperative that any form of record retention must enable

identification. Thus section 7(1)(c) provides for, "the details which will facilitate the

identification of the origin, destination, date and time of dispatch or receipt of such

electronic record are available in the electronic record."

Electronic Evidence: Admissibility

The issue to be addressed is “Relevance”, “authenticity”, “hearsay”, “original or

“duplicate”, “unfair prejudice” in context with electronic stored information (ESI). In

Lorraine21 has been heralded as "an excellent guide to an important aspect of the care

that may be or become necessary when parties attempt to offer electronic information

21 Lorraine v. Markel, 241 F.R.D. 534, 537-38 (D. Md. 2007)

13

into evidence." The case exposes the less-than-acceptable standard of care that at least

part of the legal community is exercising concerning the admission of electronic

evidence. The question in the case was that the parties wanted the court to answer was

whether the arbitrator exceeded his authority by awarding less than the full amount

of a potentially “all or nothing” arbitration agreement, as the parties had negotiated

by e-mail. The court, however, dismissed each party's motions and refused to answer

this question because both parties failed to authenticate as electronic evidence the e-

mail they submitted with their motions. The Lorraine court first delineated the basic

rules for the admissibility of all types of electronic evidence, explaining that the

evidence must be: 1) relevant; (2) authenticated; (3) allowable under the hearsay

rules; (4) allowable under the original writing (best evidence) rule; and (5) the

probative value of such evidence cannot be outweighed by any unfair prejudice. The

admissibility issues are important to be analysed to understand the scope of electronic

evidence as Relevancy refers to when one fact is said to be relevant to another when

one is connected to another in such a way which has a direct bearing on the fact in

issue in terms of proved or disproved facts of the case in any of the way as provided

in sec-5-55 of evidence act. Relevant thing or fact make the tendency of other things

either so probable or less probable, however question whether evidence is sufficient

to prove a point is different. In case of electronic evidence, material are of high

quantity, gathering lot of information & to set the relevancy about existence or non-

existence of other data, either occur in same transaction or other, what the cause or

effect of other data, facts or information which are necessary to explain other data

which are difficult in case of information gathering of electronic data.

For example: Mr X. is a business man owing mobile which is password protect, get an

email during business transaction, which he replied about not performing the contract

but email was hacked or lost due to any error, while other party uninformed believes

and continue with the terms of contract. In this case other party filed a suit for

compensation for performing their part of contract, but in the court Mr X. submit their

documents related to electronic transaction, in further inquiry they come to know that

email was lost, such information may be relevant, however if the email was lost it is

difficult to track and evidence gathering is impossible.

14

Electronic records are extremely susceptible to tampering, hiding, or destruction,

images, soft copies, or other documents can be hidden, people with criminal mentality

or try to conceal, sometimes change the extension of files, power failure of system is

the main cause of loss of data, even in case of malicious attack, virus, malware etc.

multiple copies are created and slow down the process. However, with new

hardware/software application, data operated in different form where they cannot be

read, understood or used with the risk of alteration and manipulation.

What happen in case of someone accidently click some sites or links or popups etc. in

that case also your IP address get tracked and in such case prosecution has evidence

to prove that you tracked or clicked on that website, however in rebut one can always

say that there is no evidence that he was using that computer but that depends on case

to case. However representation of data is also an issue, where software convert set of

data into logical form and constructs them in a format that appears to indicate the file

is a complete entity. The file does not exist as it claims to exist on the screen and, in

the same way, the individual components of the ‘file’ are not guaranteed to be

preserved in the manner that will enable the file to be reconstructed over time.22

However electronic data operating in computer even if misplaced, deleted or

corrupted, at least its information embedded in the text or properties in the form of

metadata which may reveal details like title of documents, date of its creation,

location, any changes in the documents etc. are saved in the computer by which

analyst can found the relevancy of documents. Metadata associated with computer

programs, software’s etc. are an important source for authentication but due to fast

changing technology where such information can be embedded easily, court simply

cannot reply on the metadata for such relevancy and it is necessary on the counsel to

use different means to establish the facts.

Best evidence rule here the expression best is used in relative context, deals with the

nature or character of particular evidence, which is considered for the purpose of

arriving at rational conclusion.

Authentication refers to establishing facts like testimony of witness, expert witness

with specimens report, distinctive characteristic like appearance, content, substance,

22 www.justice.gov.za/salrc/ipapers/ip27_pr126_2010.pdf pg 25

15

pattern, public records, self-authentication where electronic document carrying

electronic or digital signature. In "Spy v. Spy" a woman who lost custody of her

children in part because of some horrifying e-mails she supposedly sent to her

husband. She denied sending the e-mails. A forensics exam of the ex-husband’s

computer revealed the test message he had set up to “spoof" his ex-wife by inserting

her address as the sender in e-mails that he was actually writing and sending to

himself. After receiving evidence of the husband's fraud on the court, the judge

awarded custody to the mother. This shows authentication of email or electronic

evidence is not possible i.e. who has actually send those email, at least identification

of device is possible.

Admissibility refers to any proposed facts which is admissible in the court of law, sec-

136 evidence act empowers judges to decide as to the admissibility of evidence

produced before them. In US, courts have indicated that computer records generally

be admitted as business records if they were kept pursuant to a routine procedure for

motives that tend to assure their accuracy23. The second rule of evidence of computer

records is based on the assumption that they are hearsay evidence24 that when a

computer record contains assertions of a person, whether or not processed by a

computer and is present before the court to prove the matter of fact, then such a record

is hearsay evidence. There are many log files generate by computer and there are not

mere hearsay but concrete evidence of a process or a situation.25 It is necessary to

define minimum standard for admitting and authenticating electronic evidence.

23 United states v. Salgado, 250 F.3d 438, 452 (6th Circuit 2001) 24 In R. v. Mapara (2005), 251 D.L.R. (4th) 385 at para. 15, [2005] I S.C.R. 358. 349 W.A.C. I. 2009] , the Supreme Court further discussed the principled approach: The principled approach to the admission of hearsay evidence which has emerged in this Court over the past two decades attempts to introduce a measure of flexibility into the hearsay rule to avoid these negative outcomes. Based on the Starr decision, the following framework emerges for considering the admissibility of hearsay evidence: (a) Hearsay evidence is presumptively inadmissible unless it falls under an exception to the hearsay rule. The traditional exceptions to the hearsay rule remain presumptively in place. (b) A hearsay exception can be challenged to determine whether it is supported by indicia of necessity and reliability, required by the principled approach. The exception can be modified as necessary to bring it into compliance. (c) In "rare cases", evidence falling within an existing exception may be excluded because the indicia of necessity and reliability are lacking in the particular circumstances of the case. (d) If hearsay evidence does not fall under a hearsay exception, it may still be admitted if indicia of reliability and necessity are established on a voir dire. 25 People v. Holowko, 486 N.E. 2d 877, 878-79

16

Judicial decision is varied and mostly depend on case to case basis. In Daubert v.

Merrell Dow Pharmaceuticals, Inc.26 decision describes a four-pronged test to determine

whether science-derived evidence is admissible in U.S. Federal Court. The Daubert

test applies to any scientific procedure used to prepare or uncover evidence and

comprises the following four factors (Daubert, 1993):

• Testing: Can and has the scientific procedure been independently tested?

• Publication: Has the scientific procedure been published and subject to peer review?

• Error rate: Is there a known error rate, or potential to know the error rate, associated

with the use of this scientific procedure?

• Acceptance: Is the scientific procedure generally accepted by the relevant scientific

community?

In St. Luke’s Cataract & Laser Institute, P.A. v. Sanderson27, where the proponent failed

to authenticate printouts of websites obtained from Internet Archive because affiants

lacked personal knowledge of contents of Internet Archive’s website and process, and

in Sun Protection Factory, Inc. v. Tender Corp.28, where the proponent failed to

authenticate printouts of websites because affiant’s statements were hearsay and

websites are not self-authenticating. In Telewizja Polska USA, Inc. v. EchoStar Satellite

Corp.29, in which the Court admitted a website obtained from an Internet Archive

based on affidavit from administrative director for Internet Archive. In State of

Maharashtra v Dr Praful B Desai30 involved the question of whether a witness can be

examined by means of a video conference. The Supreme Court observed that video

conferencing is an advancement of science and technology which permits seeing,

hearing and talking with someone who is not physically present with the same facility

and ease as if they were physically present. The legal requirement for the presence of

the witness does not mean actual physical presence. The court allowed the

examination of a witness through video conferencing and concluded that there is no

reason why the examination of a witness by video conferencing should not be an

essential part of electronic evidence. Admissibility of intercepted telephone calls is

26 509 U.S. 579 (1993) 27 2006 WL 1320242, at *2 (M.D. Fla. 2006) 28 2005 WL 2484710, at *6 (M.D. Fla. 2005) 29 2004 WL 2367740 (N.D. Ill. 2004) 30 AIR 2003 SC 2053

17

another issue which court held that if witness is acquainted with the technology then

such a fact is a relevant fact & it is admissible.31

Unfair prejudice, another issue a matter of concern, what if the data is the hand of an

advocate or professional in the professional capacity where data extraction is difficult

due to privileges32 or it may subject to data protection where no professional be

obliged at any time be permitted unless with his client's express consent to disclose

any communication made to him in the course and for the purpose of his employment

as such as attorney , by or on behalf of his client, or to state the contents or condition

of any document with which he has become acquainted in the course and for

the purpose of his professional employment or to disclose any advice given

by him to his client in the course and for the purpose of such employment.

Such privilege communication if any taken place in electronic form, such material

many be relevant to the fact in issue but is inadmissible in the court.

Cloud Computing

With the advent of new and advanced technology, it become difficult for legal system

to recognise the legal issues involved in accessing such technology. Cloud computing

as the name suggest any service provided online and operated by a third party" or

"services that are controlled by third-parties and accessed over the Internet." That

means everything from webmail (Hotmail, Gmail etc.) to online data storage to

software as a service (SaaS), e.g. Salesforce.com33. There are several legal issues

31 State (NCT of Delhi) v Navjot Sandhu AIR 2005 SC 3820 was an appeal against conviction following the attack on Parliament on December 13 2001, in which five heavily armed persons entered the Parliament House Complex and killed nine people, including eight security personnel and one gardener, and injured 16 people, including 13 security men. This case dealt with the proof and admissibility of mobile telephone call records. While considering the appeal against the accused for attacking Parliament, a submission was made on behalf of the accused that no reliance could be placed on the mobile telephone call records, because the prosecution had failed to produce the relevant certificate under Section 65B(4) of the Evidence Act. The Supreme Court concluded that a cross-examination of the competent witness acquainted with the functioning of the computer during the relevant time and the manner in which the printouts of the call records were taken was sufficient to prove the call records 32 Sec – 126, 127, 128 Evidence act, 1872 : Professional communication 33 http://www.infolawgroup.com/2010/10/articles/breach-notice/legal-implications-of-cloud-computing-part-five-ethics-or-why-all-lawyers-not-just-technogeek-lawyers-like-me-should-care-about-data-security

18

involved in cloud computing service like who owns the data that is collected,

generated & processed by the service, legal requirement for encrypted data,

jurisdictional problem as service may be provided cross border, consumer rights, what

might be the essential disclosure, in relation to admissibility in court how court might

interpret the criteria of standard disclosure, about the integrity & completeness of

documents be proved. As multiple layers of data34 are generated which are managed

by cloud provider & such electronic stored information may not be in possession or

control of litigant. The Williams v. Sprint/United Management Co.35 court held that “the

producing party should produce the electronic documents with their metadata

intact.” A party may move for a protective order when asked to produce metadata if

it is “not reasonably accessible” and will result in “undue burden and cost.”

As common metadata may be readily accessible without undue burden or cost

because it is stored in a common repository, yet its discovery may harm other clients.

However parties has always an opportunity to seek injunction to protect metadata

from disclosure otherwise the discovery will reveal the common metadata disclosing

third parties information which may violate privacy laws.

34 See “Electronic Discovery in the Cloud” The data layers may include client-specific data, client-specific metadata, and metadata common to several clients, which may be unique to an application, generated by multiple clients, or stored in a shared repository. Common metadata may be maintained in repositories shared between clients, which makes it a “major problem” to “isolate [that] data and maintain the security.” Therefore, that data may not be in the custody or control of a litigant, and thus not subject to discovery. Consequently, applying the Rules to a Cloud may create liabilities for clients of a Cloud and loopholes for litigants possession. http://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=1222&context=dltr 35 230 F.R.D. 640 (D. Kan. 2005).

19

Conclusion

With the rapid growth of computers, influence of information technology & ability to

store information in electronic form, required law to be amended which allows

admissibility of electronic records because of the characteristic of evidence - its

volume, durability, transient nature, and ease of transmission and manipulation by

users-make it a critical source of information. But when you convert an electronic

document to paper, you lose valuable information found within its metadata, the

evidence from its "best evidence" original form into a version that might need

secondary evidence to justify its admission.

Further, the metadata attached to electronic documents, besides being potentially

relevant to the case, is extremely useful for sorting and organizing electronic evidence.

Accompanying this rise is a steadily increasing amount of information in electronic

form. Lawyers should be aware of these changes and be prepared to adjust their

discovery practices, as well as their courtroom procedures for admitting evidence.

Moreover, attorneys should advise their clients of the potential dangers of

electronically stored data so that preventative policies may be enacted.

20

Bibliography

Statue:

The Indian Evidence Act, 1872

The IT Act, 2000

Books:

Law of cyber-crimes and information technology law, S V Joga Rao, First edition, 2004

Legal issues in electronic commerce, T. Ramappa, 2003

Journal:

Susan E. Davis, Elementary Discovery, My Dear Watson, CAL. LAW., Mar. 1996, at 53, 53

Anthony J. Dreyer, Note, When The Postman Beeps Twice: The Admissibility of Electronic Mail Under The Business Records Exception of The Federal Rules of Evidence, 64 FORDHAM L. REV. 2285, 2289 (1996)

Article:

http://www.infolawgroup.com/2010/10/articles/breach-notice/legal-implications-of-cloud-computing-part-five-ethics-or-why-all-lawyers-not-just-technogeek-lawyers-like-me-should-care-about-data-security

http://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=1222&context=dltr

http://www.nij.gov/topics/forensics/evidence/digital/digital-glossary.htm

http://www.setecinvestigations.com/resources/faqs.php

www.justice.gov.za/salrc/ipapers/ip27_pr126_2010.pdf

Cases:

United states v. Salgado, 250 F.3d 438, 452 (6th Circuit 2001)

Daubert v. Merrell Dow Pharmaceuticals, Inc. 509 U.S. 579 (1993)

People v. Holowko, 486 N.E. 2d 877, 878-79

St. Luke’s Cataract & Laser Institute, P.A. v. Sanderson 2006 WL 1320242, at *2 (M.D. Fla. 2006)

R. v. Mapara (2005), 251 D.L.R. (4th) 385

Sun Protection Factory, Inc. v. Tender Corp 2005 WL 2484710, at *6 (M.D. Fla. 2005)

Telewizja Polska USA, Inc. v. EchoStar Satellite Corp 2004 WL 2367740 (N.D. Ill. 2004)

State of Maharashtra v Dr Praful B Desai AIR 2003 SC 2053

State (NCT of Delhi) v Navjot Sandhu AIR 2005 SC

Williams v. Sprint/United Management Co. 230 F.R.D. 640 (D. Kan. 2005).