Electronic Records Now Governed by Section 63 of the Bhartiya Sakshya Adhiniyam, 2023
Section 65B of the Indian Evidence Act, 1872 is out. Section 63 of the Bhartiya Sakshya Adhiniyam, 2023 has taken its place — and lawyers who haven't read it carefully yet are going to run into problems at the filing stage.
The change isn't just about renumbering an old provision. The rules around digital evidence admissibility have genuinely shifted. New certificate requirements, hash value obligations, expert authentication — these aren't optional add-ons. They're conditions.
For years, Section 65B of the Indian Evidence Act was the governing provision for electronic records in court. It generated enormous litigation, inconsistent judicial interpretations, and repeated Supreme Court interventions over questions as basic as: when exactly must the certificate be filed?
Section 63 of the Bhartiya Sakshya Adhiniyam, 2023 steps into that space with more structure. Any information printed, stored, or copied from computers, optical or magnetic media, or communication devices qualifies as a document — provided the conditions in this section are met. That scope is broad. It covers emails, screenshots, WhatsApp chats, server logs, cloud-stored files, surveillance recordings — all of it.
What the section demands in return is accountability. Stricter authentication. A paper trail that courts can actually verify.
Each clause in Section 63 does specific work. Taken together, they form a complete framework for how electronic records enter a courtroom.
Clause (1) establishes the baseline: any information in an electronic record — whether printed on paper, stored on a device, or recorded through any process — is treated as a document, subject to the conditions that follow.
Clause (2) sets the admissibility test. Three things must be true: the device producing the record was in regular use at the relevant time, the device was functioning properly during that period, and the information the record contains is accurate. If any of these conditions is in doubt, the record's admissibility is in doubt.
Clause (3) tackles the multi-device problem. When several computers or communication devices work together to produce or store a record — think cloud systems, networked servers, linked accounts across devices — they're treated as a single system. Practically speaking, this means you don't need to certify each machine separately when data comes from an interconnected setup.
Clause (4) is where the real procedural weight sits: a certificate is required. Without it, the electronic record doesn't come in.
Clause (5) covers the mechanics of supplying information and producing records through electronic means — the backend process, essentially.
The Bhartiya Sakshya Adhiniyam recognises two separate certificates for authenticating electronic records. They serve different purposes and come from different people.
Certificate by the Party
This one comes from the person — or the representative of the organisation — that owns or controls the device from which the electronic record was produced. It's essentially a sworn statement that says: this record came from this device, here are its details, and here is the hash value confirming it hasn't been touched since we captured it.
What must be included:
The hash value deserves a moment here. It's a fixed-length string generated from the file's contents using a mathematical algorithm. Change even a single character in the file — add a space, alter a date, anything — and the hash changes entirely. That's what makes it useful: courts get an objective, technically verifiable way to confirm the record is exactly what it was when first captured.
Certificate by the Expert
Where the party certificate establishes ownership and identity, the expert certificate establishes technical credibility. A qualified digital forensics professional independently examines the electronic record — verifying the hash value, confirming the integrity of the data chain, and providing a professional opinion on the record's authenticity.
Both certificates carry the same structural elements: solemn affirmation, device details, hash value, and the certifier's name, signature, date, and place.
IN THE HIGH COURT OF DELHI AT NEW DELHI (Ordinary Original Commercial Jurisdiction) CS (Comm) No. ___ of 2024
XYZ & Anr. … Plaintiffs Versus ABC … Defendant
I, _______, S/o Mr. _________ employed at _______________ do hereby solemnly affirm and sincerely state and submit as follows:
Device Details:
Hash Value: __________________ (Algorithm: MD5 / SHA256)
Name: _________ Signature: _________ Date: _________ Place: _________
Miss the certificate, and the evidence doesn't come in. That's the short version.
Emails, WhatsApp messages, screenshots, digital contracts, CCTV footage, access logs — any electronic record going into court now needs the certificate under Section 63 of the Bhartiya Sakshya Adhiniyam in place before it's filed. Not after. Not as an afterthought when opposing counsel raises an objection.
The hash value must be documented at the point of capture — when you first preserve the digital record — not reconstructed later. Device identifiers need to be accurate and complete. And where the record involves complex digital infrastructure, a forensic expert's certificate isn't just advisable; it's the safer call.
Section 63 of the Bhartiya Sakshya Adhiniyam, 2023 gives courts better tools to evaluate digital evidence. It also gives opposing counsel sharper grounds to challenge records where the procedure wasn't followed. Both things are equally true.
Legal teams that treat certificate preparation as a technical checkbox — something to hand off to the client or a junior — are going to encounter problems. The hash value especially requires careful handling from someone who understands what it is and what it's meant to prove.
The Indian Evidence Act's Section 65B generated over two decades of inconsistent case law. The certificate requirement existed, but courts split repeatedly on timing — could it be produced later, or only at the time of submission? The Supreme Court weighed in multiple times, with different benches sometimes reaching different conclusions.
Section 63 of the Bhartiya Sakshya Adhiniyam doesn't resolve every interpretive question — no statute ever does — but the dual-certificate structure and the hash value requirement are a deliberate attempt at objectivity. You either have a matching hash or you don't. That's harder to argue around than older, vaguer formulations.
Whether courts will interpret Section 63 more uniformly than they did Section 65B of the Indian Evidence Act remains an open question. Early judicial treatment of the new provision will matter enormously. Watch that space.
A: Section 63 of the Bhartiya Sakshya Adhiniyam, 2023 governs how electronic records are admitted as evidence in Indian courts. It replaced Section 65B of the Indian Evidence Act, 1872 and set clearer admissibility conditions — including a mandatory certificate covering device details and hash values. Any electronic information on computers, storage media, or communication devices qualifies as a document under this section if the stated conditions are met.
A: Both provisions deal with electronic records, but Section 63 of the Bhartiya Sakshya Adhiniyam introduces a structured dual-certificate system — one from the party producing the record and one from a technical expert. The mandatory inclusion of hash values (MD5 or SHA256) is the sharpest departure from Section 65B, giving courts an objective technical standard to verify record integrity rather than relying solely on witness statements.
A: Yes. The certificate under Section 63(4)(c) is a condition of admissibility — not a formality. Electronic records filed without the required certificate, complete with device identifiers and hash value, risk outright rejection by the court. The requirement applies to all electronic records: emails, screenshots, chat messages, digital contracts, server logs, and surveillance recordings alike.
A: A hash value is a unique string generated from a file's contents using algorithms like MD5 or SHA256. If the file is altered in any way after the hash is recorded, the value changes — making tampering detectable. Section 63 of the Bhartiya Sakshya Adhiniyam requires the hash value in the authentication certificate precisely because it gives courts a technically objective way to confirm the electronic record hasn't been modified since it was first captured.
A: Two certificates are recognised. The first is signed by the party producing the record — an employee or authorised representative of the entity controlling the device. The second is signed by a qualified digital forensics expert who independently authenticates the record's integrity. Both must include full device details, unique identifiers such as IMEI or MAC address, and the hash value with algorithm specified.
A: Yes, they can — but only with the proper certificate in place. WhatsApp messages, screenshots, emails, and other digital communications are electronic records under Section 63 of the Bhartiya Sakshya Adhiniyam. They need to be accompanied by the certificate under Section 63(4)(c) before a court will admit them. The device the messages were captured on must be identified, and the hash value of the record must be documented.
A: A mismatch means the electronic record was altered after the hash was generated. Courts would treat this as a failure of authentication under Section 63 — the record would either be inadmissible or face serious credibility challenges. This is why the hash must be recorded at the time the digital record is first preserved, not reconstructed later from memory or secondary sources.
A: Yes. Clause (3) of Section 63 specifically addresses situations where multiple computers or communication devices work together — treating them as a single system. Cloud storage accounts, networked servers, and data spread across linked devices all fall within the scope of Section 63 of the Bhartiya Sakshya Adhiniyam, 2023. The certificate requirements apply to such records just as they do to single-device records.
A: The certificate must identify the device by make, model, colour, and serial number. It also requires unique identifiers — IMEI number for mobile devices, MAC address for networked hardware, or Cloud ID and UID/UIN for cloud-based systems. These details establish a clear chain of custody linking the electronic record to a specific, identifiable device.
A: Both, depending on how well-prepared you are. Section 63 of the Bhartiya Sakshya Adhiniyam simplifies the conceptual framework — clearer clauses, structured certificates, objective hash verification. But it raises the bar on preparation. Lawyers who handle the certificate requirements properly will find the process smoother than it was under Section 65B. Those who don't will find the new provisions have sharper teeth.
Your email address will not be published. Required fields are marked *