TL;DR: Section 63 of the Bharatiya Sakshya Adhiniyam, 2023 (BSA), which came into force on 1 July 2024, replaces Section 65B of the Indian Evidence Act, 1872. The certificate requirement stays mandatory for secondary electronic evidence — but now demands two signatories (the person in charge of the device plus an independent expert), must include the hash value of the record, and follows a prescribed Schedule format. Primary electronic evidence (governed by Section 57 BSA) remains admissible without a certificate. The Supreme Court’s holdings in Anvar P.V. v. P.K. Basheer (2014) 10 SCC 473 and Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1 continue to guide courts on the practical application of these rules.

On this page

Why BSA replaced the Indian Evidence Act

The Bharatiya Sakshya Adhiniyam, 2023 (Act No. 47 of 2023) was enacted as part of India’s overhaul of its three core criminal procedure statutes. It came into force on 1 July 2024, the same date as the Bharatiya Nyaya Sanhita (BNS) and the Bharatiya Nagarik Suraksha Sanhita (BNSS), replacing the Indian Penal Code and the Code of Criminal Procedure respectively. For an overview of all three, see what the new criminal laws changed.

The Indian Evidence Act, 1872 was drafted in an era of paper documents. When digital records began flooding courtrooms in the 1990s and 2000s, Parliament inserted Sections 65A and 65B into the IEA through the Information Technology Act, 2000. Section 65A declared electronic records relevant; Section 65B set out the conditions under which a computer output could be admitted without producing the original device.

Those provisions worked reasonably well for desktop computers and printed emails. They struggled with smartphones, cloud storage, IoT logs, CCTV footage hosted on remote servers, and WhatsApp messages extracted from mobile backups. The BSA’s Section 63 is designed to address those gaps. The basic architecture — conditions for admissibility plus a certificate requirement — is preserved, but the scope is wider, the certificate is more demanding, and a new enabling provision (Section 61) removes one significant source of ambiguity.

Primary vs. secondary electronic evidence: the foundational split

Before looking at Section 63 itself, it is essential to understand where it sits within the BSA’s evidence framework. The BSA, like its predecessor, distinguishes between primary evidence and secondary evidence.

Primary evidence is the document itself produced for inspection by the court. Under Section 57 BSA (which replaces Section 62 IEA), electronic and digital records have been expressly incorporated into the definition of primary evidence through Explanations 4 to 7:

  • Explanation 4: Where a file is created or stored simultaneously or sequentially in multiple locations, each such file is primary evidence of that record.
  • Explanation 5: An electronic record produced from proper custody is primary evidence unless its authenticity is put in dispute.
  • Explanation 6: A video recording that is simultaneously stored and transmitted counts as primary evidence in each form.
  • Explanation 7: Every automated storage instance, including temporary files generated during normal processing, constitutes primary evidence.

The practical consequence is significant: if a party produces the original device, the original file, or a copy generated directly from proper custody that is not disputed, there is no need for a Section 63 certificate at all. The record goes in as primary evidence.

Secondary evidence is a copy of the original, a computer output, or a printout — anything that is not the original itself. This is the territory governed by Section 63. “Computer output” is the statute’s term of art: it covers information printed on paper, stored or copied on optical or magnetic media, semiconductor memory, or otherwise stored in any electronic form, which is produced by a computer or any communication device.

This distinction — primary under Section 57, secondary/computer output under Section 63 — was already implicit in the old IEA, but Section 65B’s drafting led to decades of confusion about whether a certificate was required for primary electronic evidence too. The BSA’s structural separation makes the answer clearer.

Section 63 in detail: conditions, devices, and definitions

Section 63 of the BSA has five subsections. Read together, they establish a framework for admitting computer output as secondary evidence.

Section 63(1) is the operative rule: a computer output shall be deemed to be a document and shall be admissible in any proceedings, without further proof or production of the original, as evidence of any contents of the original or of any fact stated therein of which direct evidence would be admissible — provided the conditions in the section are satisfied. The phrase “without further proof or production of the original” is important: compliance with Section 63 is itself sufficient for admission.

Section 63(2) sets four conditions, which track closely the old Section 65B(2):

  1. The computer or communication device was used regularly for creating, storing, or processing information in the ordinary course of activities at the relevant time.
  2. Information of the kind contained in the electronic record was regularly fed into the device in the ordinary course of those activities.
  3. The device was operating properly throughout the material period, or if it was not operating properly for part of that period, the malfunction did not materially affect the accuracy of the record.
  4. The electronic record reproduces or is derived from information that was regularly supplied to the device in the ordinary course of activities.

Section 63(3) deals with multiple-device scenarios. Where activities are carried on using a combination of computers, communication devices, or networks — whether standalone, as a system, networked, or through an intermediary — all devices involved during any relevant period are to be treated as a single computer or communication device for the purposes of the section. This is an important expansion from the IEA, which dealt with multiple computers in a more limited way. Section 63(3) explicitly contemplates cloud infrastructure, distributed systems, and communication relay chains.

Section 63(5) defines how information is “supplied to” a device. It covers both direct input by a human and indirect derivation by another computer — covering automated data pipelines, database synchronisation, and records generated by software acting on other software output.

The term “communication device” is new relative to Section 65B. The IEA focused on “computers.” The BSA expressly extends to any device capable of storing, processing, or transmitting information, capturing smartphones, tablets, IoT sensors, and any future category of connected device within the statute’s reach.

The certificate under Section 63(4): Part A, Part B, and the Schedule

The most consequential change in Section 63 compared to Section 65B is the certificate requirement. Under the old Section 65B(4), a certificate from a single person “occupying a responsible official position in relation to the operation of the relevant device” was sufficient. The BSA replaces this with a two-part certificate prescribed in the Schedule to the Act.

Section 63(4) requires that, when a party seeks to produce a computer output in evidence, the record must be accompanied by a certificate that:

(a) identifies the electronic record containing the statement and describes the manner in which it was produced;

(b) gives such particulars of the device involved in the production of that record as may be appropriate for the purpose of showing that the record was produced by a computer or communication device; and

(c) deals with any of the matters to which the conditions mentioned in Section 63(2) relate — and is in the form specified in the Schedule to the BSA.

That certificate must be signed by the person in charge of the computer or communication device (or the management of the relevant activities, whichever is appropriate) and by an expert.

The Schedule to the BSA prescribes the certificate in two parts:

Part A is signed by the party producing the record (or the custodian of the device). It declares: the identity of the electronic record; the device on which it was created or from which it was extracted; that the device was operating properly; that the information was regularly fed in the ordinary course of activity; and the hash value of the electronic record along with the algorithm used (for example, SHA-256, SHA-1, or MD5).

Part B is signed by a technical expert. The expert certifies that he or she has examined the electronic record, that the device details stated in Part A are accurate to the best of the expert’s knowledge, and attests to the integrity of the record by confirming the hash value. The expert here means a person with appropriate technical knowledge — the statute does not restrict this to government-empanelled examiners under Section 79A of the Information Technology Act, 2000. Any person with adequate expertise in the relevant field can sign Part B.

The certificate must be submitted “at each instance where it is being submitted for admission,” meaning it cannot be filed once at the outset and then relied upon passively throughout proceedings. Each time the party seeks to introduce a fresh electronic record, a fresh certificate is required.

Hash values and chain of custody explained

What is a hash value?

A hash value (sometimes called a message digest or digital fingerprint) is a fixed-length string of characters produced by running the electronic record through a cryptographic algorithm. The slightest change to the underlying data — even a single added comma — produces a completely different hash output. This property makes hash values the standard tool for proving that an electronic record has not been altered between the moment it was extracted from a device and the moment it is produced before court.

Common algorithms mentioned in evidence practice are SHA-256 (currently considered secure), SHA-1 (widely used but now deprecated for new applications), and MD5 (found to have vulnerabilities; legacy use only). For forensic purposes in court, SHA-256 is the preferred choice.

How hash values work in practice

When a forensic investigator or the person in charge of a device extracts an electronic record — say, a copy of a WhatsApp chat database or a CCTV recording file — the extraction tool generates a hash of the file at the moment of extraction. That hash is noted in the Part A certificate. When the expert later examines the record, the expert re-runs the hash algorithm on the same file. If the two values match, the record is unchanged. If they differ, something has been modified between extraction and production.

Chain of custody

The hash value alone is not sufficient. Courts also look at the chain of custody: a documented record of who handled the electronic evidence from the moment it was collected, where it was stored, who had access to it, and in what form it was transferred at each stage. A complete chain-of-custody log should record:

  • The date, time, and method of extraction from the device.
  • The tool and version used for extraction (for example, a certified mobile forensic application).
  • The name and designation of the person who extracted it.
  • The storage media on which it was preserved.
  • Every subsequent transfer, with dates and names.
  • Any access that occurred during storage.

A hash that matches but a chain of custody that has unexplained gaps can still give the court reason to doubt integrity. A solid certificate is not a substitute for meticulous chain-of-custody documentation.

The case law trail: Anvar, Shafhi Mohammad, Arjun Panditrao

The Section 65B certificate requirement produced nearly two decades of conflicting judicial interpretation before the law was finally settled in 2020. Understanding that history is essential for appreciating what Section 63 is trying to fix.

Anvar P.V. v. P.K. Basheer (2014) 10 SCC 473

This three-judge bench judgment by the Supreme Court, decided on 18 September 2014, is the starting point for modern electronic evidence law in India. The court examined an election dispute in which audio and video CDs were produced without a Section 65B certificate. The court held:

  • Sections 65A and 65B are special provisions that exclusively govern the admissibility of electronic records. The general secondary evidence provisions of the IEA (Sections 63 and 65) do not apply to electronic records.
  • A Section 65B(4) certificate is mandatory when producing a computer output (secondary electronic evidence). Without it, the evidence is inadmissible, regardless of its probative value.
  • The only exception is primary electronic evidence: if the original device is itself produced before the court for inspection, no certificate is required.
  • The court overruled the earlier two-judge bench decision in State (NCT of Delhi) v. Navjot Sandhu (2005) 11 SCC 600 to the extent that decision allowed electronic evidence to be proved through oral testimony of witnesses.

Anvar established the mandatory nature of the certificate. But it left open a question: what happens when the person who needs to produce the certificate was not in possession of the device? A prosecution presenting CCTV footage obtained from a third-party server could not compel a certificate from the server operator.

Shafhi Mohammad v. State of Himachal Pradesh (2018) 2 SCC 801

This two-judge bench of the Supreme Court, decided on 30 January 2018, partly relaxed the Anvar rule. It held that the certificate under Section 65B(4) could not be insisted upon when the party seeking to rely on the electronic evidence was not in possession of the device. In such cases, the court could admit the electronic evidence on the satisfaction of the trial judge, without a strict certificate requirement.

A later order in the same matter, dated 3 April 2018, is reported at (2018) 5 SCC 311. Its relaxation created immediate practical difficulties: it was a two-judge bench departing from a three-judge bench ruling in Anvar, which raised questions about its binding authority. The conflict was directly referred to a larger bench.

Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1

This is the controlling authority. A three-judge bench of the Supreme Court, comprising Justices R.F. Nariman, S. Ravindra Bhat, and V. Ramasubramanian, decided the case on 14 July 2020. The bench:

  • Expressly overruled Shafhi Mohammad, holding that it stated the law incorrectly, because a two-judge bench cannot depart from the three-judge bench ruling in Anvar.
  • Restored the rule in Anvar: a Section 65B(4) certificate is a condition precedent to the admissibility of secondary electronic evidence. Without the certificate, the evidence cannot be admitted.
  • Clarified that the certificate need not be produced at the time the electronic record is first tendered in evidence — it can be produced subsequently, but must be produced before the evidence is finally relied upon. The court should require the certificate to be produced during the trial.
  • Addressed the “not in possession” problem: where the person who can issue the certificate is not a party to the proceedings, the court can direct that person to produce the certificate under its process. The inability to obtain a certificate does not excuse its absence; the remedy is a court direction compelling production.
  • Confirmed that a party who is not in control of the device can apply to the court for a direction to the person in control to issue the certificate.

Arjun Panditrao is the case advocates and courts must cite when a certificate challenge is raised. Its holdings carry forward into the BSA regime: the certificate under Section 63(4) is equally mandatory, and the same procedural mechanisms for compelling its production apply.

The legacy of these cases under Section 63

The BSA’s Section 61 introduces a new provision — absent from the IEA — which reads: “Nothing in this Adhiniyam shall apply to deny the admissibility of an electronic or digital record in the evidence on the ground that it is an electronic or digital record and such record shall, subject to section 63, have the same legal effect, validity and enforceability as other document.” The phrase “subject to section 63” preserves the certificate requirement. Section 61 is primarily aimed at ensuring courts do not exclude electronic records on the obsolete ground that they are not “documents” — not at overriding the certificate mandate.

65B vs. Section 63: what changed and what did not

AspectSection 65B IEA 1872Section 63 BSA 2023
Operative since2000 (IT Act amendment)1 July 2024
Devices coveredComputerComputer or communication device
Storage mediaOptical or magnetic mediaOptical, magnetic, semiconductor memory, or any electronic form
Functions coveredStore or processCreate, store, or process
Multiple-device treatmentSuccessive computer combinationsStandalone, system, network, intermediary — treated as single unit
Certificate signatorySingle responsible officialPerson in charge AND an expert (two signatories) ✗ one is no longer enough
Certificate formatNo prescribed formSchedule to the BSA prescribes Part A + Part B ✓
Hash valueNot mentionedMandatory in the Schedule certificate ✓
Certificate timingOn admissionAt each instance of admission ✓
Primary evidence gatewayImplicit in Anvar judgmentExpressly in Section 57 Explanations 4-7 ✓
Enabling non-obstanteAbsentSection 61 BSA ✓
Certificate by compulsionCourt direction available (Arjun Panditrao)Same mechanism continues ✓
Case law controllingAnvar + Arjun PanditraoAnvar + Arjun Panditrao remain instructive ✓

What changed: The device scope is wider. The certificate is more demanding (dual signatories, prescribed form, hash value). The Section 57 expansions give multiple categories of electronic records primary-evidence status, reducing how often Section 63 is triggered. Section 61 removes a ground of objection that occasionally succeeded in lower courts.

What stayed the same: The four conditions for admissibility are substantively identical. The mandatory nature of the certificate for secondary electronic evidence is unchanged. The Anvar and Arjun Panditrao holdings govern the new certificate in the same way they governed the old one.

Practical guide: WhatsApp, CCTV, email, and cloud records

WhatsApp and other messaging platforms

WhatsApp messages are stored on the user’s device in an encrypted database. When a party wants to produce WhatsApp messages as evidence, there are two scenarios:

Scenario A — original device produced. The phone itself is placed before the court or given for forensic examination while still in the same condition as when the messages were sent or received. This is primary evidence under Section 57 and no certificate is required. The court or a forensic examiner inspects the original database.

Scenario B — printed screenshots or exported chat files. The party is producing a printout or an extracted file rather than the original device. This is secondary electronic evidence — a computer output — and Section 63 applies. The person in charge of the extraction (typically the user or a forensic examiner) must sign Part A. A technical expert who verifies the hash value of the extracted file signs Part B. The chain of custody from the phone to the exported file must be documented. A screenshot alone, without a certificate, will be inadmissible on a challenge.

CCTV footage

CCTV footage raises a recurring chain-of-custody problem. The original recording is typically stored on a digital video recorder (DVR) at a third-party location — a commercial establishment, a government installation, or a housing society. By the time a court proceeding begins, the DVR may have overwritten its storage.

If the footage is extracted onto a pen drive or optical disc: the extraction constitutes a computer output. A Part A certificate from the person in charge of the DVR (the facility manager, security officer, or technical staff) and a Part B certificate from a technical expert are required. The extraction process should be documented: the person extracting must note the DVR model, the software used, the date and time of extraction, and the hash of the extracted file.

The police or prosecution typically bear the burden of ensuring this certificate is available. Under Arjun Panditrao, if the DVR operator refuses or is unavailable, the court can issue a direction compelling them to produce the certificate.

Email evidence

An email is a communication-device output. To admit a specific email:

  • If the party controls the email account: the printout or PDF export is a computer output requiring a Section 63 certificate. Part A is signed by the account holder or IT administrator. Part B by a technical expert.
  • If the email was received by a third party: the same certificate process applies to the third party’s copy. Where necessary, the court can compel the corporate IT administrator or email service provider to issue a certificate.
  • Server logs from email providers: these typically require a court order and coordination with the service provider, followed by a certificate from the server operator (Part A) and an expert (Part B).

Cloud records and distributed systems

Cloud records — documents stored in Google Drive, Microsoft OneDrive, or CRM platforms — present the most complex certificate challenges. The server is operated by a foreign entity; the data may be distributed across multiple jurisdictions. Section 63(3)‘s treatment of multiple devices as a single system is helpful in principle, but obtaining a certificate from a foreign cloud provider is practically difficult.

Courts are yet to develop a uniform approach to this problem under the BSA. In the interim, the safest course is: obtain the data through a court order or mutual legal assistance request; have a local forensic examiner download and hash the data; issue Part A and Part B certificates on the basis of that process. See also how to read and brief an Indian judgment for guidance on locating relevant precedents on this point.

Bank records and server logs

Banks and financial institutions are among the most frequent producers of electronic evidence. Under BSA Section 63, a bank wishing to produce account statements, transaction logs, or audit trail records in court must provide a Part A certificate from the bank officer in charge of the relevant IT system and a Part B certificate from a technical expert. Many banks have already built these processes into their litigation management systems, since the certificate requirement under Section 65B was well established before the BSA came into force.

For understanding how to assess whether a case on electronic evidence is still good law, see how to check good law in India.

How Niyam helps

Researching electronic evidence — identifying the applicable sub-section of Section 63, tracing whether a certificate objection was sustained or rejected in a recent High Court judgment, or checking whether Anvar’s holdings have been applied by a particular bench — involves working through a large volume of primary material. Niyam searches across 72,000+ Indian judgments and current statutory text, returning cited answers grounded in primary sources. Whether you need to locate a recent High Court ruling on CCTV certificate requirements or draft a checklist for a Section 63(4) certificate, Niyam can accelerate that process. Start for ₹100 at app.niyam.ai/register.

Frequently asked questions

Does Section 63 BSA apply to cases filed before 1 July 2024?

Section 63 BSA applies to proceedings governed by the BSA, which came into force on 1 July 2024. Cases filed under the old IEA framework (i.e., where investigations were initiated before that date and the old CrPC applies under the BNSS savings clause) continue to be governed by Section 65B IEA and the case law under it, including Arjun Panditrao.

What is the difference between primary and secondary electronic evidence under the BSA?

Primary electronic evidence is the original electronic record itself, or a copy from proper custody that is not in dispute, admissible under Section 57 BSA. Secondary electronic evidence is a computer output — a printout, extracted file, or copy — governed by Section 63 BSA and requiring a certificate under Section 63(4).

Is the Section 63(4) certificate always mandatory?

The certificate is mandatory when producing secondary electronic evidence (a computer output). It is not required for primary electronic evidence under Section 57. The mandatory nature was confirmed for the old Section 65B in Arjun Panditrao and carries forward under Section 63.

Who signs the Part A certificate?

Part A is signed by the person in charge of the computer or communication device, or the person responsible for managing the relevant activities. This will typically be a device owner, system administrator, IT manager, or authorised officer of the organisation that operates the system.

Who signs the Part B certificate?

Part B is signed by an expert — a person with technical expertise relevant to the electronic record and the device in question. The BSA does not restrict this to Section 79A government examiners. Any qualified person with appropriate knowledge can sign Part B.

What happens if the party cannot obtain the certificate because the device is with a third party?

Following the Arjun Panditrao ruling, the party can apply to the court for a direction compelling the person in charge of the device to issue the certificate. The court has power to direct a third party — a business, a bank, a telecom company — to produce the certificate. Inability to obtain it voluntarily is not an excuse for proceeding without it.

Does a Section 65B certificate issued before 1 July 2024 satisfy Section 63?

A certificate obtained under the old Section 65B format, before the BSA came into force, does not meet the new Schedule requirements (Part A, Part B, hash value). For proceedings governed by the BSA, a fresh certificate in the prescribed Schedule format is required.

What hash algorithm should be used in the Part A certificate?

The Schedule to the BSA does not mandate a specific algorithm, but it requires the algorithm to be stated. SHA-256 is currently the preferred standard in forensic practice. MD5 and SHA-1 are widely used in older forensic reports but are considered less secure for new certifications.

Can a lawyer file the Part A or Part B certificate?

An advocate who personally operated or extracted the record from the device can sign Part A. An advocate who is also a technical expert in the relevant domain can sign Part B. However, it is unusual for the same advocate conducting the case to serve as the certifying expert; doing so raises professional and evidentiary concerns. In practice, a forensic examiner or IT professional is typically engaged for Part B.

Are WhatsApp screenshots admissible without a certificate?

Screenshots of WhatsApp messages are computer outputs and require a Section 63(4) certificate to be admissible over objection. Courts have, in some lower-court proceedings, admitted them without strict challenge, but a well-argued objection citing Anvar P.V. and Section 63 should succeed in excluding uncertified screenshots.

What is a hash value collision and does it affect evidence?

A hash collision means two different files produce the same hash output. For SHA-256, collisions are computationally infeasible at present. For MD5, collisions have been demonstrated in research settings. If opposing counsel argues that the hash algorithm used is vulnerable to collisions, the court may require additional authentication measures. This is a technical argument that typically requires expert testimony on both sides.

Does the BSA’s Section 61 remove the need for a certificate?

No. Section 61 prevents courts from rejecting electronic records merely because they are electronic in nature. The phrase “subject to section 63” in Section 61 preserves the certificate requirement. Section 61 and Section 63 operate together, not in opposition.

What happens if the certificate has an error or omission?

Courts have shown some flexibility on technical defects in certificates where the core information is present and there is no suggestion of tampering. However, a certificate that omits the hash value, fails to identify the record, or is signed by a person without authority is likely to be challenged successfully. Where a defect is identified, the party should apply to produce a corrected certificate before the evidence is relied upon.

Is CCTV footage primary or secondary evidence?

CCTV footage stored on the original DVR and produced for court inspection is primary evidence under Section 57 Explanation 6 (video simultaneously stored and transmitted). A copy of the footage extracted onto a USB drive or optical disc is a computer output — secondary evidence — and requires a Section 63(4) certificate.

Does Section 63 apply in civil proceedings?

Yes. Section 63 applies to “any proceedings,” which includes civil suits, arbitral proceedings (where the arbitral tribunal follows BSA rules), consumer disputes, and regulatory proceedings that apply the BSA’s evidentiary framework. Civil courts and tribunals apply the same certificate requirement.

Can a certificate be produced after the electronic record has already been exhibited?

Arjun Panditrao held that the certificate can be produced after the electronic record is initially tendered, as long as it is produced before the evidence is finally relied upon. Courts can give time to the producing party to file the certificate. However, this should not be taken as licence to indefinitely defer the certificate; the court can reject the record if the certificate is not produced within the time allowed.

What is the difference between Section 62 and Section 63 BSA?

Section 62 BSA requires that electronic and digital records be proved in accordance with Section 63. It is essentially a directing provision that routes all proof of electronic records through the Section 63 framework. Section 63 then sets out the substantive conditions and certificate requirements.

How does Section 63 interact with the DPDP Act or privacy considerations?

Electronic records containing personal data may be subject to the Digital Personal Data Protection Act, 2023 when obtained from a platform or third party. Production before a court may require compliance with the DPDP Act’s framework around data transfers. For an overview of the DPDP framework, see what businesses must do under the DPDP Rules 2025. Neither the BSA nor the DPDP Act has yet been judicially interpreted on their interaction in evidence proceedings.

Can the opposing party challenge the electronic record even if a certificate is filed?

Yes. A certificate establishes admissibility; it does not establish the truth of the contents or prevent a challenge on reliability grounds. The opposing party can cross-examine the certifying officer and the expert on the certificate, challenge the extraction methodology, contest the chain of custody, or argue that the device was not operating properly. The certificate is the threshold — it gets the record through the door. Reliability is a separate question.

Are bank statements produced digitally still governed by Section 63?

Bank statements generated from a bank’s computer system and produced as printouts or electronic files are computer outputs and require a Section 63 certificate. This has been the position since Section 65B was inserted in 2000. The only change under the BSA is the dual-signatory and hash-value requirement. For an overview of how AI tools can help research statutory and case law interactions like this, see avoiding hallucinations in AI legal research.

Key takeaways

  • The Bharatiya Sakshya Adhiniyam, 2023 came into force on 1 July 2024. Section 63 BSA replaces Section 65B IEA as the governing provision for electronic and digital records.
  • Section 57 BSA expressly includes electronic records as primary evidence through Explanations 4 to 7. Primary electronic evidence needs no certificate.
  • Section 63 governs “computer output” — secondary electronic evidence. It preserves the four conditions for admissibility from Section 65B(2) with expanded device scope.
  • The certificate under Section 63(4) is mandatory for secondary electronic evidence. It is now in two parts: Part A (the producing party or device custodian) and Part B (a technical expert), prescribed in the Schedule to the BSA.
  • The certificate must state the hash value of the electronic record and the algorithm used. SHA-256 is the preferred algorithm in current forensic practice.
  • Anvar P.V. v. P.K. Basheer (2014) 10 SCC 473 established mandatory certification. Shafhi Mohammad v. State of Himachal Pradesh (2018) 2 SCC 801 relaxed it. Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1 overruled Shafhi Mohammad and restored the mandatory rule — these holdings apply equally under Section 63 BSA.
  • Where a certificate cannot be obtained voluntarily, the court can direct the person in charge of the device to issue it.
  • WhatsApp screenshots, CCTV copies, email printouts, and cloud records are all computer outputs requiring a Section 63(4) certificate to be admitted over objection.
  • Chain of custody documentation is independent of but complementary to the certificate. Both are necessary for effective use of digital evidence in court.
  • Section 61 BSA ensures courts cannot reject an electronic record merely because it is electronic, but this is subject to Section 63’s certificate requirements.

Start for ₹100 — Niyam researches Indian statutes and case law grounded in primary sources, so you can verify a Section 63 argument or locate the latest High Court ruling on electronic evidence without starting from scratch.