Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Electronic evidence

e commerce

  • Login to see the comments

Electronic evidence

  1. 1. NATIONAL LAW SCHOOL OF INDIA UNIVERSITY BANGALORE PROJECT ON “ELECTRONIC EVIDENCE” SUBJECT: E-commerce & IT law TRIMESTER-IV 2013-14 UNDER THE SUPERVISION OF Prof. S.B.N. Prakash National Law School of India University, Bangalore SUBMITTED BY:-Ronak Karanpuria LL.M. (Business Law) Student ID No.: 534 1
  2. 2. Acknowledgement I express my deep sense of obligation and gratitude to Prof. S.B.N.Prakash, National Law School of India University, Bangalore, for his invaluable guidance and persistent encouragement in the preparation of this project work. I am deeply indebted to all the Indian and foreign writers and judges whose writings and decisions have been duly cited in this work and have given me inspiration and light during preparation of this work. 2
  3. 3. RESEARCH METHODOLOGY  Aim and Objective The Aim of the research paper is to determine the scope of “Electronic Evidence” w.r.t. modern digital environment.  Research Question The researcher will address electronic evidence in context with its relevance, authenticity, hearsay, originality or duplicate documentation, and unfair prejudice about its admissibility in normal court procedure.  Research Methodology In this paper the researcher has primarily used descriptive and analytical methodology of research. The researcher mainly relied upon the secondary sources which include books, Reports, Journal, magazines, online articles and legal databases.  Scope The scope of this paper is to find out the legal aspects of electronic evidence  Limitation. The field study would have been desirable but due to paucity of time this paper is limited only to the theoretical aspect of electronic evidence which have been gathered from various sources including books, articles, and journals.  Sources In this paper various secondary source have used by the research student in the form of books, article from various journals and also internet sources have been used.  Mode of Citation A Uniform mode of citation is followed throughout this paper. 3
  5. 5. Introduction The court proceedings and the judicial system is based on the facts and the evidence as produced before courts. Even in the era of kings and rulers, when any matter laid before them each party were insisted to have proceed with facts and evidence they have to prove their allegations or strategy. Same analogy has been adopted by Panchayats & courts although with care and caution due to high technological advancement, with this aspects one has to see the rights of individual, rights of victim, admissibility of evidence and to support & strengthen the coordination and cooperation between investigating and prosecution and to prevent miscarriage of justice. However, with the advent of new technologies, regulatory agencies are increasingly harnessing the power of digital technologies to meet the informational demands of rulemaking and to expand public involvement in policymaking. Governments are increasingly adopting technological means, shifting from walls to webs.1 With the advancement, evidence although primarily of two types: oral & documentary with a new form annexed i.e. electronic evidence, court & lawyers has to adhere caution while dealing with electronic evidence2 due to the intricacy & technicality involved, which needed a experts to determine the correctness of data. While the admissibility of electronic evidence is big issue before courts. With globalisation & internet age, people are sharing resources, google, facebook, to kindle and different business gadgets etc. knowledge and data are the key business assets, to be developed and protected and transaction in seconds from one place to another where everything on paper is not possible, with technology data security is a crucial issue, electronic data flows from one part of the world to another i.e. cross borders, passing different law jurisdiction involving different internet and privacy 1 Thomas Friedman, The Lexus & The Olive Tree: Understanding Globalization 39-58 (1999) As a general rule, "electronic evidence" can be any information created or stored in digital form whenever a computer is used to accomplish a task. As this broad definition suggests, electronic evidence may exist whenever a person enters information into a computer, a computer generates information in response to a request by an operator, or a computer uses or processes information. Electronic evidence, therefore, may include information databases, operating systems, applications programs, "computer-generated models", electronic and voice mail messages and records, and other information or "instructions residing in computer memory. 2 5
  6. 6. issues, it is necessary to have proper inquiry and understanding of technology and also proper law to keep in check of the crimes committed by this technology. Type of Electronic evidence As a general rule, "electronic evidence" can be any information created or stored in digital form whenever a computer is used to accomplish a task Forms of electronic evidence3. Email, Word processor, Electronic Spreadsheet files, Relational database (record) file, Software source code, Various image files (.tiff, .jpeg), Web browser bookmarks / cookies / cache Memory, Calendar; to-do-list, contact list, Voice mail. Electronic evidence is a burning issue mainly due to the high-value fraud, industrial espionage, defamation, theft of intellectual property, software counterfeiting and piracy, disputes over software ownership, regulatory disputes, solicitors’ disciplinary proceedings, and global computer misuse, and phishing, theft of trade secrets, defamation and state corruption. Then in case, whether an electronic transaction has taken place or an event within cyberspace has occurred is to be known or alternatively, can you prove that they cannot have happened? A critical feature of the vast majority of computer systems is the ability to produce evidence. Computer or electronic devices has been common place of court battle for electronic evidence.4 People routinely use computers, particularly e-mail, to send draft, informal, or "uncensored" messages they would never "put in writing." As a result, computerized records often contain insights into "corporate knowledge and behavior" and "off-the-cuff' remarks that people would never record on paper. Such remarks are often damaging in litigation.5 Where litigation or criminal prosecution is in prospect there is a further requirement on those who run or own computers: the need to identify and preserve digital material 3 See, e.g., Susan E. Davis, Elementary Discovery, My Dear Watson, CAL. LAW., Mar. 1996, at 53, 53 (discussing different forms of electronic evidence); 4 Bills v. Kennecott Corp., 108 F.R.D. 459, 462 (D. Utah 1985). 5 See, e.g., Anthony J. Dreyer, Note, When The Postman Beeps Twice: The Admissibility of Electronic Mail Under The Business Records Exception of The Federal Rules of Evidence, 64 FORDHAM L. REV. 2285, 2289 (1996) 6
  7. 7. which the legal system says should be disclosed to opponents in civil litigation and to defendants accused of crimes. An important question raised is why evidence required at all, mainly due to wide range of commercial activities going on around the world, for example in disputed transactions, in allegations of employee misbehaviour, to show compliance with legal and regulatory rules, to avoid charges of negligence or breach of contract, to assist law enforcement in criminal and anti-terrorist investigations, to meet disclosure requirements in civil claims, to support insurance claims after a loss. Due to the fact that electronic evidence or mainly digital evidence is highly volatile and easily compromised by poor handling, chances of success in litigation heavily depends on the weight of the evidence supported by relevant facts. Effective combating of cybercrimes requires prompt discovery, safe custody and present in acceptable form in a court, as the number of criminals uses computers, laptops, network servers and cellular phones in commission of their crimes is increasing alarmingly. Assessing Electronic Evidence Electronic evidence is mainly information or data of investigative value that is stored on or transmitted by an electronic device6. According to Black's law dictionary, evidence is "any species of proof, or probative matter, legally presented at the trial of an issue, by the act of parties and through the medium of witnesses, records, documents, exhibits, concrete objects, etc. for the purpose of inducing belief in the minds of the court or jury as their contention." As a general rule, "electronic evidence" can be any information created or stored in digital form that is relevant to a case. This includes, but is not limited to, emails, text documents, spreadsheets, images and graphics, database files, deleted files, and data back-ups. Electronic evidence may be located on floppy disks, zip disks, hard drives, tape drives, CD-ROMs or DVDs, as well as portable electronic devices such as PDAs and cellular phones.7 6 7 7
  8. 8. Electronic evidence in criminal and civil proceedings is problematic, any contract which is concluded by affixing electronic signatures is electronic agreement8 and admissible9 in court but presumption10 regarding person cannot be setout. Mindful of emerging new technologies, it is essential to consider the nature and some of the special characteristics of electronic evidence that raise legitimate concerns about its accuracy and authenticity. Now that formal conditions to the admissibility of electronic evidence have been removed11, the increasing complexity and sophistication of rapidly-developing technology necessitates a shift from concerns about exclusion and admissibility subject to overly-technical requirements towards a more precise focus on issues relevant to establishing authenticity and suitable weight for the evidence which it generates. The main characteristic of electronic record12 it about its intangibility and which raise concerns about the accuracy and authenticity, where transient nature of data, difficult to store, copy, create and easy to manipulate and easy to be modified and tampered raise several issues in court about its veracity and even slightest distortion can create problem in investigation and extremely vulnerable to claims, errors and fabrication. 8 Section 84A of the Evidence Act provides for the presumption that a contract has been concluded where the parties' digital signatures are affixed to an electronic record that purports to be an agreement 9 Section 85B of the Evidence Act provides that where a security procedure has been applied to an electronic record at a specific time, the record is deemed to be a secure electronic record from such time until the time of verification. Unless the contrary is proved, the court is to presume that a secure electronic record has not been altered since obtaining secure status. The provisions relating to a secure digital signature are set out in Section 15 of the IT Act. A secure digital signature is a digital signature which, by application of a security procedure agreed by the parties at the time that it was affixed, is: • unique to the subscriber affixing it; • capable of identifying such subscriber; and • created by a means under the exclusive control of the subscriber and linked to the electronic record to which it relates in such a manner that if the electronic record as altered, the digital signature would be invalidated. 10 Under the provisions of Section 88A, it is presumed that an electronic message forwarded by a sender through an electronic mail server to an addressee corresponds with the message fed into the sender's computer for transmission. However, there is no presumption regarding the person who sent the message. This provision presumes only the authenticity of the electronic message and not the sender of the message. 11 Section 65-A, 65-B (Admissibility of Electronic Records) 12 "electronic record" means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche 8
  9. 9. Techno-Legal Prerequisites for Electronic Evidence A. Recognition of Electronic Records The purpose of the various electronic commerce statutes can briefly be stated as creating legal recognition for electronic records, electronic signatures, and electronic contracts and ensuring that the medium in which a record, signature, or contract is created, presented or retained does not affect its legal significance.13 Section 4 sets forth the fundamental premise of the ITA, namely that the medium in which a record, signature, or contract is created, presented or retained does not affect its legal significance because the substantive law governing the underlying transaction may require non-electronic records or signatures. The section achieves its purposes by simply overriding the substantive law on these requirements. The aforementioned section contains two prerequisites before legal recognition may be imparted to electronic records. These prerequisites are: (a) rendered or made available in an electronic form, and (b) accessible to be used for a subsequent reference. The first requirement is fulfilled when the electronic record is within the meaning of section 2(1)(r) of the ITA. The second requirement is satisfied when the record is catalogued or made available. The rationale behind the second requirement is that electronic data is intangible and by its very nature transient, thus it is expedient to require it to be available for future reference. The aforementioned section is in pari materia with a provision of the Uniform Electronic Transactions Act14. It simply mandates that courts recognize the legitimacy of electronic signatures when considering whether the requirement of a signed writing has been met. In the case of Orissa Consumers Association v. Orissa Electricity Regulatory Commission15, the Orissa High Court considered the legal recognition of records as per the ITA and stated that the requirements of publication contained in the Orissa Electricity Regulatory Commission (Terms and Conditions for Determination of Tariff for Retail Sale of Electricity) Regulations, The court noted that the publication of the draft Regulations 13 Henry D. Gabriel, The Fear Of The Unknown: The Need To Provide Special Procedural Protections In International Electronic Commerce, 50 LoY. L. REv. 307, 310 (2004). 14 Uniform Electronic Transactions Act Section 7 (Nat'l Conference of Comm'rs on Unif. State Laws 1999) (U.S.) [hereinafter UETA]. 15 AIR 2005 Ori 11 9
  10. 10. by putting the same in the website of the Commission would be a publication of the draft Regulations within the meaning of Section 23 of the Central General Clauses Act, 1897. B. Recognition Of Digital Signatures Section 5 chooses a technology-based approach promoting a highly regulatory and prescriptive standard, granting functional equivalence only to digital signatures. Section 5 applies the same principle as adopted by the preceding section, granting legal recognition to digital signatures where statutes require when any matter or document requires authentication by affixing a signature. The explanation to the section couches the term "signature” in a plenary context, including its grammatical and cognate expressions. The prerequisites which must be satisfied for the application of the section are: (a) a law should require that information, matter or document shall be signed or bear the signature of a person, (b) a digital signature is affixed in place of such signature, and (c) the digital signature is affixed in a manner prescribed by the central government. Take the illustration of the Bureau of Indian Standards Act, 198616, which provides that the authentication of orders and other instruments issued by the Bureau shall be authenticated by the signature of such officer or officers as may be authorised by the Bureau in this behalf Thus if the Bureau decides to affix a digital signature to its orders the mere factum that the statute from which it derives its power does not expressly provide for affixing a digital signature will not impart any defect to its orders. The draft amendments17, with the objective of technological neutrality, suggest substituting the term "digital" with "electronic". The amendments also make provisions to ensure that the electronic signature affixed is reliable. There is a proposition to add another sub-section, which prescribes the minimum standards of reliability. The proposed standards are: (a) the electronic data in relation to which the Electronic Signature is affixed is linked to the signatory and to no others, (b) the Electronic Signature creation code given is unique to the signatory, and (c) any 16 The Bureau of Indian Standards Act, ch. VII, §36 (1986) (India) available at 17 Expert Committee on Review of the IT Act 2000, Report of the Expert Committee: Full Text (Proposed Aug. 29, 2005), available at [hereinafter Proposed Amendments to IT Act 2000]. 10
  11. 11. alteration to the Electronic Signature or to the electronic data in relation to which the signature is affixed made after the time of signing is detectable. The comments to this sub-section specify that they are being added to define the reliability of Electronic Signatures and to allow only those technologies which conform to those conditions in line with UNICITRAL Model Law of Electronic Commerce. C. Retention Of Electronic Records A record is any documentary material, regardless of physical form, that has the following three characteristics: (a) it is generated or received by [an entity] in connection with transacting its business or is related to its legal obligations, (b) it is retained for any period of time, and (c) necessary to be preserved as legal evidence of the [entity]'s activities or as historical reference18. Records retention is unconcerned with the genesis of records, but takes up matters after creation. Records retention principally concerns the retention period: that is, the duration of a record's life.19 Records retention has various objectives which include: (a) maintaining an institutional policy memory, (b) enhancing the body of knowledge in a factual and scientific sense, (c) maintaining official records for possible use as evidence in legal proceedings, (d) promoting efficiency and effectiveness of agency operations, and (d) increasing the return on investment from information in government records which has long-term value.20 Governments and business are increasingly relying upon electronic records. One of the benefits of electronic records is that archiving them is much more economical than paper. A minimum standard of records retention is especially important with respect to electronic data since its being intangible renders it highly susceptible to a partial or complete loss of accessibility, integrity or/and identification. For example, if data is stored on a Compact Disk Read Only Memory (CDROM) the reliability and storage life expectancy of the storage media is secure for at least three to five years, with some estimates reaching as high as twenty 18 PHYLLIS M. LYBARGER, RECORDS RETENTION SCHEDULING 1 (1980). Richard J. Peltz, Arkansas's Public Records Retention Program: Finding The FOIA S Absent Partner, 28 U. ARK. LITTLE ROCK L. REV. 175, 180 (2006). 20 Henry H. Perritt, Jr., Electronic Records Management & Archives, 53 U. PITT. L. REv. 963, 965 (1992). 19 11
  12. 12. years. Thus it becomes expedient to have minimum policy standards for the retention of electronic records. The ITA under section 7 sets forth the basic rules regarding the retention of electronic records. It applies to the retention of records that originally exist in electronic form, as well as to the electronic retention of records that originally exist in paper form or on other tangible media. The section does not prescribe for any specified period for retention of an electronic record but provides minimum standards for records retention "when any law provides that documents, records or information shall be retained for any specific period". These minimum standards are contained in section 7(1) and relate to: 1. Accessibility - Records retention in archives is ineffective unless the archived records can be accessed. The technical issues with legal implications relating to accessibility include ease of alteration and physical deterioration. Thus section 7(1)(a) provides for making records, "accessible so as to be usable for a subsequent reference". 2. Format Integrity -The integrity of the format in which the information was originally generated is important because changes in format can affect the material characteristics of the record. With several versions of software available for performing the same task, section 7(1)(b) prescribes that, even if there is a change in format, the electronic record shall be "in a format which can be demonstrated to represent accurately the information originally generated, sent or received". 3. Identification - It is imperative that any form of record retention must enable identification. Thus section 7(1)(c) provides for, "the details which will facilitate the identification of the origin, destination, date and time of dispatch or receipt of such electronic record are available in the electronic record." Electronic Evidence: Admissibility The issue to be addressed is “Relevance”, “authenticity”, “hearsay”, “original or “duplicate”, “unfair prejudice” in context with electronic stored information (ESI). In Lorraine21 has been heralded as "an excellent guide to an important aspect of the care that may be or become necessary when parties attempt to offer electronic information 21 Lorraine v. Markel, 241 F.R.D. 534, 537-38 (D. Md. 2007) 12
  13. 13. into evidence." The case exposes the less-than-acceptable standard of care that at least part of the legal community is exercising concerning the admission of electronic evidence. The question in the case was that the parties wanted the court to answer was whether the arbitrator exceeded his authority by awarding less than the full amount of a potentially “all or nothing” arbitration agreement, as the parties had negotiated by e-mail. The court, however, dismissed each party's motions and refused to answer this question because both parties failed to authenticate as electronic evidence the email they submitted with their motions. The Lorraine court first delineated the basic rules for the admissibility of all types of electronic evidence, explaining that the evidence must be: 1) relevant; (2) authenticated; (3) allowable under the hearsay rules; (4) allowable under the original writing (best evidence) rule; and (5) the probative value of such evidence cannot be outweighed by any unfair prejudice. The admissibility issues are important to be analysed to understand the scope of electronic evidence as Relevancy refers to when one fact is said to be relevant to another when one is connected to another in such a way which has a direct bearing on the fact in issue in terms of proved or disproved facts of the case in any of the way as provided in sec-5-55 of evidence act. Relevant thing or fact make the tendency of other things either so probable or less probable, however question whether evidence is sufficient to prove a point is different. In case of electronic evidence, material are of high quantity, gathering lot of information & to set the relevancy about existence or nonexistence of other data, either occur in same transaction or other, what the cause or effect of other data, facts or information which are necessary to explain other data which are difficult in case of information gathering of electronic data. For example: Mr X. is a business man owing mobile which is password protect, get an email during business transaction, which he replied about not performing the contract but email was hacked or lost due to any error, while other party uninformed believes and continue with the terms of contract. In this case other party filed a suit for compensation for performing their part of contract, but in the court Mr X. submit their documents related to electronic transaction, in further inquiry they come to know that email was lost, such information may be relevant, however if the email was lost it is difficult to track and evidence gathering is impossible. 13
  14. 14. Electronic records are extremely susceptible to tampering, hiding, or destruction, images, soft copies, or other documents can be hidden, people with criminal mentality or try to conceal, sometimes change the extension of files, power failure of system is the main cause of loss of data, even in case of malicious attack, virus, malware etc. multiple copies are created and slow down the process. However, with new hardware/software application, data operated in different form where they cannot be read, understood or used with the risk of alteration and manipulation. What happen in case of someone accidently click some sites or links or popups etc. in that case also your IP address get tracked and in such case prosecution has evidence to prove that you tracked or clicked on that website, however in rebut one can always say that there is no evidence that he was using that computer but that depends on case to case. However representation of data is also an issue, where software convert set of data into logical form and constructs them in a format that appears to indicate the file is a complete entity. The file does not exist as it claims to exist on the screen and, in the same way, the individual components of the ‘file’ are not guaranteed to be preserved in the manner that will enable the file to be reconstructed over time.22 However electronic data operating in computer even if misplaced, deleted or corrupted, at least its information embedded in the text or properties in the form of metadata which may reveal details like title of documents, date of its creation, location, any changes in the documents etc. are saved in the computer by which analyst can found the relevancy of documents. Metadata associated with computer programs, software’s etc. are an important source for authentication but due to fast changing technology where such information can be embedded easily, court simply cannot reply on the metadata for such relevancy and it is necessary on the counsel to use different means to establish the facts. Best evidence rule here the expression best is used in relative context, deals with the nature or character of particular evidence, which is considered for the purpose of arriving at rational conclusion. Authentication refers to establishing facts like testimony of witness, expert witness with specimens report, distinctive characteristic like appearance, content, substance, 22 pg 25 14
  15. 15. pattern, public records, self-authentication where electronic document carrying electronic or digital signature. In "Spy v. Spy" a woman who lost custody of her children in part because of some horrifying e-mails she supposedly sent to her husband. She denied sending the e-mails. A forensics exam of the ex-husband’s computer revealed the test message he had set up to “spoof" his ex-wife by inserting her address as the sender in e-mails that he was actually writing and sending to himself. After receiving evidence of the husband's fraud on the court, the judge awarded custody to the mother. This shows authentication of email or electronic evidence is not possible i.e. who has actually send those email, at least identification of device is possible. Admissibility refers to any proposed facts which is admissible in the court of law, sec136 evidence act empowers judges to decide as to the admissibility of evidence produced before them. In US, courts have indicated that computer records generally be admitted as business records if they were kept pursuant to a routine procedure for motives that tend to assure their accuracy23. The second rule of evidence of computer records is based on the assumption that they are hearsay evidence24 that when a computer record contains assertions of a person, whether or not processed by a computer and is present before the court to prove the matter of fact, then such a record is hearsay evidence. There are many log files generate by computer and there are not mere hearsay but concrete evidence of a process or a situation. 25 It is necessary to define minimum standard for admitting and authenticating electronic evidence. 23 United states v. Salgado, 250 F.3d 438, 452 (6th Circuit 2001) 24 In R. v. Mapara (2005), 251 D.L.R. (4th) 385 at para. 15, [2005] I S.C.R. 358. 349 W.A.C. I. 2009] , the Supreme Court further discussed the principled approach: The principled approach to the admission of hearsay evidence which has emerged in this Court over the past two decades attempts to introduce a measure of flexibility into the hearsay rule to avoid these negative outcomes. Based on the Starr decision, the following framework emerges for considering the admissibility of hearsay evidence: (a) Hearsay evidence is presumptively inadmissible unless it falls under an exception to the hearsay rule. The traditional exceptions to the hearsay rule remain presumptively in place. (b) A hearsay exception can be challenged to determine whether it is supported by indicia of necessity and reliability, required by the principled approach. The exception can be modified as necessary to bring it into compliance. (c) In "rare cases", evidence falling within an existing exception may be excluded because the indicia of necessity and reliability are lacking in the particular circumstances of the case. (d) If hearsay evidence does not fall under a hearsay exception, it may still be admitted if indicia of reliability and necessity are established on a voir dire. 25 People v. Holowko, 486 N.E. 2d 877, 878-79 15
  16. 16. Judicial decision is varied and mostly depend on case to case basis. In Daubert v. Merrell Dow Pharmaceuticals, Inc.26 decision describes a four-pronged test to determine whether science-derived evidence is admissible in U.S. Federal Court. The Daubert test applies to any scientific procedure used to prepare or uncover evidence and comprises the following four factors (Daubert, 1993): • Testing: Can and has the scientific procedure been independently tested? • Publication: Has the scientific procedure been published and subject to peer review? • Error rate: Is there a known error rate, or potential to know the error rate, associated with the use of this scientific procedure? • Acceptance: Is the scientific procedure generally accepted by the relevant scientific community? In St. Luke’s Cataract & Laser Institute, P.A. v. Sanderson27, where the proponent failed to authenticate printouts of websites obtained from Internet Archive because affiants lacked personal knowledge of contents of Internet Archive’s website and process, and in Sun Protection Factory, Inc. v. Tender Corp.28, where the proponent failed to authenticate printouts of websites because affiant’s statements were hearsay and websites are not self-authenticating. In Telewizja Polska USA, Inc. v. EchoStar Satellite Corp.29, in which the Court admitted a website obtained from an Internet Archive based on affidavit from administrative director for Internet Archive. In State of Maharashtra v Dr Praful B Desai30 involved the question of whether a witness can be examined by means of a video conference. The Supreme Court observed that video conferencing is an advancement of science and technology which permits seeing, hearing and talking with someone who is not physically present with the same facility and ease as if they were physically present. The legal requirement for the presence of the witness does not mean actual physical presence. The court allowed the examination of a witness through video conferencing and concluded that there is no reason why the examination of a witness by video conferencing should not be an essential part of electronic evidence. Admissibility of intercepted telephone calls is 26 509 U.S. 579 (1993) 2006 WL 1320242, at *2 (M.D. Fla. 2006) 28 2005 WL 2484710, at *6 (M.D. Fla. 2005) 29 2004 WL 2367740 (N.D. Ill. 2004) 30 AIR 2003 SC 2053 27 16
  17. 17. another issue which court held that if witness is acquainted with the technology then such a fact is a relevant fact & it is admissible.31 Unfair prejudice, another issue a matter of concern, what if the data is the hand of an advocate or professional in the professional capacity where data extraction is difficult due to privileges32 or it may subject to data protection where no professional be obliged at any time be permitted unless with his client's express consent to disclose any communication made to him in the course and for the purpose of his employment as such as attorney , by or on behalf of his client, or to state the contents or condition of any document with which he has become acquainted in the course and for the purpose of his professional employment or to disclose any advice given by him to his client in the course and for the purpose of such employment. Such privilege communication if any taken place in electronic form, such material many be relevant to the fact in issue but is inadmissible in the court. Cloud Computing With the advent of new and advanced technology, it become difficult for legal system to recognise the legal issues involved in accessing such technology. Cloud computing as the name suggest any service provided online and operated by a third party" or "services that are controlled by third-parties and accessed over the Internet." That means everything from webmail (Hotmail, Gmail etc.) to online data storage to software as a service (SaaS), e.g. Salesforce.com33. There are several legal issues 31 State (NCT of Delhi) v Navjot Sandhu AIR 2005 SC 3820 was an appeal against conviction following the attack on Parliament on December 13 2001, in which five heavily armed persons entered the Parliament House Complex and killed nine people, including eight security personnel and one gardener, and injured 16 people, including 13 security men. This case dealt with the proof and admissibility of mobile telephone call records. While considering the appeal against the accused for attacking Parliament, a submission was made on behalf of the accused that no reliance could be placed on the mobile telephone call records, because the prosecution had failed to produce the relevant certificate under Section 65B(4) of the Evidence Act. The Supreme Court concluded that a cross-examination of the competent witness acquainted with the functioning of the computer during the relevant time and the manner in which the printouts of the call records were taken was sufficient to prove the call records 32 Sec – 126, 127, 128 Evidence act, 1872 : Professional communication 33 17
  18. 18. involved in cloud computing service like who owns the data that is collected, generated & processed by the service, legal requirement for encrypted data, jurisdictional problem as service may be provided cross border, consumer rights, what might be the essential disclosure, in relation to admissibility in court how court might interpret the criteria of standard disclosure, about the integrity & completeness of documents be proved. As multiple layers of data34 are generated which are managed by cloud provider & such electronic stored information may not be in possession or control of litigant. The Williams v. Sprint/United Management Co.35 court held that “the producing party should produce the electronic documents with their metadata intact.” A party may move for a protective order when asked to produce metadata if it is “not reasonably accessible” and will result in “undue burden and cost.” As common metadata may be readily accessible without undue burden or cost because it is stored in a common repository, yet its discovery may harm other clients. However parties has always an opportunity to seek injunction to protect metadata from disclosure otherwise the discovery will reveal the common metadata disclosing third parties information which may violate privacy laws. See “Electronic Discovery in the Cloud” The data layers may include client-specific data, clientspecific metadata, and metadata common to several clients, which may be unique to an application, generated by multiple clients, or stored in a shared repository. Common metadata may be maintained in repositories shared between clients, which makes it a “major problem” to “isolate [that] data and maintain the security.” Therefore, that data may not be in the custody or control of a litigant, and thus not subject to discovery. Consequently, applying the Rules to a Cloud may create liabilities for clients of a Cloud and loopholes for litigants possession. 35 230 F.R.D. 640 (D. Kan. 2005). 34 18
  19. 19. Conclusion With the rapid growth of computers, influence of information technology & ability to store information in electronic form, required law to be amended which allows admissibility of electronic records because of the characteristic of evidence - its volume, durability, transient nature, and ease of transmission and manipulation by users-make it a critical source of information. But when you convert an electronic document to paper, you lose valuable information found within its metadata, the evidence from its "best evidence" original form into a version that might need secondary evidence to justify its admission. Further, the metadata attached to electronic documents, besides being potentially relevant to the case, is extremely useful for sorting and organizing electronic evidence. Accompanying this rise is a steadily increasing amount of information in electronic form. Lawyers should be aware of these changes and be prepared to adjust their discovery practices, as well as their courtroom procedures for admitting evidence. Moreover, attorneys should advise their clients of the potential dangers of electronically stored data so that preventative policies may be enacted. 19
  20. 20. Bibliography Statue:   The Indian Evidence Act, 1872 The IT Act, 2000 Books:   Law of cyber-crimes and information technology law, S V Joga Rao, First edition, 2004 Legal issues in electronic commerce, T. Ramappa, 2003 Journal:   Susan E. Davis, Elementary Discovery, My Dear Watson, CAL. LAW., Mar. 1996, at 53, 53 Anthony J. Dreyer, Note, When The Postman Beeps Twice: The Admissibility of Electronic Mail Under The Business Records Exception of The Federal Rules of Evidence, 64 FORDHAM L. REV. 2285, 2289 (1996) Article:      Cases:           United states v. Salgado, 250 F.3d 438, 452 (6th Circuit 2001) Daubert v. Merrell Dow Pharmaceuticals, Inc. 509 U.S. 579 (1993) People v. Holowko, 486 N.E. 2d 877, 878-79 St. Luke’s Cataract & Laser Institute, P.A. v. Sanderson 2006 WL 1320242, at *2 (M.D. Fla. 2006) R. v. Mapara (2005), 251 D.L.R. (4th) 385 Sun Protection Factory, Inc. v. Tender Corp 2005 WL 2484710, at *6 (M.D. Fla. 2005) Telewizja Polska USA, Inc. v. EchoStar Satellite Corp 2004 WL 2367740 (N.D. Ill. 2004) State of Maharashtra v Dr Praful B Desai AIR 2003 SC 2053 State (NCT of Delhi) v Navjot Sandhu AIR 2005 SC Williams v. Sprint/United Management Co. 230 F.R.D. 640 (D. Kan. 2005). 20