Tech Savvy Evidence System: Step by Step Guide to Extract Hash Function Value from Electronic Evidence

Bharatiya Sakshya Adhiniyam, 2023 (BSA) replaces the Evidence Act, 1872, and brings about changes in the procedure for the filling of electronic evidence as the increasing importance of technological devices and software in every field has also affected the justice delivery system heavily. To effectively infuse technology into our justice system, the new Criminal Laws brings about a new system for the admission of electronic evidence, replacing the outdated system mentioned under Section 65B of the old Evidence Act.

Recently, the Hon’ble Delhi High Court, in the case of Dell International Services Private Limited V. Adeel Feroze & ors, held that screenshots of conversations on WhatsApp cannot be admitted as evidence unless it is accompanied by an electronic evidence certificate under Section 65B of the Evidence Act. Now, Section 63 of the BSA governs the admissibility of electronic evidence in courts wherein the format of the certificate under Section 63 has been changed and divided into two parts, where part A concerns basic details to be filled by the person who is filing for evidence.

The technical part arises in Part B which has to be now filled by an ‘Expert’ which has been mentioned under Section 63(4)(c) as “an expert shall be evidence of any matter stated in the certificate." 

This ‘expert’ means any other person with necessary expertise who has to fill in the details of the electronic record. The new procedure under this form is filling in of hash function of the electronic evidence being submitted (as shown below).

The hash function value mentioned under the form Part B is part of the cryptographic value that is enclosed with every electronic document and website to show that data under these electronic records is safe and unaltered. The legislation has added this part to improve the justice delivery system’s efficiency with respect to electronic records and to maintain their reliability and accountability.

Now, extracting this hash function is the technical part which has been introduced in the new act. Below are the step by step procedure to extract the hash function to fulfill the requirements of the form:

1. From any website

a) Open the website from where the hash function needs to be extracted.

b) Click on the lock button appearing on left side of the search bar.

c) Open the connection details from the dialog box.

d) Open the digital certificate of the website.

e) The hash value of the website will appear in the certificate in SHA format which can be copied directly:

2. From any offline file

a) To get the hash value of an offline file download an application from the following website under the name of WINmd5.

b) Open the downloaded file and run the application under the name of WinMD5.

c) Now just drag and drop the file you want to extract the hash value from or select the file from browse menu from file explorer and the MD5 hash value will appear.

Alternatively,

1) To extract hash value in SH256 format of an offline file open Windows Power Shell from start menu:

2) Enter command “Get-FileHash” followed by a space. Drag the downloaded file or installer onto the Windows PowerShell window after the Get-FileHash command and the space. Alternatively, enter the full path to the file or installer in double quotes after the space. And press Enter key.

The technological advancements in the filing procedures for electronic evidence aim to ensure the reliability of such evidence. The incorporation of hash value functions in electronic records helps verify the source of the evidence. However, several challenges arise when dealing with hash functions for electronic evidence:

1. Multiplicity of Documents: One significant issue is the sheer volume of documents that can be presented as electronic evidence. Each document has a unique hash value, and in cases like trademark infringement, hundreds of electronic documents may need to be admitted to court. Extracting, compiling, and verifying hash values for all these documents is a monumental task.

2. Deletion of Evidence: Another challenge occurs when evidence is collected without extracting the hash value, and a notice is sent to the accused party before filing the suit. If the evidence is deleted before the suit is filed, the hash value cannot be extracted from the original source.

3. Verification of Old Evidence: Often, old electronic records are used as evidence, but they may not have an existing original electronic source. For example, in trademark suits where prior use must be established, old photos of electronic use might be essential evidence. However, extracting hash values from these original sources is impossible.

4. Awareness of Technical Procedure: Extracting hash functions is a highly technical process, and awareness of this procedure is crucial, especially within the legal community. Outside of metropolitan areas, the infrastructure needed to ascertain hash functions for electronic evidence is often limited. Therefore, timely upgrades to both infrastructure and knowledge are essential to effectively incorporate this new procedure.

5. Authorization of Experts: This advancement introduces a new step that can only be performed by an “Expert.” However, the provision’s language is vague regarding who qualifies as an “Expert” under this provision and whether court authorization is required to perform this function.

1. Establish Clear Guidelines and Standards: To address the challenges in determining the appropriate hash function value under Section 63(4) of the BSA, it is imperative to establish clear guidelines and standards. This can be achieved through collaboration between regulatory bodies, industry experts, and technology providers. The following steps can be taken:

   • Develop Standardized Hash Functions: Define a set of approved hash functions that meet security, efficiency, and compatibility criteria. This will provide a reference point for all stakeholders and reduce ambiguity in compliance.

   • Regular Updates and Revisions: Ensure that the list of approved hash functions is periodically reviewed and updated in response to emerging threats and advancements in cryptography.

2. Enhance Awareness and Training: A significant challenge is the lack of understanding and expertise among stakeholders regarding hash functions and their implementation. To mitigate this, initiatives should be undertaken such as educational programs which develop training modules and workshops to educate software developers, legal professionals, and compliance officers on the importance and implementation of hash functions.

3. Guidance Documentation: Publish comprehensive documentation that explains the requirements, best practices, and common pitfalls related to hash functions under Section 63(4) of the BSA.

4. Technological solutions to simplify the process of ascertaining and verifying hash function values. This can include automated compliance tools, development of software tools that automatically generate and verify hash values according to the approved standards. These tools can help organizations ensure compliance with minimal effort.

The changes brought about by Section 63(4) of the Bharatiya Sakshya Adhiniyam, 2023 are a commendable effort to align India's legal framework with the demands of the digital era. This provision not only enhances the credibility of digital evidence but also places India among the leading countries in adopting comprehensive legal standards for electronic data. As digitalization continues to transform legal landscapes globally, such measures are crucial for ensuring justice and maintaining public trust in the judicial process.

In comparison with other countries, India's approach under Section 63(4) is both progressive and precise. For example, while the United States has established the Federal Rules of Evidence, which allow for the inclusion of digital evidence, they do not mandate specific technical standards such as hash functions. Similarly, in the European Union, while the eIDAS Regulation (Electronic Identification, Authentication and Trust Services) sets standards for electronic signatures, it lacks detailed requirements for digital evidence hashing. The specificity of Section 63(4) in requiring hash functions provides a clear and uniform standard for the admissibility and verification of digital records in India.

About the authors: Vikrant Rana is the Managing Partner of SS Rana & Co. Nihit Nagpal is an Associate Partner at the Firm.

Lakshit Rajdev, Intern at SS Rana & Co. has assisted in the research of this Article.