The Legal Validity of Cloned/Hacked Data as Evidence under IEA and ITA

  1. We live in a world where, for our amusement and necessity, we have converted several things into virtual form, but there are major thing which cannot partake physical things.
  2. We live in data-age, where data is propriety of the person and for all intents and purposes is his private property.
  3. No one is left out from surveying and prying eyes, be it Cyber Criminal or authorities and where virtual things are stolen or hacked or cloned.
  4. I take my learned friends through the nuances of Legal Validity of such hacked/cloned data.
  5. Let's take look at some basic provisions of Information Technology Act [ITA] and Indian Evidence Act[IEA]


2(a) - access with its grammatical variations and cognate expressions means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network;

2(ha) - communication device, means cell phones, personal digital assistance or combination of both or any other device used to communicate, send or transmit any text, video, audio or image;

2(i) - computer means any electronic, magnetic, optical or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network;

2(k) - computer resource means computer, computer system, computer network, data, computer data base or software

2(o) - data means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer;

2(r) - electronic form with reference to information, means any information generated, sent, received or stored in media, magnetic, optical, computer memory, micro film, computer generated micro fiche or similar device

2(t) - electronic record means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche;

2(u) - function, in relation to a computer, includes logic, control, arithmetical process, deletion, storage and retrieval and communication or telecommunication from or within a computer

2(v) - information includes 2[data, message, text,] images, sound, voice, codes, computer programmes, software and data bases or micro film or computer generated micro fiche

2(w) - intermediary, with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes;

2(za) - originator means a person who sends, generates, stores or transmits any electronic message or causes any electronic message to be sent, generated, stored or transmitted to any other person but does not include an intermediary

2(ze) - secure system means computer hardware, software, and procedure that–

(a) are reasonably secure from unauthorised access and misuse;

(b) provide a reasonable level of reliability and correct operation;

(c) are reasonably suited to performing the intended functions; and

(d) adhere to generally accepted security procedures

4. Legal recognition of electronic records.—Where any law provides that information or any other matter shall be in writing or in the typewritten or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is–

(a) rendered or made available in an electronic form; AND

(b) accessible so as to be usable for a subsequent reference


s.61: Proof of contents of documents.—The contents of documents may be proved either by primary or by secondary evidence.


 (a) the computer output containing the information was produced by the computer during the period over which the computer was used regularly to store or process information for the purposes of any activities regularly carried on over that period by the person having lawful control over the use of the computer;

(d) the information contained in the electronic record reproduces or is derived from such information fed into the computer in the ordinary course of the said activities

85B Presumption as to electronic records and electronic signatures —

(1)  In any proceedings involving a secure electronic record, the Court shall presume unless contrary is proved, that the secure electronic record has not been altered since the specific point of time to which the secure status relates

  1. Admittedly in the process of cloning, the 1st computer is used and hacked open with help of 2nd computer, and data is retired by the 2nd computer from the 1st computer and stored in the 2nd Computer. If the owner of the both the computers is not the same, it amounts to stealing of data from owner of 1st computer by the owner of 2nd computer. This itself is an offence under s.65 and other provisions of ITA.
  2. From above it is clear that there are 2 different computers involved in the process of hacking/cloning.
  3. Now, the data which was in 1st computer, is stolen via the 2nd computer and stored on 2nd Computer, and is used as original data with fraudulent purpose, as if its data on the 1st Computer.
  4. There is great chance that the data on the 1st computer doesn’t exist or is deleted or manipulated by the owner of the 2nd computer in the process of hacking/cloning. This is so, given the hi-tech software's used to hack/copy/clone even deleted data, the security of the data on the 1st computer is compromised by the owner of the 2nd Computer.
  5. It need not be mentioned that any ordinary person using his computer in ordinary manner, cannot do such hacking/ cloning of data, whether present or deleted, on others persons computer.
  6. Therefore the hacking/cloning is not legal means of "data/system/source/record" within meaning of ITA.
  7. The cloning if not made by the owner of the 1st Computer, and if made by hackers, would fall flat in face of section 2(r)/(t) of ITA as it is not "generated, sent, received or stored" in the 1st computer; but is acquired by hacker by trespass on the 1st computer device. Further if the intendment is to send/receive/store, only the senders/recipients intendment, is relevant.
  8. The provisions of ITA never intended to include cloning or hacking by 3rd party. In this regard even the intermediary is excluded from using the data. Therefore in case of emails, texts, and messages; even the "application owner" is also excluded from using of data. So if the intermediary 3rd party is excluded; the use of data by hackers is clearly beyond the scope of the ITA or IEA. Thus reliance on the cloned data by hacker is illegal for any purpose whatsoever.
  9. The data which is recognized by section 65B must be such data, from the computer from which it is generated, and subjected to proof, and which can at any point of time be generable/producible, from the very computer where the data is, and not otherwise.
  10. If a data is "altered" in the 1st computer by whatever means, it cannot be used for any purpose. Therefore to rely on a hacked data on 2nd computer is farfetched to relate, or relevant, to, the 1st computer or data thereon.  
  11. Further there are 2 other prongs of alteration within meaning of  section 85B, (a) the alteration is been done by the 2nd computer the moment the data is hacked/cloned in the form in which is not on the 1st computer (b) the data which is available on the 2nd computer doesn’t match with data on the 1st computer or is not available on 1st computer. This assumes further importance, because in cases where data on the 2nd computer is relied as data on 1st computer; in the absence of data on the 1st computer, the data 2nd computer fails all tests of even weak relevancy.   
  12. The data so hacked/cloned/stolen/manipulated is in the 2nd computer and therefore the source of the data is that of the owner of the 2nd computer and not the 1st computer.
  13. By virtue of section 4 of the ITA, because the data is available on 2nd computer [and data on the 1st computer may have been manipulated/erased], and since the question of data on 1st computer is not intended to be proved but only the data on the 2nd computer is sought to be proved, the data on the 2nd computer cannot be used for any purpose.
  14. Therefore if the data is to be proved, the data on the 2nd computer alone can be proved and not the data on the 1st computer, as it violates several provisions of "secure data". And any intent to prove data on 2nd computer as data on 1st computer is nothing short of further manipulation or lack of cognition faculty. Here the principle of primary evidence as stated hereafter is applicable strictly and not beyond the data on 2nd computer, and of course not to legitimize the illegal source of data, as it would amount to decriminalization of ITA and lawlessness.
  15. The data and the 2nd computer has to strictly comply with secured record under section 14 ITA and section 65B of IEA, absent which it cannot be considered for any purpose.
  16. Apart of that, only [a] data [b] from the original source -> can be proved. So the data on 2nd computer cannot be proved as data on 1st computer, directly or indirectly and violate the rules of relevance, admissibility to bring in arbitrariness wheresoever.
  17. By virtue of specific provision of section 65B r/w 85B, the "data and the computer of only the 1st computer" is allowed and not the "cloned data on 2nd Computer". Doing this would be clear case of proof of "2nd computer and data", and not the "1st computer or data". Further as applied to electronic data, the provisions of secondary evidence are not applicable, nor is it possible because the provisions of s/65 of IEA would have to be the strictly construed against the "data on the 2nd Computer" vis-à-vis the "data on the 1st computer".
  18. Further by virtue of best evidence rule, the fact that the 1st computer doesn’t have data in "ordinary usage and form" is disproof of "data on the 2nd Computer"
  19. The extent of applicability of 65B rw 85B is limited to the "data 1st on the 1st computer" which has to "exist", and that’s why unless the section 65B(2), and 65B(4)(b) of IEA. In view of this very specific mandate of "output" in s/65B(2), a hacked/cloned data or the second computer is not contemplated.
  20. This is so because certificate under 65B would then be in respect of the data on 2nd Computer and not the 1st Computer or data on 1st computer.
  21. In view of the above it is clear that there is no legal value to hacked/cloned data in court of law, and such hacker or cloner cannot rely/use such ill-gotten and illegal data for whatsoever purpose.


Tags :
Sandeep Kapatkar Online
on 26 September 2020
Published in Criminal Law
Views : 443
Other Articles by - Sandeep Kapatkar
Report Abuse



IPC Grand Course     |    x