By One year into the implementation of the Bharatiya Sakshya Adhiniyam (BSA), 2023, the Indian legal system has fully embraced a new, more stringent framework for digital evidence. For legal practitioners and litigants alike, understanding the nuances of submitting communications like WhatsApp chats is no longer optional—it’s critical. This guide breaks down the most pivotal requirement: the mandatory dual-signature certificate under Section 63, providing a clear roadmap to ensuring your digital evidence is admissible and defensible in court in 2025.
BHARATIYA SAKSHYA ADHINIYAM, 2023
Admissibility of WhatsApp Chats: A Practitioner's Guide to the Section 63 Certificate
Navigating the new, technology-focused evidence framework in India.
The New Legal Framework
The enactment of the Bharatiya Sakshya Adhiniyam, 2023 (BSA), effective July 1, 2024, repeals the 150-year-old Indian Evidence Act. This overhaul modernizes India's evidence rules for the digital age, addressing challenges posed by electronic records like WhatsApp chats.
Key Doctrinal Changes
The BSA elevates electronic records to mainstream evidence. The definition of "document" in Section 2(1)(d) now explicitly includes "electronic and digital records," with illustrations like emails, server logs, and messages on smartphones. This codifies what was previously established through judicial interpretation.
Section 61, BSA: "Nothing in this Adhiniyam shall apply to deny the admissibility of an electronic or digital record...on the ground that it is an electronic or digital record..."
Comparative Analysis: IEA Section 65B vs. BSA Section 63
Section 63 of the BSA replaces and significantly modifies its predecessor, Section 65B of the IEA, introducing a more rigorous framework for admitting electronic evidence.
| Feature | Indian Evidence Act, 1872 (Section 65B) | Bharatiya Sakshya Adhiniyam, 2023 (Section 63) |
|---|---|---|
| Governing Section | Section 65B | Section 63 |
| Scope of Devices | Primarily "computer". | "Computer or any communication device"; includes "semiconductor memory". |
| Certificate Format | No prescribed format; typically an affidavit. | Mandatory, prescribed two-part format in the Schedule. |
| Signatory Requirement | Single signature from a "person occupying a responsible official position". | Dual signatures required: one from the "person in charge" and one from "an expert". |
| Processing by Intermediaries | Not explicitly mentioned. | Explicitly recognized under Section 63(3)(e). |
| Submission Timing | Generally required for admissibility. | Certificate "shall be submitted along with the electronic record at each instance". |
Forensic Examination of Section 63
Section 63(2) establishes four pillars for admissibility, carried over from the IEA but now applicable to a broader range of devices. These conditions ensure the reliability and integrity of the electronic record.
The New Dual-Signature Certificate Process
Part A: Party's Declaration
Signed by the person in charge of the device. Affirms device control, proper operation, and faithful reproduction of data.
Part B: Expert's Attestation
Signed by a digital forensics expert. Independently verifies device details and, crucially, the evidence's hash value.
This dual-signature process creates a self-contained evidentiary packet, combining a lay declaration with independent technical verification.
The Intermediary Paradox
Section 63(3)(e) of the BSA is a crucial update, acknowledging that data like WhatsApp messages pass through servers managed by third-party intermediaries (e.g., Meta). While the law now recognizes this reality, it creates a practical paradox. The certificate requires a signature from the "person in charge of the...management of the relevant activities," which, for transmission and storage, would be the intermediary.
It is practically impossible for an ordinary litigant to obtain a signed certificate from a designated "person in charge" at a multinational corporation like Meta. Courts will likely need to adopt a pragmatic interpretation, focusing the certification on the device that produced the final evidentiary output (the smartphone), with the expert's report explaining why the intermediary's role does not compromise the data's integrity.
Engaging the "Expert"
The BSA mandates an "expert" co-signature but doesn't define the term. This allows litigants to engage private digital forensics professionals, but also opens a new ground for challenging evidence: the expert's own credentials.
Who Qualifies as an "Expert"?
The Act distinguishes between the "expert" required for the Section 63 certificate and an "Examiner of Electronic Evidence" (typically from a government lab) mentioned in the IT Act. For the certificate, litigants can engage private professionals. However, the opposing counsel can challenge their credibility through a voir dire (a preliminary examination of competency). Therefore, selecting a well-qualified expert is a critical tactical decision.
Essential Qualifications for an Expert
Formal Education
Degree in Computer Science, Cybersecurity, or Digital Forensics.
Certifications
Industry-recognized credentials like CHFI, GCFA, EnCE, or CCPA.
Practical Experience
Hands-on experience in forensic data acquisition and analysis.
Legal Knowledge
Understanding of BSA, chain of custody, and court procedures.
A Step-by-Step Protocol for Submission
Successfully submitting WhatsApp chats requires a meticulous protocol to ensure admissibility. Simple screenshots are no longer sufficient.
Step 1: Preservation and Extraction
The foundational step is to preserve and extract the chat data in a forensically sound manner. The choice of method is crucial for defensibility.
Gold Standard: Forensic Imaging
An expert creates a bit-for-bit copy of the device's entire memory using a write-blocker and specialized software (e.g., Cellebrite, FTK Imager). This captures all data, including deleted items and metadata, providing the most complete and unaltered evidence.
Acceptable Alternative: Logical Extraction
Using WhatsApp's built-in "Export Chat" feature under expert supervision. This creates a .txt file and media folders. While less comprehensive, it is a recognized method if the process is meticulously documented (ideally video-recorded) to maintain the chain of custody.
Step 2: The Final Evidentiary Package
The complete package submitted to the court should be meticulously assembled to meet all requirements of Section 63.
Assembling the Evidentiary Package
Printout
Physical copy of chats for easy reference.
Digital File
.txt or forensic image on a CD/Pen Drive.
Section 63 Certificate
Original, dual-signed document.
Hash Report
Expert's signed report verifying the hash value.
Hash Value Integrity: The Technical Bedrock
A cryptographic hash function creates a unique "digital fingerprint" for a file. If even a single bit of the file changes, the hash value changes completely. This is the cornerstone of proving evidence integrity.
Best Practice: For all new evidence, SHA-256 should be the default and strongly preferred algorithm. Using weaker algorithms like MD5 or SHA-1 opens the door to challenges regarding reliability.
The Hashing Paradox: Original vs. Evidentiary Copy
A subtle legal nuance arises: does the law require the hash of the data on the original device or the hash of the evidentiary copy submitted to the court? While hashing the original source is ideal (achievable with a forensic image), it is the hash of the copy that directly proves the integrity of the item before the court.
To resolve this, the expert's report should ideally document both: the hash of the original source storage (if imaged) and the hash of the specific evidentiary file extracted from it, confirming they are consistent.
Fortifying Your Evidence: Anticipating and Countering Challenges
The BSA's stringent requirements create new avenues for challenging electronic evidence. Practitioners must be prepared to attack an opponent's submission and defend their own.
The Rise of "Negative Evidence"
The complexity of the Section 63 process creates fertile ground for "negative evidence"—where an expert is engaged not to present new facts, but to demonstrate the procedural and technical flaws in the other side's digital evidence submission. This tactical use of experts to attack the foundation of evidence, rather than its content, is set to become a common feature in litigation.
Common Grounds for Challenge
Procedural Non-Compliance
Incomplete, incorrect, or missing certificate. Improper signatories.
Defective Expert Credentials
Expert lacks qualifications, experience, or is biased.
Broken Chain of Integrity
Unexplained hash mismatch, weak algorithm (MD5), or poor documentation.
Allegations of Tampering
Claim that chats were altered *before* extraction, requiring expert analysis to prove.
Improper Collection
Evidence obtained illegally (e.g., hacking), diminishing its weight.
Lack of Relevance
The chats, even if authenticated, are not relevant to the case.
Conclusion: The Road Ahead
The BSA represents a monumental and necessary evolution of India's evidence law. However, its implementation will face practical challenges that will shape future jurisprudence.
Cost and Accessibility
The mandatory cost of experts may create a "justice gap," where well-resourced litigants have an advantage, potentially risking the exclusion of vital evidence for others.
Judicial Training
The efficacy of the new law hinges on the capacity of the judiciary to understand and adjudicate complex technical issues, necessitating widespread and continuous training.
Pace of Technology
The law will constantly be playing catch-up. The rise of deepfakes, ephemeral messages, and new encryption will require agile judicial interpretation to address new realities.
Practitioner's Interactive Checklist
Use the filters below to navigate the step-by-step process for submitting WhatsApp evidence under BSA Section 63.
Isolate the Device
Secure the smartphone. Do not use it after identification to prevent data alteration.
Engage an Expert
Identify and engage a qualified digital forensics expert. Vet their credentials thoroughly.
Choose Extraction Method
Prefer a full forensic image. If not feasible, use "Export Chat" under expert supervision.
Document the Process
Create a detailed log of the extraction (date, time, tools, persons). This is your chain of custody.
Calculate Initial Hash
Immediately calculate the SHA-256 hash of the evidentiary file(s) and record it securely.
Complete Part A
The party fills out Part A of the certificate, ensuring 100% accuracy (especially IMEI).
Expert Verification & Part B
Expert independently verifies device details, matches the hash, and completes/signs Part B.
Prepare Hash Report
Expert prepares a formal, signed hash report to be enclosed with the certificate.
Assemble the Package
Collate the final package: Printout, Digital File, Certificate, and Hash Report.
Tender to Court
Submit the complete package "at each instance" the evidence is relied upon.
