CYBER CRIMES NEED EFFECTIVE LAWrajasthanjudicialacademy.nic.in/docs/ArticleCyberLaw.pdf · CYBER CRIMES : NEED EFFECTIVE LAW N. Muddaraju*and Dr. Ramesh** *Research Scholar, Department

CYBER CRIMES : NEED EFFECTIVE LAW N. Muddaraju*and Dr. Ramesh**

*Research Scholar, Department of Studies and Research in Law, Manasagangotri, University of Mysore, Mysore, Karnataka.

**Reader in Law and Guide, Department of Studies and Research in Law, Manasagangotri, University of Mysore, Mysore, Karnataka.

Introduction

Cyber Crime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cyber crime has assumed rather sinister implications.

The first recorded cyber crime took place in the year 1820. That is not surprising considering the fact that the abacus which is thought to be the earliest form of a computer has been around since 3500 B.C. in India, Japan and China. The era of modern computers however began with the analytical engine of Charles Babbage.1

1. Ian J Loyd, Information Technology Law, 3rd Ed Butter Worths, London, 2000.

What is Cyber Crime?

At the onset let us satisfactorily define cyber crime and differentiate it from conventional crime. 166 Computer Crimes can involve criminal activities that are traditional in nature such as theft2, fraud, forgery3, defamation4and mischief5, all of which are subject to the Indian Penal Code, 1860. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.

2. Indian Penal Code, 1860, Sec. 378 and 379 states that Theft and Punishment of Theft.

3. Indian Penal Code, 1860, Sec. 463 and 465 stated Forgery and Punishment of Forgery.

4. Indian Penal Code, 1860, Sec. 499 and 500 stated Defamation and Punishment of Defamation.

5. Indian Penal Code, 1860, Sec. 425 and 426 stated Mischief and Punishment of Mischief.

Defining Cyber Crimes as 'acts that are punishable by the Information Technology Act, 2000.' Would be unsuitable as the Indian Penal Code, 1860. Also covers many Cyber Crimes such as e-mail spoofing and cyber defamation, sending threatening e-mails etc. A simple yet sturdy definition of cyber crime would be 'unlawful acts wherein the computer is either a tool or a target or both'. There are various acts wherein the computer is a tool for an unlawful act. This kind of activity usually involves a modification of a conventional crime by using computers.

Cyber Crime Dimension

Financial Crimes, this would include cheating credit cards frauds, money laundering etc. To cite a recent case, a website offered to sell Alphonso Mangoes at a throwaway price. Distrusting such a transactions, very few people responded to or supplied the website with their credit card numbers. These people were actually sent the Alphonso mangoes. The word about this website now spread like wildfire.

Thousands of people from all over the country responded and ordered mangoes by providing their credit card numbers. The owners of what was later proven to be a bogus website then fled taking the numerous credit card numbers and proceeded to spend huge amounts of money much to the chagrin of the card owners.

Cyber Pornography

This would include pornography website pornographic magniznes produced using computers to publish and print the material and the internet to download and transmit pornographic pictures, photos, writings etc.6

6. Available from http://www.dti.gov. UK/iwfreview/.

Sale of Illegal Articles

This would include sale of narcotics, weapons and wildlife etc., by posting information on websites auction websites and bulletin boards or 167 simply by using e-mail communication. Eg., many of the auction sites even in India are believed to be selling cocaine in the name of honey.

Online Gambling

There are millions of websites all hosted on servers abroad that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering.

Intellectual Property Crimes

These include software piracy, copyright infringement, trademarks violations, theft of computer source code etc.

E-mail Spoofing

A spoofed e-mail is one that appears to originate from one source but actually has been sent from another source. E.g, Bhumika has an e-mail address Bhumika.R@asianlaws. Org. Her enemy sameer spoofs her e-mail and sends obscene messages to all her acquaintances. Since the e-mail appear to have originated from Bhumika her friends could take offence and relationships could be spoiled for life.

Forgery

Counterfeit currency notes, postage and revenue stamps, mark sheets etc. can be forged using sophisticated computers printers and scanners. Outside many colleges across India one finds touts soliciting the sale of fake mark sheets or even certificates. These are made using computers and high quality scanners and printers. In fact this has becoming a booming business involving thousands of rupees being given to student gangs in exchange for these bogus but authentic looking certificates.

Cyber Defamation

This occurs when defamation takes place with the help of computers and or the internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mail containing defamatory information to all of those people's friends.

Cyber Stalking

The Oxford Dictionary defines stalking as 'pursuing stealthily'. Cyber stalking involves following a persons movements across the internet by posting messages sometimes threatening on the bulletin boards frequented by the victim entering the chat-rooms frequented by the victim constantly bombarding the victim with e-mails etc.

Unauthorized Access to Computer System or Networks

This activity is commonly referred to as hacking. The Indian law has however given a different connection to the term hacking so we will not use the term 'unauthorized access' interchangeably with the term hacking.

Data Diddling

This kind of an attack involves altering raw data just before it is processed by a computer and then changing it back after the processing is completed. Electricity Boards in India have been victims to data diddling programs inserted when private

parties were computerizing their systems.

Salami Attacks

These attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program into the bank's servers that deducts a small amount of money say Rs. 5 a month, from the account of every customer. No account holder will probably notice this unauthorized debit but the bank employee will make a sizable amount of money every month.

Virus/Worm Attacks

Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer either by altering or deleting it. Worms unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computers memory. 170 The VBS_LOVELETTER virus better known as the Love ? or the I LOVE YOU virus was reportedly written by a Filipino undergraduate.

Logic Bombs

These are event dependent programs. This implies that these programs are created to do something only when a certain event knows as a trigger event occurs. E.g. even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date like Chernobyl virus.

Trojan Attacks

A Trojan as this program is aptly called is an unauthorized program which functions from inside what seems to be an authorized program thereby concealing what it is actually doing.

Internet Time Theft

This connotes the usage by an unauthorized person of the Internet hours paid for by another person.

Web Jacking

This occurs when someone forcefully takes control of a website by cracking the password and later changing it. The actual owner of the website does not have any more control over what appears on that website.

Theft of Computer System

This type of offence involves the theft of a computer some parts of a computer or a peripheral attached to the computer.

Physically Damaging a Computer System

This crime is committed by physical damaging a computer or its peripherals Vladimir Levin Johan Helsingius, Kevin Mitnick have been the world's famous hackers.

Tools and Techniques of Cyber Crime

Unauthorized Access. Access is defined in Section 2(1) (a) of the Information Technology Act, 2000 as 'gaining entry into instructing or communicating with the logical arithmetical or memory function resources of a computer system or computer network'. Unauthorized access would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer system or computer network. Thus not only would accessing a server by cracking its password authentication system be unauthorized access switching on a computer system without the permission of the person in charge of such a computer system

would also be unauthorized access. Packet sniffing tempest attack password cracking and buffer overflow are common techniques used for unauthorized access7.

7. Computer Related Crime. Recommendation no R (89) 9.

Packet Sniffing

Packet Sniffing is a technology used by crackers and forensics experts alike. To understand Sniffing the need is to first understand the basics of data transmission. It's a known fact that data travels in the form of packets on networks. These packets also referred to as data-grams are of various sizes depending on the net work bandwidth as well as amount of data being carried in the packet in the measure of bytes.

Tempest Attack

Tempest is the ability to monitor electromagnetic emissions from computers in order to reconstruct the data8. This allows remote monitoring of network cables or remotely viewing monitors.

8. I.T. Act, 2000, Sec 2(1) (0) 'Data means a representation of information, Knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalized manner and is intended to be processed is being processed or has been processed in a computer system or computer network and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.

Password Cracking

A password is a type of authentication it is a secret word or phrase that a user must know in order to gain access9.

9. Information Technology Act, 2000, Sec. 2(1) (a) Access, 'with its grammatical variations and cognate expressions means gaining entry into instructing or communicating with the logical arithmetical or memory function resources of a computer system or computer network'.

Buffer Overflow

Also known as buffer overrun input overflow and unchecked buffer overflow this is probably the most common way of breaking into a computer.

It involves input of excessive data into a computer. The excess data over flows into other areas of the hacker to insert executable code along with the input thus enabling the hacker to break into the computer.

Viruses

A computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a possibly evolved copy of it. Note that a program does not have to perform outright damage such as deleting or corrupting files in order to be called a virus.

Generally there are two main classes of viruses. The first class consists of the files infectors which attach themselves to ordinary program files.

Stealth Virus

A stealth virus is one that hides the modifications it has made in the file or boot record usually by monitoring the system functions used by programs to read files or physical blocks from storage media and forging the results of such system functions so that programs which try to read these areas see the original uninfected form of the file instead of the actual infected form. Thus the viral modifications go undetected by anti-viral programs. However in order to do this the virus must be resident in memory when the anti-viral program is executed.

Polymorphic Virus

A polymorphic virus is one that produces varied yet fully operational copies of itself in the hope that virus scanners will not be able to detect all instances of the virus. The

most sophisticated form of polymorphism discovered so far is the MtE 'Mutation Engine' written by the Bulgarian virus writer who calls himself the 'Dark Avenger'

Fast and Slow Infectors

A typical file infector such as the Jerusalem copies itself to memory when a program infected by it is executed and then infects other programs when they are executed.

Sparse Infector

The term sparse infector is sometimes given to a virus that infects only occasionally e.g., every 10th executed file or only files whose lengths fall within a narrow range etc. By infecting less often such viruses try to minimize the probability of being discovered by user.

Companion Virus

A companion virus is one that instead of modifying an existing file creates a new program which is unknown to the user gets executed by the command line interpreter instead of the intended program. On exit the new program executes the original program so things will appear normal. This is done by creating an infected. COM10file with the same name as an existing EXE file. Note that this type of malicious code is not always considered to be a virus since it does not modify existing files.

10. Commission Communication COM (96) 487. Available from http://www. 2. echo. Lu/legal/en/internet/communic. html.

Armored Virus

An armored virus is one that special tricks to make the tracing disassembling and understanding of its code more difficult. A good example is the Whale virus.

Macro Virus

Many applications allow you to create macros. A macro is a series of commands to perform an application-specific task. Those commands can be stored as a series of key stores or in a special macro language.

A macro virus is a virus that propagates through only one type of program usually either Microsoft Word or Microsoft Excel. It can do this because these types of programs contain auto open macros which automatically run when you open a document or a spreadsheet. Along with infecting auto open macros that macro virus infects the global macro template which is executed anytime you run the program.

Thus once your global macro template is infected any file you open after that becomes infected and the virus spreads.

Conclusion

About my conclusion on this article perhaps the most published form of fraud today involves activities conducted over the internet. At in the general field many of the techniques applied are rather basic. The National Criminal Investigation Service in 1999 suggested that in the majority of cases traditional methods of fraud such as misuse of credit cards failure to deliver goods ordered and paid for pyramid selling pump and dump share pushing and get-rich quick schemes have been given a new lease of life on the internet. Although the fear is often expressed that credit cards numbers might be intercepted by hackers in the course of transmission over the internet. Also law commission better to recommend control cyber crimes make better legislation.

Published by AIR Online Software

ELECTRONIC EVIDENCE - ISSUES REGARDING ADMISSIBILITY AND RELIABILITY

Bhavi Sanghvi, IVth Year Student, National Law School of India

University, Bangalore

Introduction

‘Electronic evidence’ can be any information created or stored in digital form whenever a computer is used to accomplish a task and includes information databases, operating systems, applications programs, electronic and voice mail messages and records, and other information or ‘instructions residing in computer memory.’1Businesses and consumers are increasingly using computers to create, transmit and store information in the electronic form instead of the traditional paper documents, as it is cheaper, easier to store, retrieve and faster to communicate.

1. Christine Sgarlata Chung and David Byer, ‘The electronic paper trail: Evidentiary obstacles to discovery and admission of electronic evidence’, 4 B.U.J. Sci. ? Tech. L. 5, p. 8.

http://www.westlaw.com

The Information Technology Act, 2000, and amendments to the Evidence Act, is a step forward by providing for legal recognition of electronic records. It is based on the principle that rules of evidence should not exclude an electronic record solely on that ground or because it is not in its original form.2The IT Act recognizes electronic records as equivalent to paper records and provides for recognition of digital signatures.

2. Article 9, UNCITRAL Model Law on Electronic Commerce, 1996.

http://www.uncitral.org/english/texts/electcom

The researcher seeks to examine how the IT Act deals with the problem of adapting traditional legal rules to changing technology and to evaluate the approach in comparison to the law in England and the United States.

The researcher analyzes four major issues. Firstly, there is the issue of desirability of authentication for admissibility of electronic evidence. The researcher also examines the application of two traditional rules of evidence — the rule against hearsay and the best evidence rule — to electronic evidence. Lastly, the researcher looks at the issue of reliability of electronic evidence. The aim of this article is to analyze issues relating to the admissibility and reliability of electronic evidence under Indian law and offer suggestions for reform of the same.

Authentication and Admissibility of Electronic Evidence

Under the Evidence Act as amended by the IT Act, S. 65B deals with the conditions of admissibility of electronic records. The requirement of authentication of the electronic record is only at the stage of appreciation of evidence, and not for admission. S. 65B (1), which deems an electronic record to be a document, specifically contains the words “without further proof or production of the original”, which excludes the requirement of authenticity at this stage.

The information can be given in the form of an affidavit according to the terms of S. 65B(4). Evidence that forms a condition precedent to the evidence being adduced is referred to as ‘foundation evidence’3and does not include any requirement of authentication. All forms of electronic evidence are made admissible if they comply with S. 65B, however, in the process of appreciation, security and authentication procedures are considered.

3. Na. Vijayshankar, Cyber Laws, Ujwala Consultants Pvt. ltd., Bangalore, 1999, p. 20. S. 65B stipulates that a person seeking to introduce the electronic record as evidence will have to establish that the data was entered in the ordinary course of usage of the computer, the electronic record has been taken out in the ordinary course of usage of the computer, such taking out of the electronic record is by a person who is lawfully using the computer, the computer was functioning properly, or the improper functioning has had no effect on the electronic record, and the information in the record merely reproduces what was entered into or created on the computer.

In England computer-generated evidence requires a certification as to the authenticity of the evidence. To admit evidence from a computer there must be no reasonable grounds for believing that the statement is inaccurate because of improper use of the computer and the computer must have been operating properly at all material times or at least must have not affected the production of the document or the accuracy of its contents.4For the certificate, either oral evidence can be called or a written certificate according to the Police and Criminal Evidence Act, 1984 can be given.5In R. v. Shephard6it was held that ‘if the prosecution wishes to rely on a document produced by a computer, they must comply with S. 69 in all cases’. Evidence of a fact generated by a computer must meet the criteria of S. 69.

4. S. 69 of the Police and Criminal Evidence Act, 1984. The burden of S. 69 depends on the circumstances of the case; in most instances it will be possible to discharge the burden by calling a witness familiar with the operation of a computer rather than calling an expert.

5. lord Hailsham, Halsburys Laws of England, Vol. 11 (2), 4th Ed. Reissue, Butterworths, London, 1992, Para 1158.

6. (1993) 1 All ER 225. Mrs. Shephard was alleged to have stolen items from a shop which had unique product codes for every item, which were on a till roll on the central computer and the issue was whether this evidence would satisfy S. 69.

In practice, almost all evidence will be required to comply with S. 69, including logs stored on computers, data or programs.7The problems with certification are that prosecutions would have to prove continuity of evidence — i.e. the line of access from the hackers own computer to the victims and any discontinuity might raise reasonable doubt. Also, hackers will often log on under different identities.8

7. Clive Gringas, The Laws of the Internet, Butterworths, London, 1997, Pp. 233, 234.

8. Devashish Krishnan, ‘Internet Evidence and the Indian Legal Regime’, in, Law Relating to Computers, Internet and E-commerce-A Guide to Cyberlaws, (Nandan Kamath, Ed.), Universal Law Pub. Co. Pvt. Ltd., New Delhi, 2000, P. 61.

The Law Commission in England has recommended9that S. 69 is unsatisfactory because advances in computer technology make it difficult to comply with it and it is impractical to examine all the intricacies of computer operation and these pre-conditions and certification should not be threshold requirements.

9. Consultation Paper No. 138, Paras 2.14-2.19, 7.42-7.50, cf, Peter Sommer, ‘Digital Footprints: Assessing Computer Evidence’, in, The Criminal Law Review, (Prof. Clive Walker, Ed.), Sweet and Maxwell Ltd., London,1998, Pp. 61, 62.

The US Federal Rules of Evidence provide that the evidence adduced must be sufficient to support a finding that the computer record is what its proponent claims it is, and the only requirement is that he should have first hand knowledge of the information to which he is testifying.10

10. Fed. R. Evid, 901 (a), in, ‘Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations’, Computer Crime and Intellectual Property Section, Criminal Division, United States Department of Justice, July 2002.

http://www.usdoj.gov/criminal. cyber-crime.sandsmanual2002.pdf

Therefore on examination of the position in other jurisdictions, the researcher is of the opinion that the current law is more viable in practice. There should be no requirement of authentication at the stage of admission, to avoid the difficulties faced by the prosecution as seen in England.

Rule against Hearsay and Electronic Evidence

The rule against hearsay is that evidence of a statement made to a witness by a person who is not himself called as a witness is inadmissible when the object of the evidence is to establish the truth of what is contained in the statement, it is admissible when it is proposed to establish the fact that it was made.11

11. Sir Rupert Cross and Colin Tapper, Cross on Evidence, 6th ed., Butterworths, London, 1985, P. 87.

Documentary evidence is also an out of Court statement in the sense that a person with the knowledge creates the document that is then offered as evidence12and hence the rule against hearsay would apply. In electronic evidence, for example, if ‘X’ company orders 1000 liters of orange juice from ‘Y’ company through email, ‘Y’ company cannot by that email prove that it had been asked for 1000 liters, as that would be testing the veracity of the material. However, ‘Y’ company can use it to prove that ‘X’ company had indeed sent that email, and it would not be hearsay. Thus electronic records cannot be admitted as proof of their contents because of the rule against hearsay.

12. For example, See Myers v. DPP, (1964) 2 All ER 881; R. v. Rice, (1963) 1 All ER 832.

There are exceptions to the rule. The most important ones, under which documentary evidence is introduced as evidence of truth of its contents, are the public records exception13and the business records exception.

13. Section 35 of the Indian Evidence Act, 1872. Also Sections 6 and 7 of the IT Act deal with the public records exception and provide for the processing of public documents in the electronic form by the Government.

The business records exception is under Section 32 (2) of the Evidence Act. It is submitted that electronic records are also permitted to be brought within it because Section 65B of the Evidence Act expressly says that electronic records in the form of printouts or stored in digital form “shall be deemed to be also a document”. There is no distinction maintained between electronic documents and other documents and therefore electronic records will be entitled to the same privileges as other documents are getting. Therefore, the business records exception is available to electronic records also and no special challenge is presented to electronic records by the rule against hearsay evidence.

Section 9 of the Civil Evidence Act 1995 (England) also provides that documents which form part of the records of a business are automatically admissible and in the absence of an entry in those records can be proved by an appropriately signed certificate.

However, all business documents are not records if it is not a comprehensive record of what has occurred, or was not intended to serve as a primary source of information on that matter.14

14. Tania Correia, ‘Legal admissibility of documentary evidence in civil and criminal proceedings in the UK’.

http://www.zylab.nl/zylab2002/US/Downloads/whitepapers/LEGAL ADMISSIBILITY.shtml.

Derby and Co. Ltd. v. Weldon, (1991) 2 All ER 901, Computer data base which forms part of the business records of a company in so far as it contains information capable of being retrieved and converted into readable form is a document.

The United States also has a business records exception. In Monotype Corporation plc v. International Typeface Corporation15it was held that email is not a regular, systematic record under the business records exception. However, in US v. Catabran16computerized printouts of accounting and bookkeeping records were admitted as business records.

15. 43 F. 3d 443 (9th Circuit).

16. 836 F. 2d 453 (9th Circuit).

There is apprehension that computer technology for records lacks the trustworthiness which is the basis of the presumption of reliability of business records.

Data stored on magnetic disks, tapes and punched cards would be indecipherable

and a computer printout may be needed. There are problems regarding the admissibility of such printouts, which can be altered more easily than traditional handwritten records and the business records cannot ensure that the database or printout has not been falsified; it was when records were entered manually, where as use of a computer to store and retrieve business documents interjects an automation element between the record and its custodian. Also, if computer records have been tampered with it is difficult to follow a ‘paper trail to the source’17.

17. Devashish Krishnan, ‘Internet Evidence and the Indian Legal Regime’, in, Law Relating to Computers, Internet and E-commerce-A Guide to Cyberlaws, (Nandan Kamath, Ed.) Universal Law Pub. Co. Pvt. Ltd., New Delhi, 2000, pp. 73-74.

However, as computer technology has become more widespread as a form of business recordkeeping, the reliability of computer records has been accepted out of necessity.18

18. Yochai Benkler, Rules of the Road for the Information Superhighway: Electronic Communications and the Law, West Pub. Co., St. Paul, 1996, P. 585.

One possible solution to balance this problem of trustworthiness of computerized business records is that any person with personal knowledge of the collecton and compilation of information made in the regular course of business should be able to lay the foundation for admission of the proposed evidence. To block the admission of a computerized business records, the Court must be satisfied that ‘the source of information or the method or circumstances of preparation indicate lack of trustworthiness’ and the judge functions as a gatekeeper in determining that the computer records are reliable.19This serves to ensure that the rationale for the business records exception is preserved.

19. Herbert M. Strassberg, ‘Computerized business records can be treated more equitably at trial by the United States adopting parts of the new Canadian system’, 9 Sw.J.L. ? Trade Am. 221, p. 237.

http://www.westlaw.com

There is a debate whether an exception should be made to the hearsay rule in the case of computer documents.

One problem is that it will not be possible to identify the person who entered the information in question. The information may have passed though the hands of a chain of employees and if the law of evidence is not flexible, persons committing criminal offences will escape easily.20

20. David Bainbridge, Introduction to Computer Law, 4th ed., Pearson Education Ltd., Essex. 2000, P. 339.

However, the rationale for barring hearsay evidence from trial stresses the importance of cross-examination, because a statement outside Court adduced to establish the truth of a matter does not give the other side the opportunity to expose the weaknesses of the statement. Thus for electronic documents, the rule of hearsay should apply because the document is subject to traceless tampering and does not state the truth of the matter contained.21Also computers are not infallible and some fundamental requirements should be satisfied before computer

documents can be admitted under an exception to the hearsay rule.

21. Devashish Krishnan, ‘Internet Evidence and the Indian Legal Regime’, in, Law Relating to Computers, Internet and E-commerce-A Guide to Cyberlaws, (Nandan Kamath, Ed.), Universal Law Pub. Co. Pvt. Ltd., New Delhi, 2000, Pp. 70-71.

In England the Court held in Myers v. DPP22that any exception to the hearsay rule had to be constructed restrictively. It was not relevant to show that records had been made unless it was also accepted that they were true. To negate the effect of the Myers case, the Criminal Evidence Act, 1965, provided that documentary hearsay evidence would be admissible if it was created in the course of business, from information supplied by a person who might have personal knowledge or where a person is dead or cannot be traced.23Also in R. v. Golizadeh24expert evidence on a computer printout was allowed and held not to amount to hearsay, machines were not subject to the vagaries of human recollection and the hearsay rule is inappropriate to regulate records from machines.

22. (1964) 2 All ER 881.

23. Ian Lloyd, Information Technology Law, 2nd ed., Butterworths, London, 1997, P. 238.

24. (1995) Crim LR 232. Dev. P. 78. Castle v. Cross, (1985) 1 All ER 87-Evidence produced by a computer may or may not be hearsay; it is not hearsay if no contribution is made by any human mind to the statement relied on, for example when an evidential breath-testing device demonstrates the amount of alcohol in a subjects breath. The law on the issue is as per the case of R. v. Shephard.

The Civil Evidence Act, 1995, on the other hand, abrogates the rule against hearsay as admissible evidence for civil cases, with two safeguards: firstly, hearsay evidence can only be given in Court after notice has been given to the other side, secondly, the Judge will decide what weight to attach to such evidence. The Act gives guidance on circumstances to be taken into account in assessing the weight of hearsay evidence. The copy must be ‘authenticated in such manner as the Court may approve’.

It is submitted that this is not very different from the Indian law. In India, documents are excluded under the hearsay rule because there is no possibility of cross-examination and hence reliability of the evidence. In England, although documents would not be excluded because of the hearsay rule, the judge still has discretion as to the weight which he can decide on the basis of reliability. This has the advantage of not excluding evidence which might be reliable in a blanket way under the hearsay rule and at the same time giving less weight to evidence which is not satisfactorily authenticated.

However, this approach places great responsibility on the judge. In context of India, judges do not really appreciate electronic evidence. Firstly, the doubt raised is in context of which is the original and copy. Secondly, several doubts are raised and it has to be proved that the original is untampered. The prosecution has a tougher job. Thus, even if the rule against hearsay is abolished, the judiciary would not give electronic evidence much weightage.

In the United States, computer-generated evidence is admitted in the United States as an exception to the hearsay rule in some circumstances.25Courts and litigants frequently rely on the “catch-all” exceptions to the hearsay rule, the Colorado Supreme Court admitted computer records into evidence under the common law “general hearsay exception.” explaining that the data, while not a business record, was sufficiently reliable to be admitted into evidence.26The rule against hearsay is inapplicable in case of real evidence, since a machine cannot be asked to testify on oath or be cross-examined and there is no possibility of a conscious misrepresentation.27

25. Devashish Krishnan, ‘Internet Evidence and the Indian Legal Regime’, in, Law Relating to Computers, Internet and E-commerce-A Guide to Cyberlaws, (Nandan Kamath, Ed.), Universal Law pub. Co. Ltd., New Delhi, 2000, Pp. 72-73.

26. Christine Sgarlata Chung and David Byer, ‘The electronic paper trail: Evidentiary obstacles to discovery and admission of electronic evidence’, 4 B.U.J. Sci. ? Tech. L. 5, P. 39.

http://www.westlaw.com

27. State v. Armstead, 432 So. 2d. 837, in, ‘Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations’, Computer Crime and Intellectual Property Section, Criminal Division, United States Department of Justice, July 2002.

http://www.usdoj.gov/criminal. cyber-crime.sandsmanual2002.pdf

In the opinion of the researcher, the rule against hearsay should not be completely done away with since there is an element of unreliability due to difficulty in detecting tampering. However a possible compromise is that contemporaneous, automatic records as should be considered as direct physical evidence and computer records generated without human intervention should not be considered hearsay with respect to the knowledge of the person operating the computer, as is done in the US. Therefore, at least those records where there is no possibility of tampering can be admitted as proof of what they contain.

Best Evidence Rule and Electronic Evidence

The best evidence rule is based on the distinction drawn between primary and secondary evidence.28Primary evidence is evidence which is required to be given by law first; secondary evidence is evidence which may be given in the absence of better evidence, when a proper explanation is given of the absence of that better record. Primary evidence means the document itself produced for the inspection of the Court, i.e. the original, and the copies are secondary evidence.29The rule therefore prefers the original to a copy.

28. Contained in Sections 62 and 63 of the Indian Evidence Act, 1872.

29. Ratanlal and Dhirajlal, The Law of Evidence, 20th ed., Wadhwa and Co., Nagpur, 2002, Pp. 631, 634.

It is based on the notion of truth as residing in the object or the thing proven, and hence the premises are: there is one original, which is identifiable from the duplicates, and that one original is a better measure of the true contents of the document rather than the copies.30This rule makes duplicates admissible in

evidence only if no question regarding the authenticity of the original arises.

30. Yochai Benkler, P. 589.

This physically objective concept of originality is directly challenged by digital technology. There is no useful physical original of a digital representation of information and it is impossible to distinguish between the original and the copy because the original is identical to the copy. No single document or data can provide better proof of integrity and veracity of the content than any other document or data of the same combination of zeroes and ones that embodies the information sought to be proven.31

31. Rahul Matthan, The Law relating to the Computers and the Internet, Butterworths, New Delhi, 2000, P. 178.

Further, all electronic records are stored on the hard disks of computers in the intangible form. To use them, these electronic records have to be necessarily converted into printed tangible medium, and this raises the further problem of whether the printout is the original electronic record or a mere copy.

The IT Act and Evidence Act solve the problem by providing that a file produced by techniques that accurately reproduce the original will be admissible as the original itself, and that output readable by sight or a printout of data stored on a computer will be construed as an original. Contents of electronic records may be proved in accordance with the provisions of S. 65B. Thus, the approach is to presume that electronic evidence is primary evidence.

It puts printouts etc. on the same level as a document. Thus it is clear that subject to the other requirements of admissibility, any electronic record whether in the nature of a printout, stored, recorded or copied is to be deemed a document and therefore admissible as such. Therefore, there is no distinction maintained between electronic records maintained in one form or the other and the scope of the best evidence rule is expanded.

The IT Act is based on the UNCITRAL Model Law, according to which, if there is a legal requirement of an original, it shall be met by a data message, which shall be given due evidential weight after considering the reliability in the manner in which it was created.32

32.http://www.uncitral.org/english/texts/electcom

The US Federal Rules of Evidence also have a similar definition of an original saying that ‘if data are stored in a computer or similar device, any printout or other output readable by sight, shown to reflect the data accurately is an original’. Thus, there is no limit on electronic evidence by the requirement of originality. Cases have allowed printouts as ‘originals’.33

33. Yochai Benkler, Rules of the Road for the Information Superhighway: Electronic Communications and the Law, West Pub. Co., St. Paul, 1996, P. 590.

Extending this application of the best evidence rule to emails, as per S. 65B any printout or output that accurately reflects the information in the digital file could be

considered admissible under the best evidence rule. However, this approach would practically eliminate the best evidence rule.34

34. Yochai Benkler, Rules of the Road for the Information Superhighway: Electronic Communications and the Law, West Pub. Co., St. Paul, 1996, P. 592.

A better option would be to consider any copy or file created in the process of transmission as an ‘original’. Thus, copies of messages automatically created and stored on the system of sender, network service providers and recipient would be admissible under the best evidence rule. Other copies by human design such as copies of the message retained by the sender or made by the recipient, which are not contemporaneous or automatic, would be considered duplicates. Thus, ‘originals’ are the copies generated by the machine as an integral part of the transmission process.35The IT Act does not expressly deal with this aspect and it needs to be clarified. Only copies created automatically and stored should be given the status of an original email.

35. Yochai Benkler, Rules of the Road for the Information Superhighway: Electronic Communications and the Law, West Pub. Co., St. Paul, 1996, Pp. 593-594.

On the other hand, a more radical approach is advocated in connection with application of the best evidence rule to electronic evidence.

It is argued that solutions devised to deal with paper-based records are not readily applicable to electronic records, such as characterizing printouts as originals, duplicates or reliable copies, or creating a category of ‘duplicates’ including photocopies, certified true copies, and electronic images, considered originals for the purpose of the best evidence rule. The ‘function’ of the best evidence rule is to ensure the reliability or integrity of the record to be produced in evidence. It is presumably easier to tell that an original paper record has been altered than to determine any alteration by viewing a copy. In the electronic world, there may or may not be any original paper version of the electronic record.36

36. Uniform Electronic Evidence Act: Consultation Paper, Uniform Law Conference of Canada, March 1997,http://www.law.ualberta.ca/alri/ulc/current/eelev.htm

Also an ‘original’ implies a record that was created at or near the time of the event being recorded and a computer printout taken at the end of the information creation and handling process cannot be designated as the original.37

37. Uniform Law Conference of Canada, ‘Electronic Evidence: Computer-produced records in Court Proceedings’,http://www.law.ualberta.ca/alri/ulc/94pro/e94j.htm

Therefore, the search for integrity of an electronic record should move from ‘original’ to ‘system’, that is, from a dependence upon proof of the integrity of the original business document to a dependence on proof of the integrity of the record-keeping system. This means that the best evidence rule would lose most of its application in this field.38Thus the admissibility of the electronic evidence will depend more on the integrity of the entire system rather than proof of integrity of the actual document, which is harder and more complicated to prove.

38. Uniform Electronic Evidence Act: Consultation Paper, Uniform Law Conference of Canada, March

1997,http://www.law.ualberta.ca/alri/ulc/current/eelev.htm

This is partly dealt with S. 65B (2) which requires proof of operation of the computer, but also applies paper based solutions. However there should be a paradigm shift and rather than characterize printouts etc. as originals, the emphasis should be on the integrity of the system.

Reliability of Electronic Evidence

Electronic evidence can be easily manipulated and altered and raises various issues as to the reliability of electronic evidence itself. It is much more difficult to detect tampering with digital records, which shows no signs of alteration or tampering, than it is to detect tampering with paper based records. As between two digital versions of the same document, there are no physical means of distinguishing the true from the false, the early from the late.39

39. Yochai Benkler, Rules of the Road for the Information Superhighway: Electronic Communications and the Law, West Pub. Co., St. Paul, 1996, P. 31.

Most of the traditional means for authenticating written documents are unavailable to authenticate electronic documents, such as the process of certification or of affixing a signature to the document, identification of handwriting, voice or other physical properties. The other problem most commonly encountered while dealing with electronic records is the malfunctioning of the machine, data may get lost by crashing or is altered beyond repair by a virus, and there may be objections as to the reliability on this ground.40Thus, the weight of the content is examined, and also the weight of the process by which it was produced, which is relevant for the quality of the original source, the quality of internal computer manipulations and strength of the control mechanism to reduce error.41.

40. Yochai Benkler, Rules of the Road for the Information Superhighway : Electronic Communications and the Law, West Pub. Co., St. Paul, 1996, pp. 577-578.

41. Peter Sommer, ‘Digital Footprints : Assessing Computer Evidence’, in, The Criminal Law Review, (Prof. Clive Walker Ed.), Sweet and Maxwell Ltd., London, 1998, pp. 61, 78.

The problem of reliability of electronic communications is at the level of the identity of the sender and also at the level of the content of communication. For example, if a confirmation message for concluding a business transaction over the Internet is to be sent from X to Y, but X wants to avoid the deal. P, a person who has information of the negotiations, may try to defraud Y by sending an e-mail message in the name of X confirming the transaction. Later when Y relies upon the electronic communication, X will say that he did not send the message at all or dispute the content of the communication.

Hence electronic evidence needs to be authenticated to be reliable.

Authentication may take the form of an ‘audit trial” connecting the original record with the one adduced in evidence and showing everyting that happened to the record in the interim period, through oral, circumstantial or technical evidence, and the Court has to be convinced that the evidence is not tampered with.42

42. Chapter 3 : ‘Digital Images’, The Fifth Report of the Select Committee on Science and

Technology.

Another form of authentication is making use of software that brands an image at the moment of creation, for e.g. a digital signature for documents.

An ordinary digital record can be secured by digitally encrypting so that it cannot be altered or read without the knowledge of the genuine user of the document, and even if a comma is changed the unique code value will get altered. This is referred to as ‘digitally signing’ the document. It is equivalent to a ‘signature’ in a paper document; it certifies the contents and binds the signatory.43

43. Na. Vijayashankar, Cyberlaws, Ujvala Consultants Pvt. Ltd., Bangalore, 1999, pp. 23-25.

The IT Act recognizes digital signatures. Authentication as provided for under the IT Act relates both to the origin of the record and the integrity of the same.

S. 85B provides for certain presumptions as per which there are four categories of electronic records :

1. An unsigned and unsecured electronic record (without any digital signature at all): no presumption whatsoever in their favour by the Courts.

2. Records having a digital signature but not secure : the burden is on party using it to establish non-alteration of the content of the record in transit.

3. A secure but unsigned electronic re-cord : presumption of non-alteration of the content of the record since the time the security procedure was applied to it.

4. A secure as well as signed electronic record : presumption of identity of the sender, non-alteration of the content and also intentional transmission by the owner of the digital signature.

Section 3 of the Act deals with the authentication of electronic records by way of digital signatures and recognizes only the asymmetric crypto system in this regard. Sec. 5 gives legal recognition to digital signatures equating them to traditional signatures insofar as the electronic medium is concerned. The Act contains exhaustive pro-visions with respect to the role of certifying authorities and even postulates the creation of a Controller to oversee the functioning of the certifying authorities and to act a repository of all digital signature certificates granted by the certifying authorities.

However digital signatures are not completely reliable.

Digital signature certificates become undependable when the subscriber misrepresents his identity to the certification authority or loses control of the private key (known as “compromise” of the private key). Also forgery on a massive scale may occur with the use of digital signatures.44For example : a person finds the private key file within the user’s computer by a virus and e-mails that key to 20 addresses who may try to defraud the key holder by concluding transactions in his name.

44. Rodney Ryder, Guide to Cyberlaws, 1st ed., Wadhwa and Co., Nagpur, 2001, p. 428.

Therefore the question of the suitability of the regime enacted by the IT Act arises.

Legislation should satisfy the objective of minimizing regulatory burdens upon Government and business by adopting a minimal approach and simply ensuring functional equivalence between paper-based and electronic transactions.45As per Article 7 a threshold issue authentication technology must ensure author identity and content approval are enough and legislation should not go further, else there would be excessive regulatory burden on business and Government.46There is the risk that an inappropriate legislative regime may be adopted without regard to market-oriented solution, and this is inadvisable given the pace of technological development and change.47

45. Rodney Ryder, Guide to Cyberlaws, 1st ed., Wadhwa and Co., Nagpur, 2001, p. 18.

46. Rodney Ryder, Guide to Cyberlaws, 1st ed., Wadhwa and Co., Nagpur, 2001, p. 20. Article 7 : When determining the reliability of a method of author identity and content approval, the method should be as reliable as appropriate at the time the method was used.

47. Rodney Ryder, Guide to Cyberlaws, 1st ed., Wadhwa and Co., Nagpur, 2001, p. 301.

Hence an undue rush to legislation should be avoided. For example in India, there have hardly been any cases about issues likely to cause problems to e commerce. Hence it is difficult to judge the magnitude of legal problems being encountered through methods like measuring the recourse to litigation.48

48. Rodney Ryder, Guide to Cyberlaws, 1st ed., Wadhwa and Co., Nagpur, 2001, p. 26.

The Act deals only with PKI framework for authentication and does not recognize any other authentication procedure, which may cause problems for m-commerce transactions.49

49. Aashit Shah, ‘The Information Technology Act : A legal framework for e-governance’,http:/www,sudhirlaw,com/ cyberlaw-inact.htm.

Thus, it is submitted that although the IT Act may not provide the best solution to the problem. Also it prescribes excessive regulation. Given the pace of technological development and change, there is a strong possibility that this authentication system may become outdated or economically unviable.

Conclusion

In the course of research on this project, the researcher has reached the following conclusions and makes the following suggestions :

l The IT Act is a good start in that it recognizes electronic records and signatures, and attempts to put electronic evidence at the same level as other evidence.

l The present two-tier of admissibility is the best option and is preferable to the English system of certification as to authenticity before admission whcih places an

excessive burden and hinders speedy justice.

l The English position (with respect to civil evidence) of removing the rule of hearsay and varying weight has the advantage that it does not impose a blanket ban and ensures reliability at the same time. However, in India, where the Courts do not really appreciate electronic evidence, this benefit may not accrue. Thus in application there will be no difference and hence the present rule can be continued.

l Although for electronic documents, the rule of hearsay should apply because the document is subject to tampering which is difficult to trace, there needs to be a provision which treats contemporaneous, automatic records as direct physical evidence and computer records generated without human intervention should not be considered hearsay with respect to the knowledge of the person operating the computer, as is done in the US.

l As regards the business records exception, in order to preserve the reliability of the records which is the basis of the exception, there should be a requirement that a person with personal knowledge of the collection and compilation of information made in the regular course of business should be able to lay the foundation for admission of the proposed evidence. If ‘the source of information or the method or circumstances of preparation indicate lack of trustworthiness’, the Court should block the admission of computerized business records.

l The IT Act for the purpose of the best evidence rule deems files produced by the same technique and printouts etc. as originals. However this does not serve the purpose of integrity of records and hence proof of the system should be the determining factor.

l By allowing any printout or output as original, the best evidence rule is nullified. Thus, only copies generated by the machine in the course of transmission should be considered originals.

l Although evidence of a record or signature may not be excluded solely because it is in electronic form, a Court still may place significant, even insuperable, burdens on electronic evidence. The IT Act is not sufficient to put electronic evidence on the same plane with a ‘hard copy’. Thus a further step is needed, probably specifically laying down conditions for weight to be given to the evidence.

l The provisions regarding digital signatures and authentication are too regulatory. This is undesirable because the pace of technological development and change may soon render this method outdated and expensive. Legislation with a minimalist approach that simply authorizes the use of electronic signatures in very limited circumstances or one that establishes some evidentiary presumptions and default provisions that parties can contract out of would have been better in such a situation where there is no uniform approach. The Act should accept any threshold technology that ensures author identity and content approval.

In conclusion, the amendments to the Evidence Act by the IT Act are a good beginning but several changes are still needed for the Act to ensure both functional equivalence and technological neutrality.

Published by AIR Online Software

INTELLECTUAL PROPERTY RIGHTS IN COMPUTER SOFTWARE

Justice Yatindra Singh*, Judge, Allahabad High Court

1. IPRs in computer industry are affected by the following areas:

(i) Copyright

(ii) Undisclosed Information or Trade Secret

(iii) Patents

(iv) Contract

(v) Trademarks

(vi) Layout-designs (Topographies) of Integrated Circuits

The first four have impact on computer software. The fifth one (trademarks) and the sixth one (layout-designs) are more relevant on the Internet and the computer hardware respectively rather than in computer software.

COPYRIGHT

2. Source Code and Object CodeComputers do not understand our language. They only understand ‘machine language’ or ‘machine code’ i.e. instructions which consist of a series of 0s and 1s. In the earlier days a computer program used to be written in machine code or by punching a punchcard. The punched slot or unpunched slot indicated requisite information to the computer. This process was slow and tedious. Such a programme, although intelligible to the computer, was virtually unintelligible to any one except an equally skilled programmer.

3.From earlier days, the Computer scientists also devised an alternative language for writing programmes, known as ‘assembler language’. These assembler languages had advantages over writing a programme in machine code but they still required many instructions to be written in order to achieve the simplest tasks. A number of high-level languages—such as Basic, Fortran, Cobol, Pascal etc—have been devised in order to simplify the work of a programmer. The use of these high level languages enables a programmer to write a programme in terms that nearly resembles ordinary English unlike those used in the lower level languages. They also permit complex operations for the computer to be directed by a relatively compact command. The programmes as written by a programmer are known as the source code. It is complied by a compiler converting it into the programme that can be understood by a computer, it is then known as the object code or machine

code or binary code, machine language.

4.GAIM is popular programme that loads different instant messengers (MSN or Yahoo) together.

(Logo of GAIM)

5.Source code of GAIM is disclosed; it is known to everyone. It is written in C++. A small part is as follows.

#include “proxy.h”

#include “signals.h”

#include “sslconn.h”

#include “sound.h”

struct GaimCore

{

char *ui;

void *reserved;

};

static GaimCoreUiOps *_ops = NULL;

static GaimCore *_core = NULL;

6.If you read it then you can understand a few words mentioned therein and what it is trying to say. It is kind of description of something. The source code of a computer program, if it is available or disclosed, is a literary work within the Copyright Act and is so protected. The question, whether object code is also so protected was debatable but before it could be raised in our country Copyright Act was amended by two amending Acts namely Act No. 38 of 1994 and Act No. 49 of 1999. The definition of the ‘literary work’ in section 2(o) of the Copyright Act was amended to include computer programme as well as computer database. The result is that not only the computer programmes (subject code as well as object code) but computer database is also protected as a copyright.

Trade Secret

7.A work must be published before it can be protected as a copyright. The object code of every software is available; it runs the computer or the application therein: it is protected as a copyright. However source code may or may not be available. In case it is available or published it is protected as copyright. In proprietary software, the source code is generally never available; it is secret. In such an

event it is protected as undisclosed information or trade secret.

Copylefted and Open Source Software

8.Everyone is not using copyright to preserve their rights or prevent others from using it without their permission; some are using it in such a way that it does not become exclusive property of anyone: they are not copyrighting it but copylefting it. It is a new word, new concept. In order to copyleft a software, copyright holder has to publish the source code with the declaration that everyone has right to copy, distribute, and modify the software without any payment of royalty or fee provided in case of redistribution of the same software or distribution of the modified software, the source code is also disclosed and similar freedom—as given by the original copyright holder—is given to the others. Copylefted software is also called free software as there is freedom to modify it. It is also called GPLed software as general public license (GPL) has a condition that copylefts a software.

9.Software where source code is disclosed may or may not be copylefted and there can be degrees of copyleftness: it all depends on the terms of the licence under which it is released. In 1997 free software enthusiast got together to start ‘Open Source Initiative’ a non profit public organisation. It has come out with ten guidelines. These guidelines ensure that software is copylefted to some degree. Software satisfying the guidelines is known as ‘Open Source Software’.

Patents

10.Patentability of computer software is controversial as well as debatable. Patents can be granted for inventions. The word ‘invention’ {section 2(1)(j) of the Patents Act} read with the word ‘inventive step’ {Section 2(1)(ja) of the Patents Act} means a new product or process that is capable of industrial application. Invention must be novel and useful. It should not be obvious to a person skilled in the art. It must be a significant advance in the state of the art and should not be an obvious change from what is already known. Generally this is the global law but is being applied differently in different countries.1

1. Clause 27 of the TRIPS defines patentable subject matters. The relevant part of sub-clause (1) of clause 27 is as follows

1. Subject to the provisions of paragraphs 2 and 3, patents shall be available for any inventions, whether products or processes, in all fields of technology, provided that they are new, involve an inventive step and are capable of industrial application.

A footnote inserted here in the TRIPS states,

For the purposes of this Article, the terms “inventive step” and “capable of industrial application” may be deemed by a Member to be synonymous with the terms “non-obvious” and “useful” respectively.

Law - US

11.Section 3 of the Indian Patents Act explains what are not inventions. Patents

cannot be granted for discoveries and inventions mentioned in section 3 of the Patent Act. There is no such limitation in the US law as the Congress intended to include anything under the sun that is made by man, but the US Supreme Court in the Chakrabarty case (for details see below)2 held,

‘This is not to suggest that ... [law] has no limits or that it embraces every discovery. The laws of nature, physical phenomena, and abstract ideas have been held not patentable. Thus a new mineral discovered in the earth or a new plant found in the wild is not a patentable subject-matter. Likewise, Einstein could not patent his celebrated law that E=mc2; nor could Newton have patented the law of gravity. Such discoveries are manifestation of nature, free to all men and reserved exclusively to none.’

2.This case is reported in Diamond v. Chakrabarty, 447 US 303: 65 L Ed 2d 144. Plasmids are hereditary units physically separate from the chromosomes of the cell. In a prior research, Chakrabarty and an associate discovered that plasmids control the oil degradation abilities of certain bacteria. In particular, the two researchers discovered plasmids capable of degrading camphor and octane, two components of crude oil. In the work represented by the patent application at issue here, Chakrabarty discovered a process by which four different plasmids, capable of degrading four different oil components, could be transferred to and be maintained stably in a single Pseudomonas bacterium, which itself has no capacity for degrading oil. The new bacteria were not ‘products of nature’, because Pseudomonas bacteria containing two or more different energy generating plasmids are not naturally occurring.

At present, biological control of oil spills requires the use of a mixture of naturally occurring bacteria, each capable of degrading one component of the oil complex. In this way, oil is decomposed into simpler substances which can serve as food for aquatic life. However, for various reasons, only a portion of any such mixed culture survives to attack the oil spill. By breaking down multiple components of oil, Chakrabarty’s micro-organism promises more efficient and rapid oil-spill control and his patent application was allowed.

12.The US Supreme Court in Parker v. Flook (437 US 584: 57 L Ed 2d 451) also held that a method for updating alarm limits during catalytic conversion, which is a mathematical formula, is not patentable.

13.The US Patents Act neither specifically refers to programmes for computers, nor to the business methods. The US Supreme Court in the Gottschalk case (for citation see below)3held that a computer program — involving a method to convert binary-coded-decimal numerals into pure binary numerals — cannot be patented for the reason,

lThe method was so abstract as to cover both known and unknown uses of the binary-coded-decimal to pure binary conversion;

lThe end use could vary and could be performed through any existing machinery or future-devised machinery or without any apparatus;

lThe mathematical formula involved had no substantial practical application except

in connection with a digital computer; and

lThe result of granting a patent would be to improperly issue a patent for an idea.

In short, algorithm cannot be patented. Computer program — standing alone or by itself — cannot be patented in the US, but what would be the position if it were a part of an industrial or business process?

3. Gottschalk v. Benson, 409 US 63: 34 L Ed 2d 273.

Industrial Process

14.The Diehr case (for citation see below)4was a case involving a process for curing rubber that included a computer programme. Rubber in a mould is to be heated for a given time according to the Arrhenius equation, named after its discoverer Svante Arrhenius. The inventor had found a process for constantly measuring temperature inside the mould, which was fed to a computer that opened the mould at the right time. The court by a five to four decision held that a patentable claim does not become unpatentable merely if it uses a mathematical formula, or a computer programme, or a computer. In short, a computer programme may not be patentable as such but may be patentable as a part of an industrial process.

4. Diamond v. Diehr, (1981) 450 US 175: 67 L Ed 2d 155.

Business Methods

15.Traditionally, the processes concerned with technology only could be patented. Many other activities including business methods, or data analysis which one would consider processes, were excluded from patents. However, since the Diehr case, there has been a shift in the US. US Patent and Trade Office (USPTO) has issued a Manual of Patent Examining Procedures containing guidelines for patenting inventions. Its earlier policy for computer related inventions {Paragraph 706.03(a)} was as follows5:

‘Though seemingly within the category of a process or method, a method of doing business can be rejected as not being within the statutory classes.’

This was deleted and a new paragraph {706.03(a)} was added,

‘Office personnel have had difficulty in properly treating claims directed to methods of doing business. Claims should not be categorized as methods of doing business. Instead such claims should be treated like any other process claims’.

5. See Hotel Security Checking Co. v. Lorraine Co., 160 F. 467 (2nd Cir. 1908) and Wait (in re:), 24 USPQ 88, 22 CCPA 822 (1934).

16.The aforesaid change was noticed by the US court of appeal in the State Street case (for citation see below)6 and the court held that,

‘Whether the claims are [patentable or not] should not turn on whether the

claimed subject-matter does “business” instead of something else.’

The court also held that,

‘To be patentable an algorithm must be applied in a “useful” way.

...

We hold that the transformation of data, representing discrete dollar amounts, by a machine through a series of mathematical calculations into a final share price, constitutes a practical application of a mathematical algorithm, formula, or calculation, because it produces a useful, concrete and tangible result’

6. State Street Bank v. Signature Financial Group, 149 F. 3d 1352. Text is also available at http://www.ll.georgetown. edu/Fed-Ct/Circuit/fed/opinions/97-1327.html

17.In short the law in the US is that, ‘an abstract idea by itself never satisfies the requirements of the Patents law. However an abstract idea when practically applied to produce a useful, concrete and tangible result satisfies it. Today, USPTO has one chapter on Patent Business Methods and is granting patents to software techniques for business methods and data analysis, if they are useful. Australia and Japan have also followed suit. Some examples of patents of business methods granted in US are:

• Single click to order goods in an on-line transaction;

• An on-line system of accounting;

• In-line rewards incentive system;

• On-line frequent buyer programme; and

• Programmes letting customers set their own prices for hotel booking etc.

18.The law whether a computer programme is patentable per se or in conjunction of business methods is still in flux. In the US ‘Business Method Patent Improvement Act of 2000’7was introduced in the Congress on October 3, 2000 and would apply to all pending applications as well as to all patents issued. It will restrict the ability of the USPTO to issue business method patents. Among the others it would create a presumption of obviousness where a computer has been used primarily to implement a known business method. It has not yet been passed and many feel that it may never be passed.

7. The text of the bill is available at http:// www.techlawjournal.com/cong106/patent/bus_method/berman.asp

Law - Europe

19.Article 52(2)(2) of the European Patent Convention 1973 (EPC) specifically states that ‘schemes, rules and methods for performing mental acts, playing games

or doing business, and programmes for computers’ will not be regarded as inventions. This is also the law of the member countries of the European Patent convention: computer programmes and business methods cannot be patented there. However, in practice, the approach has changed. The application for patents is now considered if presented as producing technical effects (i.e. programme for speeding up image enhancement) rather than as claiming abstract programmes or business methods.8Patentability of computer software was being introduced through patent Software directive but it was defeated in the European Parliament on 6th July 2005.

8. An informative study on Article 52 of the EPC regarding computer programme titled ‘Art. 52 EPC: Interpretation and Revision’ is available at http://swpat.ffii.org/analysis/epc52/index.en.html

Law - India

20.Section 3 of the Patents Act provides what are not invention and cannot be patented. Section 3(k) provides that a mathematical or business method or computer programme per se or algorithms is not invention for purposes of the Patents Act. The word ‘computer programme’ is modified by the word ‘per se’. This word means standing alone, or by itself, or in itself. It shows that under section 3(k) a computer programme standing alone or by itself cannot be patented. Nevertheless it also means that if a computer programme is not standing alone then it may be patented; it leaves doubts regarding its scope. The courts may interpret it in the same manner as the Europeans are doing or could do all the way as is being done in the US: of course its finer boundaries will be determined when courts actually interpret these words9.

9. Section 3(k) as it stands today was substituted by the 2002 Amendment. It was replaced by section 3(k) and 3(ka) by the Patents Amendment Ordinance 2004 (the 2004 Ordinance). Section 3(ka) as substituted by the 2004 Ordinance excluded mathematical method or business method or algorithms from the field of invention. It was the same as was provided by the 2002 Amendment in Section 3(k). However, the law regarding computer programme was further clarified in section 3(k) by the 2004 Ordinance. After the 2004 Ordinance, computer programme per se was further qualified by the phrase ‘other than its technical application to industry or a combination with hardware’. It showed that the computer programme in its technical application to industry or a combination with hardware only could be patented: a scope narrower than US approach but perhaps wider than European approach. The 2004 ordinance has been repealed by the Patents Amendment Act 2005 (Act 15 of 2005) (the 2005 Amendment) however it left the section 3(k) as was substituted by the 2002 Amendment intact; it did not incorporate the amendments in 3(k) or substitution of 3 (ka) as proposed by the 2004 Ordinance.

Reverse Engineering

21.Reverse engineering means ‘starting with the known product and working backward to derive the process which aided in its development or manufacture.’ In other words reverse engineering is taking apart an object to see how it works in order to duplicate or enhance the object.

22.Reverse Engineering in the context of a computer programme is also referred to as decompilation or disassembly. There is some difference among the three (see below)10but the word reverse engineering is a general word and is broader than the other two: this is my reason for using it.

10. Reverse engineering, Decompilation, and disassembly have been explained in Wikipedia, the free

encyclopaedia, (http://en.wikipedia.org/wiki) as follows:

‘Reverse engineering (RE) is the process of taking something (a device, an electrical component, a software program, etc.) apart and analysing its working in detail, usually with the intention to construct a new device or program that does the same thing without actually copying anything from the original. The verb form is to reverse-engineer, spelled with a hyphen.

Reverse-engineering is commonly done to avoid copyrights on desired functionality, and may be used for avoiding patent law, though this is a bit risky: patents apply to the functionality, not a specific implementation of it.

Reverse-engineering software or hardware systems for the purposes of interoperability, for example in order to support undocumented file formats or 10. Reverse engineering, Decompilation, and disassembly have been explained in Wikipedia, the free encyclopaedia, (http://en.wikipedia.org/wiki) as follows:

‘Reverse engineering (RE) is the process of taking something (a device, an electrical component, a software program, etc.) apart and analysing its working in detail, usually with the intention to construct a new device or program that does the same thing without actually copying anything from the original. The verb form is to reverse-engineer, spelled with a hyphen.

Reverse-engineering is commonly done to avoid copyrights on desired functionality, and may be used for avoiding patent law, though this is a bit risky: patents apply to the functionality, not a specific implementation of it.

Reverse-engineering software or hardware systems for the purposes of interoperability, for example in order to support undocumented file formats or hardware peripherals, is mostly believed to be legal, though patent owners often aggressively pursue their patents.

Other purposes of reverse-engineering include security auditing, removal of copy protection (cracking), circumvention of access restrictions often present in consumer electronics and customization of embedded systems, for example engine management systems.’

‘Decompilation is the process of reversing a previous compilation back into its component parts. In software, a program is often constructed by compilation of its parts with built-in library parts.

Decompilation is similar to disassembly, but while disassembly reverses machine code into assembly language source code, decompilation takes machine code and turns it back into high-level language source code. This requires a bit of art to find that single line of high-level language that best represents the equivalent block of machine code.’

23.The reasons for reverse engineering in the software industry could be to,

• Retrieve the source code of a programme because the source code was lost; or

• Study how the programme performs certain operations; or

• Improve the performance of a programme; or

• Fix a bug (correct an error in the programme when the source code is not available); or

• Identify malicious content in a programme such as a virus; or

• Adapt a programme written for use with one microprocessor for use with a differently designed microprocessor; or

• Achieve interoperability.

24.The last reason of the preceding paragraph is the most debatable; some countries have declared the terms of the license, prohibiting reverse engineering to achieve interoperability to be void (see below).11The question is when is reverse engineering legal? When does it amount to infringement of IPRs? In case it is not illegal then can it be prohibited by the terms of a contract?

11. The European Union has declared anti-decompilation clauses in software contracts prohibiting reverse engineering to achieve interoperability to be void. See Council Directive 91/250 on Legal Protection of Computer 1991 O.J. (L122) 42. A few other countries, notably Australia, have followed suit. See Jonathan Band, Software Reverse Engineering Amendments in Singapore and Australia, J. Internet L. 17, 20 (Jan. 2000).

Copyrighted Software

25.The leading case12on the aforesaid point is the Sega case (for details see below).13Accolade, a computer game company, reverse engineered Sega game programmes in order to get information necessary to make its games compatible with the Sega Genesis console. Accolade then sold its independently developed games. These games were in competition with those made by Sega and third-party developers, who had been given a license by Sega. In the suit filed by Sega for infringement of its IPRs, Accolade raised the defence of fair use. One of the points involved in the case was,

‘Whether the [US] Copyright Act permits persons who are neither copyright holders nor licensees to disassemble [reverse engineer] a copyrighted computer programme in order to gain an understanding of the unprotected functional elements of the programme.’

The Court, in the light of the public policies underlying the US Copyright Act, held that,

‘When the person seeking the understanding has a legitimate reason for doing so and when no other means of access to the unprotected elements exists, such disassembly is, as a matter of law, a fair use of the copyrighted work.’

This case has been followed in almost all subsequent cases in the US.14

12. Another case though prior in time is Atari Games Corp. v. Nintendo of America Inc., 975 F.2d

832, 24 U.S.P.Q.2D (BNA) 1015. The text of the judgement is also available at,

http:// cyber.law.harvard.edu/openlaw/DVD/cases/atarivnintendo.html

13. Sega Enterprises Ltd. v. Accolade, Inc., 977 F2d 15; 93 Daily Journal DAR 304. The text of the judgement is also available at,

http://www.eff.org/Legal/Cases/sega_v_accolade_977f2d1510_decision.html

14. See, e.g., DSC Communications Corp. v. DCI Techs., Inc., 81 F.3d 597, 601 (5th Cir. 1996); Bateman v. Mnemonics, Inc., 79 F. 3d 1532, 1539 n.18 (11th Cir. 1996); Mitel, Inc. v. Iqtel, Inc., 896 F. Supp. 1050, 1056-57 (D. Colo. 1995), 124 F.3d 1366 (10th Cir. 1997); Sony Computer Entertainment, Inc. v. Connectix Corp., 203 F.3d 596.

26.The law in India regarding permissibility of reverse engineering in respect of copyrighted computer software is similar to the law laid down in the Sega case. Section 52 of the Copyrights Act defines acts that do not constitute an infringement of copyright. Sub-sections (aa) to (ad) to Section 52 of the Copyright Act (see below)15relate to computer software. This section broadly protects acts (including those of reverse engineering) in order,

• To obtain information essential for operating inter-operability of an independently created computer programme with other programmes if such information is not otherwise readily available and

• To determine the ideas and principles which underline any element of the programme for which the computer programme was supplied;

• To make copies or adaptations of legally obtained copy of the computer programme for non-commercial personal use.

15. Section 52(1)(aa) was substituted by Act number 38 of 1994 and section 52(1)(ab) to (ad) were substituted by Act number 49 of 1999. The relevant part of Section 52 of the Copyrights Act is as follows:

52. Certain acts not to be infringement of copyright.— (1) The following acts shall not constitute an infringement of copyright, namely:—

(aa) the making of copies or adaptation of a computer programme by the lawful possessor of a copy of such a computer programme, from such copy—

(i) in order to utilise the computer programme for the purpose for which it was supplied; or

(ii) to make back-up copies purely as a temporary protection against loss, destruction or damage in order only to utilise the computer programme for the purpose for which it was supplied.

(ab) the doing of any act necessary to obtain information essential for operating inter-operability of an independently created computer programme with other programmes by a lawful possessor of a computer programme provided that such information is not otherwise readily available;

(ac) the observation, study or test of functioning of the computer programme in order to determine the ideas and principles which underline any elements of the programme while performing such acts necessary for the functions for which the computer programme was supplied;

(ad) the making of copies or adaptation of the computer programme from a personally legally obtained copy for non-commercial personal use.

27.In our country contractual rights are dealt with under the Indian Contract Act. Section 23 of the Indian Contract Act declares a contract to be void if it is against public policy. Public policy has been declared under section 52 of the Copyright Act. Reverse engineering has been permitted in a limited way. A contract, prohibiting reverse engineering in software to the extent permitted by the Copyright Act, may not stand in a court of law.

Patented Software

28.Unlike in the US copyright law, there is no clause in the US Patent Law to permit fair use of Patents. In India also there is no provision in the Patents Act, similar to section 52 of the Copyrights Act. What would be the position if reverse engineering — even to achieve interoperability or for fair use — is prohibited by a contract?

29.The law — as to when a patented software may be reverse engineered — is not clear. Some legal commentators in the US (see below)16have recommended that there should be similar clauses in the US protecting the fair use of patented computer programmes. This may not be necessary.

16. Reverse Engineering and the Rise of Electronic Vigilantism: Intellectual Property Implications of ‘Lock-Out’ Programmes by Julie E. Cohen 68 S. Cal. L. Rev. 1091 (1995). It is availble at http://www.law.cornell.edu/commentary/intelpro/chn95int.htm

The Law of economics of Reverse Engineering by Pamela Samuelson ? Suzanne Scotchmer. It is available at http://www.sims.berkeley.edu/~pam/papers/l?%20 reveng3.pdf

30.A Computer Software/programme consists of two parts: source code and object Code. It is the source code that will help in achieving interoperability of other computer programmes. Sometimes it is disclosed in the patent application. However, generally it is not disclosed and in a patent application only flow charts are given showing how the devise works17. In such a situation, the computer programme only will be protected as a trade secret or copyright. The US Supreme Court in the Kewanee case (for details see below)18held that trade secret does not prohibit any one to find it out or develop it by fair and honest means including reverse engineering. A condition in a contract prohibiting reverse engineering to find out source code which is protected as trade secret may also amount to creating monopoly in an idea forever without getting it patented and such a condition may run foul of section 23 of the Contract Act. In this connection one may also refer to the U.S. Supreme Court decision in Bonito Boats v. Thunder Craft Boats, 489 US 14119. In case the computer programme is protected as a copyright then the same principles as I have discussed earlier should apply.

17. At present, this practise is generally followed while filing patent applications in different countries. Patent requires that everything should be disclosed. It is doubtful whether this practise of non-disclosure of source code is valid or not. In a suitable case this question has to be gone into.

18. The case is reported in Kewanee Oil Co. v. Bicron Corp., 416 US 470. The plaintiff company was engaged in making synthetic crystal useful in the detection of ionizing radiation. It developed a novel 17-inch crystal as a result of processes that were considered trade secrets. Some of its employees—who had entered into an agreement to maintain secrecy—joined the defendant company. The defendant also started manufacturing 17-inch crystals. The plaintiff filed a suit for injunction and damages for misappropriation of trade secrets. The trial court applied the Ohio trade secret law and granted permanent injunction. The appellate court reversed the decision on the ground that the Ohio trade secret law was in conflict with the patent law of the US. The US Supreme Court allowed the appeal and upheld the Ohio trade secret law. The Supreme Court also held,

‘The protection accorded to the trade secret holder is against the disclosure or unauthorized use of the trade secret by those to whom the secret has been confided under the express or implied restriction of non-disclosure or non-use. The law also protects the holder of a trade secret against disclosure or use when the knowledge is gained, not by the owner’s volition, but by some improper means ..., which may include theft, wiretapping, or even aerial reconnaissance. A trade secret, however, does not offer protection against discovery by fair and honest means, such as by independent invention, accidental disclosure, or by so-called reverse engineering.’

19. In the Bonito case, Bonito Boats developed a hull design for a fibreglass recreational board. It wasn’t patented. Florida legislature enacted a statute that prohibited the use of a direct moulding process to duplicate the unpatented boat hulls and forbade the knowing sale of such hulls. Bonito Boats filed a suit against Thunder Craft Boats for violation of this statute. The US Supreme Court held the statute to be against the US Patent Law and as creating a monopoly in an unpatented item.

Conclusion

31.Michael Lewis wrote a book in 1999 on the success story of the Silicon Valley entitled ‘The new new thing: a Silicon Valley story’. The most quoted line from this book is, ‘The definitive smell inside a Silicon Valley start-up was of curry.’ Let’s hope that—with a better understanding of role of IPRs in cyber laws—not only inside a Silicon Valley start-up, but also inside the operating system of e-commerce and cyberspace will there be the smell of curry.

Published by AIR Online Software

MARCH OF SCIENCE AND TECHNOLOGY -WITHER INDIAN EVIDENCE LAW

Avani Bansal (IV year) and Ruchi Mehta (IV year) Hidayatullah National

Law University, Raipur, C.G.

PART I : INTRODUCTION - TRACING THE JOURNEY OF INDIAN EVIDENCE LAW SO FAR

"In this age of science, science should expect to find a warm welcome, perhaps a permanent home, in our courtrooms... Our decisions should reflect a proper scientific and technical understanding so that the law can respond to the needs of the public."1-2

1-2. From the famous lecture of Justice Stephen Breyer of the US Supreme Court on "Science in the Courtroom", delivered in Feb. 1998 at the Annual Meeting of the American Association for the Advancement of Science (AAAS).

The history of law of evidence is the history of a series of largely isolated responses to particular problems at different times.3India has changed a great deal since the bill of the Indian Evidence Act was first prepared by Sir James Fitzjames Stephen4and at the same time the criticism of Bentham of the branch of evidence law viz. 'incompetent on every occasion to the discovery of truth....incompetent therefore, on every occasion, to the purposes of justice'5, continues to ring in the ears of many. Therefore a question naturally arises - Has Indian Evidence law succeeded to cope with all the new challenges posed by ICE (Information, Communication and Entertainment) age, or has it withered? This paper attempts to analyze Indian Evidence Law in the backdrop of this question. By the expression 'dynamic positive law' is meant the law which utilizes the scientific discoveries of the laws of nature and the laws of social development for the forward movement of man in history. Dynamic positive law seeks to alter social relations where they are outdated or irrational.6So, how far has Indian Evidence Law proved itself to be positively dynamic is the moot point in this paper.

3. William Twining, Weidenfeld and Nicolson, Theories of Evidence : Bentham and Wigmore, 1985, p. 1.

4. 'Sir James Fitzjames Stephen (1829-94) is known as a student of Bentham and Austin, a disciple of Mill on logic, a prolific writer and a Judge. He was responsible to a great extent, for the drafting of Indian Evidence Act, 1872' taken from S. V. Joga Rao, Evidence : Cases and Materials, Lexis Nexis, 2003, p.13.

5. Jeremy Bentham, Rationale of Judicial Evidence in John Bowring (ed), The Works of Jeremy Bentham, Vol. 7 (Edinburgh : William Tait, 1843) 206.

6. J. Markandey Katju, Law in the Scientific Era- The theory of Dynamic Positivism, Edn 2000,

Universal Law Publishing House, Delhi.

The proliferation of computers, the social influence of information technology and the ability to store information in digital form have all required Indian law to be amended to include provisions on the appreciation of digital evidence. In 2000 Parliament enacted the Information Technology (IT) Act 2000, which amended the existing Indian statutes to allow for the admissibility of digital evidence. The IT Act is based on the United Nations Commission on International Trade Law Model Law on Electronic Commerce and, together with providing amendments to the Indian Evidence Act 1872, the Indian Penal Code 1860 and the Banker's Book Evidence Act 1891; it recognizes transactions that are carried out through electronic data interchange and other means of electronic communication. It is the hypothesis that Indian Evidence Law was highly inadequate to deal with challenges of the 21st century. However there has been a good attempt by the legislators to amend it suitably. Much has been done but much more remains to be done, for some areas are still left at the mercy of the exercise of discretion by the Indian courts. There is a three tier system in which the paper is divided into : 1) Areas where adequate changes have been made 2) Areas where in the absence of any specific provision, judicial pronouncements are regulating aspects of evidence and 3) Areas where evidence law is silent leading to ambiguity and uncertainty reflecting poorly on the dynamism of law and legislators.

PART II : AREAS WHERE ADEQUATE CHANGES HAVE BEEN MADE

Electronic Evidence has become admissible in Indian Courts7 - Although the Evidence Act has been in force for many years, it has often been amended to acknowledge important developments. Amendments have been made to the Evidence Act to introduce the admissibility of both electronic records and paper-based documents. Definition of 'Evidence' has been amended : The definition of 'Evidence' has been amended to include electronic records (Section 3(a) of the Evidence Act).8Evidence can be in oral or documentary form. The definition of 'documentary evidence' has been amended to include all documents, including electronic records produced for inspection by the court. The term 'electronic records' has been given the same meaning as that assigned to it under the IT Act, which provides for "data, record or data generated, image or sound stored, received or sent in an electronic form or microfilm or computer-generated microfiche."9

7. See also Ss. 4, 7, 11, 12 and 13 of IT Act, 2000. (Hereinafter referred to as IT Act, 2000).

8. See S. 3 of the Indian Evidence Act, 1872. (Hereinafter referred as the Act)

9. See S. 2(t) of IT Act, 2000.

Definition of 'Admission' has been amended : The definition of 'admission'10has been changed to include a statement in oral, documentary or electronic form which suggests an inference to any fact at issue or of relevance. New Section 22A11has been inserted into the Evidence Act to provide for the relevancy of oral evidence regarding the contents of electronic records. It provides that oral admissions regarding the contents of electronic records are not relevant unless the genuineness of the electronic records produced is in question.

10. See S. 17 of the Act.

11. See S. 22A of the Act.

Statement as part of Electronic record : When any statement is part of an electronic record12, the evidence of the electronic record must be given as the court considers it necessary in that particular case to understand fully the nature and effect of the statement and the circumstances under which it was made. This provision deals with statements that form part of a longer statement, a conversation or part of an isolated document, or statements that are contained in a document that forms part of a book or series of letters or papers.

12. See S. 39 of the Act. See also S.59.

Admissibility of digital evidence : New Sections 65A and 65B13are introduced to the Evidence Act under the Second Schedule to the IT Act. Section 5 of the Evidence Act provides that evidence can be given regarding only facts that are at issue or of relevance.14Section 136 empowers a Judge to decide on the admissibility of the evidence.15New provision Section 65A provides that the contents of electronic records may be proved in accordance with the provisions of Section 65B. Section 65B provides that notwithstanding anything contained in the Evidence Act, any information contained in an electronic record (i.e., the contents of a document or communication printed on paper that has been stored, recorded and copied in optical or magnetic media produced by a computer ('computer output')), is deemed to be a document and is admissible in evidence without further proof of the original's production, provided that the conditions set out in Section 65B(2) to (5) are satisfied.

13. See S. 65A and 65B of the Act.

14. See S. 5 of the Act.

15. See S. 136 of the Act.

Specific provisions regarding Digital Signature have been added in Indian Evidence Law16-

16. See also S. 3, 5 and 10 of IT Act, 2000.

Opinion as to digital signature where relevant :

• S. 47A - When the Court has to form an opinion as to the digital signature of any person, the opinion of the Certifying Authority which has issued the Digital Signature Certificate is a relevant fact.

Proof as to digital signature :

• S.67A - Except in the case of a secure digital signature, if the digital signature of any subscriber is alleged to have been affixed to an electronic record, the fact that such digital signature is the digital signature of the subscriber must be proved.

Proof as to verification of digital signature :

• S.73A - In order to ascertain whether a digital signature is that of the person by whom it purports to have been affixed, the Court may direct -

(a) that person or the Controller or the Certifying Authority to produce the Digital Signature Certificate;

(b) any other person to apply the public key listed in the Digital Signature Certificate and verify the digital signature purported to have been affixed by that person.

Judicial pronouncements on the matter -

Societe des Products Nestle SA v. Essar Industries :

In this case, the High Court of Delhi has noted that the rapid rise in the field of information and technology in the last decade of 20th century and the increasing reliance placed upon electronic record by the world at large necessitated the laying down of a law relating to admissibility and proof of electronic record. The legislature responded to the crying need of the day by inserting into the Evidence Act section 65A and 65B, relating to admissibility of computer generated evidence in the only practical way it could so as to eliminate the challenge to electronic evidence.

Jagjit Singh v. State of Haryana17:

The speaker of the Legislative Assembly of the State of Haryana disqualified a member for defection. When hearing the matter, the Supreme Court considered the appreciation of digital evidence in the form of interview transcripts from the Zee News television channel, the Aaj Tak television channel and the Haryana News of Punjab Today television channel. The Supreme Court of India indicated the extent of the relevance of the digital materials in Paragraph 25 of his ruling;

17. Jagjit Singh v. State of Haryana AIR 2007 SC 590.

"The original CDs received from Zee Telefilms, the true translation into English of the transcript of the interview conducted by the said channel and the original letter issued by Zee Telefilms and handed over to Ashwani Kumar on his request were filed on June 23, 2004. The original CDs received from Haryana News channel along with the English translation as above and the original proceedings of the Congress legislative party in respect of proceedings dated June 16, 2004 at 11.30 a.m. in the Committee room of Haryana Vidhan Sabha containing the signatures of three out of four independent members were also filed."

In Paragraphs 26 and 27 the court went on to indicate that an opportunity had been given to the parties to review the materials, which was declined :

"26. It has to be noted that on June 24, 2004 counsel representing the petitioners were asked by the speaker to watch the interviews conducted in New Delhi on June 14, 2004 by Zee News and Haryana News, which were available on the CD as

part of the additional evidence with the application dated June 23, 2004 filed by the complainant. The counsel, however, did not agree to watch the recording which was shown on these two channels. The copies of the application dated June 23, 2004 were handed over to the counsel and they were asked to file the reply by 10 a.m. on June 25, 2004. In the replies the petitioners merely denied the contents of the application without stating how material by way of additional evidence that had been placed on record was not genuine.

27. It is evident from the above facts that the petitioners declined to watch the recording, failed to show how and what part of it, if any, was not genuine, but merely made general denials and sought permission to cross-examine Ashwani Kumar and the opportunity to lead evidence."

The speaker was required to rule on the authenticity of the digital recordings, as indicated at Paragraph 30 of the ruling :

"Under these circumstances, the speaker concluded that 'there is no room for doubting the authenticity and accuracy of the electronic evidence produced by the petitioner'. The speaker held that :

"In this regard, it is to be noted that the petitioner has produced the original CDs containing the interviews conducted by Zee News and Haryana News of the six independent members of the Haryana Vidhan Sabha, including the respondent, and the same have been duly certified by both television channels as regards their contents, as well as having been recorded on June 14, 2004 at New Delhi. It has also been certified by both television channels through their original letters (P-9 and P-12) duly signed by their authorized signatures that the original CDs were handed over to Ashwani Kumar, who was authorized by the petitioner in this regard and whose affidavit is also on record as Annexure P-8, wherein he states that he had handed over the original CDs to the petitioner. The letters, Annexures P-9 and P-12, also give out that the coverage of their interviews on June 14, 2004 was also telecast by both television channels. In fact, the certificate given by Haryana News authenticates the place of the interview as the residence of Mr. Ahmed Patel at 23, Mother Teresa Crescent in Delhi, which interview as per the certificate was conducted by the correspondent of the said television channel, namely Shri Amit Mishra on June 14 2004. The same certificate, P-12, also authenticates the coverage of the [Congress Legislative Party] meeting held in Chandigarh on June 16, 2004 conducted by their correspondent Mr. Rakesh Gupta."

The court determined that the electronic evidence placed on record was admissible and upheld the reliance placed by the speaker on the recorded interview when reaching the conclusion that the voices recorded on the CD were those of the persons taking action. The Supreme Court found no infirmity in the speaker's reliance on the digital evidence and the conclusions reached in Paragraph 31 bear repeating in full :

"Undoubtedly, the proceeding before the speaker, which is also a tribunal albeit of a different nature, has to be conducted in a fair manner and by complying with the principles of natural justice. However, the principles of natural justice cannot be placed in a strait-jacket. These are flexible rules. Their applicability is determined

on the facts of each case. Here, we are concerned with a case where the petitioners had declined to avail of the opportunity to watch the recording on the compact disc. They had taken vague pleas in their replies. Even in respect of signatures on the [Congress Legislative Party] register their reply was utterly vague. It was not their case that the said proceedings had been forged. The speaker, in law, was the only authority to decide whether the petitioners incurred or not disqualification under the Tenth Schedule to the Constitution in his capacity as speaker. He had obvious opportunity to see the petitioners and hear them and that is what has been stated by the speaker in his order. We are of the view that the speaker has not committed any illegality by stating that he had on various occasions seen and heard these [members of legislative assembly]. It is not a case where the speaker could transfer the case to some other tribunal. The doctrine of necessity under these circumstances would also be applicable. No illegality can be inferred merely on the speaker relying upon his personal knowledge of having seen and heard the petitioners for coming to the conclusion that the persons in the electronic evidence are the same as he has seen and so also are their voices. Thus, even if the affidavit of Ashwani Kumar is ignored in substance, it would have no effect on the questions involved."

The comments in this case indicate a trend emerging in Indian courts : Judges are beginning to recognize and appreciate the importance of digital evidence in legal proceedings.18

18. See also State v. Mohd Afzal 107 (2003) Delhi Law Times 385 DB wherein the court held "Under S. 65B of Indian Evidence Act, 1872, computer generated electronic records is evidence, is admissible at trial if proved in manner specified by section. Secondary evidence of contents of documents can also be led under S. 65 of Evidence Act."

PART III : AREAS WHERE JUDICIAL PRONOUNCEMENTS HAVE FILLED THE ABYSS PRESENT IN INDIAN EVIDENCE LAW

Admissibility of intercepted telephone calls :

State (NCT of Delhi) v. Navjot Sandhu19was an appeal against conviction following the attack on Parliament on December 13, 2001, in which five heavily armed persons entered the Parliament House complex and killed nine people, including eight security personnel and one gardener, and injured 16 people, including 13 security men. This case dealt with the proof and admissibility of mobile telephone call records. While considering the appeal against the accused for attacking Parliament, a submission was made on behalf of the accused that no reliance could be placed on the mobile telephone call records, because the prosecution had failed to produce the relevant certificate under Section 65B(4) of the Evidence Act. The Supreme Court concluded that a cross-examination of the competent witness acquainted with the functioning of the computer during the relevant time and the manner in which the printouts of the call records were taken was sufficient to prove the call records.

19. State (NCT of Delhi) v. Navjot Sandhu, AIR 2005 SC 3820, 2005 Cri LJ 3950.

Examination of a witness by video conference :

State of Maharashtra v. Dr. Praful B. Desai20involved the question of whether a

witness can be examined by means of a video conference. The Supreme Court observed that video conferencing is an advancement of science and technology which permits seeing, hearing and talking with someone who is not physically present with the same facility and ease as if they were physically present. The legal requirement for the presence of the witness does not mean actual physical presence. The court allowed the examination of a witness through video conferencing and concluded that there is no reason why the examination of a witness by video conferencing should not be an essential part of electronic evidence.

20. State of Maharashtra v. Dr Praful B. Desai 2003 Cri LJ 2033 : AIR 2003 SC 2053.

This Supreme Court decision has been followed in other high court rulings (e.g., Amitabh Bagchi v. Ena Bagchi).21Recently, the High Court of Andhra Pradesh in Bodala Murali Krishna v. Bodala Prathima22held that necessary precautions must be taken to identify the witness and ensure the accuracy of the equipment being used. In addition, any party wishing to avail itself of the facility of video conferencing must meet the entire expense.

21. Amitabh Bagchi v. Ena Bagchi AIR 2005 Cal 11.

22. Bodala Murali Krishna v. Bodala Prathima 2007 (2) ALD 72.

SMS as admissible evidence :

One of the pieces of circumstantial evidence sought to be relied by the prosecution in the Pramod Mahajan Murder Trial, was a threatening SMS (Short Message Service) sent by Pravin Mahajan (the accused) to Pramod Mahajan. It emerges from newspaper reports that the defense, (a) gave a demonstration that a SMS could emanate from a particular handset/mobile number and when received could display another mobile number; (b) referred to certain provisions of the Indian Evidence Act, 1872 and stated that the SMS was inadmissible as evidence in Trials since, "only secured electronic evidence (could) be accepted as valid evidence." With regard to the submission that a SMS is inadmissible as valid evidence. In my opinion that it is incorrect to state that only secured electronic evidence can be accepted as valid evidence.

Reference here may be had to Section 65B (1) of the Indian Evidence Act, 1872. It states that, "Notwithstanding anything contained in this Act, any information contained in an electronic record which is printed on a paper, stored, recorded or copied in optical or magnetic media produced by a computer (hereinafter referred to as the computer output) shall be deemed to be also a document, if the conditions mentioned in this section are satisfied in relation to the information and computer in question and shall be admissible in any proceedings, without further proof or production of the original, as evidence of any contents of the original or of any fact stated therein of which direct evidence would be admissible." Thus evidence in an electronic form is admissible under the Indian Evidence Act, 1872. Certain requirements need to be met under Section 65B (1) if computer outputs are sought to be adduced as evidence.

Secured electronic evidence merely creates a presumption in favour of the person adducing it, and shifts the onus of proof to the other party. Refer to Section 85B

which states that, "(1) In any proceedings involving a secure electronic record, the Court shall presume unless contrary is proved, that the secure electronic record has not been altered since the specific point of time to which the secure status relates."

On an interesting note, the Hon'ble Judge dismissed the defense contentions on the grounds that (a) the practical demonstration was conducted by defense witness, P. Balakrishnan, on a Motorola handset similar to that of Pramod, but not Pramod's phone; and (b) Balakrishnan was "not an expert" as per law as he doesn't have the authorized qualifications.

Deleted files on Hard Disk : electronic records :

Dharambir v. Central Bureau of Investigation.23The case concerns prosecution of several accused on the basis of intercepted telephone conversations. These intercepted communications were stored on hard disks out of which CD's were made subsequently. These CD's contained relevant conversations out of the entire conversations contained on the hard disks. The prosecution sought to rely upon these CD's as evidence against the accused. The judgment arises out of the accused's petition seeking a mirror image of the hard disk. The judgment is quite a watershed as it is the first Indian judgment which elaborately discusses the admissibility of electronic records and the evidentiary requirements under the Indian Evidence Act.

23. Dharambir v. Central Bureau of Investigation 148 (2008) DLT 289.

The judgment significantly notes that, "once a blank hard disc is written upon it is subject to a change and to that extent it becomes an electronic record. Even if the hard disc is restored to its original position of a blank hard disc by erasing what was recorded on it, it would still retain information which indicates that some text or file in any form was recorded on it at one time and subsequently removed. By use of software programmes it is possible to find out the precise time when such changes occurred in the hard disc. To that extent even a blank hard disc which has once been used in any manner, for any purpose will contain some information and will therefore be an electronic record."

The Judgment is well reasoned and correctly appreciates the underlying technology behind the statutory provisions. However, the aforementioned obiter cannot be treated to be unlimited. It should be noted that data which is once deleted though present in the hard disk and is retrievable is marked as available for overwriting by other files. Hence, the original data which has been deleted will certainly undergo corruption if new data is written on the same sector in the Hard Disk. This will cause the original data to lose its authenticity. Hence the observation made by the Hon'ble Judge needs to be cautiously applied in the future in cases of appreciation of evidence.

Tape recordings :

The Supreme Court of India in the case of Ziyauddin Burhanuddin Bukhari v. Brijmohan Ramdass Mehra24has also observed that tape recorded speeches constitute a document as defined by S. 3 of the Evidence Act, which stand on the

same footing as photographs, and they are admissible in evidence on satisfying the following conditions :

24. AIR 1975 SC 1788.

a) the voice of the person alleged to be speaking must be duly identified by the maker of the record or by others who knew it;

b) accuracy of what was actually recorded had to be proved by the maker of the record and satisfactory evidence, direct or circumstantial, to rule out possibilities of tampering with the record had to be presented;

c) the subject matter recorded had to be shown to be relevant according to the rules of relevancy found in the Evidence Act.

PART IV : AREAS WHERE THE SILENCE IS STILL DEAFENING

Technical Nature of Subject Leading to Growing Chasm -

The Courts today deal with complex cases relating to highly sophisticated crimes where criminals take care to erase all evidence of their involvement. Then there are serious cases of medical negligence and related torts where rival parties seek to rely on expert evidence. Again, in the field of environmental pollution involving toxic substances, there is serious difficulty in finding out the levels of danger, the extent of actual and latent damage to humans and environment, and there are uncertainties in accepting the technology installed by the polluter to conform to environmental standards. Intellectual property disputes throw up similar challenges.25Statistical applications and the theory of probability are used in several cases including those involving DNA tests.26In some civil cases where handwriting, forgery, or paternity issues are involved there is extensive use of scientific techniques.

25. See speech delivered by Justice Yatindra Singh, Judge Allahabad High Court Allahabad on 31st July, 2005 at Judges' Round Table Conference on IPR held at Kolkata wherein he brings several disputable issues such as IMG linking, Domain name dispute, metagags and keywords etc.

26. See Nidhi Tandon, The journey from one cell to another : Role of DNA evidence, (2004) 8 SCC 17. See also Jyotirmoy Adhikary, DNA technology and its application in the administration of justice : Problems and Prospects, (2004) 5 SCC 6.

The Courts are thus dependent and, in fact, compelled to analyse evidence of experts examined on each side. There is again the difficulty of evaluating the conflicting expert evidence adduced by the contesting parties in an adversarial judicial process. The ability of the Courts to decide scientific issues has indeed been questioned.

The American Supreme Court has, however, sounded a note of warning in the matter of the Courts placing reliance on conclusions of science. In the recent landmark decision in Daubert Merrel Dow Pharmaceuticals Inc27it said :

27. (1993) 509 US 574 2786.

"...there are important differences between the quest for truth in the courtroom and the quest for truth in the laboratory. Scientific conclusions are subject to perpetual revision. Law, on the other hand, must resolve disputes finally and quickly."

The above passage was quoted by our Supreme Court in A.P. Pollution Control Board v. Prof M.V. Nayudu.28

28. AIR 1999 SC 812.

Cyber Forensics -

Computer forensics is important in today's world because as the science of computer forensics has been evolving over the years, malicious users and hackers have become smarter and cleverer with their techniques to compromise computer systems, steal money, and confidential, even national security information.29

29. See also J. Jitendra N. Bhatt, A Profile of Forensic Science in Juristic Journey, (2003) 8 SCC 25.

The complex process of computer forensics requires that law enforcement agents and prosecuting attorneys be well versed in the techniques and the legal aspects of obtaining electronic evidence from computers and computer media which is absolutely absent in the Indian scenario. As the practice of computer forensics has emerged, so has the need for professionals to be trained and kept up to date with the latest industry technology and processes. Though this is not a lacunae of evidence law alone but throws light on the dismal situation of the entire criminal justice machinery.

Secondly, a general, simple outline for an investigation involves four steps: Identification of evidence, preservation of evidence, analysis of evidence, and presentation of evidence. Indian evidence law is silent as regards to the preservation and presentation of electronic evidence.

Thirdly, it has been stated that gathering evidence alone won't make a case in the court. The evidence must be connected to a person who committed the crime. This is often the most difficult part of analysis, trying that evidence to a perpetrator, on which Indian Evidence Law does not throw upon any light.30

30. See also H.J. Walls, Forensic Science-An-Introduction to Scientific Crime Detection, Universal Law Publishing Pvt. Ltd., Second Rep, 2008. See also Dr. B. R. Sharma, Forensic Science in Criminal Investigation and Trials, Universal Law Publishing Pvt. Ltd., edn 4th, 2005.

PART V : THE WAY AHEAD.....CONCLUSION

'Science and law, two distinct professions have increasingly become commingled, for ensuring a fair process and to see that justice is done. On one hand, scientific evidence holds out the tempting possibility of extremely accurate fact-finding and a reduction in the uncertainty that often accompanies legal decision making. At the same time, scientific methodologies often include risks of uncertainity that the legal system is unwilling to tolerate.'31

31. Supra note 26.

The above analysis brings out clearly that though the Indian Evidence Law cannot be said to be withered in the wake of new scientific challenges, as suitable amendments have been incorporated, however much remains to be done to make it comprehensively adequate to face any modern challenges that may arise.

The need of the hour therefore is to fill the chasms where no law exists and to reduce it into writing where judicial pronouncements have held up the system so far.

Besides there is a need for overhauling the entire justice system by adopting E-governance in Judiciary. E-governance to the judiciary means, use of information and communication technology to smoothen and accelerate case progression to reach its logical end within the set time frame, with complete demystification of the adjudicatory process ensuing transparency.32This would perhaps make us closer to the pursuit of truth and justice.33

32. See Law Commission of India, 14th report on "Reform of Judicial Administration"; Chapter 11 (P. 252-263)

33. See also Ho Hock Lai, A Philosophy of Evidence Law - Justice in the search for truth, Oxford University Press, 2008, pp.51-84.

Published by AIR Online Software

TAPE RECORDED CONVERSATION - NATURE AND RELEVANCY AS AN EVIDENCE

Rajesh Punia, 3rd Year B.A.,LL.B. Student, Symbiosis Society’s Law

College, Pune

As it is said that “nothing is constant than change”, the same is also applicable to the Law of Evidence. Judiciary has relied on the data recorded on some medium or the other in a manner prescribed by law, as evidence to decide cases. The medium of recording data has varied from stone, clay, metal, parchment and paper over the past centuries to audio-visual tapes and computer disks in modern times. The law of evidence, an important field of law, traditionally relies on oral and documentary records of facts. But with the advent of techno-time or PC period, it demands for making addition to the present system of evidence law governed in the Courts. In Hopes v. H. M. Advocate,1the Court while dealing with the question of admissibility of tape-recorded conversation observed as under :—

New techniques and new devises are the order of the day. I can’t conceive, for example, of the evidence of a ship’s captain as to what he observed being turned down as inadmissible because he had used a telescope, any more than the evidence of what an ordinary person sees with his eyes becomes incompetent because he was wearing spectacles. Of course, comments and criticism can be made, and no doubt will be made, on the audibility or the intelligibility, or perhaps the interpretation, of the results of the use of a scientific method; but that is another matter and that is a matter of value, not of competency.

1. 1960 Scots Law Times 264

In today’s world, the nature of crime in the society has also changed which calls for adopting some new measures to cope up with the situation. Tape recording is one of the measures adopted by the judiciary for dealing the cases conveniently. For understanding this concept, it is necessary to touch all the facets relating to it.

About Evidence

According to Benthem; “evidence” means,

any matter of fact, the effect, tendency or design of which when presented to the mind, is to produce in the mind a persuasion concerning the existence of some other matter of facts — a persuasion either affirmative or disaffirmative of its existence. If the two facts so connected, the latter may be distinguished as the principal fact and the former as the evidentiary fact.

Phipson defines evidence as,

The testimony whether oral, documentary or real which may be legally received in order to prove or disprove some fact or dispute.

In the Indian Evidence Act, 1872, Section 3 defines evidence as the instruments by means of which relevant facts are brought before the Court, viz. witness and documents and means of which the Court is convinced of these facts.

The term “document” itself has expanded in scope from its early definition of a matter expressed in wrting, to include printed, lithographed or photographed words, a map or plan and even inscriptions. Later on, tape records of speeches were also brought under the classification of “document” through case laws. Also the Information Technology Act, 2000 which incorporated “electronic records” as a piece of evidence by amending Section 3 of the Indian Evidence Act which now says, “all documents including electronic records produced for inspection of the Court”. Under Section 2(t) of Information Technology Act, 2000 “electronic record” means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche.

About it’s Nature

Tape recorded conversations cannot fall in the category of oral evidence therefore for obvious reasons, it is considered as a kind of documentary evidence though not exactly a document, as is generally understood by us. In Ziyauddin Burhanuddin Bukhari v. Brijmohan Ramdas Mehta2, it is laid down that the tape-recorded speeches were documents as defined by Section 3 of the Evidence Act which stood on no different footing than photographs.

2. AIR 1975 SC 1788.

It is though, not a typical paper document but it has been the general endeavour of experts to evolve a technology which should allow satisfying legal requirements of a paperbased document by an electronic record. A paperbased document is comprised of four components :—

l the carrier (the sheet of paper)

l text and pictures (the physical representation of the information)

l information about the originator/issues and;

l some measures to verify the authenticity (usually a written signature)

An electronic record or document fulfills all of the above characteristic albeit in a different manner, but the main difference between a paper based document and an electronic record is that whereas contents are recorded and viewed on the paper document in the same form, recording and viewing electronic records are not in the same form. For tape records, transcripts have been forwarded in the Courts as document.

Whether it is Primary or Secondary Evidence?

Primary evidence is that document which itself be produced for the inspection of the Court. The Indian Evidence Act explains that where a number of document are all made by one uniform process, as in the case of printing, lithography photography, each is primary evidence of the contents of the rest; but where they are copies of a common original, they are not primary evidence of the contents of originals.

Secondary Evidence is defined under Section 63 of the Indian Evidence Act in two clauses :

(i) Certified copies gtiven under the provision hereinafter contained

(ii) Copies made from the original by mechanical processes which in themselves insure the accuracy of the copy, and copies compared with such copies.

In S. Pratap Singh v. State of Punjab3and Rup Chand v. Mahabir Prasad4it was held that tape recording is admissible as secondary evidence and not as a direct or primary evidence. But afterwards Apex Court in N. Sri Rama Reddy v. V. V. Giri5, held that the tape itself primary and direct evidence as to what has been said and picked up by the recorder. This view was reiterated by the Apex Court in R. K. Malkani v. State of Maharashtra6. In this case the Court ordained that when a Court permits a tape recording to be played over it is acting on real evidence if it treats the intonation of the words to be relevant and genuine. Referring to the proposition of law as laid down in Rama Reddy’s case (supra), a three judges bench of the Apex Court in the case of Ziyauddin Burhanuddin Bukhari v. Brijmohan Ramdas Mehta, propounded that the use of tape recorded conversation was not confined to purpose of corroboration and contradiction only, but when duly proved by satisfactory evidence of what was found recorded and of absence of tampering, it could, it could subject to the provisions of the Evidence Act, be used as substantive evidence. Giving an example, the Court pointed out that when it was disputed or in issue whether a person’s speech on a particular occasion, contained a particular statement there could be no more direct or better evidence of it than its tape recorded, assuming its authenticity to be duly established.

3. AIR 1964 SC 72.

4. AIR 1956 Punjab 173.

5. AIR 1971 SC 1162.

6. AIR 1973 SC 157 : 1973 Cri LJ 238.

From the aforesaid it can well be gathered as a settled legal proposition that evidence of tape-recorded conversation being primary and direct one it can well be used to establiish what was said by a person at a particular occasion. But if a copy of the tape-recorded conversation is made and substantiated before the Court then it is considered as secondary evidence. So for understanding whether tape record is considered as primary or secondary evidence after its admissibility, it is necessary to consider the originality or copy of the original one. Transcripts of tape-recorded conversation are also a part of secondary evidence.

Indian Judiciary on Tape-recorded Conversation

In India, the earliest case in which issue of admissibility of tape-recorded conversation came for consideration in Rup Chand v. Mahabir Prasad. The Court in this case though declined to treat tape-recorded conversation as writing within the meaning of Section 3 (65) of the General Clauses Act but allowed the same to be used under Section 155(3) of the Evidence Act as previous statement to shake the credit of witness. The Court held there is no rule of evidence, which prevents a party, who is endeavoring to shake the credit of a witness by use of former inconsistent statement, from deposing that while he was engaged in conversaton with the witness, a tape recorder was in operation, or from producing the said tape recorder in support of the assertion that a certain statement was made in his presence. This was followed in Manindra Nath v. Bisuwanath Khandu.

In S. Pratap Singh v. State of Punjab, a five Judges bench of Apex Court considered the issue and clearly propounded that tape recorded talks are admissible in evidence and simple fact that such type of evidence can be easily tampered with certainly could not be a ground to reject such evidence as inadmissible or refuse to consider it, because there are few documents and possibly no piece of evidence, which could not be tampered with. In this case the tape record of the conversation was admitted in evidence to corroborate the evidence of witnesses who had stated that such a conversation has taken place.

The Apex Court in Yusufalli Esmail Nagree v. State of Maharashtra7considered various aspects of the issue relating to admissibility of tape recorded conversation. This was a case relating to an offence under Section 165-A of Indian Penal Code and at the instance of the Investigating Agency, the conversation between accused, who wanted to bribe, and complainant was tape-recorded. The prosecution wanted to use this tape-recorded conversation as evidence against accused and it was argued that the same is hit by Section 162, Cr. P.C. as well as Article 20(3) of the Constitution. In this landmark decision, the Court emphatically laid down in unequivocal terms that the process of tape recording offers an accurate method of storing and later reproducing sounds. The imprint on the magnetic tape is direct effect of the relevant sounds. Like a photograph of a relevant incident, a contemporaneous tape record of a relevant conversation is a relevant fact and is admissible under Section 7 of the Indian Evidence Act. The Apex Court after examining the entire issue in the light of various pronouncements laid down the following principles :

l The contemporaneous dialogue, which was tape recorded, formed part of res-gestae and is relevant and admissible under Section 8 of the Indian Evidence Act.

l The contemporaneous tape record of a relevant conversation is a relevant fact and is admissible under Section 7 of the Indian Evidence Act.

l Such a statement was not in fact a statement made to police during investigation and, therefore, cannot be held to be inadmissible under Section 162 of the Criminal Procedure Code.

l Such a recorded conversation though procured without the knowledge of the accused but the same is not elicited by duress, coercion or compulsion nor

extracted in an oppressive manner or by force or against the wishes of the accused. Therefore the protection of the Article 20(3) was not available.

l One of the features of magnetic tape recording is the ability to erase and re-use the recording medium. Therefore, the evidence must be received with caution. The Court must be satisfied beyond reasonable doubt that the record has not been tampered with.

7. AIR 1968 SC 147 : 1968 Cri LJ 103.

Essentials for Admissibility

Tape-recorded of relevant conversation is a relevant fact and admissible under Sections 7 and 8 of the Evidence Act. But the magnetic tape recording can easily be tampered by erasing the data or by reusing the recording medium. Because of this facility of erasure and re-use, the Courts admit it by satisfying beyond reasonable doubt that the record has not been tampered with. No exhaustive set of rules by which the admissbility of such evidence should be judged is mentioned in the Evidence Act but through the case laws some basic element is framed which are used as yardstick to judge these types of evidences. Firstly, for admissibility, the conversation is relevant to the matter in issue. “Relevant” is defined under the Section 3 of the Evidence Act as :

One fact is said to be relevant to another when the one is connected with the other in any of the ways referred to in the provisions of this Act relating to the relevancy of fact :

Secondly, there is identification of the voice and thirdly, the accuracy of the tape-recorded conversation is proved by eliminating the possibility of erasing the tape record.

Also in the case of Ram Singh v. Col. Ram Singh8, the Apex Court for admissibility of tape-recorded conversation pointed out following conditions :

l The voice of the speaker must be duly identified by the maker of the record or by others who recognize his voice. Where the maker has denied the voice it will require very strict proof to determine whether or not it was really the voice of the speaker.

l The accuracy of the tape-recorded statement has to be proved by the maker of the record by satsfactory evidence direct or circumstantial.

l Every possibility of tampering with or erasure of a part of a tape-recorded statement must be ruled out otherwise it may render the said statement out of context and, therefore, inadmissible.

l The statement must be relevant according to the rules of Evidence Act.

l The recorded cassette must be carefully sealed and kept in safe or official custody.

l The voice of the speaker should be clearly audible and not lost or distorted by other sounds or disturbance.

8. AIR 1986 SC 3.

It is not necessary that tape recording be done with the knowledge and consent of the person concerned. No objection can be raised on the tape recording of the conversation without the person’s knowledge on the ground of right to private life and secrecy. But this does not lend its approval to the police practice of tapping telephone wire and setting up hidden microphones for the purpose of tape recording.

Extent of Implementation

These types of evidence are generally substantiated before the Courts mostly in criminal related matter. In civil matter cases, generally not so strict to admit these types of evidence. All the above mentioned conditions for admissibility started rolling from the criminal matters. These types of evidences were initially put up before the Courts in the matter of corruption and conspiracy. Now these are admissible for estopping the concerned witnesses for their recorded statements and proving the question of fact in the Court. Due to much complicity in the criminal matters about the facts of incidence, Court applies more care and scrutiny for accepting the tape records as evidence. In civil matters, Courts by applying the principle of rationality, provides some relief in applying the conditions for admissibility of tape records according to the circumstances of the cases. But it doesn’t mean that Courts make compromise with the basic principle of evidence law i.e. proving concerned evidence as admissible beyond reasonable doubt. For reasonability, Courts concerned with many factors and situation attached to the matter like accuracy, originality, time taken to bring the recorded tape before the Courts or in the knowledge of Court, statements of the persons attached to the recorded tape etc.

In present day, generally Courts accept the applications for producing the recorded tape as evidence before the Court because of growth of technology in all spheres of the world. Whether the accepted tapes have any evidentiary value or not is decided by the Courts on the basis of the above mentioned conditions. So applying principle of rationality, Courts generally not barred these types of evidences for producing it before the Court on any grounds which makes the recorded tape inadmissible as evidence. Question of admissibility as evidence comes after its production before the Court. But when application for producing the recorded tape is made after a long time passed in the matter then Courts can refuse application. This is because; showing the Court that such type of evidence is present after a long period of dealing by the Court then it is not entertained due to limitation. It also puts the question mark over its authenticity in the preliminary stage.

Conclusion

In today’s world, to deal with the matters or law relating problems, it is necessary to make changes with the time and according to the situation demands. Tape-recorded conversations, as an evidentiary value in the Court of law are one of the positive and effective changes with the growth of technology. But as a mechanical

product, it is not far from its authenticity. The Indian Evidence Act not explains much about these types of evidences to remove ambiguity about its nature. Some amendments are made and some more are still require due to emergences of new laws like cyber law, Information Technology Act etc. Till now, mostly the concepts about recorded tapes are explained through judicial pronouncements. Now the time requires for making specific enactments by taking the existing information as a base to remove the ambiguity. For examining authenticity of recorded tapes, help of experts and laboratories is used which is a good move for using it more effectively as an evidence and getting knowledge about the technicalities attached to it.

______________________

Published by AIR Online Software

THE INFORMATION TECHNOLOGY ACT, 2000 Abhijit Sen, Advocate, 205, Congress Nagar, Nagpur 440012

In the history of human civilization, Legislation, it is said, is an act of hindsight rather than foresight. This is particularly so in the modern era as Law-makers have grappled with the problems of Law enforcement in an era of technological advancement. The 20th century introduced new terms and offences to the Law Lexicon. The arrival of the Automobile forced the Legislatures to legislate on traffic rules, on drunk driving and so on. The arrival of telephones carved out new legislations across the board and the arrival of mass production lead to Labour legislation once considered a sacrilege in the era of laissez faire.

The spread of the Internet and the sheer rapidity with which business have taken to the new medium have posed new challenges for society. The fact that business transaction is today humanly possible between two people situated across distant ends of the earth at the mere press of a button or a click of "the mouse" must necessarily compel Law makers to act with great speed in dealing with the problems which may now arise as a result.

Sufficient it to say, that the Internet had left almost every single law in the statute book utterly toothless and ineffective, as far as India is concerned. The laws against obscenity and pornography are unenforceable on the Internet as the power of technology rendered the words of the Indian Penal Code, a dead letter. The ease of business transactions is also coupled with a massive scope for fraud and cheating in the absence of clearly defined laws and a mechanism for dealing with offences. With the existing law enforcement machinery struggling to cope with traditional crimes, it would find it impossible even to respond to such a situation. The expansion of Gambling Sites on the Internet, bordering on the grey areas of legality, pose new questions should people be defrauded or cheated under the circumstances. There were virtually no laws in the statute book to deal with cyber crimes, to codify various aspects on the exact nature of transactions and relationships effected through the Internet. And even assuming that the existing legislations were interpreted in a manner as to adjust to the changes in technology, the Law enforcement machinery would be utterly incapable of enforcing them.

The passage of the Information Technology Act. 2000 is therefore, an event of far-reaching proportions and it is an event for which the Union Government deserves special and unqualified praise. The Government has responded to the need of the hour by taking the initiative and more so in an era where almost every advanced nation has a legal system up to date with the changes in modern technology and the Information revolution, the need for such legislation in India cannot be overemphasized.

The Act is a very comprehensive piece of legislation, and must be praised for its thoroughness in dealing with almost all issues required to be settled by Law. It has

been prepared with utmost thoroughness and care and indicates a comprehensive understanding of the technology that it seeks to regulate.

The Preamble

The Preamble to a statute is rarely referred to in legal analysis and yet the Preamble to the IT Act is an eye-opener. The most significant aspect being the reference made to the Model Law as adopted by the United Nations General Assembly by resolution dated 30th January, 1997. It goes without saying that in future, where intricate questions of interpretation of the statute arise, this reference may prove to be of invaluable service to Lawyers and Courts alike. Suffice it to say, that the Committee deserves special praise for making an invaluable mention, displaying great foresight in the process. THE ACT

Preliminary

Section 1(2) is significant :

"It shall extend to the whole of India and, save as otherwise provided in this Act, it applies also to any offence or contravention thereunder committed outside India by any person."

This recognizes the capacity for fraud, cheating, forgery or any other offence through the Internet by persons situate outside the territory of India and by including them within its ambit, provides the legal platfrom for prosecution should such an occasion arise.

However, as will be noticed a little later, this may also create all kinds of practical difficulties in respect of certain offences.

The Act also gives recognition to technical terms and introduces them to the Law Lexicon for the first time in India in the Definitions section. Intricate technical terms are explained painstakingly for their case of use and operation in the Courts. It also gives recognition to Digital Signatures as a means of authenticating electronic documents.

Electronic Governance

The fact of Governmental procedures requiring reform to keep pace with advanced technology is recognised. It gives recognition to submission of documents in digital form, use of Digital records (referred to as Electronic records) in Government and the authentification of the same by means of digital signatures. It legitimizes the retention of vital data in Digital form as a compliance with the requirement to store such information in writing and thereby creates an agency for the Governments and Government Bodies to digitize information, save space and time during access, also speeding up their functioning in the process. Section 8 gives recognition to the publication of the Official Gazette in digitized form as a legitimate means of publication.

These provisions would prove invaluable in facilities the modernization of

Government in accordance with the needs of the 21st Century.

Provisions for assistance to Procedural Law

The Act contains detailed and lucidly worded provisions for the recognition of document transaction in digital form, for the aid of the Courts. The manner of attributing an electronic record, its acknowledgement, the time and place of dispatch and receipt are all dealt with thoroughly and in great detail.

It must be said again, that the Act has been enacted with full comprehension of the capacity for misuse of modern technology.

Regulation of Information Technology

The Act creates a powerful authority structure for regulating and facilitating commercial transactions and for conferring authenticity to them. It creates a powerful authority in the form of the Controller of Certifying Authorities, to be appointed by the Central Government. The Controller is to be assisted in his task of administering the duties and functions laid down by the statute by such number of Deputy and Assistant Controllers as the Government may choose to appoint.

Under the provisions of the Act, the Controller functions as a powerful administrative authority with limited judicial functions as well. The Controller is at the head of an intricate administrative set up for the facilitating the entire administrative process including granting of digital signature certificates, which are to be his sole preserve or that of an official delegated by him.

The Act also recognizes Foreign Certifying Authorities and also digital signature certificates granted by them.

The Act creates an elaborate procedure for the issuance of licences to persons for granting Digital Signature Certificates and this whole process is proposed to be under the supervision and control of the Controller. The process of licensing is essential to give certification to commercial transactions over the Internet and may prove to be invaluable in Courts should the legitimacy of such signatures be brought into question.

Penalties and Adjudication

The Act recognizes the release of Computer Viruses, unauthorised access to Secured Computer Systems, Stealing of confidential information from a computer as Criminal Offences and also creates a fine limit of a whopping One Crore Rupees.

It creates a primary adjudicating authority in the shape of Adjudicating Officer, to be appointed by the Central Government.

It also creates a Cyber Regulations Appellate Tribunal, which shall operate as an appellate body. The presiding officer must be a person qualified to be a judge of the High Court or a person from the Legal Services with at least 3 years experience. The Act makes the presiding Officer's post almost sacrosanct and his removal would be permissible only after an enquiry by a Judge of the Supreme

Court.

The Cyber Regulations Appellate Tribunal is proposed to be a Court of appeal to hear appeals from the decisions of the Controller or the Adjudicating Officers appointed under Section 46. The proceedings before the Cyber Appellate Tribunal would not be governed by the Code of Civil Procedure, 1908.

Another significant aspect is that the jurisdiction of all Civil Courts is explicitly barred in respect of matters sub judice before either the Controller. The Adjudicating Officer or the Cyber Regulations Appellate Tribunal.

Offences

The Act must be praised for the stringency of its provisions in dealing with Cyber Crimes. It makes tampering of secure documents an offence punishable with imprisonment up to 3 years and fine up to Rs. two lakhs, hacking of computer systems an offence punishable with imprisonment up to three years and fine up to Rs. two lakhs.

Section 66 of the Act makes the publication of obscene material an offence punishable with imprisonment up to two years and a fine of up to Rs. one lakh and on a subsequent conviction, a term of ten years imprisonment and fine up to Rs. two lakhs.

The Act also contains elaborate provisions for other offences such as disobedience of the Controller's directions, breaking into a notified protected computer system or network, misrepresentation, breach of confidentiality, false publication of digital signatures, publication for fraudulent purpose. It contains wide ranging powers for the Controller to confiscate a Computer or Computer system, powers of arrest without warrant of a person suspected of having committed or about to commit an offence.

The Act also seeks to create a Cyber Regulations Advisory Committee for advising the Government on matters relating to the implementation of this statute.

In addition, the Act also suitably amends the Indian Evidence Act, 1872. The Indian Penal Code, 1860. The Bankers Book Evidence Act, 1891 and The Reserve Bank of India Act, 1934 bearing in mind the current technological changes and needs of an advanced society.

Criticisms

It goes without saying that the Act is not without its flaws. There are several, areas where there is sufficient scope for mischief. The following points may be noticed :

1. The Act seeks to extend itself to offences committed by persons outside the territory of India, which is indeed laudable since it is very simple for any person connected to the word wide web to commit an offence in another country. However, there are several acts or omissions which may amount to a serious

offence in India but may be legitimate and lawful acts in other countries.

This is an issue which has not been properly dealt with in the Act. For instance, Section 67 of the Act makes it abundantly clear that the publication of pornographic content would be a serious offence and punishable with heavy penalty. Since the effect of Section 1(2) and Section 75 is to apply the statute to acts committed outside Indian shores, the statute would theoretically outlaw the operation of every single one of millions of pornographic web sites across the globe.

However, this creates a difficult paradox since pornography is legal in many western countries and not only that, the content is also protected by copyright law. What would the Courts do if under the circumstances a complaint is brought against a Pornographic web site located, say in the United States, which is legal in the US, but since the content is in direct violation of the Indian Law, it would be a direct offence. Since prosecution would never materialize in practice, the true spirit of introducing such a well meaning provision could well be defeated.

This situation could have been remedied by an additional clause merely stating that for persons situated abroad committing such an act, prosecution would follow only if the act in question is also illegal in the country where such a site is located.

Further, the whole object of eliminating obscene content would be defeated if the act of accessing such material is not punishable but merely its publication, since publication is almost always on foreign soil and also legal under the laws of several countries.

2. The Powers conferred upon the Controller are vast and capable of misuse. The Act seems to create a monolithic body at the center with a long list of subordinate officials for the purposes of administration. Due to the lack of decentralization, there are two possibilities.

The first being that the Controller's powers being wide-ranging and enormous, are capable of misuse with hardly any checks and balances.

Secondly, even in the event of the Controller physically trying to perform his functions bona fide, excessive centralization would see the effectiveness of such an institution diminish considerably.

3. The right to privacy is recognized as a fundamental right under Art. 21 of the Constitution. However, the powers of intercepting information conferred upon the controller, powers which are of a totally discretionary nature, are in direct violation of the right to privacy. Since the words used are, "If the Controller is satisfied.........." it again concentrates massive power upon the same individual. This is a power which must be checked for avoiding mischief. The decision regarding interception of digital information on the internet cannot be left to the mere whim and fancy of an official. There must be safeguard against its possible misuse. The Act, regrettably, has none.

3. The powers of confiscation and arrest are very wide and susceptible to misuse. The provision conferring power to arrest any person without warrant anywhere for

even trivial offences is out of place in a mature democracy which respects the freedom of the individual and seeks to zealously guard it. It is submitted that this provision could well be the subject-matter of judicial review at an appropriate time. The past reputation and record of Law Enforcement authorities in India and do not warrant such faith and trust as to bestow upon them powers which could be used at their fancy without any judicial checks and controls.

It was hoped that these issues would be addressed when the Bill is discussed in Parliament. However, the most notable aspect of the statute is that there has been virtually no dissent in respect of the same and a bare perusal of the Draft Bill and the Act would reveal that the Bill has been passed lock, stock and barrel without even altering a word. It also reflects poorly upon Parliament since it seems only to concretize the notion of Parliamentarians as a lot, more interested in staging walkouts and creating commotion than performing their most important and responsible function of Law making.

It has often been said however, that it is only experience which can teach us about the mistakes of the legislature. The statute has been prepared with considerable care and caution and ought to work reasonably well in defining rights and liabilities created in the new medium. However, whether the statute creates more mischief than imagined is a question which can only be answered by the lessons learnt from experience.

Conclusions

In sum, the Information Techonology Act, 2000 is a great step forward and the Government deserves special credit for taking the initiative required. There is no doubt that such a law is absolutely necessary in the country today.

The medium that the Act seeks to regulate and facilitate is producing so profound an impact on human life that it is beyond the comprehension of contemporary visionaries. It is perhaps, only in hindsight, several years later, that the magnitude and scale of the impact could be gauged. It could not therefore have been allowed to run lawlessly without any system of checks and without clearly defined rights and liabilities, and forums in which to enforce them effectively. The law has not, therefore, come a moment too soon and it is sincerely hoped that the notifications will be issued by the Government without undue delay.