Proper digital evidence acquisition and its analysis are of tremendous importance for the successful conviction of an offender. If the chain of evidence is not properly maintained, it may draw an adverse inference against the prosecution’s case.

The process starts with a sound e-discovery procedure where legally relevant digital evidence is put on hold. Once the digital evidence is put on hold, the relevant material is further analysed for evidence of commission of the crime. If the entire digital information is seized instead of selective digital evidence, the prosecution’s case is weakened.

Recently the New Zealand High court held that the procedure of seizing the entire digital evidence by the New Zealand’s police was illegal and the Court directed the police to return back the digital material that was not connected with the investigation. The Court also held that the accused Kim Dotcom is entitled to see the evidence seized by the investigation authorities to properly defend his case.

Digital evidence is also present in numerous forms. It may include a social media account like Facebook or in the form of a fraudulent banking transaction or in the form of paper evidence converted into an optical character recognition (OCR) or in cloud computing form, etc.

Unfortunately, India has no implementable e-discovery and cyber forensics best practices. Even guidelines for effective investigation of cyber crimes in India are missing. The forensics analysis of many cases is still pending due to overload of work in few governmental forensics laboratories. For instance, the forensics analysis of Nokia’s computer used to download software in India is yet to be made available.

We need to develop cyber forensics skills and investigation solutions in India. Take the example of the recent IPL match fixing case during which digital evidence has been collected. But, there are doubts whether police follow the cyber forensics best practices. An improper handling of digital evidence could result in it being held irrelevant and inadmissible in the court of law.

The audio, video and media forensics in India must follow well defined cyber forensics principles. It is very important to maintain a “chain of custody” and “proper documentation” of the acquisition of such digital evidence and media forensics professionals must ensure that the evidence acquired by them are “admissible” in a Court of law.

Of late cyber crimes, financial frauds and IT frauds have increase tremendously in India but till now the conviction ratio for these crimes is really poor. Indian government must provide adequate cyber forensics trainings to law enforcement officials so that they acquire and produce the relevant evidence in an admissible manner before the Courts and criminals can be successfully prosecuted and convicted.