Share This
Scroll Down


Tags :

Pieces of evidence are a major concern in cyber crimes. Pat of evidence is the ‘crime scene’ issues. In cyber crime, there is no cyber crime.

We cannot mark a place nor a computer or a network, nor seize the hard-disk immediately and keep it under lock and key keep it as an exhibit taken from the crime scene.

Very often, nothing could be seen as a scene of the cyber crime! The evidence, the data, the network and the related gadgets along with of course the log files and trail of events emanating or recorded in the system are actually the crime scene.

While filing cases under IT Act, be it as a civil case in the adjudication process or a criminal complaint filed with the police, many often, evidence may lie in some system like the intermediaries’ computers or some times in the opponent’s computer system too.

In all such cases, unless the police swing into action swiftly and seize the systems and capture the evidence, such vital evidence could be easily destroyed.

In fact, if one knows that his computer is going to be seized, he would immediately go for destruction of evidences (formatting, removing the history, removing the cookies, changing the registry and user login set ups, reconfiguring the system files etc) since most of the computer history and log files are volatile in nature.

There is no major initiative in India on common repositories of electronic evidences by which in the event of any dispute (including civil) the affected computer may be handed over to a common trusted third party with proper software tools, who may keep a copy of the entire disk and return the original to the owner, so that he can keep using it at will and the copy will be produced as evidence whenever required.

For this, there are software tools like ‘EnCase’ with a global recognition and our own C-DAC tools which are available with much retrieval facilities, search features without giving any room for further writing and preserving the original version with a date stamp for production as evidence.

IT act 2000 gives enormous powers to the investigating authority to seize and confiscate even without a warrant. The need or requirement to return is also not mentioned in the act.


  • 0 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get In Touch
error: Content is protected !!