Email is admissible as evidence in Indian courts provided it meets the requirements of Section 65B of the Indian Evidence Act, 1872. You can present any email as evidence in court as electronic evidence if you obtain the correct certification and maintain the chain of custody.
Is Email Admissible as Evidence in India? (The Legal Answer)
Yes. The Supreme Court of India has confirmed that emails are admissible as secondary evidence. Specifically, they fall under Sections 63, 65, 65A, and 65B of the Indian Evidence Act, 1872. The landmark judgment in Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) clarified that you must always obtain a Section 65B certificate when presenting electronic evidence. The certificate must be obtained at the time of seizure, not retrospectively.
What Is Section 65B of the Indian Evidence Act?
Specifically, Section 65B governs the admissibility of electronic records as evidence. Under this section, the law treats electronic information as a “document”. It is admissible without producing the original. However, the email is subject to these specific conditions:
- First, the computer must have been in regular use at the time of creation.
- The type of information in the record must have been regularly input into the computer in the ordinary course of activities.
- The computer must have been operating properly (or, if not, any malfunction must not have affected the production or accuracy of the record).
- The electronic record must be a reproduction of the original data stored on that computer.
A certificate signed by a person in a responsible official position in relation to the computer must accompany the electronic evidence. Moreover, this certificate must state that the four conditions above were met and must identify the computer system on which the record was produced.
How to Prove the Authenticity of Email Evidence in Court?
Consequently, proving authenticity is a separate challenge from admissibility. A court can admit an email into evidence. However, the opposing party may challenge it on grounds of tampering. To establish authenticity:
- First, email header analysis — A forensic expert examines the full email headers. They verify the originating IP address, server routing, and timestamps. They also check whether DKIM/SPF records confirm the sending domain is genuine. A spoofed or tampered email typically has inconsistencies in its headers that are invisible to the naked eye but detectable in forensic analysis.
- Second, hash value verification — At the time of collection, generate a cryptographic hash (SHA-256 or MD5) of the email file. This compared with the hash at the time of court presentation. Identical hashes prove no one has altered the content. Therefore, always hash email evidence immediately after collection. Read more about hash values in computer forensics.
- Furthermore, server-side log corroboration — Email server logs from the sending or receiving mail server can independently confirm that a specific message was sent or received at a specific time. Courts obtain these logs through a court order served on the email service provider.
- Section 65B certificate — A qualified signatory (typically an officer of the organisation whose systems stored the email) must certify that they met the computer conditions under Section 65B(2).
What Is the Role of a Cyber Forensics Expert in Email Evidence Cases?
When parties contest email evidence in court, a certified cyber forensics expert becomes essential. Here is why:
- Forensic investigators can recover deleted emails from hard drives, mail server archives, and backup systems that the opposing party may have attempted to destroy.
- Experts can demonstrate through technical analysis whether an email has been manipulated — for example, whether the timestamp, sender address, or message body was altered after transmission.
- A court-qualified forensics expert can provide expert testimony explaining technical findings to judges and attorneys in accessible terms, which is critical in cases where the opposing party disputes the technical evidence.
- Investigators can assist police, CBI, CID, and other law enforcement agencies that may not have specialised cyber forensics capabilities in-house. Learn more about how to begin email forensics.
What Types of Cases Use Email Evidence in Indian Courts?
- First, business email compromise (BEC) — Fraudulent payment instruction emails that cause organisations to transfer funds to attacker-controlled accounts. Email forensics can trace the fraudulent message back to its true source.
- Second, employment disputes — Email chains proving or disproving termination procedures, workplace harassment, or contractual commitments.
- Also, cyberstalking and threats — Threatening or abusive emails that form the basis of a criminal complaint under Section 66A (struck down but analogous provisions under IT Act and IPC remain) or Section 354D IPC.
- Furthermore, corporate fraud and espionage — Emails evidencing bribery, corruption, or the unauthorised transfer of trade secrets.
- Moreover, matrimonial disputes — Email communications presented as evidence of cruelty, extra-marital affairs, or financial concealment in divorce proceedings.
How to Report Email-Based Cybercrime in India?
If you have received threatening, fraudulent, or harassing emails, or if an attacker has compromised your organisation’s email, file a complaint at cybercrime.gov.in or call Cyber Crime Helpline 1930. For a court-admissible forensic investigation of email evidence, contact cyber expert Anuraag Singh.
