When a cop signs a tech certificate, does the evidence vanish?

The certificate for the call records was signed by the investigating officer, not the telecom company. The court had to decide: is that enough?

A man's freedom hung on a single signature. The physical certificate—a thin sheet of paper bearing the ink of the investigating officer—was the legal stamp meant to guarantee that call records were genuine. But the man who signed it was not from the telecom company. He was a police officer. And that single detail threatened to collapse the entire case.

The question was deceptively simple: when the law demands a certificate from a "person occupying a responsible official position in the organisation" that holds the electronic record, can a police officer—even a cyber expert—stand in for the telecom company's own authorised representative?

When the investigating officer became the certifier

In Brajesh Tiwari v. State of Madhya Pradesh, the prosecution wanted to place Call Detail Records (CDRs—the logs showing which numbers called which, when, and for how long) before the court. These records were stored on the servers of Bharti Airtel Limited. To make them admissible, the law required a certificate under Section 65B of the Indian Evidence Act (a legal declaration that the electronic record came from a computer system that was working properly at the relevant time).

The certificate was signed by the Investigation Officer, Rajeev Bhadoriya, who was also the Cyber Cell Expert attached to the police. He was not an employee of Bharti Airtel. He had not been present when the data was extracted from the company's servers. He had not overseen the computer system's functioning. Yet his signature was offered as the legal foundation for admitting the call records.

In the courtroom, when the defence lawyer rose to object, the air grew still. The judge's eyes moved from the certificate to the prosecution table. The file on the bench felt thin—just a few pages of call logs and that single signature. The prosecution's case, built on those records, seemed to tremble on that paper. The defence lawyer's voice was calm but firm: this certificate, he argued, was a hollow formality, signed by a man who had no standing to vouch for the telecom company's servers.

The judge did not interrupt. The silence in the room stretched. The prosecution's counsel shuffled papers, searching for a counter-argument. The entire case, it seemed, would rise or fall on the answer to one question: whose signature is enough?

What Section 65B actually demands

Section 65B of the Evidence Act (the provision governing how electronic records like emails, call logs, and server data can be used in court) lays down a specific chain. The certificate must be signed by a person who holds a responsible official position in the organisation that owns or operates the computer system from which the record is produced. The logic is straightforward: only someone inside the organisation can vouch for the system's integrity—whether it was working correctly, whether the data was tampered with, whether the output matches what was stored.

The defence argued that a police officer, no matter how technically skilled, cannot satisfy this requirement. He is not part of the telecom company. He has no personal knowledge of the server's functioning on the day the records were generated. His signature, therefore, was legally worthless. Without a valid certificate, the call records should be excluded entirely—and without them, the prosecution's case would lose its backbone.

Picture the server room at Bharti Airtel: rows of humming machines, blinking lights, cables running along the floor, the low whir of cooling fans. The data that the prosecution sought to use had passed through those machines, had been logged and stored by those systems. But the man who signed the certificate had never stood in that room. He had never seen those servers. His signature was based on what he was told, not what he knew. The defence lawyer pressed this point: how can a man certify the health of a machine he has never touched?

The prosecution countered that Rajeev Bhadoriya was a Cyber Cell Expert. He had the technical competence to verify the records. He had accessed the data through proper channels. The certificate, they argued, should be treated as sufficient because the officer understood the technology and could confirm the records were authentic. The prosecution's voice grew urgent—this was not a case of an untrained officer fumbling with evidence; this was a specialist who knew his craft.

But the defence was unmoved. Knowledge is not the same as position, he argued. The law does not ask whether the signatory is smart. It asks whether he belongs to the organisation that owns the system. A cyber expert from the police is still a police officer. He is not an employee of Bharti Airtel. And that distinction, the defence insisted, is everything.

Why the court drew a line

The court did not accept the prosecution's argument. It held that the certificate under Section 65B must come from a person who occupies a responsible official position in the organisation that owns the computer system. A police officer—even one with cyber expertise—does not meet that description. He is not part of the telecom company. He cannot certify the working condition of a server he does not control, maintain, or supervise.

The court's reasoning was rooted in the purpose of the provision. Section 65B was designed to create a reliable chain of custody for electronic evidence. The certificate is not a mere formality. It is the legal guarantee that the record is what it claims to be. If that guarantee can be provided by anyone with technical knowledge—regardless of their relationship to the system—the safeguard becomes meaningless. A police officer could certify records from any company, any server, any system, without ever having seen it. That was not what Parliament intended.

The court observed that the certificate must be signed by a person who is in a position to personally verify the computer system's functioning. That person is almost always an employee or authorised representative of the organisation that owns the system. The investigating officer, however skilled, is an outsider. His signature cannot substitute for the company's own certification.

The court held that "the certificate under Section 65B must come from a person who occupies a responsible official position in the organisation that owns the computer system." This single sentence became the anchor of the ruling—a clear line drawn between who can certify and who cannot. The judge's voice, as he read the order, was measured. The prosecution's case, which had seemed so solid, now rested on a foundation of sand.

What this means for every criminal trial

The ruling in Brajesh Tiwari has immediate practical consequences. In countless cases—drug trafficking, fraud, kidnapping, cybercrime—prosecutions rely on call records, bank statements, server logs, and other electronic evidence. If the certificate is signed by the investigating officer instead of the telecom company or bank, that evidence becomes inadmissible. The case may collapse.

For defence lawyers, this is a powerful argument at the stage of framing charges or during trial. If the prosecution has not obtained a proper certificate from the organisation that owns the computer system, the electronic record cannot be read in evidence. The burden is on the prosecution to show compliance, not on the defence to prove non-compliance.

For investigating officers, the message is clear: do not sign certificates for records you did not generate. Contact the telecom company, the bank, the server administrator. Obtain the certificate from the person who actually knows the system.

Consider another scenario: a bank fraud case where the prosecution seeks to admit transaction logs from a bank's server. If the investigating officer signs the certificate instead of the bank's IT manager, the same problem arises. The officer cannot vouch for the bank's system. The logs become inadmissible. The case may fail at the first hurdle. The defence lawyer, armed with Brajesh Tiwari, can move to strike the evidence. The judge, bound by the ruling, will have no choice but to exclude it.

Or take a kidnapping case where call records from a telecom provider are the only link between the accused and the victim. If the certificate is signed by the police officer who requested the data—not by the telecom company's authorised representative—the records cannot be used. The prosecution's best evidence vanishes. The accused may walk free, not because the call records were false, but because the certificate was signed by the wrong person.

The ruling also has implications for trials already underway. Defence lawyers can now move to exclude electronic records that were admitted without a proper certificate. If the records were central to the prosecution's case, the trial may effectively end. The accused could be discharged or acquitted. The ripple effect will be felt in courtrooms across the country.

For the prosecution, the ruling is a warning: the days of relying on the investigating officer's signature are over. Every electronic record must now be accompanied by a certificate from the organisation that owns the computer system. That means contacting the telecom company, the bank, the server administrator—and getting the certificate before the trial begins. The prosecution's scramble to secure proper certificates will become a routine part of case preparation.

For the courts, the ruling provides clarity. The certificate under Section 65B is not a technicality to be brushed aside. It is a substantive requirement that goes to the heart of the evidence's reliability. If the certificate is defective, the evidence cannot be used—no matter how strong the other evidence may be.

The implications extend beyond call records. The same principle applies to emails, WhatsApp chats, server logs, and any other electronic evidence. If the certificate is not from the organisation that owns the system, the evidence is inadmissible. Defence lawyers will now scrutinise every electronic record for the source of its certificate. The ruling has opened a new front in the battle over electronic evidence.

For the accused, the ruling offers a measure of protection. The law demands that the prosecution prove its case with reliable evidence. A certificate signed by an outsider is not reliable. The accused is entitled to have that evidence excluded. The ruling ensures that the prosecution cannot cut corners when it comes to electronic evidence.

THE PLAY: Challenge every electronic record where the Section 65B certificate is signed by a police officer—unless he is an employee of the organisation that owns the computer system, the record is inadmissible.

The court ended where it began: with a certificate signed by the wrong person, and a case that could not stand without it. The signature on that thin sheet of paper—the ink of Rajeev Bhadoriya—was not enough. And the law, for once, was clear.