Skip to content

Interception Evidence: Indian Telegraph Act, UK IPA and EU ePrivacy

The legal frame for voice and communications evidence that increasingly drives biometric casework: the Indian Telegraph Act 1885 + Information Technology Act 2000 s.69 + the Indian Telegraph Rules 1951 amended through the 2007 PUCL judgment + the IT Act Procedure for Safeguards (2009), the UK Investigatory Powers Act 2016 + the Mike Veale and Sir Iain Lobban reviews, the EU ePrivacy Directive and the Cross-Border Data Access frameworks (the US CLOUD Act + the EU MLAT pipeline), and the case-law implications across all three jurisdictions for the admissibility of voice + biometric interception evidence.

Last updated:

Share

Interception evidence is communications content captured by law enforcement during transmission under a statutory warrant or executive authorisation. Three frameworks dominate cross-jurisdictional practice: India's Telegraph Act 1885 s.5(2) (executive authorisation, no statutory exclusionary rule), the UK's Investigatory Powers Act 2016 (dual-lock warrant but intercept evidence inadmissible in court under s.56), and the EU ePrivacy Directive 2002/58/EC (member-state national law subject to ECHR Article 8 safeguards). Where data is held by US-based providers, access runs through MLAT or, for the UK only, the 2022 CLOUD Act Agreement.

Three major interception frameworks govern how voice and biometric evidence reaches criminal courts: India's Telegraph Act 1885 (executive authorisation, no statutory exclusionary rule), the UK's Investigatory Powers Act 2016 (dual-lock authorisation but intercept evidence inadmissible under s.56), and the EU ePrivacy Directive (member-state national law, ECHR Article 8 safeguards). Cross-border access to data held by US providers runs through the MLAT process or, for the UK only, the 2022 CLOUD Act Agreement.

Key takeaways

  • India's Telegraph Act s.5(2) authorises interception by the Union or State Home Secretary without prior judicial approval. No statutory rule automatically excludes improperly obtained intercept evidence.
  • The UK IPA 2016 s.56 renders intercept evidence inadmissible in all legal proceedings, regardless of whether the warrant was lawful. Material may only be used for intelligence purposes.
  • EU member states implement interception powers under national law, subject to ECHR Article 8 requirements. The Grand Chamber found UK's RIPA bulk interception regime incompatible with Article 8 in Big Brother Watch (2021).
  • An MLAT request for US-held communications data typically takes 6 to 24 months. The UK's 2022 CLOUD Act Agreement bypasses MLAT; India has no equivalent agreement.
  • BSA 2023 s.63 requires an authentication certificate for all electronic records, including intercepted voice recordings, before they are admissible in Indian courts.

The interception of communications for law enforcement purposes predates the telephone. The Indian Telegraph Act 1885, enacted when the telegraph was the dominant long-distance communication medium, gave the colonial government broad powers to intercept messages on grounds of public safety and emergency. Amended and supplemented rather than replaced over 140 years, that statute now governs the interception of mobile telephone calls, SMS messages, and, in a contested extension, internet-delivered voice and messaging services across India.

In the United Kingdom, the Investigatory Powers Act 2016 consolidated the Regulation of Investigatory Powers Act 2000, the Interception of Communications Act 1985, and several other surveillance statutes into a single statutory framework. It remains controversial: its bulk data collection powers have been subject to judicial review in domestic courts and before the European Court of Human Rights.

Across the European Union, the ePrivacy Directive (2002/58/EC), supplemented by the General Data Protection Regulation and proposed but not yet enacted ePrivacy Regulation (as of 2025), governs the interception of electronic communications and the retention of communications data by service providers.

These three frameworks differ in their procedural requirements for authorisation, their treatment of intercept evidence in court, and their interaction with cross-border data access mechanisms. Production of intercept evidence in one jurisdiction frequently depends on a request to a service provider or data custodian based in another, making comparative knowledge of all three frameworks necessary for practitioners handling cross-border casework.

By the end of this topic you will be able to:

  • Identify the authorising authority and procedural safeguards under India's Telegraph Act 1885 s.5(2) and IT Act 2000 s.69, and explain why Indian courts admit intercept evidence without prior judicial approval.
  • Explain the dual-lock warrant process under the UK IPA 2016 and the operation of the s.56 statutory inadmissibility rule, including its rationale and current review status.
  • Describe the EU ePrivacy Directive Article 5 framework, the ECHR Article 8 requirements established in Kennedy and Big Brother Watch, and the distinction between the ePrivacy Directive and the proposed ePrivacy Regulation.
  • Apply the BSA 2023 s.63 authentication certificate requirement and chain-of-custody standards to intercept recordings tendered in Indian criminal proceedings.
  • Compare MLAT and CLOUD Act Agreement pathways for obtaining US-held communications data, including typical timelines and which jurisdictions have access to each route.

The Indian Telegraph Act 1885 and IT Act 2000: The Statutory Architecture

The Indian Telegraph Act 1885, section 5(2), authorises the central or state government to intercept messages transmitted through any telegraph (a term interpreted to include telephones, mobile networks, and internet-transmitted voice) on grounds of public safety, the interests of the sovereignty or integrity of India, the security of the state, friendly relations with foreign states, public order, or the prevention of incitement to commission of an offence, the same framework whose forensic-phonetics implications are explored in forensic phonetics and multi-language casework. No judicial authorisation is required; interception is authorised by the Union Home Secretary or a state Home Secretary.

The Supreme Court of India addressed this power in People's Union for Civil Liberties v. Union of India (PUCL), reported at (1997) 1 SCC 301. The court found that telephone tapping under section 5(2) constituted an interference with the right to privacy under Article 21 of the Constitution, and held that such interference required procedural safeguards. The court directed the government to issue rules specifying the grounds for interception, the authority required to authorise it, the period of authorisation, and the review mechanism. The resulting rules, the Indian Telegraph Rules 1951 as amended in 1999 following the PUCL judgment, established a review committee under the Cabinet Secretary at the central level and under the Chief Secretary at the state level. The committee reviews surveillance orders after they are issued, not before.

Section 69 of the Information Technology Act 2000 (IT Act) provides a parallel interception power for electronic records (including internet communications), allowing the government to direct any agency to intercept, monitor, or decrypt information transmitted through computer resources. The grounds mirror section 5(2) of the Telegraph Act. The Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009 (Rule 419A) govern the procedural framework. These rules require authorisation by the Union Home Secretary or state equivalents, a seven-day review period, and destruction of intercept records after 180 days.

The PUCL framework and the IT Act Rules together create a system of executive authorisation without prior judicial oversight, distinguishing India from most common-law jurisdictions. The absence of prior judicial scrutiny has been challenged in subsequent litigation; the Supreme Court in Puttaswamy v. Union of India (2017) directed that surveillance powers must be proportionate and subject to adequate safeguards, but did not impose a judicial warrant requirement on Telegraph Act interceptions.

Admissibility of Intercept Evidence in Indian Courts

The admissibility of intercepted communications evidence in Indian courts has evolved alongside the broader framework for electronic evidence. Under the Indian Evidence Act 1872, a certificate under section 65B was required to prove the authenticity of electronic records. This section was the subject of substantial litigation; the Supreme Court in Arjun Panditrao Khotkar v. Kailash Kushanrao Goratyal (2020) held that a section 65B certificate was mandatory for electronic evidence and could not be substituted by oral testimony from a computer expert.

The Bharatiya Sakshya Adhiniyam 2023 (BSA), which replaced the IEA with effect from 1 July 2024, re-enacts the electronic record authentication requirement in section 63 and adds explicit provision for interception records as electronic records requiring authentication. The BSA also incorporates the Supreme Court's direction in Khotkar by making the certificate requirement absolute: no electronic record, including intercepted call data records or voice recordings, is admissible without a certificate from a responsible official of the device or service through which the record was produced.

Courts have also examined the chain-of-custody requirement for intercept evidence. In several High Court decisions on criminal appeals, intercept recordings tendered as prosecution evidence were excluded where the prosecution had not demonstrated that the recording had been produced by the authorised interception system, transmitted without modification to the investigating agency, and stored under conditions preventing tampering. These requirements are analogous to the UK's requirement under the Investigatory Powers Act 2016 for a Warrants Commissioner's oversight and the US requirement under 18 USC 2518 for a wire interception order and a judicially supervised chain of custody.

Critically, Indian courts have not imposed a rule that intercept evidence obtained without prior judicial authorisation is inadmissible per se. Section 5(2) authorisations by the Home Secretary are treated as lawful, and the resulting evidence is admitted provided the procedural requirements under the Telegraph Rules and the IT Act Rules have been followed. The contrast with the UK position, under which intercept evidence is inadmissible under a statutory exclusionary rule (discussed below), is stark.

The UK Investigatory Powers Act 2016: Architecture and the Inadmissibility Rule

The Investigatory Powers Act 2016 (IPA) is the UK's primary statute governing the interception of communications by intelligence and law enforcement agencies. It replaced RIPA 2000 and consolidated several other pieces of surveillance legislation.

The IPA authorises four main warrant types:

The Investigatory Powers Commissioner, a role currently held by a senior judicial figure, oversees the warrant process and publishes an annual report. The Commissioner's 2022 report noted approximately 15,000 targeted interception warrants issued in that year across all agencies.

The most distinctive feature of the IPA framework, inherited from RIPA, is the statutory inadmissibility of intercept evidence in legal proceedings. Section 56 of the IPA provides that no evidence may be adduced and no question may be asked that would tend to reveal that a warrant has been issued, or that anything has been intercepted. This prohibition applies in all domestic legal proceedings, including criminal trials. Intercept material gathered under the IPA may be used for intelligence purposes (to generate leads, identify suspects, inform surveillance operations) but it cannot be produced in court as evidence.

The rationale for this rule, set out in the report of the Joint Committee on Human Rights in 2009 and reiterated in a 2019 review by Lord Anderson QC (subsequently Lord Anderson of Ipswich), is that using intercept evidence in court would require agencies to disclose their interception capabilities and methods to defence counsel, jeopardising ongoing operations and foreign intelligence partnerships. Critics, including the International Association of Prosecutors and a series of academic commentators, have argued that this results in guilty defendants being acquitted because the best evidence against them cannot be used, and that allied jurisdictions (including the US and Australia) manage to use intercept evidence in court without catastrophic disclosure of methods.

The 2019 review by David Anderson QC (Lord Anderson of Ipswich) and the 2023 review conducted by Sir Iain Lobban, former GCHQ Director, both examined the intercept evidence admissibility question. Lobban's review concluded that the prohibition should be maintained in its current form, but recommended exploring a mechanism for "exceptional cases" where the evidence could be used in proceedings conducted under stringent disclosure controls. No legislative change had been made as of early 2025.

UK IPA warrant authorisation chain: targeted interception warrants require Secretary of State sign-off plus independent Judic
UK IPA warrant authorisation chain: targeted interception warrants require Secretary of State sign-off plus independent Judicial Commissioner approval before execution.

EU ePrivacy Directive and the GDPR Framework

The EU's electronic communications privacy framework rests on the ePrivacy Directive (Directive 2002/58/EC on privacy and electronic communications), which governs the confidentiality of communications content and traffic data transmitted over publicly available electronic communications networks. Article 5 of the ePrivacy Directive requires member states to ensure the confidentiality of communications, prohibiting interception, surveillance, and storage of communications by anyone other than the parties to the communication, except with the users' consent or pursuant to a legal authorisation under national law.

Member states' interception powers are governed by national law, subject to the requirements of the European Convention on Human Rights Article 8 (right to respect for private life) and, since Brexit, the EU Charter of Fundamental Rights (for EU member states). The European Court of Human Rights has developed a substantial jurisprudence on the requirements for lawful interception under Article 8 ECHR. In Kennedy v. United Kingdom (2010), the court found that RIPA-governed interception was compatible with Article 8 provided the safeguards were effective. In Big Brother Watch and Others v. United Kingdom (2021), the Grand Chamber found the UK's RIPA bulk interception regime incompatible with Article 8 in part, because it did not include sufficient safeguards at the authorisation stage (a finding substantially addressed by the IPA's judicial commissioner requirement).

The GDPR (EU) 2016/679, applicable alongside the ePrivacy Directive, governs the processing of personal data associated with communications (traffic data, location data, metadata) to the extent it is processed by the communications provider for other than transmission purposes. Law enforcement processing is separately governed by the Law Enforcement Directive (LED, 2016/680/EU), which requires member states to ensure that personal data collected for law enforcement purposes is used only for the purpose for which it was collected, retained only as long as necessary, and accessed only by authorised personnel.

The proposed ePrivacy Regulation, which was intended to replace the ePrivacy Directive and bring electronic communications privacy into alignment with the GDPR framework, was first introduced by the Commission in 2017. Negotiations between the Council and the European Parliament remained unresolved as of early 2025, primarily over the extent to which communications metadata (including data required for child sexual abuse material detection) could be retained and processed without user consent.

JurisdictionPrimary interception statuteAuthorisation requirementCourt admissibilityReview mechanism
IndiaTelegraph Act 1885 s.5(2); IT Act 2000 s.69; Telegraph Rules 1951 (amended 1999)Union/State Home Secretary; no prior judicial authorisationAdmissible (no statutory exclusionary rule); BSA 2023 s.63 authentication requiredPost-hoc review by Cabinet/Chief Secretary committee
United KingdomInvestigatory Powers Act 2016Secretary of State + Judicial Commissioner (IPCO)Inadmissible in legal proceedings (IPA s.56)IPCO annual oversight; IPT for challenges
European UnionePrivacy Directive 2002/58/EC + national law + LED 2016/680Varies by member state; ECHR Art. 8 requires lawful basis + safeguardsAdmissible subject to national law; ECHR Art. 6 (fair trial) limitsNational DPAs + EDPB; ECHR challenge route
United StatesElectronic Communications Privacy Act 1986 (ECPA); 18 USC 2511-2522; FISATitle III: judicial wiretap order; FISA: FISC orderAdmissible; unlawfully obtained evidence excluded under 18 USC 2515FISC oversight; Congressional review; DOJ OIG
JurisdictionAuthorisationCourt AdmissibilityReview MechanismIndiaUnion or State HomeSecretary; no priorjudicial approvalAdmissible; no statutoryexclusionary rule; BSA 2023s.63 certificate requiredPost-hoc Cabinet or ChiefSecretary committee reviewUKSecretary of State plusJudicial Commissioner(dual-lock)Inadmissible in all legalproceedings under IPA 2016s.56; intelligence use onlyIPCO annual oversight;Investigatory Powers Tribunalfor legal challengesEUVaries by member state;ECHR Art. 8 lawful basisrequiredAdmissible subject tonational law; ECHR Art. 6fair-trial safeguard appliesNational DPAs and EDPB; ECHRchallenge route viaStrasbourgUSTitle III judicialwiretap order; FISC orderfor foreign intelligence(FISA)Admissible; unlawfullyobtained intercepts excludedunder 18 USC 2515FISC oversight; Congressionalreview; DOJ Inspector GeneralAdmissible (with conditions)Inadmissible (statutory bar)Neutral / procedural
Intercept admissibility at a glance: India admits executive-authorised intercepts with no exclusionary rule; UK bars all intercept evidence in court under IPA s.56; EU and US admit intercepts subject to national law or judicial warrant, with exclusionary rules for unlawful collection.

Cross-Border Data Access: CLOUD Act and MLAT

Most internet communications services, including voice-over-IP calls on WhatsApp, Telegram, Signal, and Zoom, route data through servers operated by technology companies headquartered in the United States. When an Indian, UK, or EU law enforcement agency seeks the content or metadata of such communications, it must either rely on the service provider's voluntary disclosure policy or initiate a cross-border legal process.

The primary mechanism in the absence of a specific bilateral agreement is the Mutual Legal Assistance Treaty (MLAT). India has MLATs with 41 countries, including the United States, the United Kingdom, and most EU member states. An MLAT request for electronic communications data from a US-based provider follows a defined process: the Indian central authority (the Ministry of Home Affairs, Foreign Litigation Division) sends a request to the US Department of Justice Office of International Affairs, which reviews the request for compatibility with US law (principally the Stored Communications Act, 18 USC 2701-2712) and, if satisfied, compels production from the provider through a court order. The process typically takes six months to two years.

The US Clarifying Lawful Overseas Use of Data Act (CLOUD Act, 2018) created a faster pathway. The CLOUD Act allows US-based companies to comply with foreign government data demands without an MLAT, provided the foreign government has signed a bilateral "CLOUD Act Agreement" with the United States. The US and the UK signed the first such agreement in October 2019; it entered into force in October 2022. Under this agreement, UK law enforcement with a warrant can compel production directly from a US provider without the MLAT process. The US-EU "enhanced MLAT" framework (not a CLOUD Act agreement as of 2025) remains under negotiation; India has not signed a CLOUD Act Agreement with the US, meaning India continues to rely on the slower MLAT process.

An additional complexity for voice and biometric interception evidence is encryption. End-to-end encrypted communications (Signal, WhatsApp in its default configuration) are not readable by the service provider even if legally compelled to produce them. The provider can produce the encrypted ciphertext and associated metadata (timestamps, sender and recipient identifiers, message sizes), but not the plaintext content. This technical limitation means that, for encrypted communications, the only way to obtain readable content is through device-level access (obtaining a judicial warrant to access the device before or after the communication) or through an attack on the encryption (not lawful in most jurisdictions without explicit legislative authorisation).

The UK's IPA 2016 includes a Technical Capability Notice (TCN) power (section 253) under which the Secretary of State can require a communications provider to maintain the capability to produce intelligible intercept data, including by maintaining the ability to decrypt. This power has been used, but the government has not publicly identified which providers have received TCNs. Apple's public dispute with the UK government over a TCN requiring access to iCloud backups (reported in the Washington Post in February 2025) illustrated the commercial and diplomatic tensions this power generates.

Voice Biometric and Acoustic Evidence: Admissibility Across Jurisdictions

Intercepted voice recordings raise two distinct evidentiary questions: whether the interception was lawfully authorised (the procedural question addressed in preceding sections) and whether the speaker on the recording can be identified (the substantive forensic question). The second question involves forensic speaker comparison, a discipline that shares methodological debates with other pattern-recognition forensic sciences.

Forensic speaker comparison encompasses two approaches. In auditory-phonetic comparison, a trained phonetician listens to the questioned recording and the known voice sample and assesses whether the same speaker produced both, using features such as speaking rate, vowel quality, prosodic patterns, and dialect markers. The multi-language casework challenges in that comparison process are examined in detail in the forensic phonetics topic. In automatic speaker recognition (ASR), a machine-learning system extracts acoustic feature vectors (typically i-vectors or x-vectors derived from the short-term spectral envelope) from both recordings and computes a likelihood ratio or similarity score.

In UK practice, expert speaker comparison evidence is admissible under the Criminal Procedure Rules Part 19, subject to the expert's compliance with the Part 19 duties (opinion expressed with stated reasoning, qualifications, and awareness of counter-arguments). The UK Forensic Science Regulator's Codes of Practice (2021, volume 2) include standards for forensic speaker comparison, requiring validation of the examiner's or system's performance and a likelihood ratio framework for reporting. ENFSI's Speaker Recognition Working Group has produced guidelines recommending LR-based reporting as the standard.

In the United States, speaker comparison evidence is admitted under Daubert, requiring the proponent to establish the method's tested error rate, peer review, standards of application, and general acceptance. Courts have admitted both auditory-phonetic expert testimony and ASR-based evidence, but some courts have excluded ASR evidence from specific vendors where the vendor has not published validated performance data. The FBI's forensic speaker comparison programme at Quantico has published internal validation studies under the NIST SRE (Speaker Recognition Evaluation) framework.

In India, voice spectrography evidence (the older technique using visible speech patterns, now largely superseded by ASR) has been admitted in several High Court matters under IEA section 45 and its successor BSA 2023 section 39, subject to the expert demonstrating familiarity with the methodology and the known voice sample being authenticated. The CFSL Hyderabad forensic science laboratory has a voice analysis unit; its reports are among the most frequently tendered voice comparison evidence in Indian courts. The Andhra Pradesh High Court in A. Abdul Rashid v. State (1980) and subsequent Delhi High Court decisions have admitted voice spectrography evidence, but courts have noted that the reliability of the method requires corroboration.

Biometric voice identification from Aadhaar voice enrolment data is not currently a feature of the Aadhaar authentication system, which uses fingerprint and iris modalities. However, some private-sector deployments in Indian banking have used voice biometric authentication, and the potential for voice biometric evidence from these systems to appear in fraud prosecutions is increasing. The authentication logs for such systems would be subject to the same BSA 2023 section 63 certificate requirement as other electronic records.

  1. Authorisation verification
    Confirm that the interception was authorised under the applicable statute (Telegraph Act s.5(2) + Rules; IPA 2016 targeted warrant; member-state national law implementing ePrivacy Directive). Document the authorising authority, the grounds, and the period.
  2. Chain-of-custody documentation
    Trace the recording from the interception system (lawful interception interface at the telecom provider) to the investigating agency's storage system to the forensic examiner. For UK material, note the IPCO oversight reference. For Indian material, obtain the BSA 2023 s.63 authentication certificate.
  3. Cross-border data request (if applicable)
    If the data is held by a US provider: determine whether an MLAT request or a CLOUD Act Agreement route is available. Document the request date, the responding authority, and the conditions attached to the production.
  4. Voice recording authentication
    Establish that the recording has not been edited or modified. Hash verification of the original file against the production copy. Expert evidence on audio authentication (SWGDE guidelines; ENFSI speaker recognition guidelines).
  5. Speaker comparison
    Auditory-phonetic comparison and/or ASR-based comparison. Report in likelihood ratio form (UK standard; ENFSI recommendation). State the reference population used to calibrate the LR. State the system's validated error rates.
  6. Admissibility assessment
    India: BSA 2023 s.39 (expert opinion) + s.63 (electronic record certificate). UK: CrimPR Part 19 + IPA s.56 (intercept inadmissibility check). EU: national law + ECHR Art. 6 (fair trial). US: Daubert + 18 USC 2515 (exclusionary rule for unlawful interception).
Key terms
Indian Telegraph Act 1885 s.5(2)
The primary Indian statutory authority for intercepting telegraph (including telephone and internet voice) communications on grounds of public safety, national security, or public order. Authorisation is by the Union or State Home Secretary without prior judicial oversight.
PUCL judgment 1997
People's Union for Civil Liberties v. Union of India (1997) 1 SCC 301; the Supreme Court ruling that directed the Indian government to establish procedural safeguards for telephone interception under Article 21 of the Constitution, resulting in the amended Indian Telegraph Rules 1999.
IPA 2016 s.56
Section 56 of the UK Investigatory Powers Act 2016; the statutory provision that renders intercept evidence inadmissible in any legal proceedings in the United Kingdom, whether obtained under a lawful warrant or not.
Judicial Commissioner (IPCO)
An independent judicial figure within the Investigatory Powers Commissioner's Office who approves targeted and bulk interception warrants under the IPA 2016 before they are executed. The dual-authorisation requirement (Secretary of State plus Judicial Commissioner) was introduced after ECHR challenge to RIPA.
ePrivacy Directive
Directive 2002/58/EC on privacy and electronic communications; the EU instrument governing the confidentiality of communications content and traffic data. Article 5 prohibits interception except with consent or lawful authorisation under national law.
CLOUD Act 2018
US Clarifying Lawful Overseas Use of Data Act; allows US-based technology companies to comply with foreign government data demands without MLAT processing, where the foreign government has signed a bilateral CLOUD Act Agreement with the US. In force between the US and UK since 2022.
MLAT
Mutual Legal Assistance Treaty; a bilateral treaty framework under which states make and respond to requests for cross-border evidence production. India has MLATs with 41 countries; the MLAT process for US-held electronic data typically takes six to twenty-four months.
Automatic Speaker Recognition (ASR)
A computational method for forensic speaker comparison using i-vector or x-vector feature extraction from audio recordings to compute a likelihood ratio expressing the probability of the questioned recording given the hypothesis that the same speaker produced both samples.
Bharatiya Sakshya Adhiniyam 2023 s.63
The BSA provision requiring a certificate from a responsible official to authenticate electronic records (including interception recordings) as a prerequisite for their admissibility. Continues the requirement established by IEA s.65B and affirmed in Khotkar (2020).
Technical Capability Notice (TCN)
A power under IPA 2016 s.253 allowing the UK Secretary of State to require a communications provider to maintain the capability to produce intelligible (decrypted) intercept data. Use against Apple's iCloud encryption in 2024 became publicly known and generated international regulatory and commercial controversy.
Practice
Question 1 of 5· 0 answered

Under the Indian Telegraph Act 1885 s.5(2), who is authorised to issue an interception order for a mobile telephone call on grounds of public safety?

Are intercepted WhatsApp messages admissible as evidence in Indian courts?
Yes, but with conditions. WhatsApp messages, as electronic records, require a BSA 2023 section 63 authentication certificate. For messages obtained through a lawful interception under the IT Act 2000 section 69, the certificate must come from the competent authority managing the interception system. WhatsApp's end-to-end encryption means that the content of messages is not readable at the provider level; interception of WhatsApp content therefore requires device-level access (seizure of the device or a warrant for the device's storage) rather than network-level interception of the encrypted data stream. Indian courts have admitted device-extracted WhatsApp messages authenticated by a section 63 certificate in several cases.
Why is intercept evidence not admissible in UK terrorism trials?
The statutory prohibition under IPA 2016 section 56 reflects a policy judgment, periodically reviewed but consistently maintained, that disclosing interception in court would reveal the capabilities of GCHQ and partner agencies and compromise ongoing operations and foreign intelligence relationships. Successive reviews (the Privy Council Review 2003, Lord Anderson's 2014 and 2019 reviews, the Lobban Review 2023) have concluded that the operational risks of admissibility outweigh the prosecutorial benefits. Critics argue that convictions are lost that would be achieved with intercept evidence, and that allied jurisdictions (US, Australia, France) manage intercept admissibility without catastrophic disclosure. The debate continues to be unresolved.
How long does an MLAT request to the US for communications data take?
The US Department of Justice estimates average MLAT processing times of six to twenty-four months for electronic communications data requests. The timeline depends on the complexity of the request, the volume of requests in the queue, and the responsiveness of the requesting country's central authority. The US-UK CLOUD Act Agreement (2022) bypasses MLAT for UK law enforcement with a qualifying warrant, reducing the timeline to weeks. India has no CLOUD Act Agreement with the US and therefore uses the MLAT process, which can create significant delays in obtaining time-sensitive communications data for ongoing criminal investigations.

Test yourself on Fingerprint Sciences with free, timed mocks.

Practice Fingerprint Sciences questions

Found this useful? Pass it along.

Share

Spotted an error in this page? Report a correction or read our editorial standards.

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.