Self-Destructing Messages / Apps or ephemeral messages are those messages which “disappear” once the recipient of such message has seen or read the message!
Some apps allow one to exchange SMS, messages, and media files without worrying about message history being stored or tracked. These messages can disappear after a set amount of time, leaving no trace or history behind. Various platforms which provide this facility are WhatsApp, Snap Chat, Messenger, Telegram, Gmail etc.
1. How are self-destructing messages used?
Ephemeral messages has provided users with a level of privacy in their messages that has never been seen before. Cyber Dust and Confide, for example, encrypt your messages, prevent screen shots from being taken of them, and (of course) erase messages you transmit shortly after they are read–leaving no digital trail. While Snapchat isn’t as secure as other social media platforms, it still allows users to send and receive messages that “vanish” once they’ve been read. These apps may, therefore, also be used for concealing potentially harmful behaviour or acts.
For example, in some cases, these social media platforms, can be a primary tool for inappropriate behaviour such as harassment and bullying. The disappearance of pictures on such platforms may make it more difficult to notice, investigate, and correct such wrongdoing, as well as use such evidence in court. Harassment and inappropriate behaviour, which may have previously been limited to email and text messages, can now occur “off the clock” nearly anywhere and in 10-second vanishes as well! In such cases it becomes hard to detect and track crimes and misconduct as there in no proof of such act.
Employers / police / courts may experience challenges recognising and investigating workplace wrongdoing / sexual harassment etc. due to the ephemeral nature of these messages (be it photographs, videos etc.).
2. What are the pre-requisites of reporting online sexual harassment and what to do in case of self-destructing messages?
The cybercrime complaints can be registered with the cybercrime cells. The process of filing the complaint is both online (National Cyber Crime Reporting Portal) and offline, and the survivor can choose the procedure according to their convenience. In case the survivor does not have access to any of the cybercrime cells, they can lodge the FIR at the local police station under Section 154 of Code of Criminal Procedure.
If the survivor/complainant reports the crime related to women or children, they will have two ways to register the complaint. First method is, it can be reported anonymously where the complainant will not have to provide any personal information and the complaint will be registered anonymously and the complainant will be asked to provide information about incidental details like the category of cyber-crime, date and time of the incident, state and district of the survivor, platform where the incident occurred and evidence / proof of the said message (images, videos, documents or link to CP/RGR content) and details of the suspects as well. Second method is, the survivor can provide their personal details and then rest of the information will have to be provided as mentioned in the above category.
In case of self destructing messages the problem is of documentation of evidence / proof of such harassment. When a complaint is filed with the police or cyber cell then documentation is necessary. While reporting an online harassment the documents which the survivor may need to present are:
- A copy or screenshot showing the alleged profile/content
- A screenshot of the URL of the alleged content
- Hard and soft copies of the alleged content
- Ensure that the soft copy is provided in a CD-R
In general circumstances it may be easier to collect and save evidence when a message is received through any social media website. But in case of self-destructing messages the main problem comes with documentation because as soon the message is read it gets deleted and the survivor may be left with no proof of such abuse.
How this can be dealt with and what police and courts will do, is something that we will have to wait and see. However, currently, there seems to be two ways in which evidence can be gathered from such messages:
- Firstly, when any offensive or sexually explicit message is received the survivor can take a screenshot of the same immediately, before closing and
- Secondly, if there is a back-up system in the phone then the photos or messages can be uploaded in the cloud which can also be considered as evidence. However, in such cases the probability of considering these messages as primary evidence may be low. These messages may be considered as secondary evidence in the court of law.
3. What is the status of admissibility and validity of electronic records as evidence in a court of law?
Evidence law in India is divided into two categories: primary evidence and secondary evidence. Primary evidence is defined in Section 62 and secondary evidence is defined in Section 63 of the Indian Evidence Act, 1872. The original documents are regarded primary evidence, while any number of copies or reproductions of the original are considered secondary evidence. Hence, for example, the primary evidence is any gadget that makes an electronic record. Printouts or soft copies of the electronic record are considered secondary evidence. When main evidence is unavailable, secondary evidence is not admissible, according to the general rule of evidence law.
The Courts have implemented severe standards for reviewing the validity and dependability of electronic records, including discussions on online messaging platforms, in light of the possibility of the documents being tampered with.
For example, when a message comes in a device, it could be primary evidence and when it gets shared, primary evidence ends there. If a screenshot is taken or the photo is taken from another device, that is still considered as secondary evidence and secondary evidence presented without primary evidence is very difficult to be relied upon by the court of law. In order to consider an electronic record, the following conditions must be met. Section 65B (2) lays out the requirements that must be met before a computer output can be deemed evidence. They are as follows:
- The message containing the information was created by the device at the time when it was frequently used to store or process information by the person who had legal authority over the device
- In the ordinary course of the said activities, information of the kind contained in the electronic record or from which the information so contained is derived was regularly fed into the computer
- During the time period in question, the computer was in good working order.
These are the elements that must be met if certified copies of WhatsApp chats or any other “electronic evidence” in secondary form is to be presented as evidence in a Court. The requirement of producing a certificate is mandatory in order to admit electronic records as evidence.
In Arjun Panditrao Khotkar v. Kailash Kushanrao, 2020, the Supreme Court of India by upholding the decision in Anwar P.V. v P.K. Basheer, 2012 held that the condition mentioned under Section 65B(4) of the Evidence Act (which is regarding the certificate to be produced before the court) is essential for admissibility of electronic records. Also held that it is not necessary to produce a certificate before a court of law if the ‘original document’ is produced itself. And in all other cases, the electronic record can go through according to the content of Section 65B(1) together with a certificate defined under Section 65B(4) of the Indian Evidence Act. In Rakesh Kumar Singla v. Union of India, 2021, the Punjab and Haryana High Court relied upon WhatsApp chats while granting a bail application in an NDPS case and also held that without any certificate under Section 65B of evidence act, WhatsApp chats cannot be treated as evidence.
From the above, we can consider that since most of the chat / message records are submitted as printouts, WhatsApp chats etc. are outside the scope of Section 62 (primary evidence), and thus cannot be used as key evidence. However, if the mobile device with the actual communication (the original copy of a WhatsApp chat) is brought to a court, it could be considered as strong primary evidence.
4. What do the IT Rules 2021 say?
The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 are the most recent Rules in relation to this subject. Under the IT Act, an intermediary is not liable for the third-party information that it holds or transmits. However, to claim such exemption, it must adhere to the due diligence requirements under the IT Act and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. Each significant social media intermediary is required to establish a grievance redressal mechanism. The new IT rules have come up with several due diligence that has to be followed by the social media intermediaries like facebook, whatsapp, snapchat etc. Out of which few will be discussed below:
- The intermediaries should appoint a nodal officer or nodal contact person for 24*7 coordination with the law enforcement agencies.
- The intermediaries should appoint a resident grievance officer who shall perform the functions mentioned under grievance redressal mechanism.
- Significant social media intermediaries providing services primarily in the nature of messaging shall enable identification of the first originator of the information. An order directing an intermediary to identify the first originator can only be issued for the purposes of preventing, detecting, investigating, or prosecuting any offence involving India’s sovereignty or integrity, security and relations with other countries, public order, or information depicting rape or sexually explicit material or child sexual abuse material. This would mean that the end-to-end encryption clause of the intermediaries is compromised.
Intermediaries are required under the rules to give information under their control or possession to government agencies upon request. Such a request can be made by any government agency that is legally authorised to conduct investigative, protective, or cybersecurity actions. The request could be made for identification verification, or to prevent, detect, investigate, or prosecute crimes under any law, or to report cybersecurity incidents. However, the Rules do not state any procedural safeguards or requirements for such actions.
These rules have sparked a dispute between the centre and some digital and social media corporations, who allege that the guidelines are “illegal and unconstitutional”. Currently cases are being heard in various High Courts challenging the constitutionality of IT rules 2021.
5. Can sending self-destructing messages be considered ‘destruction of evidence’?
Spoliation of evidence occurs when someone negligently or purposefully withholds or destroys relevant information that will be needed in a case. Can a person using these platforms or using such messaging system be held liable for destruction of evidence? Indian legal system has not provided an answer for this currently. However, if we see global cases, Courts may consider these three factors when determining whether someone has committed spoliation: 1) whether a duty to preserve evidence existed before the evidence was destroyed; 2) whether the person accused of spoliation was at least negligent in destroying the evidence; and 3) whether the destruction of the evidence prejudiced the other party.
The plaintiffs in Herzig v. Arkansas Foundation for Medical Care, Inc. 2018 installed Signal on their phones and set it to erase texts. During his deposition, one of the plaintiffs revealed that they were communicating over Signal. According to the court the plaintiffs’ installation and usage of Signal amounted to an intentional conduct “to withhold and delete discoverable evidence”. While the court found that “this willful, bad-faith spoliation of evidence was an abuse of the judicial process.
In WeRide Corp. v. Huang, 2020 terminating sanctions were imposed against the defendant corporation & defendants pursuant to Fed. R. Civ. P. 37(b) & Rule 37(e) for spoliation of electronic information. An e.g. of that intentional misconduct and spoliation, was corporation’s decision to switch its internal communications to an ephemeral messaging app, after the duty to preserve arose. Because the court decided the case, without any analysis, that moving to ephemeral messaging involves spoliation it is not considered as an accurate judgement.
The idea behind punishing persons who spoliate evidence is that it implies that they have a guilty conscience. Do users of these apps have a guilty conscience when they use these apps for sexual harassment? Can they be held guilty for destruction of evidence? We will have to wait and see how Indian courts and legislations define these.
6. Surviving ephemeral message harassment
More than half of women aged 18 to 29 receive inappropriate sexual photos on the internet. Harassment can be of four types:
- Non-consensual sharing of intimate pictures and videos – Images of a person’s intimate moments are shared or taken without consent. It can also take a form of revenge porn.
- Exploitation, threats and coercion – A person who is threatened sexually, is forced to engage in sexual behaviour online, or is blackmailed with sexual content.
- Bulling – A person who is humiliated, upset, or discriminated against by a group or community by the use of sexual content that humiliates, upsets, or discriminates against them.
- Unwanted sexualisation – These behaviours include comments that are sexualized, Sending sexual stuff (pictures, emoticons, messages) to someone without their permission, Sexually oriented jokes, Changing a person’s image to make them sexual
When one receives sexually explicit messages, one typically becomes shocked, taken aback, fearful of someone seeing the content, being judged etc. In other cases, one may simply turn off the phone. Gathering proof is the last thing on their minds. As a result, it’s impossible to tell if harassment has occurred because the messages get deleted after they’ve been viewed. As a result, when there is no evidence, it becomes extremely difficult to prove that sexual harassment occurred.
Therefore, until there is more clarity on how to deal with such situations, it may be extremely important to take a moment and save screenshots, take a picture from another phone, confide in someone / show it to someone before closing the message, if you’re being abused by a specific person or group on a regular basis, you might want to keep a log to help you see patterns and gather proof. Blocking, muting, and reporting abuser are other options that are available. Facing these situations can be tough and seeking professional mental health care can also help, especially if you’ve reached a point where you’re feeling hopeless or immobilised by fear.
– Adv. Shivangi Prasad – Corporate Lawyer, External Member & Trainer, Head – Legal & Compliance, Partner POSHequili & Aiswarya Krishnan, Symbiosis Law School, Pune, 2019-2022, 3rd Year, Three Year LLB