Indian Kanoon - Search engine for Indian Law

(ii) There was no forensic examination of the computer based online examination data collected, within the legal frame work of the Information Technology Act, 2000 by the agencies recognized and approved by an appropriate government and any other opinion obtained may be from Professors or Associate Professors of the Institutes of Technology like in the present case IIT, Kanpur and IIIT, Allahabad, could not be taken as conclusive in law for lack of requisite expertise and requisite authority in law to conduct data verification forensically.

60. On the point of checksum information and hash value which remained wanting for the experts of IITs, Mr. Khare has referred to certain literature in that regard. According to Mr. Khare, hash value is a digital finger print provided to decode encrypted data. It is a digital key to unlock a data which is provided in encrypted form but it depends uopn which kind of data is supplied. If the data has been created and downloaded from the main source server then it creates a hash value so that the data integrity may be verified at a later stage by applying the same. For a set of data, a particular hash value is provided and any modification of data would change the hash value but this would arise only in the event secured data is provided with a hash value. Mr. Ashok Khare, learned Senior Advocate has relied upon the work and literature namely digital fingerprint for investigation and cases involving electronic evidence by the Ovie Carroll and a treatise in the name of Electronic Evidence, old edition by Steaphon Mezon and Denial Sen which refers to hash value as a kind of digital fingerprint which is required to be put to forensic examination for the reason that a professional understands what the tool to be used to unlock the device perform the relevant task and also manner and method in which a computer device is required to be examined forensically so as to return a finding as to data integrity. Since the result processing data was there provided by the Aptech to the U.P. Jal Nigam which in turn was forwarded to the Professors for verification and examination, then in that event, if the checksum information and the hash value is lacking, the proper course would have been for the Corporation to have asked for it from the Aptech itself or to have brought the Aptech in touch with the Professors of IITs. Still further as Mr. Khare argues, once the data was seized from the local environment of the Aptech Limited then best course was to provide the Professors access to this data but the Corporation having not done so, committed manifest illegality and in such circumstances a mere expressed opinion by the Professors of the IITs for want of requisite material cannot be itself a ground to annul the entire selection and appointments made.

66. To sum up the arguments and the submissions advanced by Mr. Khare on behalf of the petitioners before this Court, according to him, the Corporation failed to undertake any exercise worth a genuine exercise to segregate tainted from untainted candidates. Having based its decision upon mere reports obtained from the Associate Professors of IITs having no accredition to conduct forensic examination of electronic/ computer data based records under the Information Technology Act, 2000 and police investigation report, it misdirected itself in arriving at a conclusion that there was no possibility to segregate tainted from untainted candidates and hence no notices were required to be issued to selected and appointed candidates, for cancelling their respective appointments.