THE POLICY LAB (TPL) - 61
FEBRUARY 17, 2025

By J B Mohapatra

A: SINCE recording of financial transactions intended to be kept away from either the scope of taxation or from any other regulatory notice and scope, increasingly being made on privately hosted electronic platforms through bilateral or group exchanges, changes to law have been proposed in the Income Tax Bill 2025 (IT Bill, 2025) in a manner robust enough to tackle the issues of detection and recovery of those unreported transactions and setting up a statutory mechanism for addressing the mode and manner of detection, ensuring to retain data fidelity and integrity and data retrieval. Tactical amendments to the existing provisions have been made in order that the statutory import and significance of evidences by way of information stored in an electronic media or a computer system found and seized in course of a search proceeding are gainfully utilised for the objects of the revenue.

B: In order to give effect to the aforesaid intendment, section 247 of IT Bill, 2025 has remodelled the existing framework under section 132 of the Income Tax Act, 1961 (ITA, 1961) in the following manner:

One, by saying that 'any information stored in any electronic media or a computer system' is as much revenue-significant as any books of accounts or other documents, and any failure of any person to submit those despite notices or summons or any apprehension that the person would be unwilling to share 'any information stored in any electronic media or a computer system' is sufficient ground for authorising a search.

Two, by allowing search of a physical space where "any information stored in any electronic media or a computer system" is suspected to be kept.

Three, by requiring any person found in possession or control of any books of accounts or other documents maintained in cell phones, personal digital devices, or computers or computer networks or computer systems or kept in electronic form or in electronic records to allow inspection of such electronic record by an authorised officer.

Four, by permitting the authorised officer to gain access to information in the electronic devices and networks, in case access code is not made available, by overriding the access code.

Five, in terms of section 247(6) of IT Bill, 2025, by permitting an authorised officer to obtain statement of a person who has access control of any computer system, and allowing the statement so obtained to be used in any evidence in any proceeding under the Act. The provision reads as follows:

(6) The authorised officer may, during the course of any search or seizure, examine on oath any person who is found to be in possession or control or access holder of any computer systems, books of account, other documents or asset, or any other person who is present in the premises or is being searched, and--

(a) any statement made by the such person, during such examination may thereafter be used in evidence in any proceeding under this Act; and

(b) the examination of any such person may be not merely in respect of any books of account, other documents or assets found as a result of the search, but also in respect of all matters relevant for the purposes of any investigation connected with any proceeding under this Act.

C: For appreciating all that have been included within the powers of the authorised officer conducting a search u/s 247 (or even by an income tax authority conducting a survey u/s 253) as regards books of accounts or documents maintained in the form of electronic record, the definition of two terms in section 261 would be essential.

First, definition of computer system in section 261(e):

"computer system" means computers, computer systems, computer networks, computer resources, communication devices, digital or electronic data storage devices, used on stand-alone mode or part of a computer system, linked through a network, or utilised through intermediaries for information creation or processing or storage or exchange, and includes the remote server or cloud server or virtual digital space;

Second, definition of virtual digital space in section 261(i):

"virtual digital space" means an environment, area or realm, that is constructed and experienced through computer technology and not the physical, tangible world which encompasses any digital realm that allows users to interact, communicate and perform activities using computer systems, computer networks, computer resources, communication devices, cyberspace, internet, worldwide web and emerging technologies, using data and information in the electronic form for creation or storage or exchange and includes--

(i) email servers;

(ii) social media account;

(iii) online investment account, trading account, banking account, etc.;

(iv) any website used for storing details of ownership of any asset;

(v) remote server or cloud servers;

(vi) digital application platforms; and

(vii) any other space of similar nature.

While there is no definition of 'virtual digital space' either in the Information Technology Act, 2000 or by the FATF, definition of 'computer system' in the IT Bill, 2025 is entirely for the purposes of the Act it is meant to subserve and not in the manner provided in Information Technology Act, 2000. Subsection (l) of section 2(1) of Information Technology Act, 2000 reads as below:

(l) "computer system" means a device or collection of devices, including input and output support devices and excluding calculators which are not programmable and capable of being used in conjunction with external files, which contain computer programmes, electronic instructions, input data and output data, that performs logic, arithmetic, data storage and retrieval, communication control and other functions;

That said, in essence, the new provision in IT Bill, 2025 has made 'virtual digital space' a subset of 'computer system' permitting search of a place where 'computer systems' are kept, and inter alia permitting the authorised officer to gain access to the 'virtual digital space'. This space incidentally includes the social media account of a person apart from specific platform verticals which generally or exclusively facilitate storing, safekeeping, recording transfer and exchange and administration of financial and investment data.

D: Statement of the person u/s 247(6) who is found to be having access of any computer system, that statement made with relation to what are found recorded within the computer system, since capable of being used as an evidence in any proceeding under section 247(6) of the Act thus is of crucial significance, since 2 statutory presumptions are underpinning the statement. These presumptions as per section 247(7) below:

(7) Where any books of account (in physical form or electronic form), other documents or asset, is found in the possession or control of any person in the course of a search, it may be presumed-

(a) that such books of account, computer systems, virtual digital space, other documents or asset, belong or belongs to such person;

(b) that the contents of such books of account, other documents, electronic content, records or communication found on such computer systems or virtual digital space, are true;

(c) ….

(d) …..

E: Issues that arise in statutorily recognising the information found on computer system and virtual digital space as 'evidence' for the purposes of a proceeding under the Income Tax Act are:

(a) these are 'electronic record' which are also required to be proved through a statutory protocol established under the Bhartiya Sakshya Adhiniyam, 2023(BSA,2023), a central Act intended to 'provide general rules and principles of evidence for fair trial.'

Section 63(1) of BSA, 2023 mandates an electronic record to be admissible as evidence in a proceeding only if conditions in sub-section (2) below are satisfied.

"(2) The conditions referred to in sub-section (1) in respect of a computer output shall be the following, namely:-

(a) the computer output containing the information was produced by the computer or communication device during the period over which the computer or communication device was used regularly to create, store or process information for the purposes of any activity regularly carried on over that period by the person having lawful control over the use of the computer or communication device;

(b) during the said period, information of the kind contained in the electronic record or of the kind from which the information so contained is derived was regularly fed into the computer or communication device in the ordinary course of the said activities;

(c) throughout the material part of the said period, the computer or communication device was operating properly or, if not, then in respect of any period in which it was not operating properly or was out of operation during that part of the period, was not such as to affect the electronic record or the accuracy of its contents; and

(d) the information contained in the electronic record reproduces or is derived from such information fed into the computer or communication device in the ordinary course of the said activities."

In case, a statement in evidence of the electronic record submitted for admission is desired to be given in any proceeding, a certificate in terms of section 63(4) is a statutory prerequisite. That certificate includes the details of the electronic record, how the electronic record was produced, the device on which the electronic record was produced, that the electronic record has not been altered or tampered with, and that the electronic record was produced on a device that is being regularly used. A person occupying an official position in relation to the operation of the device which created the record has to sign the certificate.

Thus the questions would be whether the presumption in section 247(7) of the IT Bill, 2025 will override the requirements of validation and certification under the BSA, 2023 or whether the conditions for admissibility of an electronic record as an evidence must be met under BSA, 2023 before according any benefit to the authority of any presumption under section 247(7) of IT Bill, 2025.

(b) desirability of according a blanket and unfettered statutory presumption to new and unexplored territories of technology while being cognizant of misuse of technology through hacking, damaging, stealing, and planting information on computer system, network, server through malware, social engineering or spoofing or revenge cyber- attack etc.

(c) can it be a case that presumption as provided in section 247(7) of the IT Bill, 2025 would only be for the purposes of determination of tax, interest and penalty under the IT Bill, 2025, and that the case if taken to trial under the BNS, 2023 will need to additionally satisfy the conditionalities of BSA, 2023.

F: While it is undeniable that communication platforms assuring fast, secure, seamless and most times encrypted information exchange have led to storing, safekeeping, processing and transferring high value financial data, many times these very platforms are utilised as channels of communication for non-reporting, under reporting of income, or for structuring, smurfing, camouflaging, layering and for all stages of laundering and criminal activities. Recognition of that fact through the provisions of IT Bill, 2025 is a necessary first step in building a strong legislative deterrent. The framework for that deterrent though can be configured on existing statutory protocol under BSA, 2023 and having a clear view of the realities under the current dispensation of digital communication.