The Cyber Forensic Laboratory (CFL) of the Indian Computer Emergency Response Team (Cert-In) has been officially designated as an “Examiner of Electronic Evidence” by the Government of India under Section 79A of the Information Technology Act. This designation establishes Cert-In’s CFL as the first and only agency authorized to examine a broad spectrum of digital evidence types, including drone storage media, CCTV forensics, and cloud forensics, alongside traditional sources such as computers and mobile devices.
Unlike other notified agencies, which are restricted to analyzing computer and mobile device evidence, Cert-In’s expanded scope highlights its technological prowess and strategic importance in digital forensic investigations. Cert-In CFL can now offer expert opinions on complex and emerging digital evidence types, reinforcing its critical role in supporting law enforcement and judicial proceedings.
Expanded Scope of Cert-In CFL
Through a gazette notification dated November 27, 2024, the Ministry of Electronics and Information Technology (MeitY) broadened the CFL’s forensic capabilities. Key inclusions are:
- Drone Storage Media Analysis: Enables forensic examination of storage devices used in unmanned aerial systems.
- CCTV Forensics Media Recovery: Focuses on retrieving and analyzing data from CCTV systems (excluding video authentication and enhancement).
- Cloud Forensics: Requires secure examination from Cert-In’s premises, using credentials recovered from seized evidence.
- Computer and Mobile Device Forensics: Continued analysis of digital evidence from these traditional platforms, excluding floppy disk drives.
Significance of Cert-In’s Expanded Role
Cert-In’s CFL not only enhances the capacity for handling diverse electronic evidence but also sets benchmarks for forensic standards in India. By leveraging advanced technologies and licensed tools, the CFL ensures that evidence integrity is maintained throughout the investigative process.
MeitY’s Evaluation and Reporting Scheme
Under MeitY’s “Scheme for Notifying Examiner of Electronic Evidence”, notified agencies like Cert-In must meet stringent criteria, including:
- Technical expertise and skilled manpower.
- Access to licensed forensic tools and secure environments.
- Implementation of a robust quality management system.
Additionally, these agencies must submit annual reports detailing their casework, court appearances, and tool updates. Cert-In’s compliance with these measures underscores its reliability and competence in forensic science.
Other Notified Agencies
While Cert-In’s CFL enjoys a comprehensive mandate, other notified agencies are more narrowly focused:
- Army Cyber Group (DGIS Enclave): Focused on computer forensics excluding floppy disks.
- Navy Cyber Group (Chanakyapuri): Specializes in similar domains as the Army Cyber Group.
- Forensic Science Department, Chennai: Primarily tasked with computer media forensics.
Since 2018, 12 agencies have been notified under Section 79A, but most are restricted to traditional computer and mobile device forensics.
CERT-In, short for the Indian Computer Emergency Response Team, serves as the National Incident Response Centre for significant computer security incidents across the Indian cyber community. Established in 2004 by the Government of India under Section 70B of the Information Technology Act, 2000, CERT-In operates under the Ministry of Electronics and Information Technology. Its primary mission is to safeguard India’s cyberspace by addressing and mitigating cybersecurity threats and incidents effectively.
Leave a Reply