Background

I’ve written on this subject earlier (see here) and primarily on the Karnataka High Court ruling (“Virendra Khanna”) on the subject.

Ruling in Virendra Khanna

In Virendra Khanna, the High Court permitted the Investigating agencies to direct the accused to disclose his password, and in case of non-compliance, seek Court’s intervention in that regard.

Not only this, it provided that in case of refusal by the Accused, an adverse inference can be drawn against the Accused.

It had held:

Given the law laid down in Kathi Kalu Oghad’s case (supra), such information does not amount to accused being compelled to be “a witness against oneself”. Merely providing one’s password, passcode, biometrics, does not amount to making an “oral statement” or a “written statement”. Therefore, it cannot be said to be a “testimonial compulsion”. Article 20 and S.161 of the CrPC is, therefore, not violated.

Virendra Khanna v. State of Karnataka (2021 SCC Online Kar 5032).

As I argue in my previous post, while the judgment had the distinction of being one of the first Indian rulings on the subject, it did not deal with the constitutional issues involved rigorously.

The Problems with Virendra Khanna judgment

It did not, for instance, engage with the need for judicial safeguards and the issue of the legal impermissibility of issuing a S.91 notice to an accused.

After the said judgment, a Delhi Sessions Court (see here), in a detailed judgment, has ruled to the contrary.

The Delhi ruling CBI v. Mahesh Kumar Sharma

The Court held:

An investigating body does not have the right to seek the password of the electronic device of an accused without his consent as the same would run foul of Article 20(3) of the Constitution of India as well as Section 161(2) of the Code of Criminal Procedure. If the purpose, of course, is to access his electronic device and look for evidence.

CBI v. Mahesh Kumar Sharma & ANr, 2022 SCC OnLine Dis Crt (Del) 48

The Court then went on to a deal with a number of related issues.

On the issue of whether compelled disclosure of the password amounts to testimonial compulsion, the court said:

Further, the Delhi Court overcame the Karnataka High Court ruling by holding it to be per-incuriam:

The Court also went on to deal with an order of the Supreme Court where an accused was directed to provide his password:

Further, the Court ruled out the possibility of an adverse-inference against an accused refusing to disclose his password. It held:

Finally, the Court concluded by saying:

What next?

The issue is a complex one and requires a deft balancing of, on one hand, the imperatives of investigation and, on the other, the right to privacy and right against forced incrimination.

I believe the answer, as with most things, may lie somewhere in the middle. In a more balanced and nuanced approach which provides for timely judicial intervention and scrutiny on a case-to-case basis to ensure that, while legitimate investigative steps are not snubbed, due process and constitutional rights are also respected. To ensure that important evidence for serious crimes (which otherwise cannot be procured) is obtained but – at the same time- fishing expeditions, roving enquiries and harassment by the State agencies are checked.

The right against self-incrimination (being forced to incriminate oneself) is an extremely important fundamental right and any attempt at whittling it down has to be a very well thought one.

The caution of Stephen in this regard is important to remember.

He had said : an abolition of this privilege would be an incentive for those in charge of enforcement of law:

“to sit comfortably in the shade rubbing red pepper into a poor devil’s eyes rather than to go about in the sun hunt’ up evidence”

Stephen’s History of Criminal Law, p. 442 as quoted in Kathi Kalu Oghad – 1961 AIR 1808