All articles
Compliance

WhatsApp Chats as Court Evidence India 2026: BSA 63

Are WhatsApp business chats valid court evidence in India? Yes, under Bharatiya Sakshya Adhiniyam 2023 Section 63 with a proper certificate. Here is how.

RichAutomate Editorial
11 min read 0 views
WhatsApp Chats as Court Evidence India 2026: BSA 63

Yes — WhatsApp business chats are admissible as evidence in Indian courts, provided they are produced under Section 63 of the Bharatiya Sakshya Adhiniyam (BSA), 2023 (the successor to Section 65B of the old Indian Evidence Act), with the required certificate authenticating the electronic record. The catch is that a screenshot alone rarely holds up: courts want the record produced from the source system, its integrity vouched for, and a signed Section 63(4) certificate attached. This guide explains how to make your business WhatsApp records court-usable in 2026 — the BSA certificate workflow, why an official WhatsApp Business API thread beats a personal-number chat in a dispute, how to archive messages immutably from the API, and how to balance evidence retention against DPDP data-minimisation. It is written for founders, CAs, advocates and collections teams; verify the current position with your counsel, as case-law on the new BSA is still settling.

Are WhatsApp chats valid evidence in India?

They can be, but they are treated as electronic records, not ordinary documents. Since 1 July 2024 the Bharatiya Sakshya Adhiniyam, 2023 replaced the Indian Evidence Act, 1872, and Section 63 of the BSA now governs the admissibility of electronic records — carrying forward the framework that businesses knew as Section 65B. The core rule is unchanged in spirit: a computer/phone output (a chat export, a server log, a message record) is admissible as evidence of its contents if the conditions in Section 63 are met and it is accompanied by a certificate. Courts have repeatedly held that without that certificate, secondary electronic evidence can be refused — so the certificate is not a formality, it is the gate.

The Section 63 certificate — what it must say

Section 63(4) requires a certificate that identifies the electronic record, describes how it was produced, and gives particulars of the device or system involved, signed by a person occupying a responsible official position in relation to the operation of the relevant device or management of the relevant activities (verify the exact statutory wording and any notified format with your counsel). In plain terms, for a WhatsApp thread the certificate should establish:

  • The source: which WhatsApp Business Account / number the messages came from, and the system used to export or archive them.
  • The method: how the export or archive was generated (an in-app export, or an API-side webhook capture into your store).
  • Integrity: that the record was produced in the ordinary course of the activity and has not been altered — a hash value computed at export time is strong corroboration.
  • The signatory: a responsible person (proprietor, director, IT/compliance officer) who can attest to the above.

A phone screenshot fails most of this — it has no source-system provenance, no integrity proof, and is trivially editable. That is why a defensible workflow captures the record from a system, not from a screen.

Why an API (green-tick) thread beats a personal-number chat in court

Disputes over orders, payment terms, delivery commitments and cancellations are increasingly fought on WhatsApp threads. An official WhatsApp Business API account has evidentiary advantages a personal or free Business-app number does not:

  • Verified identity: a green-tick, Meta-verified business name reduces "that wasn't our official channel" arguments about attribution.
  • Server-side message logs: the API delivers every message and status (sent, delivered, read, failed) to your webhook, so you hold an independent, timestamped record on your own infrastructure — not just on a handset that can be lost, wiped or claimed to be tampered with.
  • Immutable archival: you can pipe those webhooks into a write-once store the moment they arrive, giving a clean chain of custody. Our WhatsApp message & event data pipeline guide covers building exactly this webhook-to-store layer.
  • Access governance: role-based access and audit trails on an API stack (see our WABA security hardening guide) support the "responsible person" and integrity assertions the certificate needs.

None of this guarantees a court will admit the record — that is always the judge's call on the facts — but it materially strengthens the provenance and integrity story behind the Section 63 certificate.

How to make your WhatsApp records court-usable — a workflow

A practical, defensible archival routine looks like this:

Stop overpaying on WhatsApp

Get the DPDP WhatsApp checklist

A founder-led WhatsApp reply with the DPDP consent + audit-log checklist for WhatsApp Business messaging. India-hosted. No spam.

DPDP-compliant · India-hosted · 1-min reply
  • Capture at source: for API threads, store every inbound and outbound message and its status from the webhook into an append-only archive as it arrives; for app-only numbers, use the built-in chat export.
  • Hash on capture: compute and store a cryptographic hash (e.g. SHA-256) of each exported file or message batch at the moment of capture, so you can later demonstrate the record has not changed.
  • Timestamp and log: keep server timestamps and the operator/system identity for each capture event — this is your chain of custody.
  • Retain to a schedule: hold records for the period your contracts, limitation windows and sector rules require, then purge on a stated schedule (see the DPDP balance below).
  • Certificate on demand: when a dispute arises, generate the Section 63(4) certificate referencing the specific record, its source system, method of production and hash, signed by your responsible person.

For businesses that already dispute receivables over WhatsApp — CAs chasing fees, firms chasing invoices — this turns the same thread that did the work into the evidence that proves it. Our WhatsApp guide for CA firms and guide for law firms and advocates show the client-communication side of this discipline.

The DPDP tension: keep enough, but not too much

Evidence law pulls toward keeping records; the Digital Personal Data Protection Act, 2023 pulls toward keeping less. The two are reconcilable, and the balancing test is the compliance work:

  • Purpose and storage limitation: DPDP expects you to retain personal data only as long as necessary for the purpose. "Might need it as evidence" is a legitimate purpose — but it must be a defined, documented retention schedule, not indefinite hoarding of every customer's chats.
  • Minimise what you archive: archive the transactional thread that could become evidence, not unrelated personal data swept up alongside it.
  • Access and erasure requests: be ready to tell a data principal what you hold and to honour erasure where the law permits — while lawfully retaining what an active or anticipated dispute, or a statutory record-keeping duty, requires. Our DPDP grievance & data-portability guide walks the request-handling side.
  • Sector archival rules override the default: regulated firms (SEBI, RBI, IRDAI-supervised) often have communication-archival and record-retention mandates that set the floor — those win over a shorter default. Verify your sector's current norms.

Document the retention schedule and its legal basis; that document is itself part of your DPDP and evidentiary posture. Verify commencement and the operative DPDP Rules with counsel — see our DPDP Rules 2026 business-changes guide for current status.

What a compliant WhatsApp stack costs on RichAutomate

Running your business on the official WhatsApp Business API — the version that gives you server-side logs and archivable webhooks — costs less than most teams expect. RichAutomate charges ₹0 platform fee, ₹0 setup and ₹0 monthly; you pay only for messages. Two models:

  • Client Pay — ₹0.10 per message plus Meta's conversation charges billed to you directly at cost by Meta.
  • SaaS Pay — ₹1.20 marketing / ₹0.30 utility per message, all-inclusive on one INR GST invoice, tiering down toward ₹0.30 at volume.

Going live on the official API needs a verified business, and in India GST is effectively required to move a WhatsApp Business Account to live status — treat it as necessary, not optional. See the full WhatsApp Business API cost breakdown for the per-conversation maths. A 14-day free trial with 100 free credits lets you stand up the webhook archive and test message logging before you commit.

Make your WhatsApp threads court-ready

RichAutomate runs on the official Meta WhatsApp Business API, so every message and delivery status lands on your webhook — the independent, timestamped record you need behind a Section 63 certificate — at ₹0 setup, ₹0 monthly, ₹0 platform fee. Client Pay is ₹0.10/message plus Meta's rates billed direct at cost; SaaS Pay is ₹1.20 marketing / ₹0.30 utility all-inclusive. Start with a 14-day free trial and 100 free credits, or book a 30-minute walkthrough. This is general information, not legal advice — verify the current BSA and DPDP position with your counsel.

Start your 14-day free trial → · Book a 30-min walkthrough · See how message archival works

Ready to ship this?

Get the DPDP WhatsApp checklist

A founder-led WhatsApp reply with the DPDP consent + audit-log checklist for WhatsApp Business messaging. India-hosted. No spam.

DPDP-compliant · India-hosted · 1-min reply
Tagged
Electronic EvidenceBSA 2023Section 63Bharatiya Sakshya AdhiniyamWhatsApp EvidenceRecord RetentionDPDPChain of CustodyWhatsApp Business APIIndia2026
Written by
RichAutomate Editorial
Editorial team at RichAutomate. We build the WhatsApp Business automation platform Indian D2C brands, fintechs, and agencies use to ship campaigns and flows on the official Meta Cloud API.
FAQ

Frequently asked questions

Are WhatsApp chats admissible as evidence in Indian courts?
Yes, WhatsApp chats can be admitted as evidence, but they are treated as electronic records under Section 63 of the Bharatiya Sakshya Adhiniyam (BSA), 2023, which since 1 July 2024 replaced Section 65B of the old Indian Evidence Act. Admissibility depends on meeting the Section 63 conditions and attaching the required certificate authenticating the record. Courts have refused electronic evidence produced without that certificate, so it is a genuine gate rather than a formality. A bare screenshot is weak because it has no source-system provenance or integrity proof; a record exported or archived from a system, with a hash and a signed certificate, is far more defensible. Case-law under the new BSA is still settling, so verify the current position with your counsel.
What is a Section 63 (BSA) certificate for a WhatsApp record?
Section 63(4) of the Bharatiya Sakshya Adhiniyam, 2023 requires a certificate that accompanies secondary electronic evidence, identifying the electronic record, describing how it was produced, and giving particulars of the device or system, signed by a person in a responsible official position regarding that system or activity. For a WhatsApp thread the certificate should establish the source (which WhatsApp Business Account and export/archive system), the method of production, the integrity of the record (a hash computed at export is strong corroboration that it was not altered), and the identity of the responsible signatory such as a proprietor, director or compliance officer. Verify the exact statutory wording and any notified format with your legal counsel, since the framework is newly recodified.
Is a WhatsApp Business API thread stronger evidence than a personal-number chat?
Generally yes on provenance and integrity. An official WhatsApp Business API account carries a green-tick, Meta-verified business identity that reduces attribution disputes, and it delivers every message and status to your webhook, giving you an independent, timestamped server-side record on your own infrastructure rather than only on a handset that can be lost, wiped or challenged as tampered. You can archive those webhooks into a write-once store as they arrive, creating a clean chain of custody, and enforce role-based access and audit trails that support the responsible-person and integrity assertions a Section 63 certificate needs. This does not guarantee admission, which remains the court decision on the facts, but it materially strengthens the provenance story compared with a personal or free Business-app number.
How should a business archive WhatsApp messages so they hold up in court?
Use a source-based, defensible routine rather than screenshots. For API threads, store every inbound and outbound message and its delivery status from the webhook into an append-only archive as it arrives; for app-only numbers, use the built-in chat export. Compute and store a cryptographic hash such as SHA-256 of each export or batch at the moment of capture so you can later prove the record was not changed, and keep server timestamps and the capturing operator or system identity as your chain of custody. Retain records for the period your contracts, limitation windows and sector rules require, then purge on a stated schedule. When a dispute arises, generate the Section 63(4) certificate referencing the specific record, its source system, method of production and hash, signed by your responsible person.
How do evidence retention and the DPDP Act fit together for WhatsApp records?
Evidence law encourages keeping records while the Digital Personal Data Protection Act, 2023 encourages keeping less, and the reconciliation is the compliance work. DPDP expects retention only as long as necessary for a defined purpose; keeping records as potential evidence is a legitimate purpose but it must sit on a documented retention schedule, not indefinite hoarding. Archive the transactional thread that could become evidence rather than unrelated personal data swept up alongside it, be ready to answer access and honour erasure requests where the law permits while lawfully retaining what an active or anticipated dispute or a statutory duty requires, and remember that sector archival rules for SEBI, RBI or IRDAI-supervised firms can set a longer mandatory floor. Document the schedule and its legal basis, and verify the current DPDP Rules and commencement status with counsel.
RichAutomate · WhatsApp BSP for India 2026

Ship WhatsApp campaigns + flows on a transparent, compliance-ready BSP.

₹0 platform fee. DPDP audit log included. Visual flow builder. Multi-tenant from day one.

Start free trial
Want this for your brand?

Get a free 24-hour BSP audit

Send us your last invoice. We line-item it against Meta's published rates and benchmark against three alternatives.

Limited Spots Available

Get a Free
Automation Audit

Stop leaving revenue on the table. Get a custom roadmap to automate your growth.

Secure & Confidential

Continue reading

All articles
Compliance

Online Gaming GST 28% India 2026: WhatsApp Compliance Guide

28% GST on face value + the 2025 money-game clampdown reshape gaming WhatsApp ops — geo-fenced broadcasts, KYC & withdrawal threads from ₹0.115/msg.

Read article
Guide

WhatsApp for Amusement & Water Park Ticketing India 2026

The capacity-ticket-and-weather-rain-check playbook for amusement and water parks - a capacity-confirmed e-ticket with a QR code the moment payment clears (the money message), a pre-visit info push, an instant weather rain-check reschedule thread, in-park fast-pass upsells, and a season-pass renewal campaign.

Read article
Guide

WhatsApp for Pre-Owned Luxury Resale & Authentication India 2026

The authentication-and-provenance playbook for pre-owned luxury resellers - a structured photo-submission Flow that captures serials, receipts and defect close-ups at intake, a written valuation + authentication trail, digital authenticity certificates in the buyer thread, wishlist re-engagement on one-of-one inventory, GST margin-scheme / Consumer Protection / trademark / customs / DPDP compliance notes (hedged), and honest cost math (Rs 1,200-2,000/mo, illustrative) on a Rs 0-platform model.

Read article
Guide

WhatsApp Business API Cost India 2026: 10 Questions Answered

The 10 questions Indian buyers ask before going live on WhatsApp Business API: cost, is it free, green tick, setup time, DPDP and the cheapest option.

Read article
Compliance

WhatsApp for Law Firms & Advocates in India 2026

A compliance-first 2026 playbook for using the WhatsApp Business API in an Indian law practice strictly within Bar Council of India Rule 36, which prohibits advocates from advertising or soliciting work. WhatsApp is never a lead-generation or promotional channel for a law firm; it is a confidential client-service layer for clients who have already engaged the firm. Covers the allowed-vs-prohibited Rule 36 line on WhatsApp; the legitimate client lifecycle (client-initiated enquiry, consultation scheduling, engagement letter and KYC/document collection via WhatsApp Flows, hearing-date and cause-list reminders, case-status threads, fee reminders, matter closure and retainer renewal); a manual-vs-automated practice-ops comparison; a confidentiality controls matrix (privilege protection, data minimisation, access control, consent and opt-out, retention, no case details to a bot); illustrative cost math dominated by the cheap utility tier with zero marketing spend; and a compliant 24-48h go-live. RichAutomate flat pricing: Rs 0 platform/setup/monthly, Client Pay Rs 0.10 per message with Meta billed direct, SaaS Pay Rs 1.20 marketing / Rs 0.30 utility, 14-day trial plus 100 credits. All regulatory specifics (Rule 36, advocate-client privilege, DPDP, court norms) and Meta rates must be verified as of 2026; all cohort and rupee figures are illustrative. Operational guidance, not legal advice.

Read article
Use Case

WhatsApp API White Label Reseller India 2026: ₹0 Fee

Resell WhatsApp API in India at ₹0 platform fee: pay ₹0.10/msg base, set your own client price, keep the margin. Full white-label setup playbook inside.

Read article