Introduction

In the digital era, electronic documents have become a significant category of documentary evidence. In Malaysia, the admissibility of such evidence has expanded beyond civil proceedings to include criminal and commercial cases, reflecting their evolving role in judicial system. Although digital records such as closed-circuit television (CCTV) have long been used in legal contexts, what is new is the ubiquity of computers, smartphones, and cloud-based systems, which generate vast amounts of retrievable data now routinely relied upon in litigation. This shift has made electronic evidence including emails, WhatsApp chats, digital documents, CCTV footage, and social media posts become indispensable in criminal proceedings. Yet, the legal framework governing evidence in Malaysia was originally designed for oral testimony and paper-based records, raising significant challenges when applied to electronic data. 

Unlike traditional records, electronic files are highly vulnerable to alteration and manipulation, creating issues of authenticity, admissibility, chain of custody, and reliability. At the same time, the rise of cybercrime and the increasing reliance on digital traces in conventional crimes mean that excluding such evidence would seriously hinder the administration of justice. Electronic records are therefore integral to judicial processes, necessitating clear and consistent legal standards for their treatment in court. Against this backdrop, this article examines whether Malaysian courts have effectively adapted to electronic evidence in criminal trials. The discussion will analyze how courts have reinterpreted existing rules under the Evidence Act 1950, evaluate the key challenges posed by electronic data, and draw comparative insights from other jurisdictions to consider how Malaysian courts can better ensure a system that is both impartial and technologically responsive.

Legal Framework and Judiciary Approach

The Evidence Act 1950 remains the foundation of Malaysia’s evidentiary framework, with the 1993 and 2012 amendments playing a pivotal role in adapting traditional rules to the digital era. Under s.90A of EA 1950, computer-generated documents are admissible if produced during the ordinary use of a computer system and accompanied by a certificate of authenticity (s.90A(2)). This provision has enabled courts to accept evidence such as SMS, emails, and WhatsApp messages once validated as seen in Lim Pang Cheong v Rozali Ismail [2012]. However, in Telekom Malaysia Bhd v KLK Electronic Sdn Bhd [2019], the court clarified that certification is not mandatory but merely one mode of proof, with authenticity also provable by oral testimony from someone in control of the system. Taken together, these cases reveal a tension between formal compliance and substantive reliability, where some courts adopt a pragmatic stance towards admissibility while others insist on strict procedural compliance, resulting in inconsistent judicial outcomes and creating uncertainty for litigants. Notably, s.90A(7) restricts accused persons from relying on their computer-generated documents, reflecting judicial caution against fabricated evidence. s.90B guides judges in assessing such evidence through several factors, while s.90C ensures the provisions in s.90 override any conflicting laws. These safeguards equate electronic records with paper documents, but with heightened scrutiny.

Complementing the Evidence Act, legislations such as the Computer Crimes Act 1997 (CCA) and the Communications and Multimedia Act 1998 (CMA) provide investigative and regulatory mechanisms that support evidentiary use. The CCA 1997 criminalizes offences such as hacking and phishing, empowering investigators to seize and preserve digital data. Courts then admit such material under s.90A–C of EA, provided authenticity is proven. The CMA 1998, on the other hand, regulates electronic communications and grants powers of interception under s.252 but following the 2024 amendments, it also introduces new provisions on data preservation and disclosure (ss.252A–252B), while the admissibility of such material remains subject to judicial evaluation. Together, these frameworks reflect a layered judicial system: investigative powers under the CCA and CMA gather digital evidence, while the EA determine how the evidence is admitted and assessed in court.

Malaysian courts have gradually developed a pragmatic approach in applying the Evidence Act to electronic records. In PP v Dato’ Seri Anwar Ibrahim [2015], The Court of Appeal upheld the trial judge’s finding that the CCTV footage evidence was reliable and carried significant probative value in establishing the accused’s presence and movements to support the complainant’s testimony of sodomy. The case demonstrates the Malaysian courts’ readiness to accept authenticated video recordings as persuasive evidence in criminal proceedings. In Mok Yii Chek v Sovo Sdn Bhd & Ors [2015], the High Court held that printouts of e-mails and WhatsApp messages fall within the wide meaning of “document” under the Evidence Act. Taken together, these decisions demonstrate that while courts expect strict compliance with s.90A certificates, they are not inherently suspicious of electronic files. Instead, the judicial approach balances openness to digital evidence with caution to prevent manipulation.

Key Challenges

While the statutory reforms and judicial decisions under Malaysian law have made important strides in recognizing electronic evidence, their practical application remains uneven. One of the most pressing challenges is establishing the authenticity of WhatsApp messages and other digital communications in criminal trials. While such messages are admissible as “documents” under the EA 1950, their evidential weight depends on establishing authenticity through identity of sender/recipient, timestamps, and safeguards against manipulation or fabrication. For instance, the Industrial Court in Mohamad Azhar Abdul Halim v Naza Motor Trading Sdn Bhd [2017] rejected a snapshot of a WhatsApp conversation as key identifying details such as claimant’s name and date of message were missing to prove claimant was the sender, and fabrication of messages was demonstrated. Similarly, in Nazaruddin Mohd Shariff @ Masari & Ors v Samsyem Saam & Ors [2017], the High Court deemed WhatsApp messages unreliable as conclusive evidence when formal documents were available, such as a “Sijil Faraid” (Succession Certificate) to prove the rightful beneficiaries of an estate. These cases reveal that while WhatsApp messages may support a case, courts remain cautious about relying on them exclusively, unless corroborated with sufficient detail.

Another challenge lies in maintaining a secure chain of custody for criminal trials. Digital evidence is highly vulnerable to tampering, alteration, or even accidental corruption, making strict safeguards essential. Therefore, investigators and enforcement officers are required to meticulously document every stage of evidence handling under the EA 1950, with exhibits sealed and stored under restricted access to preserve its reliability and authenticity. Any breach in this chain of custody risks undermining the evidence’s credibility in court as seen in Public Prosecutor v Goh Hoe Cheong & Anor [2007], where electronically generated baggage tags (evidence) deemed inadmissible as it failed to establish the chain of custody due to lack of oral testimony and a certificate under s.90A(1). With encrypted communications and cloud data now common, maintaining an unbroken chain of custody has become increasingly complex, requiring greater vigilance.

The digital literacy of legal practitioners is also a critical factor in adapting to electronic evidence in criminal trials. Many judges and lawyers still lack the technical expertise to assess complex evidence such as encrypted communications or cloud storage data. A 2024 study on Malaysian civil courts highlighted the need for continuous professional development to equip legal practitioners with the skills to evaluate digital evidence effectively. Without such expertise, there is a risk of misinterpretation or mishandling, which may undermine trial outcomes. Scholars argue that collaborations between legal and technological experts, as well as targeted judicial training programs, are essential to ensure the judiciary remains competent in evaluating digital evidence. This gap in technical knowledge demonstrates that law reform alone is insufficient without parallel investment in capacity building.

Finally, privacy concerns are a growing challenge in admitting electronic evidence, especially when obtained through surveillance, hacking, or data breaches. Although ss.90A–90C of the EA 1950 govern computer-generated documents, issues remain over whether the evidence was lawfully acquired. The CMA 1998 and CCA 1997 regulate lawful data access, requiring proper authorization to avoid infringing privacy rights, leaving courts to balance probative value of digital evidence against constitutional protections for individual rights of privacy. With rising cybercrime and AI-driven offences, courts must ensure digital evidence is both authentic and lawfully obtained, underscoring the need for consistent standards that safeguard trial integrity and individual rights.

Comparative Perspective

Malaysia’s approach to electronic evidence in criminal trials, under the EA 1950, lacks specific modern definitions and structured procedures found in other jurisdictions. Unlike Singapore, which updated its Evidence Act earlier with detailed provisions including broad definitions of "computer output" and clear methods for admitting electronic evidence, Malaysia does not yet have such a comprehensive statutory framework. Moreover, Singapore’s introduction of legal presumptions of authenticity and reliability for electronic data also stands out as a significant advancement absent from Malaysian law, which still places heavier burdens on parties to prove authenticity. 

Also, Malaysia employs a non-mandatory certification mechanism for computer-generated evidence under s.90 of EA as discussed earlier, which is contrasting sharply with India's s.65B of the Indian Evidence Act, which requires a formal, mandatory certificate ensuring the integrity of all electronic records to offer a robust safeguard. Given these gaps, Malaysia could benefit notably from adopting Singapore’s clear statutory definitions and presumptions of authenticity to ease evidentiary burdens, while instituting a mandatory certification requirement as seen in India’s law to strengthen reliability. These reforms would provide clarity and consistency for courts handling increasingly complex electronic evidence in criminal trials. 

Conclusion

In conclusion, Malaysian law has made important strides in recognizing electronic evidence through statutory reforms and case law, but its framework remains uneven compared to other jurisdictions. While courts have broadened the scope of admissible digital records, persistent challenges in authenticity, chain of custody, technical literacy, and privacy continue to hinder consistent application. The comparative analysis with Singapore and India highlights how clearer definitions, mandatory safeguards, and structured procedures elsewhere have created greater certainty, whereas Malaysia’s progress, though promising, remains partial rather than comprehensive.