Handling Digital Evidence in POSH Complaints: A Careful Guide for Internal Committees

Introduction

Complaints under the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 — commonly called the POSH Act — increasingly turn on digital material. An internal committee (IC) asked to inquire into a complaint may receive emails, WhatsApp chats, social-media messages and screenshots, often forwarded in a hurry and already copied across several phones. Handling that POSH complaint digital evidence with care matters: the integrity of a file, the way it was preserved, and the privacy of the people involved can all shape how fair and how defensible the inquiry turns out to be. This article offers careful, professional general information — not legal advice — on how an IC can preserve and certify such evidence without leaking it, using an offline tool such as e-Dex (formerly Hash Calculator).

What Digital Evidence Is Typical in a POSH Inquiry

The material an IC sees is usually born-digital, everyday communication rather than forensic captures. Common examples include email threads (often the cleanest, because headers and timestamps travel with the message), WhatsApp or other messaging chats exported as text or shown as screenshots, screenshots of social-media posts, profiles or stories, call and message logs, photographs or short videos, and occasionally access or login records supplied by IT. Because much of this arrives as a screenshot or a forward rather than the original, a recurring challenge is showing that the version before the committee is faithful to what actually existed. That is where capturing the original where possible — and recording its fingerprint immediately — becomes important.

Why Integrity and Authenticity Matter, Even Internally

It is tempting to treat an internal inquiry as informal. It is less formal than a court trial, and an IC is guided by principles of natural justice rather than the strict rules of evidence. But its findings can end careers and reputations, and they can be challenged later in an appeal or a writ petition. If the committee relied on a screenshot that the respondent says was edited, and there is nothing to show the file was unaltered, the fairness of the entire process is exposed. Establishing integrity (the file has not changed since it was collected) and authenticity (it is genuinely what it claims to be, from where it claims to be) early protects both sides. A simple screenshot certified as evidence is far easier to stand behind than a loose image file with no provenance.

Protecting Privacy and Confidentiality

POSH proceedings are confidential by law, and the evidence is frequently intimate or deeply personal. Privacy is therefore not an afterthought — it is a duty. Digital evidence should be shared only with the committee and the parties on a strict need-to-know basis, held on access-controlled devices, and kept off shared network drives, common email inboxes and messaging groups. Unrelated personal data caught in the same screenshot (contacts, unrelated chats, financial details) should be redacted. Working copies should be securely deleted once they are no longer needed. Crucially, the very step of proving a file is intact should not itself create a leak: uploading a sensitive chat to an online hashing or "verify" website can expose it. Doing the integrity work offline, on a controlled machine, keeps the material where it belongs.

How to Preserve and Certify Evidence Without Leaking It

A practical, privacy-respecting workflow has three moves. First, hash at capture. As soon as a file is collected, compute a cryptographic hash — a fixed-length fingerprint such as SHA-256 — over its contents. Change one byte and the hash changes completely, so a recorded hash is strong proof the file has not been touched since. Second, record custody. Write a short note of who captured the file, when, from which device or account, and how it was stored, and keep the original untouched while working only on copies. Third, certify. Produce an integrity certificate listing the file's hashes and a plain MATCH / MISMATCH verdict, so anyone can re-verify the file later. e-Dex performs all of this fully offline on a single Windows machine, so the evidence never leaves the committee's control during the integrity step. The same approach works for messaging exports; see how to certify a WhatsApp chat for court in India.

What the IC and Any Later Court Will Look For

Whether the reviewer is the committee itself or a court hearing a later challenge, the questions are much the same. Is the file what it claims to be? Clear sourcing — the account, device and context it came from — answers authenticity. Has it changed since collection? A hash recorded at capture, re-verified to MATCH, answers integrity. Who handled it, and how? A custody note answers that. Was the process fair? Both parties should have had a real chance to see and respond to the evidence. If the matter does reach a court, the formal statutory certificate for electronic records and a documented chain of custody become directly relevant, and the integrity values you preserved early feed straight into them. Preparing well for the IC therefore also prepares you for what may follow.

Frequently Asked Questions

Can digital evidence like WhatsApp chats and screenshots be used in a POSH inquiry?
Yes. An internal committee conducting a POSH inquiry can consider emails, WhatsApp chats, screenshots and other digital material, since the inquiry follows principles of natural justice rather than strict courtroom rules of evidence. What matters is that the material is relevant, that both parties get a fair opportunity to see and respond to it, and that its integrity and source are reasonably established. Recording a hash at the time of capture and keeping a custody note helps demonstrate the file has not been altered. This is general information, not legal advice.

How should an internal committee preserve a screenshot or chat so it stays trustworthy?
Capture the original file in its native form where possible, compute a cryptographic hash (such as SHA-256) immediately at capture, and write that hash into a short custody note along with who captured it, when and from which device or account. Store the file unchanged and work only on copies. Producing an integrity certificate that lists the hashes and a MATCH or MISMATCH verdict lets anyone re-verify later that the file is exactly what was preserved. Doing this offline keeps the sensitive material on a controlled machine.

Why does evidence integrity matter even in an internal POSH inquiry?
Even though an IC inquiry is internal and less formal than a court trial, its findings can have serious consequences and may later be challenged in an appeal or a writ proceeding. If the digital evidence relied on cannot be shown to be unaltered and properly sourced, the fairness of the whole inquiry can be questioned. Establishing integrity and custody early protects both the complainant and the respondent, and makes the committee's conclusions more defensible if they are reviewed later.

How is the privacy of the parties protected when handling POSH digital evidence?
POSH proceedings are confidential by law, so digital evidence should be restricted to the committee and the parties on a need-to-know basis, stored on access-controlled devices, and never circulated on shared drives or messaging groups. Using an offline tool to hash and certify files means the evidence is never uploaded to a third-party cloud service during the integrity step. Redaction of unrelated personal data and secure deletion of working copies after the inquiry further reduce the risk of leakage.

What will the committee and any later court look for in the digital evidence?
A reviewer typically asks whether the file is what it claims to be, whether it has been altered since collection, who handled it and how, and whether the other party had a fair chance to respond to it. Hash values recorded at capture answer the alteration question, a custody note answers the handling question, and clear sourcing answers authenticity. If the matter reaches a court, the formal statutory certificate for electronic records and a documented chain of custody become relevant. This is general information, not legal advice.

Conclusion

Digital evidence in a POSH complaint deserves the same care as the inquiry itself. Hash each file at capture, keep a clear custody note, restrict and redact to protect privacy, and certify integrity offline so nothing leaks while you prove a file is unaltered. Handled this way, the evidence supports a fair inquiry and stands up if the matter is reviewed later. Remember that this article is general information and not legal advice; read the law as it stands and take qualified counsel where the stakes warrant it. You can preserve and certify files in minutes, fully offline, on a single Windows machine with e-Dex — the Digital Evidence Integrity Suite. Download it free and keep your evidence both trustworthy and confidential.