Yottabytes: Storage and Disaster Recovery

Jan 10 2018   12:33AM GMT

U.S. Tightens Laptop Border Search Restrictions

Sharon Fisher Sharon Fisher Profile: Sharon Fisher


Taking a laptop across the border? There’s good news and bad news.

As you may recall, since 2009 there has been an ongoing struggle with how much right the U.S. government has to search laptops that people are carrying into the U.S., without a warrant, or even any particular reason other than that they feel like it. Plus, “border” has actually been defined to mean “within 100 miles of the border,” which literally covers a lot of territory.

Now, the agency has released an updated written directive that clarifies how passwords and cloud data should be handled, according to the Associated Press. “The new rules make clear that agents are only allowed to inspect information physically present on a device — and not information stored remotely, such as on the cloud,” the AP writes. “To prevent officers from accessing information they shouldn’t, they are now required to request that travelers turn off their devices’ network connectivity, or disable it themselves.” Passwords provided to Customs and Border Protection (CBP) must be deleted or destroyed immediately following a search.

The department also defined two levels of search.

  • Basic searches: officers can look through passengers’ contacts, photos and other material without reasonable suspicion of criminal behavior
  • Advanced searches: devices are connected to external equipment so their contents can be reviewed or stored, which requires the approval of a supervisor and “reasonable suspicion of activity in violation” of the law or “a national security concern,” such as a person’s presence on a terror watch list

On the other hand, “if someone refuses to unlock a device, the device can be detained by CBP,” writes Geneva Sands for ABC News. “U.S. citizens will always be allowed to enter the U.S., but their phones could be held back — generally for no more than five days,” though people have reported having their devices seized for up to seven months. “For non-citizens, refusal to open a device could lead to denied entry. If incriminating information is found, CBP officers could refer the case to an investigative agency, like the FBI, or for non-citizens, deny them entry into the U.S.”

“The New Directive does not specifically allege that travellers have a positive obligation to provide a passcode or other means of access to USCBP during a border search; it merely states that USCBP officers may request access and then detain the device for further examination if the traveller does not provide it,” writes Henry Chang of Blaney McMurtry LLP in Lexology. “This is likely because the law is still not clear regarding whether travellers actually have a legal obligation to provide passcodes or other means of access during a border search.” In addition, “nothing precludes USCBP from detaining an electronic device for a much longer period by alleging that ‘extenuating circumstances’ exist,” he adds. “The threat of having their electronic device seized, even temporarily, could compel some travellers to cooperate. The New Directive also does not address the issue of how long USCBP may delay the entry of a traveller in connection with the search of their electronic devices. The threat of an extended delay, which may cause the traveller to miss their flight, could also compel some travellers to cooperate.”

What brought this all on? The ACLU filed a lawsuit last year against the Department of Homeland Security on behalf of 11 travelers whose smartphones and laptops were searched at the border, the AP writes. Other organizations, such as the Electronic Frontier Foundation (EFF), have been pushing for a test case that would extend the Riley decision – which requires law enforcement officials to have a warrant to search someone’s cell phone — to laptops at the border. In December, the U.S. government filed a motion to dismiss the case. The ACLU is preparing its response for late January, according to Bart Jansen in USA Today.

“It is positive that CBP’s policy would at least require officers to have some level of suspicion before copying and using electronic methods to search a traveler’s electronic device,” said Neema Singh Guliani, legislative counsel at the ACLU. “However, this policy still falls far short of what the Constitution requires — a search warrant based on probable cause. The policy would still enable officers at the border to manually sift through a traveler’s photos, emails, documents, and other information stored on a device without individualized suspicion of any kind. Additionally, it fails to make clear that travelers should not be under any obligation to provide passcodes or other assistance to officers seeking to access their private information. Congress should continue to press CBP to improve its policy.”

A bill is actually under consideration  to require a warrant to search the devices of Americans at the border, write Charlie Savage and Ron Nixon in the New York Times, but it is unlikely to pass in this political climate, they add.

In other news, CBP announced some numbers. Its border agents inspected 30,200 phones and other electronic devices in fiscal year 2017, which ended in September — a nearly 60 percent spike from 2016, when 19,051 devices were searched,” according to the AP. It’s even a bigger spike from previous years: the New York Times reported that  inspection of electronic devices rose from 4764 in 2015 to 23,000 in 2016, while according to the Los Angeles Times, just 8,053 travelers had their devices searched in the 2015 fiscal year. That’s compared with 6,500 between 2008 and 2010, according to the American Civil Liberties Union. U.S. border agents also searched the electronic devices of 59 percent more international travelers in fiscal year 2017 than the previous year, including U.S. citizens and foreigners, adds the Los Angeles Times. Nonetheless, the agency said the searches represented just a tiny fraction — 0.007 percent of arriving international travelers — out of more than 397 million, the AP wrote.

(Yes, I’m aware some of the numbers don’t match up. Perhaps they’ve changed over time? Or some are fiscal year, which ends on September 30, and some are calendar year? Either way, lotta devices.)

In particular, this is a concern to attorneys, who worry about violations of attorney-client privilege. The New Directive does have some additional guidelines in this area, Chang writes.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: