Your personal data just got permanently cached at the US border
Fact or fiction? US Feds won't say
Now that US customs agents have unfettered access to laptops and other electronic devices at borders, a coalition of travel groups, civil liberties advocates and technologists is calling on Congress to rein in the Department of Homeland Security's search and seizure practices. They're also providing practical advice on how to prevent trade secrets and other sensitive data from being breached.
In a letter dated Thursday, the group, which includes the Electronic Frontier Foundation (EFF), the American Civil Liberties Union and the Business Travel Coalition, called on the House Committee on Homeland Security to ensure searches aren't arbitrary or overly invasive. They also urged the passage of legislation outlawing abusive searches.
The letter comes 10 days after a US appeals court ruled Customs and Border Protection (CBP) agents have the right to rummage through electronic devices even if they have no reason to suspect the hardware holds illegal contents. Not only are they free to view the files during passage; they are also permitted to copy the entire contents of a device. There are no stated policies about what can and can't be done with the data.
Over the past few months, several news reports have raised eyebrows after detailing border searches that involved electronic devices. The best known of them is this story from The Washington Post, which recounted the experiences of individuals who were forced to reveal data on cell phones and laptop devices when passing through US borders. One individual even reported some of the call history on her cell phone had been deleted.
"The Fourth Amendment protects us all against unreasonable government intrusions," the letter, which was also signed by the Center for Democracy and Technology and security expert Bruce Schneier, states. "But this guarantee means nothing if CBP can arbitrarily search and seize our digital information at the border and indefinitely store and reuse it."
Several of the groups are also providing advice to US-bound travelers carrying electronic devices. The Association of Corporate Travel Executives is encouraging members to remove photos, financial information and other personal data before leaving home. This is good advice even if you're not traveling to the US. There is no reason to store five years worth of email on a portable machine.
In this posting, the EFF agrees that laptops, cell phones, digital cameras and other gizmos should be cleaned of any sensitive information. Then, after passing through customs, travelers can download the data they need, work on it, transmit it back and then digitally destroy the files before returning.
The post also urges the use of strong encryption to scramble sensitive data, although it warns this approach is by no means perfect. For one thing, CBP agents are free to deny entry to travelers who refuse to divulge their passwords. They may also be able to seize the laptop.
If it sounds like a lot of work, consider this: so far, the federal government has refused to reveal any information about border searches, including what it does with the electronic data it seizes. Under the circumstances, there's no way of knowing what will happen to, say, source code or company memos that may get confiscated. Or the email sent to your lawyer.®
Sponsored: 2016 Cyberthreat defense report