The US Department of Homeland Security released a new policy on border searches of electronic devices along with a privacy impact assessment.
Courts have generally found a ‘border exception’ to the fourth amendment (including even 100 miles from a border) that allows the government to search and seize most anything it wishes without particularized suspicion.
Copyright: andreyuu / 123RF Stock Photo
Existing policy however didn’t deal specifically with password protected and encrypted information, even though Customs and Border Patrol would detain people unless they turned over access to information on their devices.
Now the US has formally adopted a policy that says, “travelers are obligated to present electronic devices and the information contained therein in a condition that allows inspection of the device and its contents.”
The government says it can retain your password, examine your information, and even keep your laptop, cell phone, storage devices, etc. if they can’t fully inspect what’s on it.
Copyright: prestonia / 123RF Stock Photo
Papers, Please explains that “passwords for electronic devices, and images of data extracted from electronic devices, will be stored in the Automated Targeting System.”
They’ve been doing it anyway. Now they formally claim the authority to do it.
Does that extend to information stored on the cloud and simply accessed through the phone?
Lawd have mercy. That sounds awful.
@chris , delete the cloud app , reinstall
I’m sure the bad guys won’t be able to find a way around this, because they’re too stupid to transmit encrypted data through the Internet instead of trying to slip it past a physical inspection of their electronics. I live a world of geniuses.
Yet another reason not to visit the US. As if anymore were needed..
@Matt, but then where will you go for breakfast tacos?
If you have nothing to hide, why worry about it @Matt, they are not after the everyday guy, they’re hunting down radical Islamic terrorists buddy. Deal with it or stay away. We won’t miss you
@Matt – No-one asks you to come, just stay where you are! We are happy not to have you as well 🙂
Deltahater, it’s not the tacos that are the problem, it’s the breakfast burritos. I am apparently the only one who didn’t know that burritos are not a Mexican dish. Btw, if anyone wants the best breakfast burrito I’ve ever tried go to Lucy’s Taco Shop in downtown San Diego by the courthouse
Tiara, your name sounds like ‘diarrhea’.
@Benji – Benji sits! And… my puppy sits quietly waiting for the food. 🙂
@Matt, you are most welcome here, despite the crypto-fascists in this thread stating otherwise ( not that they could summon up the intellectual will to understand the meaning of the prefix crypto-, but, eh, whatcha gonna do eh?)
Basic premise of borders has been inspections. When you present yourself at a border you voluntarily accede to such. Be it rifling through your luggage, inspecting your vehicle, or looking at your documents.
This is merely a 21st century update to this basic premise.
So, why not just change the password?
After the big reveal that every major CPU since 1995 has a flaw that transmits password as plain text but is only viewable with the right malware algorithm, I am not sure why the govt needs everyone’s password.
Under this policy all DHS employees, from TSA to CBP, should be considered traitors.
What ever happened to unlawful search and seizure? I guess the land of the free isn’t so free anymore, it’s becoming more like communist Russia. But that figures, with the chief Putin lover in charge.
@Robbo – Since you seem to like totalitarian styles, why don’t you go hang in Russia? We won’t miss you. That old “if you have nothing to hide” bullshit went out with the Bolsheviks. The US isn’t a police state…well, not yet anyway.
@Robbo Yes I have something to hide. I want to choose who sees my bank account number, my credit card number etc. If I were absolutely sure that every single Border & Custom agent was 100% trustworthy, I wouldn’t care.
I am not.
@Leef33
If you are a complete noob and completely clueless about the currently found security flaw stop posting and making everybody aware of this. 😉
There is just something very creepy about this. It seems to me that there must be probable cause.
Think about it this way, how would we Americans feel if every country in Europe enacted the same rule? Mexico, the Caribbean countries, every good vacation spot country says you must give them your cell phone and access to all the content within.
Security state reigning supreme. We seem so willing to give up our basic privacy and freedoms for somebody’s arbitrary decision that they can somehow help us be safer by invading that privacy. Remember, if they had probable cause, they could get a court order to do this. They want to go on fishing expeditions, and as someone mentioned, it’s only a matter of time until we learn of a rogue agent taking our information and putting stolen information to personal gain. And then we’ll get the pro forma apologies and people will post on this site that “if you don’t have anything to hide….”
This is of course no surprise. The US has become so violent that on the security index it ranks below Cuba and just above Somalia.
I avoid traveling there as much as I can.
I am really happy to say it’s an interesting post to read . I learn new information from your article , you are doing a great job . Keep it up
These are self imposed powers by DHS, and as such, should be viewed with a healthy dose of suspicion. What really matters is the lawsuit filed in Boston by the American Civil Liberties Union and the Electronic Frontier Foundation. I fully expect the case to make it to the US Supreme Court.
At the risk of stepping into a long argument… For US citizens, there is much greater freedom at the border, because you have a constitutional right to enter the country that cannot be challenged by the government. “Regular” visitors enter at the pleasure of the inspecting officer, and green card holders are somewhere in the middle. My understanding is that the regulations and related court orders do not permit CBP to search “cloud” data without probably cause (which, of course, they might have based on data that has been downloaded to the phone).
The key is that CBP has the right to seize anything they wish at the border, although they must give it back after 5 days unless they can articulate probably cause. They do not have the authority to stop citizens (nor green card holders) from entering, whether you provide your passwords or not. Knowing this, be careful with any PII that you may be concerned about — eg, never store banking passwords on your phone and be careful with any client information if you are traveling for business.
And above all, remember that if you are crossing the border, you are also entering another country where you are a visitor and thus subject to far fewer rights than you have in the USA. If you are concerned about your privacy, CBP is not the biggest threat to a US-based traveler.
Yes, you can rifle through my bags, scan my body, but don’t you dare touch my iPhone!!
Odd priorities
Welcome to Natzi Germany 1939. We are all just sheep. They close the borders next and we can’t get out!
So much government overreach. James would happily bend over for anal probes at every airport and border. According to this law US Border agents can drive around anywhere Irvine, California south including all of San Diego, demand people’s cell phone and laptop passwords and then confiscate the device if they don’t give up the passwords. No need for suspicion, probable cause, warrants or anything. Basically there is no fourth amendment within 100 miles of any US border. Seattle prepare to be anally probed.
Where is Paranoid Linux when I need it.
From a dystopian novel several years ago where, in the future, the government began doing exactly this. Welcome to the dystopia, I guess. Anyway, Paranoid Linux was a highly secure Linux distro. One of its features was you could enter a “safe” password that would open your phone or laptop to a normal looking interface but would keep hidden the “real” interface until the real password was entered.
Unfortunately, it doesn’t exist, as such. Though it is possible to set up your phone and laptop in such a manner. It just requires some work.
Matt, u r welcome here. Tierra and Robby above and their racist friend Trump will soon be out of power. Until then why would u want to come? Racism will not reign
Matt, u r welcome here. Tierra and Robby above and their racist friend Trump will soon be out of power. Until then why would u want to come?
This has already been used against foreign correspondents (some of whom were American citizens), particularly those who’ve worked in countries like Afghanistan, Iraq, etc. Also, everyday citizens and dual nationals of Mideast/North African/South Asian countries have had their phones, computers, searched at the border as well for a long time. For those who think this is only used against those who may be plotting violence, who have ‘something to hide,’ that is utterly untrue.
This one scared me even more:
https://www.theatlantic.com/technology/archive/2017/02/a-nasa-engineer-is-required-to-unlock-his-phone-at-the-border/516489/
Some CBP agent forced a NASA Engineer to allow him access to Top Secret information.
This agent should be arrested for treason.
It seems dangerous to allow half trained rent a cops access to state secrets.
In addition, there are documented cases of theft by CBP so perhaps the cost of used phones may drop:
https://archives.fbi.gov/archives/norfolk/press-releases/2009/nf062609.htm
The border amendment is only at border stations NOT 100 miles in. The 100 miles are for border inspection points which still require probable cause or a warrant. Check Wikipedia if you don’t believe me
John, the story of a NASA Engineer being forced to give up a password to a computer with Top Secret Information sounds bogus to me.
1) There would be no need to travel with a Top Secret laptop.
2) Traveling commercial with a Top Secret information like that would violate a bunch of regulations. It sounds too much like Obama/Clinton/Mrs Weiner rules to be true.
1. You might want to read the link before commenting as it did state phone not computer.
I have worked as a contractor for a company that did missile launches and I can tell you that almost everything surrounding a launch and a rocket is top secret so I would be shocked if a phone that is property of JPL did not contain some confidential information.
2. Presidents travel with Top Secret information all the time. SAM26000 (the airplane used by president Kennedy) contained a teletype machine that was used to relay information. I have met DOD employees traveling for work who bring information on the tasks they will perform, I would assume much of that data is Top Secret. (There is a need to know rule, and as I have no need to know I doubt they would share with me what they are carrying nor would I ask) So much happens over email and instant messenger currently that much of what would be stored on a JPL phone would be considered at least a secret level clearance.
I respect you being skeptical, I really wish more people would be skeptical, but instead of attacking me, and making suggestions that one political party was making this story up, why don’t you start by reading the link?
Once you read that link, if you feel it is not a creditable source, you can use google to see if anyone else reported this story.
https://en.wikipedia.org/wiki/Critical_thinking
.