Ride the Lightning

U.S. Tightens (Slightly) Rules on Border Device Searches

January 17, 2018

As Naked Security reported, a January 4th update in the US Customs and Border Protection's (CBP) "Border Search of Electronic Devices" directive, the first since August 2009, now requires that agents have at least "reasonable suspicion" of illegal activity or a threat to national security before they can conduct an in-depth, forensic examination or copy the contents of devices they search at border crossings.

Without that "reasonable suspicion," agents can only conduct a so-called "basic search," which means they can only look at data that's "physically resident on the phone," and not stored on a remote server.

Sen. Ron Wyden, (D-OR) damned the new directive with faint praise. He called it "an improvement," but said in a statement that it still allows, "far too many indiscriminate searches of innocent Americans."

He noted that CBP agents don't need even the "reasonable suspicion" threshold to conduct a basic search of devices, which includes, "looking through their browsing history, photos and messages stored on the device."

You took the words right out of my mouth Congressman.

There are more of those "basic" searches being conducted than at any time in history. The CBP has acknowledged that the number of searches has jumped from 5,085 in 2012 to 30,151 in 2017.

As EFF attorneys Sophia Cope and Aaron Mackey pointed out, the "reasonable suspicion" requirement contains a "huge loophole."

Border agents don't need to have reasonable suspicion to conduct an advanced device search when "there is a national security concern." This exception will surely swallow the rule, as "national security" can be construed exceedingly broadly and CBP has provided few standards for agents to follow. Cope and Mackey also contend there isn't much difference between "basic" and "advanced" searches – that both are highly intrusive.

The new directive also states that, "travelers are obligated to present electronic devices and the information contained therein in a condition that allows inspection of the device and its contents." That means the CBP is requiring people to unlock or decrypt their devices. According to the EFF, they have a right to refuse.

But if they do, there may be such consequences as travel delay, device confiscation, or even denial of entry for non-US persons.

The EFF also notes that the new directive doesn't apply to US Immigration and Customs Enforcement (ICE) or to agents from Homeland Security Investigations (HSI), which also conduct border searches.

The loopholes are large enough for an elephant to walk through – and our constitutional protections shouldn't end at the border.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson