Big Brother is alive and well at US border crossings. The latest example comes from published accounts describing the recent ordeal of the mayor of Stockton, California, at the San Francisco International Airport.
After attending a conference in China, Mayor Anthony Silva returned to the US, where border officials singled him out for secondary inspection. During that inspection, they confiscated his laptop and smartphones. They demanded Silva disclose his passwords and informed him he would remain in detention until he complied. Silva also learned that he had “no right for a lawyer to be present” and that being a US citizen did not “entitle [Silva] to rights that [he] probably thought.” After revealing his passwords, Silva was allowed to proceed but without his electronic devices.
Silva is only the latest victim of America’s official ‘no privacy at the border’ policy. That is, when you cross a US border, officials from the Department of Homeland Security (DHS) may seize, search, and copy the contents of your laptop, smartphone, camera, etc. There’s no arrest warrant or probable cause required.
These rules sharply contrast with those that apply to ordinary (i.e., not at the border) searches. In 2014, the Supreme Court ruled unanimously that “a warrant is generally required” before searching information stored on a cell phone seized incident to an arrest. The only exception is if there is a “need to prevent the imminent destruction of evidence in individual cases, to pursue a fleeing suspect, [or] to assist persons who are seriously injured or are threatened with imminent injury.”
US courts have also chipped away at the unfettered discretion border officials have to conduct warrantless searches of electronic devices. A 2013 decision from the Ninth US Circuit Court of Appeals (which includes California) declared that border officials must have a “reasonable suspicion” of wrongdoing before searching an electronic device.
Then a few months ago, a federal district court ruled that a warrantless search of a traveler’s laptop who was leaving the US was unreasonable under the circumstances surrounding the incident. In 2012, DHS officials at Los Angeles International Airport seized a laptop belonging to a South Korean businessman. In this case, an investigation was underway: The businessman was suspected of illegally selling technology used in aircraft and missiles to Iran. After seizing his laptop, the DHS let him board his flight. It then copied his hard drive and sent it off to a laboratory for forensic analysis. The analysis revealed a series of incriminating emails that formed the heart of an indictment issued against the businessman for violations of the Iranian arms embargo.
It’s worth reading the heart of the decision finding the search invalid:
[T]he Court finds, under the totality of the unique circumstances of this case, that the imaging and search of the entire contents of [the businessman]’s laptop, aided by specialized forensic software, for a period of unlimited duration and an examination of unlimited scope, for the purpose of gathering evidence in a pre-existing investigation, was supported by so little suspicion of ongoing or imminent criminal activity, and was so invasive of [the businessman]’s privacy and so disconnected from not only the considerations underlying the breadth of the government’s authority to search at the border, but also the border itself, that it was unreasonable.
The media reports surrounding Mayor Silva’s detention and forced disclosure of his passwords indicate that there is an ongoing investigation into Stockton’s top elected official. DHS officers also told him that they commonly confiscated electronic devices.
Silva could have refused permission for the search. If he had, though, border officials would have confiscated his electronic devices anyway. And it’s quite possible that due to his ‘non-cooperation,’ he would be placed on the TSA’s “no fly list” or at least singled out for secondary inspection any time he travelled by air. However, if incriminating information was found without permission to search the devices, prosecutors might not be able to use it against him.
Also, DHS officials, despite their assertions to the contrary, couldn’t have held Silva indefinitely had he refused to cooperate. Unless they were able to unlock the devices on their own and found incriminating information relatively quickly, they would have to let him return to the US. Had Silva not been a US citizen, though, they could have refused him entry and forced him to return ‘home.’
What’s the best way to protect yourself in this situation? As with all interactions with Big Brother, the ideal solution is to avoid a confrontation in the first place. That means not carrying any electronic devices across international borders. For most people, this isn’t practical, so the next-best strategy is to carry only ‘sanitized’ devices.
The forensic programs used by police and customs officials can retrieve files and images downloaded months or even years ago to your laptop or smart phone. If you’ve ever viewed anything controversial in your web browser or newsreader, use a program like Privazer to delete these records. Then if you’re singled out for inspection, officials won’t find anything but the operating system and standard system files.
For smartphones, a useful strategy is to purchase an ‘unlocked’ cell phone you use only outside the US. When you arrive in a new country, purchase a domestic SIM (Subscriber Identity Module) card from a local phone dealer. Discard the SIM when you’re ready to leave the country. This protects your privacy at the border and ensures your domestic carrier – and the Feds – have no record of your international calls.
What if you need access to confidential data while traveling internationally? One option is to upload a zip file containing your data to a commercial backup service, such as Dropbox. Since Dropbox and most other cloud services aren’t especially secure, encrypt the data before uploading it using a product such as Symantec Encryption Desktop. Once you’ve arrived at your destination, download your data from the online server.
It’s encouraging that US courts finally are beginning to recognize that Big Brother shouldn’t have unlimited discretion to root through our electronic lives at the border. But don’t count on border officials to inform you of your rights. As with other matters relating to privacy, you can’t rely on the government. You can only rely on yourself.