Suspicionless searches of traveler’s electronic devices ruled unconstitutional
Last week, the United States District Court for the District of Massachusetts Judge Denise J. Casper ruled that suspicionless searches of laptops and travelers’ cellphones, tablets, and other electronic devices at the U.S. border, is unconstitutional.
The ruling came on a lawsuit filed by the American Civil Liberties Union and the Electronic Frontier Foundation against the U.S. Department of Homeland Security (DHS) on behalf of eleven travelers entering the U.S., whose smartphones and laptop computers were searched without suspicion at U.S. ports of entry.
This is a major victory for travelers’ privacy rights.
Until now, as they entered the U.S., U.S. Customs and Border Protection (CBP) was inspecting an ever-increasing number of travelers’ electronic devices. These searches of laptops were conducted without reasonable suspicion that the travelers were terrorists or violating immigration or customs laws. In fact, CBP agents had ramped up border searches a whopping 598 percent since 2015, to more than 33,000 devices in 2018.
Astonishingly, CBP apparently doesn’t know how many of those warrantless border searches of laptops uncovered potential evidence of criminal or terrorist activity.
The court ruled that while there is a border search exception in the Fourth Amendment to the U.S. Constitution, that exception isn’t limitless; it “must still be reasonable.” Plus, it must balance “the level of intrusion upon an individual’s privacy and the search’s necessity for the promotion of legitimate governmental interests.”
Laptop and cell phone data is personal.
Think about what’s in a typical traveler’s cellphone, tablet, and laptop. The CBP border searches of laptops contain passwords and personal information about friends. The search can also uncover family finances, health data, social media, texts, emails, call history, browsing history, photos and more. Work devices may have employer trade secrets and financial information. Doctors’ and lawyers’ devices often contain privileged information. All that data is private; much of it is personal.
CBP and Immigration and Customs Enforcement (ICE) adopted their search policies in 2018. They have run thousands of basic and advanced searches of electronic devices. A basic search is able to search for and review all the contents users/owners can see. An advanced search goes further to forensically reveal deleted files and cached information.
The court said it was “unable to discern a meaningful difference between the two classes of searches in terms of the privacy interests implicated.”
CBP needs reasonable suspicion for searches
Judge Casper ruled that CBP and ICE must be able to demonstrate reasonable suspicion of contraband before they can search a traveler’s electronic device when they are entering the U.S.
What is reasonable suspicion?
Basically, reasonable suspicion is a legal standard that requires law enforcement officers have an objectively reasonable basis for suspecting criminal activity. As it applies to CBP and ICE, it means that at the U.S. border, they must have an objectively reasonable basis for their suspicion of contraband before they can search a traveler’s electronic devices.
Reasonable suspicion is not a high legal bar.
The reasonable suspicion standard doesn’t raise the bar very high. Reasonable suspicion does not apply if a traveler merely won’t answer questions or because of the traveler’s ethnicity or race. It does apply if while asking travelers questions, the traveler appears to be agitated, nervous, or offers conflicting answers. For some people, just being questioned by CBP or ICE is more than enough to make them nervous, even when they’ve done nothing wrong.
The number of travelers who have their electronic devices searched and seized will drop due to this ruling. However, on an individual basis, travelers should protect themselves by limiting their privacy exposure on their electronic devices.
Protect your own data from search.
Take these steps to protect personal data. Prevent CBP and ICE from seeing and reviewing personal or business data on electronic devices when entering the U.S.
• As much as possible, keep your personal and business data off your devices.
I connect to my workstation in my office remotely through a VPN connection from all over the world. My data files, emails, browsing data, etc. are accessed remotely while I travel. None of that data is on my laptop.
• For travel documents, don’t store them on your cellphone or laptop.
Store data on the cloud, then use the Internet to retrieve them while on the go, as necessary. If you collect data while traveling, store it on the cloud. Delete the data from your device after using them.
• If you must keep data on your devices, lock them down.
Encrypt hard drives and use strong passwords on all devices. Turn your devices off before entering customs. On many, you don’t get full protection if the devices aren’t off when customs takes custody of them in order to search them.
• Disable biometric unlocking of all your devices.
U.S. citizens can’t be forced to reveal their passwords and passcodes, but can be required to unlock devices biometrically.
• Backup your cellphone remotely,
Remove all but critical and important information on it before you enter the U.S.
Statistically, it is unlikely that you’ll be pulled aside by CBP when entering the U.S., but it could happen. Prepare for it if you’re concerned. Decide in advance if you’ll cooperate. If you don’t cooperate, be ready to be detained for a while.
After many years working in corporate America as a chemical engineer, executive and eventually CFO of a multinational manufacturer, Ned founded a tech consulting company and later restarted NSL Photography, his photography business. As a well known corporate, travel and wildlife photographer, Ned travels the world writing about travel and photography, as well as running photography workshops, seminars and photowalks. Visit Ned’s Photography Blog and Galleries.