Supreme Court border search rules allow theft of personal information

Border search rules allow phone and laptop downloads by CBP daily at the US border.

border search rulesSuspicionless border search rules allow phone and laptop downloads every day at the US border. Warrantless, often random searches of travelers’ cellphones, tablets, laptops, and other electronic devices at the US border have been increasing at an alarming rate. Personal data is reviewed by agents and stored on government computers with no hint of wrongdoing by the traveler.

In 2015, about 5,500 electronic devices were searched at the U.S. border by Customs and Border Protection (CBP) agents. That jumped to more than 33,000 devices in 2018 and almost 41,000 in 2019. That’s a 645 percent increase.

Border search rules are a privacy problem because unlike people stowing contraband or undeclared purchases in suitcases or other luggage, many people store a record of their lives’ most intimate details on their laptops and cell phones. They’ve become de-facto electronic diaries. Travelers’ devices often contain detailed personal identification information, sometimes including scanned copies of passports and other IDs, along with personal medical data. Searching personal electronic devices in the twenty-first century isn’t remotely the same as searching a person’s luggage or purse.

Two federal court cases gave hope that the suspicionless border search rules might soon end.

This appeared as though it might be coming to an end. In 2019, US District Court for the District of Massachusetts Judge Denise J. Casper ruled that suspicionless searches are unconstitutional. These include travelers’ cellphones, tablets, laptops, and other electronic devices at the border. Unfortunately, early this year, a three-judge panel at the US Court of Appeals for the First Circuit reversed the decision.

In the United States v. Cano, the US Court of Appeals for the Ninth Circuit reversed the lower court’s ruling about the search of Mr. Cano’s cellphone by US Department of Homeland Security agents, vacating his conviction saying border search rules of cell phones require reasonable suspicion.

The U.S. Supreme Court let stand two border search rules from lower courts, which are in wide disagreement, for now.

Get refunds in cash when airlines cancel your flightRecently, on appeal, the US Supreme Court declined to take both cases, leaving the appellate courts’ rulings stand, each on opposite sides of the issue. The split means CBP must have reasonable suspicion for searches of travelers’ electronic devices upon entering the US in states of the Ninth Circuit, but everywhere else in the nation it’s border business as usual. With such a wide disagreement between the courts, one has to think that the Supreme Court will have to take on this issue soon. The question is, of course, how soon?

Some travelers might want to say I’m making a mountain out of a molehill. I don’t think so.

Sometimes, CBP returns searched electronic devices within a half hour or so. Other times they’re retained for days, weeks, or months. Years later, some travelers are still waiting for their devices. What would happen if your laptop or cellphone, holding critical work data or important personal information, was taken. And, stored nowhere else, it was lost to you for several days or much longer?

While CBP is required to safeguard data obtained through border searches, their ability to do so is questionable.

CBP must appropriately safeguard citizens’ and visitors’ personal data. But, let’s not forget that even America’s top security agency, the National Security Agency (NSA), has been successfully hacked. More than once, some of its stolen secret data became public.

I have nothing “illegal” on my cellphone, but I wouldn’t want its contents made public. Think about what’s on your cellphone or laptop. Do you have any personal data, correspondence, health data, personal photos, passwords, and information about family and friends on it? Would you want that information made public? Business people may have employer trade secrets and financial information on their laptops. Doctors’ and lawyers’ laptops often contain privileged information. What happens if it’s made public?

I have five concrete steps for travelers to stop privacy intrusion at borders.

Prevent CBP from seeing and reviewing your private, personal, or business data stored on your electronic devices when entering the US.

• Keep your personal and business data off your devices to the extent possible. While traveling, I remotely connect to my office workstation through a VPN connection. My data files, emails, browsing data, etc. are accessed remotely while I travel, so none of it is on my laptop for CBP to grab and review.

• Store your travel documents on the cloud, not on your cellphone or laptop. Use the Internet to retrieve them while on the go. Store any data you may collect while traveling on the cloud, not in your devices. Delete all data from your devices after using them.

• If you must keep data on your devices, lock it down. Encrypt hard drives and use strong passwords on all devices. Turn your devices off before entering customs. On many, you don’t get full protection if the devices aren’t off when customs takes custody of them for searching.

• Disable biometric unlocking of all your devices. US citizens can’t be forced to reveal their passwords and passcodes, but can be required to unlock devices biometrically.

• Back up your devices remotely, then remove all but critical and important information on them before you enter the US.

While it remains statistically unlikely that you’ll be pulled aside by CBP when entering the U.S., it could happen. I know more than a few who’ve had their cellphones and laptops reviewed by CBP at the border. Prepare for it if you’re concerned. Decide in advance if you’ll cooperate. If you don’t cooperate, be prepared to be detained for a while.

Read also: International traveler electronics’ privacy is under siege