US Customs says border authorities can search travelers' devices but not their cloud data

By midian182 ยท 11 replies
Jul 14, 2017
Post New Reply
  1. US Customs and Border Protection (CBP) agents being allowed to search travelers’ mobile devices without probable cause has long been a contentious issue. But we now know a little bit more about what officers can and can’t do. Trawling through data stored locally on a phone is allowed, but anything found solely on the cloud is off limits – and that includes your social media accounts.

    Acting US Customs and Border Protection Commissioner Kevin McALeenan revealed the rules in a letter, sent in response to questions submitted to the CBP by Sen. Ron Wyden earlier this year.

    The agency stated that: “CBP’s authority to conduct border searches extends to all merchandise entering or departing the United States, including information that is physically resident on an electronic device transported by an international traveler. Therefore, border searches conducted by CBP do no extend to information that is located solely on remote servers.”

    Wyden had asked Homeland Security to explain the increase in the number of electronic devices being searched - there were only about 4,500 searches in 2015, but in 2016 this jumped to 23,000 searches. CBP maintains that searching travelers’ phones without probable cause protects against child pornography and threats to national security.

    While agents don’t have the authority to access remote server data – Facebook and Twitter accounts are safe - the use of the word "solely" means they could examine recent emails and social media messages that are also stored on the device itself at the time of the search.

    The letter goes on to state that anyone entering the country can refuse to hand over passwords to their phones and laptops when asked, but border officials may detain the devices for ‘further examination’, and any non-citizens risk being denied entry if they do so.

    Permalink to story.

     
    Last edited by a moderator: Jul 14, 2017
  2. mcborge

    mcborge TS Guru Posts: 410   +263

    If I were to travel to the us I would leave my main phone at home and just travel with something very limited like one of those new 3310's... Smash the system.
     
  3. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,280   +3,064

    That's OK. They're welcome to look through my phone or laptop. They won't find anything of much interest on them anyway, and they won't find any social media stuff either, apart from WhatsApp messages.
     
  4. Jamlad

    Jamlad TS Booster Posts: 85   +75

    Eh, I'd just buy a burner when I got there. Bring a Gameboy for the flight.
     
  5. mcborge

    mcborge TS Guru Posts: 410   +263

    Playing snake on the nokia would be enough for me during a flight.
     
    Reehahs likes this.
  6. merikafyeah

    merikafyeah TS Enthusiast Posts: 84   +36

    What if your phone can only be unlocked by a method only you know?

    CPB: "What's your password?"

    "It doesn't use a password."

    CPB: "Well then how do you unlock it?"

    "I don't have to hold your hand."

    BOOM! Problem solved. Or maybe even better, have a "dummy OS" on the surface while access to the real OS is a secret. Plausible deniability FTW.
     
  7. Border Security can check traveller's devices
    NSA already checks online, phone activity
    it's the perfect tag team
     
  8. infiltrator

    infiltrator TS Booster Posts: 163   +27

    They could make an entire image of your hard drive and then send it off to a forensics examiner. And depending on the type of encryption and how many layers of it and how strong the password you chose are, they could crack it and find out, all your dirty secrets.
     
  9. infiltrator

    infiltrator TS Booster Posts: 163   +27

    Now this article only talks about entering the US via its boarders, how about the airport security checkpoints?

    From what I read online, they could well ask you, to hand over the username and password to your facebook/twitter account. Do they have jurisdiction to ask for it?
     
  10. PaulineGreening

    PaulineGreening TS Rookie Posts: 19

    Whoah. Not that we have something to hide, but isn't this a little too far?
     
  11. merikafyeah

    merikafyeah TS Enthusiast Posts: 84   +36

    AES (of any bit length) has remained secure for almost 20 years. I am not concerned.
     
  12. Emexrulsier

    Emexrulsier TS Evangelist Posts: 561   +60

    In the EU there is a law that ALL mobile phones sold (for like the last 20 years) can be used to access emergency services even without a current contract or when the phone is locked. Does the US have a similar law? You could then just tell them that the phone is locked, you don't need to the password you carry it for emergencies :D
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...