The Department of Homeland Security has approved searches of laptops, PDAs and other such devices without suspicion at US borders.
The Department of Homeland Security's Privacy Office has approved the controversial searches, copying and retention of laptops, PDAs, and other digital devices without cause at U.S. borders.
Travelers could soon start seeing notices from the Privacy Office, which last week released a report supporting the right of customs agents to conduct these searches.
The 51-page Privacy Impact Assessment also supported the right of U.S. Immigration and Customs Enforcement agents to copy, download, retain or seize any content from these devices, or the devices themselves, without assigning any specific reasons.
While in many cases searches would be done with the knowledge of the traveler in some situations, the report says, "it is not practicable for law enforcement reasons to inform the traveler that his electronic device has been searched."
In arriving at the assessment, the Privacy Office argued that such searches of electronic devices were really no different from searches of briefcases and backpacks. They are needed to interdict and investigate violations of federal law at U.S. borders and have been supported by courts in the past, the assessment said.
That conclusion is sure to wake up privacy and civil rights advocates, who have been vehemently protesting such border searches for about two years. They have argued that searches of electronic devices without any reasonable cause are very different from similar searches of luggage and other items by customs agents, because unlike with briefcases and packs, electronic devices are capable of storing far more data, including personal and business information, some that could be highly personal or protected.
The Association of Corporate Travel Executives and other groups have warned of potential security breaches when corporate data contained in a laptop or PDA is downloaded by a customs agent as part of a border search. Similar concerns have been raised about data involving client and lawyer privileges, intellectual property, and other sensitive information.
Last week, the American Civil Liberties Union filed a lawsuit against the DHS after an attempt to get information on such searches from the DHS had failed to elicit a response from the agency. In it, the ACLU asked DHS to disclose details on the criteria it uses for selecting passengers for such searches, and the number of such searches it has carried out so far.
The ACLU suit also sought information on the number of devices and documents that have been retained by the DHS following such searches and the reasons for their retention. A similar suit was filed last year by the Electronic Frontier Foundation and the Asian Law Caucus.
In its analysis, the Privacy Office noted some of the privacy concerns that have been expressed over its border searches. The report conceded that a person who would not mind a briefcase being inspected by a customs agent might feel that a laptop search "increases the possibility of privacy risks due to the vast amount of information potentially stored on electronic devices."
Nevertheless, making such devices exempt from customs inspection would create a dangerous "loophole" for those seeking to break the law, the report said. A traveler's claim of privilege or statement that something is personal or business related, "does not preclude the search," the report said. It pointed to a process that needs to be followed when customs and immigration agents conducted such searches and the notice that needs to be provided to travelers whose devices may be retained or seized.
The report also highlighted the measures currently in place for sharing data with other federal agencies, and ensuring that any data that is copied and retained is properly protected -- including via encryption where needed and "storing in locked containers." It mentions a process for destroying any data that is not needed within a maximum of 21 days from when it was collected.