Homeland Security Still Plans To Search Laptops At Borders With No Probable Cause
from the ain't-no-due-process-at-the-border dept
There's been plenty of concern over the past few years with regards to Homeland Security's claims that it has the right to inspect the contents of your laptop at the border, even without any probable cause. While it may be well established that the 4th Amendment doesn't apply until you're actually in the country, that doesn't mean there aren't some serious questions raised. I, like many others, have no problem with border searches of actual physical containers and luggage at the border. That makes perfect sense, because it's physical goods that you're purposely trying to bring directly into the country. You packed them with the specific idea of bringing them into the country.But stuff on your laptop is different in two very important ways:
- You mostly store everything on your laptop. So, unlike a suitcase that you're bringing with you, it's the opposite. You might specifically choose what to exclude, but you don't really choose what to include.
- The reason you bring the contents on your laptop over the border is because you're bringing your laptop over the border. If you wanted the content of your laptop to go over the border you'd just send it using the internet. There are no "border guards" on the internet itself, so content flows mostly freely across international boundaries. Thus if anyone wants to get certain content into a country via the internet, they're not doing it by entering that country through border control.
Instead, the new head of DHS has "revised" the rules for laptop searches, but they're only slightly better in that the old rules were "anything goes," while the new rules are "we're still searching laptops, but we have a few rules." The main components of the new rules are that you're allowed to be present in the same room as your laptop, phone or device as it's being searched -- but not necessarily to see what border patrol is doing. Also, they can't keep your laptop for more than five days, which seems pretty damn long to me. Though, as some note, this basically means that you should make sure any encryption on your laptop takes more than five days to crack.
DHS boss Janet Napolitano's reasoning for the searches is hardly compelling:
"Keeping Americans safe in an increasingly digital world depends on our ability to lawfully screen materials entering the United States,"Um... right, but, again, the contents of the a computer laptop can easily enter the United States via the internet with no border control process whatsoever. The whole claim that this has anything to do with screening materials entering the US is totally bogus.
On top of this, the other thing that's not at all clear is how far the "search" can go. With a growing number of "cloud" based services in use, many of which act as if they're local, can the border patrol search those as well? For example, I use Jungledisk, which gives me a virtual drive that shows up in my file system as if it were a local hard drive, even though it's hosted in some data center somewhere. It looks like a local drive... but it's not actually on my laptop. Would border patrol have the right to search that, even though the contents of that drive are not actually traveling across the border?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: border search, homeland security, laptops
Reader Comments
Subscribe: RSS
View by: Time | Thread
Anything you bring over the border is subject to inspection, to whatever degree they feel is needed. if you are driving across the border, the guards can pretty much disassemble your can down the pieces to inspect for anything they like without any justification, and they can hand it back to you in pieced.
Mike, you need to chat with your "lawyer friends" about the border. It isn't the same as the rest of the US.
[ link to this | view in chronology ]
Re:
Yes. I said that in the post. Doesn't change the point, so not sure why you brought it up again.
[ link to this | view in chronology ]
Re: Re:
If they search your papers (not laptop) and find an address, they can ask you about the address. They can ask you about the people there. They can check THOSE people for criminal records. They can contact those people to see if your story checks out. Laptop or no laptop, nothing changes.
If you have connectivity on your laptop to a remote site without a passord (how foolish!), by carrying it through the border you have granted them rights for anything they can "see". That remote content is what you are bringing through with you.
Like I said, once you accept and deal with the idea that you have very limited rights, the rest of your rant seems somehow meaningless.
[ link to this | view in chronology ]
Re: Re: Re:
One, That you have limited rights
Two, That they are wasting five days to search a laptop when the same data can just be E-Mailed to yourself.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Right. Which leads me back to my favorite point on this topic; the more power a government creates for itself in the name of protecting its citizens, the more it tends to simply victimize its own citizens.
This is about power, people. The rulers believe its their job to make rules, its its not about what kinds of sense those rules make.
For a simple illustration compare the effectiveness of airport security in Israel, with a much smaller government, and the supposed security in a US airport. Israel doesn't make Grandma take off her shoes to look for a bomb, and Israeli security is 1000 times more effective. Why do they make her do that here?
[ link to this | view in chronology ]
Re:
> are EXTREMELY limited, as you have not yet
> been granted access to the US.
Where in the US Constitution does it say that my rights as a citizen disappear at the border or that the US government doesn't have to recognize them so long as I'm not in the country?
Please quote the article and section, please.
[ link to this | view in chronology ]
Re:
Oh, and the proper term is "probable cause", not "probably cause" as so many people seem to believe.
[ link to this | view in chronology ]
Re: Re:
Prolly cuz - more accurate to actual practice.
[ link to this | view in chronology ]
Re: Re: Re:
cuz ah sez so
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Pointless Security Theater
> inspection, to whatever degree they feel is needed.
So what? No degree will make the US any more safe. Just read about how Bruce Schneier got through airport security.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re: Constitution-Free Zone
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Border inspection
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Then have it boot to a partition filled with Videos of Julia Child, Yoko Ono, Animals in dresses wearing makeup, with a desktop background of a sheeps behind wearing womans undies....
[ link to this | view in chronology ]
Re: Re:
And besides the odds are about 1% of the computer using populations, so about 10,000,000 people. world wide.
(if the computer using population is only 1 billion, of course)
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Encryption Strength
imbrucy wrote:
You should be clear what kind of encryption you’re talking about hear. 1024 bits is a reasonable key length for RSA public-key encryption, but for a secret-key algorithm like AES, 128 is ample.
By the way, weaknesses have recently been found in 256-bit AES. So it’s wisest to stick to AES-128 for now.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
If I have US Citizenship how can they refuse me my right to stand on US soil? That is a right - I hope?
[ link to this | view in chronology ]
Re: Re: Re: Re:
If they can I'd like to see some documentation of this.
[ link to this | view in chronology ]
Re: Re:
just being paranoid....
[ link to this | view in chronology ]
Re: Re: Re:
see breaking RSA is just factoring big numbers (really really big numbers) and if you can do that fast there are all kinds of much better things you could use it for...
nobody has the hardware needed to crack good encryption at kind of scale that you need for stuff seized at the border...
[ link to this | view in chronology ]
Re: Re:
Well, the Homeland Gestapo have already shown that the constitution doesn't really apply to them, so hiding behind that little fact isn't going to help in my opinion. They aren't really supposed to be searching our laptops anyway, what leads you to believe they can't imprison ("waylay") you until you give them access to whatever they want?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What about alternative OSes?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
To be secure, you need to actively participate, not rely on what some sales or technical forum guru told you is safe!
JMHO
SAG
[ link to this | view in chronology ]
Limited Rights-ish
that's what makes United States v. Boucher so ironic. while the general public has to have their files haphazardly poked at by a customs official, just a little bit of pgp can make it all fruitless.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Hmmm....
--The government's reasoning for the border searches doesn't make sense because there is not virtual policing being done over the internet--
The conclusion everyone, including Mike, seems to be reaching is a logical one: the government is lying about its reasons.
Question: What if that conclusion we're all reaching is the wrong one of the two possible? What if, and I'm not technical to know if this is truly even possible, but what if the government DOES have a way to monitor incoming international traffic with a system sophisticted enough to monitor and analyze digital traffic (telephone, fax, email, etc.) for whatever parameters it desires? Maybe this would utilize the Echelon System that was previously used against the Russians. Maybe this would fall under COINTELPRO.
If that was the case, then it would make sense that the government would be worried about malicious digital malware/software/etc. sneaking through the physical weak point of the border crossing.
Unless someone can tell me that such a scenario is ABSOLUTELY, 100% impossible....well, doesn't that just make more sense?
[ link to this | view in chronology ]
Re: Hmmm....
[ link to this | view in chronology ]
Re: Re: Hmmm....
Okay, you can think I'm wrong all you want, and lord knows the whole bury your head in the sand and call people who question things "alarmists" or "conspiracy theorists" is an age-old concept, but what about the questions?
Or the fact that information on the Echelon Network and COINTELPRO is partially declassified?
I mean, I'm not just making this stuff up. Both of those things are 100% real and are things the government has admitted exist.
[ link to this | view in chronology ]
Re: Re: Re: Hmmm....
Not calling you a conspiracy nutter, just saying that it's damn near impossible. With all the data coming over the borders, the delay for checking would probably be longer than the 5 days for the laptop.
[ link to this | view in chronology ]
Re: Hmmm....
Also the routers that shuffle stuff over seas are privately owned, and it's expensive enough building hardware that can just keep up with the traffic, monitoring it, while not utterly impossible, is entirely impractical, even for the NSA or whatever spooks.
And as I mentioned, if you want to get something in/out and you really are paranoid there's always encryption, and the NSA probably doesn't have a magic way to crack SSL.
[ link to this | view in chronology ]
Re: Re: Hmmm....
Particularly if the Echelon Network includes some kind of Angel/OA God algorithm or SSL cracking capability.
After all, let's again look at motivations and making sense of things. The Echelon Network was used against the Russians AT LEAST up until the fall of the Soviets (although many argue it is being used against them and others to this day). When was SSL protocol first utilized?
If there were such simple ways to get around all of this monitoring the government has admitted to doing on other nations, why would they bother doing it? Doesn't it follow that they can crack or subvert most/all known encryption and tunneling techniques?
[ link to this | view in chronology ]
Re: Re: Re: Hmmm....
[ link to this | view in chronology ]
they would need me to swipe my finger 30 times to get to anything remotely confidential. you cant even boot up without swiping the finger
[ link to this | view in chronology ]
Re:
"Here have a glass of water while you wait"
[ link to this | view in chronology ]
Tom Ridge
If you desire to seek real background, look up "The Nexus of Politics and Terror"
[ link to this | view in chronology ]
Goverment packet sniffing
Given our track record since the Patriot Act, I could believe it myself.
But I do think it is a wasted effort. Our border guards are best used for other things.
[ link to this | view in chronology ]
The contents could be split on different continents due to cloud computing ... even be in different places at different times!
[ link to this | view in chronology ]
you missed something
[ link to this | view in chronology ]
Re: you missed something
[ link to this | view in chronology ]
It's all BS anyway.
Whoever signed it probably wasn't aware of the sheer numbers of ways of getting around this problem. If child pornography is going to get into the country, it's going to get in one way or another, either in an encrypted file or over a private FTP sealed with ssh.
I'm sorry, but I don't see Janet Napolitano as being heavily computer literate, nor do I think she knows anything about networking and communication. She probably wanted to show off how much she cared about the safety and security of America's people, and one of her advisors thought this would be a great idea.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The responsibility is for physical safety, not information safety
In addition, there not trained in handling most computer systems anyway, most guards just don't care and the few that do have most likely flagged you for something else and will take your computer as part of the process.
Its about the sane non-issue as People from the US going to Cuba, we tell you its against the law but when some guy did it and told the boarder guards he went there (he was attempting to get arrested over the issue) all he got was some extra screening.
All we have is the illusion of security with out anything really happening. If the gov cared about all information coming in and out we would have the great firewall of china that would only allow "clear" traffic.
[ link to this | view in chronology ]
Re: The responsibility is for physical safety, not information safety
[ link to this | view in chronology ]
Hrm.
This whole things reeks of middle management, like most of "Homeland Security."
[ link to this | view in chronology ]
Actually...
Except that encryption that powerful probably violates encryption export/import laws, and at the very least it would probably get them an automatic extension.
[ link to this | view in chronology ]
Re: Actually...
[ link to this | view in chronology ]
Re: Re: Actually...
It's sort of like denying a cop the right to search your car when you are pulled over. You may win that fight, but you will probably lose the battle (can you say probably cause?). If you specifically deny a border agent access to a file on your laptop, I would say your stay at the border is going to be very long indeed.
[ link to this | view in chronology ]
Re: Re: Re: Actually...
[ link to this | view in chronology ]
Re: Actually...
[ link to this | view in chronology ]
Encryption
[ link to this | view in chronology ]
Re: Encryption
Can one prove what the bit count is for an unknown encrypted file?
[ link to this | view in chronology ]
Re: Re: Encryption
99,999 bit for a nuclear submarine.
99,999,999 bit for a nuclear reactor.
99,999,999,999,999,999 bits for a aircraft carrier.
99,999,999,999,999,999,999,999,999, ... for using all of the above.
[ link to this | view in chronology ]
Re: Encryption
Anyone could potentially write a 'munitions grade' encryption program for themselves, take it out of the country, and give it to a friend. But if you're a company that writes the program and sells it to other countries, then you have to go through the licensing and declaration.
[ link to this | view in chronology ]
Re: Encryption
[ link to this | view in chronology ]
Confiscation
So, let's say you are innocent of every law there is and they don't believe that you are that squeaky clean, they could still take your harddrive, pull the data, send it to Hackers-R-Us who then looses the data (with your passwords, etc), which eventually falls into the lap of Mr. Credit Thief, which then pulls all your money out of your bank to support his / her habit. Let's even say you have a clear path with evidence that the government was responsible for Mr Theif to get access to your bank, well, the government doesn't care and you have no recourse... Good Luck!
[ link to this | view in chronology ]
Re: Confiscation
The real issue here is that the power for unwarranted search shifts the role of government beyond the nature of what was intended by our constitution -- whether the purpose for doing so is valid or not.
Yes, we need to protect our borders, but when you give officers the power of search and seizure without warrant, you are in effect creating a quasi-hostile relationship where none previously existed and where there was no cause to do so, and this is a breach of the trust given the government by its people.
The situation with border control has unique interests because of a general need for national defense, but it does not change the fundamental relationship between the government and the governed. A citizen's travel status of "entering into the country" as opposed to "already being in the country" in no way changes responsibilities and powers of those governing, nor does it change the citizen's rights and responsibilities.
Without some prior cause, how can the government, on a regular basis, treat its citizens as though they were hostile parties? I recognize the need for exceptions for general defense, but it must be reasonable with appropriate acceleration of probable cause.
Blank check access to your hard drive with no cause is so far short of reasonable as to be utterly stupid.
[ link to this | view in chronology ]
In other words, make them regret looking at it.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Not Likely
[ link to this | view in chronology ]
"Homeland Security Still Plans To Search Laptops At Borders With No Probable Cause"
The title is midleading, because "Homeland Security" isn't doing the searches randomly on the street. It is only at border crossing. So while it is Homeland Security in theory, in practical terms it is the US Customs and Border Protection (an agency under Homeland Security). The title would be equally misleading if it said "Whitehouse Still Plans to Search Laptops" as Homeland Security is under control of the Commander in Chief. Heck, the title could be "Obama Stills Plans to Search Laptops". It would be equally as misleading.
Further, the laptops are only searched at border crossings, a place where probably cause is NOT required to conduct a search. In technical terms, your wanting to enter the country is probably cause, if you want to look at it that way.
So now we know that the entire concept of Mike's article is lost.
The rest of the story is a nice little rant, but in the end, customs is responsible to make sure that undesirable people, objects, contraband, and anything else illegal isn't entering into the US - that would include (remarkably) all those kiddie porn pictures on your laptop, as well as the next unreleased video from Osama Bin Hiding. Heck, it could include the address of the safe house where you are keeping those illegal immigrants you keep smuggling in on your carry on luggage (they are small).
So it's all a rant about nothing at all - whatever you show up with at the border can be inspected, and if your laptop happens to connect automatically to a remote server or service, it is likely also to be inspected. In the words of Bill Curtis, he always has space to carry the internet.
[ link to this | view in chronology ]
Re:
*long, hard stare*
Y'know, it's people like you that worry the rest of us. Go play with your taser.
[ link to this | view in chronology ]
Re: Re:
Homeland Security in and of itself is doing NOTHING - it's the customs people, an agency UNDER Homeland Security that is doing it.
The difference between direct and indirect. The shoe is on the other foot when you guys get all fussy about if a torrent file (or listing site) is infringing or not. Same freaking deal here.
Accuracy is something sorely lacking these days around here.
[ link to this | view in chronology ]
Re: Re: Re:
I'm still staring at you like you're an idiot.
I'm not saying you are, understand, because you obviously have great insight into bureaucratic distinctions, which takes a keen intellect. I'm just looking at you *as if* you were.
I'm sure you'll appreciate the difference.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Homeland Security was basically created to get a bunch of different organizations to talk to each other and work together, but the reality is that mostly it trod on toes and invaded different little fiefdoms that poeple had built up over many, many years.
Homeland Security is like "head office", the idiots who send down stupid memos and ask you to file everything in duplicate. Customs is the actual people running the office and doing the work. Homeland Security ain't sending anyone to check laptops, they send a memo to Customs saying "check more laptops" and Customs works on it.
I just stare back at you *as if* you were being an arrogant shit. I'm not saying it, just looking *as if*
[ link to this | view in chronology ]
Re: Re: Re:
The Immigration and Customs Enforcement is a branch of Homeland Security, and does not sound to create their own rules and policies, instead they are given down.
So, to look at what your saying, if Obama himself said "These are the new rules." It would NOT be Obama or the Obama Administration who made the rule, but the officer who decides to follow the new directive?
Or am I missing something in my reading?
[ link to this | view in chronology ]
They'll just beat it out of you
Second, encryption won't help you. They won't crack the encryption, they will crack you. You can be jailed indefinitely until you give up your encryption key. A year in jail will effectively ruin your career regardless of whether you are convicted or not.
[ link to this | view in chronology ]
Re: They'll just beat it out of you
Not according to the U.S. Court of Appeals, they can't. The court has ruled that the government can't force citizens to provide passwords or encryption keys.
[ link to this | view in chronology ]
Re: Re: They'll just beat it out of you
You have very, very few rights at the border.
[ link to this | view in chronology ]
I wouldn't worry to much about this
[ link to this | view in chronology ]
Re: I wouldn't worry to much about this
Today they may only be looking for the stuff we all find horrendous (child porn) but tomorrow they may arrest you for not having proof that you own the CD's related to the mp3's you are playing.
[ link to this | view in chronology ]
STOP
[ link to this | view in chronology ]
Re: STOP
[ link to this | view in chronology ]
It's a stupid waste of time - if they were so worried about security at the border, why not do something about the thousands of illegals that cross the border weekly?
[ link to this | view in chronology ]
Not true. If they can make a copy of the crypted content, they can continue to attempt to crack if even after the laptop has left their possession.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Border Laptop Search
American's have the Fourth Amendment as a shield to protect them from unreasonable searches and seizures. The Fourth Amendment has evolved with technology. See, United States v. Blas, 1990 WL 265179, at *21 (E.D. Wis. Dec. 4, 1990) (”[A]n individual has the same expectation of privacy in a pager, computer, or other electronic data storage and retrieval device as in a closed container.”). However, the Fourth Amendment ceases when you want to enter back into the USA. Every body cavity and computer is open to inspection with little more than reasonable cause. A true border search can be made without probable cause, without a warrant, and, indeed, without any articulatable suspicion at all. The only limitation on such a search is the Fourth Amendment stricture that it be conducted reasonably. Note that the reasonableness calculus is different at the border (i.e., looser) than it is inland.
Despite such, when entering the USA, and, for the purposes of this post, a person has the Fifth Amendment as a shield. In a recent decision in Vermont, In re Boucher, a federal magistrate judge held that the Fifth Amendment right against compelled self-incrimination protects a suspect against having to reveal the password permitting access to his computer files. The software the defendant used, and which I recommend, besides using file wiping software in conjunction with other counter-forensic measures, is PGP whole disk encryption. Nothing has broken this encryption. The court determined that if Boucher was "forced" to provide the passphrase, then the contents could incriminate Boucher thus violate the Fifth Amendment. You can find the court's opinion here: http://www.volokh.com/files/Boucher.pdf
The end result, if you have material on a computer you do not want inspected, encrypt it. If the government can get a warrant to place spy ware on your computer while 'inspecting it' to reveal your pass phrase, then encrypt the file on a thumb drive. Of course, if your 'vacation' included taking pictures, then transfer those pix to an encrypted drive and insure the SD card from the camera is securely wiped.
In short, for every measure to obtain information, there's a counter-measure. However, if you are doing something while outside of the USA which can attract the Feds, I recommend---DON'T DO IT. Freedom is not free, but stupidity will put the most intelligent in prison.
Darren Chaker
[ link to this | view in chronology ]
This wasn't such a big deal, but what p**d me off was the security screeners would insist on handling my camera, looking through the viewfinder and pressing buttons before they gave it back to me. I had the feeling that they really didn't know what they were doing, but were going through some act, probably for the benefit of the morons who were supervising them. I never carried film in the camera - I always mailed the finished 35mm rolls to Kodak, because I didn't want anyone at the airport to ruin my pictures.
I was really surprised that after 9/11, airport security didn't start doing this again. These acts were as pointless as taking off your shoes and walking barefoot through the screening area.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
women sexy shoes
htt
[ link to this | view in chronology ]
sexy shoes for ladies shoes
[ link to this | view in chronology ]