[SGVLUG] interesting, border inspection issues

John E. Kreznar jek at ininx.com
Thu May 8 17:04:28 PDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Dan Borne" <danborne.kde at gmail.com> writes:

> I as well find it to be of interest, but has anyone ever actually
> ever had to open their laptop and share information with the
> officials?

The following story has appeared (and others).

- -- 
 John E. Kreznar jek at ininx.com 9F1148454619A5F08550 705961A47CC541AFEF13
  Imagine there's no countries / to kill or die for  --John Lennon, 1971


http://www.washingtonpost.com/wp-dyn/content/article/2008/02/06/AR2008020604763.html
Clarity Sought on Electronics Searches
U.S. Agents Seize Travelers' Devices

By Ellen Nakashima
Washington Post Staff Writer
Thursday, February 7, 2008; Page A01

Nabila Mango, a therapist and a U.S. citizen who has lived in the
country since 1965, had just flown in from Jordan last December when,
she said, she was detained at customs and her cellphone was taken from
her purse. Her daughter, waiting outside San Francisco International
Airport, tried repeatedly to call her during the hour and a half she
was questioned. But after her phone was returned, Mango saw that
records of her daughter's calls had been erased.

A few months earlier in the same airport, a tech engineer returning
from a business trip to London objected when a federal agent asked him
to type his password into his laptop computer. "This laptop doesn't
belong to me," he remembers protesting. "It belongs to my company."
Eventually, he agreed to log on and stood by as the officer copied the
Web sites he had visited, said the engineer, a U.S. citizen who spoke
on the condition of anonymity for fear of calling attention to
himself.

Maria Udy, a marketing executive with a global travel management firm
in Bethesda, said her company laptop was seized by a federal agent as
she was flying from Dulles International Airport to London in December
2006. Udy, a British citizen, said the agent told her he had "a
security concern" with her. "I was basically given the option of
handing over my laptop or not getting on that flight," she said.
<snip>

The seizure of electronics at U.S. borders has prompted protests from 
travelers who say they now weigh the risk of traveling with sensitive 
or personal information on their laptops, cameras or cellphones. In 
some cases, companies have altered their policies to require 
employees to safeguard corporate secrets by clearing laptop hard 
drives before international travel.

Today, the 
<http://www.washingtonpost.com/ac2/related/topic/Electronic+Frontier+Foundation?tid=informline>Electronic 
Frontier Foundation and Asian Law Caucus, two civil liberties groups 
in 
<http://www.washingtonpost.com/ac2/related/topic/San+Francisco?tid=informline>San 
Francisco, plan to file a lawsuit to force the government to disclose 
its policies on border searches, including which rules govern the 
seizing and copying of the contents of electronic devices. They also 
want to know the boundaries for asking travelers about their 
political views, religious practices and other activities potentially 
protected by the First Amendment. The question of whether border 
agents have a right to search electronic devices at all without 
suspicion of a crime is already under review in the federal courts.

The lawsuit was inspired by two dozen cases, 15 of which involved 
searches of cellphones, laptops, MP3 players and other electronics. 
Almost all involved travelers of Muslim, Middle Eastern or South 
Asian background, many of whom, including Mango and the tech 
engineer, said they are concerned they were singled out because of 
racial or religious profiling.

A 
<http://www.washingtonpost.com/ac2/related/topic/U.S.+Customs+and+Border+Protection?tid=informline>U.S. 
Customs and Border Protection spokeswoman, Lynn Hollinger, said 
officers do not engage in racial profiling "in any way, shape or 
form." She said that "it is not CBP's intent to subject travelers to 
unwarranted scrutiny" and that a laptop may be seized if it contains 
information possibly tied to terrorism, narcotics smuggling, child 
pornography or other criminal activity.

The reason for a search is not always made clear. The Association of 
Corporate Travel Executives, which represents 2,500 business 
executives in the United States and abroad, said it has tracked 
complaints from several members, including Udy, whose laptops have 
been seized and their contents copied before usually being returned 
days later, said Susan Gurley, executive director of ACTE. Gurley 
said none of the travelers who have complained to the ACTE raised 
concerns about racial or ethnic profiling. Gurley said none of the 
travelers were charged with a crime.

"I was assured that my laptop would be given back to me in 10 or 15 
days," said Udy, who continues to fly into and out of the United 
States. She said the federal agent copied her log-on and password, 
and asked her to show him a recent document and how she gains access 
to 
<http://financial.washingtonpost.com/custom/wpost/html-qcn.asp?dispnav=business&mwpage=qcn&symb=MSFT&nav=el>Microsoft 
Word. She was asked to pull up her e-mail but could not because of 
lack of Internet access. With ACTE's help, she pressed for relief. 
More than a year later, Udy has received neither her laptop nor an explanation.

ACTE last year filed a Freedom of Information Act request to press 
the government for information on what happens to data seized from 
laptops and other electronic devices. "Is it destroyed right then and 
there if the person is in fact just a regular business traveler?" 
Gurley asked. "People are quite concerned. They don't want 
proprietary business information floating, not knowing where it has 
landed or where it is going. It increases the anxiety level."

Udy has changed all her work passwords and no longer banks online. 
Her company, Radius, has tightened its data policies so that 
traveling employees must access company information remotely via an 
encrypted channel, and their laptops must contain no company information.

At least two major global corporations, one American and one Dutch, 
have told their executives not to carry confidential business 
material on laptops on overseas trips, Gurley said. In 
<http://www.washingtonpost.com/ac2/related/topic/Canada?tid=informline>Canada, 
one law firm has instructed its lawyers to travel to the United 
States with "blank laptops" whose hard drives contain no data. "We 
just access our information through the Internet," said Lou 
Brzezinski, a partner at Blaney McMurtry, a major 
<http://www.washingtonpost.com/ac2/related/topic/Toronto?tid=informline>Toronto 
law firm. That approach also holds risks, but "those are hacking 
risks as opposed to search risks," he said.

The U.S. government has argued in a pending court case that its 
authority to protect the country's border extends to looking at 
information stored in electronic devices such as laptops without any 
suspicion of a crime. In border searches, it regards a laptop the 
same as a suitcase.

"It should not matter . . . whether documents and pictures are kept 
in 'hard copy' form in an executive's briefcase or stored digitally 
in a computer. The authority of customs officials to search the 
former should extend equally to searches of the latter," the 
government argued in the child pornography case being heard by a 
three-judge panel of the Court of Appeals for the 
<http://www.washingtonpost.com/ac2/related/topic/U.S.+Court+of+Appeals?tid=informline>9th 
Circuit in San Francisco.

As more and more people travel with laptops, 
<http://www.washingtonpost.com/ac2/related/topic/BlackBerry+Mobile+Devices?tid=informline>BlackBerrys 
and cellphones, the government's laptop-equals-suitcase position is 
raising red flags.

"It's one thing to say it's reasonable for government agents to open 
your luggage," said David D. Cole, a law professor at 
<http://www.washingtonpost.com/ac2/related/topic/Georgetown+University?tid=informline>Georgetown 
University. "It's another thing to say it's reasonable for them to 
read your mind and everything you have thought over the last year. 
What a laptop records is as personal as a diary but much more 
extensive. It records every Web site you have searched. Every e-mail 
you have sent. It's as if you're crossing the border with your home 
in your suitcase."

If the government's position on searches of electronic files is 
upheld, new risks will confront anyone who crosses the border with a 
laptop or other device, said Mark Rasch, a technology security expert 
with 
<http://financial.washingtonpost.com/custom/wpost/html-qcn.asp?dispnav=business&mwpage=qcn&symb=FCN&nav=el>FTI 
Consulting and a former federal prosecutor. "Your kid can be arrested 
because they can't prove the songs they downloaded to their 
<http://www.washingtonpost.com/ac2/related/topic/Apple+iPod?tid=informline>iPod 
were legally downloaded," he said. "Lawyers run the risk of exposing 
sensitive information about their client. Trade secrets can be 
exposed to customs agents with no limit on what they can do with it. 
Journalists can expose sources, all because they have the audacity to 
cross an invisible line."

Hollinger said customs officers "are trained to protect confidential 
information."

Shirin Sinnar, a staff attorney with the Asian Law Caucus, said that 
by scrutinizing the Web sites people search and the phone numbers 
they've stored on their cellphones, "the government is going well 
beyond its traditional role of looking for contraband and really is 
looking into the content of people's thoughts and ideas and their 
lawful political activities."

If conducted inside the country, such searches would require a 
warrant and probable cause, legal experts said.

Customs sometimes singles out passengers for extensive questioning 
and searches based on "information from various systems and specific 
techniques for selecting passengers," including the Interagency 
Border Inspection System, according to a statement on the 
<http://www.cbp.gov/xp/cgov/travel/admissability/authority_to_search.xml>CBP 
Web site. "CBP officers may, unfortunately, inconvenience law-abiding 
citizens in order to detect those involved in illicit activities," 
the statement said. But the factors agents use to single out 
passengers are not transparent, and travelers generally have little 
access to the data to see whether there are errors.

Although Customs said it does not profile by race or ethnicity, an 
officers' training guide states that "it is permissible and indeed 
advisable to consider an individual's connections to countries that 
are associated with significant terrorist activity."

"What's the difference between that and targeting people because they 
are Arab or Muslim?" Cole said, noting that the countries the 
government focuses on are generally predominantly Arab or Muslim.

It is the lack of clarity about the rules that has confounded 
travelers and raised concerns from groups such as the Asian Law 
Caucus, which said that as a result, their lawyers cannot fully 
advise people how they may exercise their rights during a border 
search. The lawsuit says a Freedom of Information Act request was 
filed with Customs last fall but that no information has been received.

Kamran Habib, a software engineer with 
<http://financial.washingtonpost.com/custom/wpost/html-qcn.asp?dispnav=business&mwpage=qcn&symb=CSCO&nav=el>Cisco 
Systems, has had his laptop and cellphone searched three times in the 
past year. Once, in San Francisco, an officer "went through every 
number and text message on my cellphone and took out my SIM card in 
the back," said Habib, a permanent U.S. resident. "So now, every time 
I travel, I basically clean out my phone. It's better for me to keep 
my colleagues and friends safe than to get them on the list as well."

Udy's company, Radius, organizes business trips for 100,000 travelers 
a day, from companies around the world. She says her firm supports 
strong security measures. "Where we get angry is when we don't know 
what they're for."

Staff researcher Richard Drezen contributed to this report.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/>

iD8DBQFII5TwYaR8xUGv7xMRAjp3AJ9hNeEkbV2YN8b87oYoj+5Lz/1/vwCeMlMv
GyzGjbg00H5kdDWyrNEeVyU=
=/pN6
-----END PGP SIGNATURE-----



More information about the SGVLUG mailing list