Computers, Privacy & the Constitution

The Border Search Exception

I'm writing a paper for a different class about the exception to the Fourth Amendment requirement for a warrant to conduct a search at the international border. I pricked up my ears in class last week when Eben said that en route to JFK someone could do the digital equivalent to locking a door and sliding the key underneath it. I thought it might be useful to set out what I've learned so far about this area of law, if nothing else to make people who are traveling internationally aware of the new border directives.

Brief background

The Fourth Amendment at the border balances the tension between the privacy rights of individuals in their persons, papers and effects, and a government’s interest in controlling what crosses its borders. The Courts have determined that at the border the government's interest is "at its zenith" whereas the individual's expectations are lowered. (United States v. Flores-Montano, 541 U.S. 149, 152 (2004)) The asymmetry in these interests has influenced the development of the border search exception: an exception to the presumption that for a search to be reasonable under the Fourth Amendment the government must obtain a warrant. Electronic devices, now ubiquitous, have posed a challenge to the border search exception. The amount and type data these devices contain mean that laws and concepts that applied to the tangible world do not neatly translate to the digital era.

The New US Border Directive

The new CBP Directive allows an Officer to carry out a warrantless "basic search" with or without suspicion of wrongdoing. The networking function must be turned off on the device when the search is being conducted. The Officer is limited to data stored on the device, its operating system and software on the device. To carry out an "advanced" search an Officer must have reasonable suspicion of the commission of offending or a "national security" concern and must obtain approval from higher officers. In an advanced search a device can be connected to tools that review, copy and/or analyze the data contained therein.

A traveler is obliged to present the device and information contained therein in a condition that allows inspection of the device and its contents. An Officer can request assistance in presenting the device and information in a way that allows its inspection. Passcodes or other means of access may be requested and retained as needed to facilitate the examination, including information on the device that is accessible through software applications on the device. If an Officer is unable to complete an inspection because of its password protection or encryption the Officer may detain the device.

There is a process in the Directive when the device contains privileged data, but this does not stop a search from taking place.

The New New Zealand Legislation

As part of my paper I also looked up the situation in New Zealand, only to find that we also passed new legislation on this earlier this year. Prior to this Act the Courts had recognized a broad power regarding the searching of electronic devices. Contrary to the position of the NZ Customs to simply codify this broad power with clarifications Cabinet has broken away from Five Eyes partners in requiring reasonable suspicion of the commission of an offense to conduct even an initial search of an electronic device. To conduct a "full search" with forensic assistance a Customs officer needs to have reasonable suspicion that evidence related to the commission of an offense is on the electronic device.

A Customs officer can require a traveler to process "access information": passcodes and encryption keys to facilitate access to the device. The legislation makes it an offense to, without reasonable excuse, fail to give access information (passwords etc) to enable a Customs officer to carry out the search.

To sum up

In a nutshell the US CBP have broad powers to conduct searches at the border. In my paper I argue an increased suspicion threshold is required for an initial search given the heightened privacy interests that people have in the data stored in their devices (whether intentionally or through sensor collection).

-- RebeccaBonnevie - 25 Apr 2018



Webs Webs

r1 - 25 Apr 2018 - 02:28:26 - RebeccaBonnevie
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM