Yves here. This ruling is a big deal. Even though your humble blogger isn’t likely to be the target of border searches, the prospect was so appalling that I’ve been loath to leave the US, since I’d feel compelled to wipe my data on my laptop before returning and be prepared for the possibility of my machine being impounded (the DHS has also taken to seizing devices to poke around in them and then return them weeks later).
By Jessica Corbett, staff writer at Common Dreams. Originally published at Common Dreams
In a development that the Electronic Frontier Foundation declared “an enormous victory for privacy,” a federal judge in Boston ruled Tuesday that suspicionless searches of travelers’ phones, laptops, and other electronic devices by government agents at U.S. ports of entry are unconstitutional.
“This is a great day for travelers who now can cross the international border without fear that the government will, in the absence of any suspicion, ransack the extraordinarily sensitive information we all carry in our electronic devices,” EFF senior staff attorney Sophia Cope said in a statement.
The lawsuit, Alasaad v. McAleenan, was filed by EFF, the national ACLU, and ACLU of Massachusetts on behalf of 10 U.S. citizens and one lawful permanent resident who had their devices searched without warrants. The suit named as defendants the Department of Homeland Security and two agencies it oversees—Customs and Border Protection as well as Immigration and Customs Enforcement.
BREAKING: In a major victory for privacy, a federal court ruled today that the government’s suspicionless searches of international travelers’ smartphones and laptops at airports and other U.S. ports of entry violate the Fourth Amendment. pic.twitter.com/SJDIERJdV5
— ACLU (@ACLU) November 12, 2019
Plaintiffs in the case include Sidd Bikkannavar, an optical engineer for NASA’s Jet Propulsion Laboratory living in California; Jeremy Dupin, a journalist living in Massachusetts; and Diane Maye, a college professor and former U.S. Air Force captain living in Florida.
When the suit was filed in September 2017, Maye said that she “felt humiliated and violated” after she was detained for two hours at Miami International Airport upon her return to the United States from a vacation in Europe.
“I worried that border officers would read my email messages and texts, and look at my photos,” Maye explained. “This was my life, and a border officer held it in the palm of his hand. I joined this lawsuit because I strongly believe the government shouldn’t have the unfettered power to invade your privacy.”
Suspicionless searches of electronic devices at the border have skyrocketed in recent years.
In this joint civil liberties lawsuit brought by EFF and @ACLU, we sued on behalf of 11 travelers, arguing that these searches violate the 1st and 4th Amendments. https://t.co/ZbbJ3Iq6tr
— EFF (@EFF) November 12, 2019
Esha Bhandari, staff attorney with the ACLU’s Speech, Privacy, and Technology Project, said Tuesday that “this ruling significantly advances Fourth Amendment protections for millions of international travelers who enter the United States every year.”
The Fourth Amendment of the U.S. Constitution states that “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
Bhandari added that “by putting an end to the government’s ability to conduct suspicionless fishing expeditions, the court reaffirms that the border is not a lawless place and that we don’t lose our privacy rights when we travel.”
Based on government data, CBP conducted more than 30,000 searches in fiscal year 2017. The privacy advocacy groups pointed out in their joint statement Tuesday that “the number of electronic device searches at U.S. ports of entry has increased significantly” in the past few years.
As a Canadian if I dared cross that border these days I would bring a burner phone — I’m impressed that this sounds like it applies not just to US citizens. Though, I think they can still detain me on my side of the border and not let me turn around.
…. Not worth it so far.
The Canadian Border Services Agency seizes devices far more often than their US counterparts, and with much less oversight (what is the Canadian counterpart to the ACLU?). Device seizure is now “routine”. I have avoided travel to Canada largely for this reason. In many other countries, I imagine the situation is similar. The issue is not such a hot button in most other countries the way it is with Americans for cultural reasons going back to the Revolution and then the Bill of Rights.
Canada: Canada Border Services Agency Routinely Requests Passwords From Travelers/ Returning Residents And Examines Electronic Devices
What You Need to Know about Electronics Search and Seizures at the Border
Here’s What to Do if a Border Guard Wants to Search Your Phone
Well damn. That’s much worse than I’d thought. Thanks for the links!
This is obviously an excellent ruling, and welcome. But what will be its actual effect?
Since it’s from a district court, I assume this case will have to wend its way through the system, be confirmed through similar rulings in other jurisdictions, and eventually be upheld by higher courts before travelers actually start to see redress?
Will DHS, ICE and Customs and Border Patrol view this as a “shot across the bow” and cease and desist? Or will they still have free rein to harass travelers in the meantime? And in the meantime, if a traveler has their device impounded, what should they do?
You’re correct, the government will almost certainly appeal to the Court of Appeals and possibly the Supreme Court, while asking for a stay in implementing the judge’s decision. Short answer is, it ain’t over yet.
Right. District court cases are generally not “binding” and have no effect except as persuasive authority on judges in their district. However, if it’s a well-reasoned and strong memorandum opinion, it could influence district judges in other districts. … However, I’m not a fed courts expert; the district court here denied nationwide injunctive relief without prejudice and “without further briefing from the parties,” citing cases where circuit courts have upheld nationwide injunctions. See mem. op. at 46-48. … Of course, the DOJ will appeal this, and pdq.
Also, other governments are still free to do this (especially Canada) and the US has a long history of sharing data with other governments, particularly the Five Eyes.
Also, I don’t have the link now, but there was talk about devices that could copy the memory of an electronic device in less than a minute just by placing the copying device next to the device to be copied. Could they even copy your device while you’re waiting in line?
Depending on the device, perhaps. Typically no. Laptops with disk drives would have to be turned on and penetrated via a wireless access and logon – hacked – to do something like this. Encrypted disk and good password makes this a challenge for even a state hacker. Same with phones, though of course turning a phone completely off these days is pretty near impossible, as you can’t remove the battery (but you can allow it to discharge).
Unless, of course, the manufacturer installed a back door that only someone special knows about. Hmmm, I’m getting paranoid. Likely for good reason.
>>Depending on the device, perhaps. Typically no. Laptops with disk drives
Thank you for replying so thoughtfully. After I posted this I thought I had overstated it and looked it up and apparently I had. At a minimum, for devices in your pocket, they would have to be turned on, and while they’re in your pocket there is a limit to what they can get. In principle, they could use packet sniffing to get the data from the constant backups that Android and iphones do by default. There are also more exotic methods for getting the data on a device that may or may not work in reality, but at any rate, I doubt CBP is getting that tech.
However, what is most worrying is not a hack, but actually just quickly imaging all the data on the device so they can later search through it, even without logging into the device. I had read that the government has software that allows them to clone an entire device very quickly even if not logged in (now I can’t find the link), though it requires a USB connection, and then they have different software to search through that data dump and hack the password if needed. There was a scandal last year when many of the USB sticks on which CBP had copied people’s data went missing.
…Government will always have Suspicions….regarding Citizens….
“same as it ever was”
oafstradamus
As people have pointed out in other places, “reasonable suspicion” is a very low bar. Equivalent to what a cop needs to stop and talk to you and far less than the “probable cause” required to arrest you or get a search warrant.
Seems ok to me, as can’t be based on generalized stereotypes like 2 brown men driving at 2AM must be baddies.
Wikipedia:
Reasonable suspicion is a legal standard of proof in United States law that is less than probable cause, the legal standard for arrests and warrants, but more than an “inchoate and unparticularized suspicion or ‘hunch'”; it must be based on “specific and articulable facts”, “taken together with rational inferences from those facts”, and the suspicion must be associated with the specific individual.
This ruling is great, but to make it greater, we need an
ironclad guarantee that data uploaded to place completely separate from “the five-sided bughouse”
like some independent Pacific island, etc., only then can
we stop worrying.
So I was sitting back thinking about what people keep on their mobile phones and how that would have translated in terms of what people used about a generation or so ago. So you are talking about showing up at border customs with an address/telephone book, a marked calendar, a set of your latest photo albums, a coupla board games, a notebook, a coupla books, an alarm clock, a pocket calculator, a set of maps, a notebook, a camera with a flash, a walky-talkie, envelopes and stamps – whew! And that is just the basics. You’d need a trolley to carry all that junk around. And if a border patrol officer wanted to search it all, he would have to do so at one page and one entry at a time.
Good News! I do hope that includes searches regarding Domestic Flights, particularly for those who do not have Passports™. I was a lucky lottery winner at San Francisco Airport while travelling with my mom to bury an Out Of State™ sibling in 2002. I was the only person searched, in front of all of the other passengers (had an overhead bag with my cheap laptop in it), was told I was chosen and humiliated at random (had never even bought anything, nor commented on the internet at that point – still have not bought anything over the internet – had the laptop solely because my profession required it)
My next Domestic Flight, was in 2006, While travelling Out Of State with my over 80 year old mother to her sibling’s memorial service, my laptop was taken at the Philadelphia Airport and my mother was interrogated about the prescribed and necessary meds she put in her overhead bag, for about 45 minutes. Who knows what they did with my laptop, which I got back. Haven’t taken a flight since the subsequent return flight.
The US™ has not only been vicious to law abiding billions of foreigners and globe trotting US™ citizens, its been particularly vicious to its own law abiding residents without Passports™ – since its inception as London Inc.’s overwhelmingly successful petri pool investment.
It appears that the decision does not, in fact, stop the digital seizures in question, and that the ACLU rep. overstates optimistically when they say that it has “put[] an end to the government’s ability to conduct suspicionless fishing expeditions” — though it is surely an important first step and to be celebrated. It seems clear that until that happy far-off day when the law is both just and rigorously enforced, if one seriously does not want certain information in state hands, or even just gawked at by random guffawing ICE agents, then one must either (a) encrypt the living shit out of it or (b) not store it on devices carried to the border or in accounts accessible from devices carried to the border. N’est-ce pas?
where did the policy that there are no constitutional rights 100 miles from border come from? i’ve read about that several times but like so many abuses of power, i never understood the origin of that thinking…
here: https://en.wikipedia.org/wiki/Border_search_exception
“Federal law allows certain federal agents to conduct search and seizures within 100 miles of the border into the interior of the United States.[5] The Supreme Court has clearly and repeatedly confirmed that the border search exception applies within 100 miles of the border of the United States as seen in cases such as United States v. Martinez-Fuerte where it was held that the Border Patrol’s routine stopping of a vehicle at a permanent checkpoint located on a major highway away from the Mexican border for brief questioning of the vehicle’s occupants is consistent with the Fourth Amendment.[6] “