February 9, 2007

Laptop data searches at border checks

U.S. courts have approved border agents' search of traveler's laptops without articulable probable cause.

Indications are that U.S. and Candian customs officials are searching laptops for pornography and obscene material.

Some travelers report being asked if the laptop they were carrying was a personal or company unit. Presumably, corporate laptops are less likely to be checked for obscene material than personal units are.

Authorities also have the ability to conduct forensic computer searches at border crossings and have done so in the past.

Data transmitted across national borders via the Internet is more strongly protected than data hand-carried through Customs checkpoints, because wiretaps must comply with the requirements of Title III, 18 U.S.C. §§ 2510-2522, or the Pen/Trap statute, 18 U.S.C. §§ 3121-3127. The few advantages of hand-carry are totally lost if one cannot be assured that the data hasn't been copied, or that software or hardware spying mechanisms haven't been implanted within it.

Travelers with sensitive or legally privileged data will want to Customs-proof their laptop before crossing a controlled border. Strong encryption is the best tool to protect data that must be hand-carried through Customs instead of residing on a remote server. Some organizational IT departments are investigating hardware hard-disk encryption, sometimes combined with hardware biometric readers.

It is unclear at this time whether a traveler can be forced to divulge a password. One privacy wonk has suggested wearable or concealable USB drives as a measure of protection.

No comments: