Wednesday, May 21, 2008

Border Laptop Searches -- Assessing the Risk



A Border Laptop Search is a Black Swan

The United States Customs and Border Protection agency (CBP) asserts the unrestricted right to search laptop hard disks at the border. The Fourth and Ninth Circuit Courts of Appeal in the federal judicial system have recently given the CBP a green light to continue such searches. As the law now stands the CBP does not need a court order, a search warrant, a finding of probable cause or even a reasonable suspicion in order search your laptop hard disk. The CBP may pick travelers out for laptop searches entirely at random.

In short, for the laptop-carrying business traveler entering the U.S. from Germany (or anywhere else for that matter) a CBP search of his or her laptop is a Black Swan -- a highly improbable event but one carrying potentially disastrous consequences. See, Taleb, The Black Swan, Random House (2007).

The German business traveler might be tempted to think that CBP is only interested in terrorism, child pornography and drug trafficking and has no interest in searching the laptops of ordinary business travelers. This is wishful thinking. The two cases referred to above (U.S. v. Ickes and U.S. v. Arnold) do happen to have involved child pornography. But that fact was incidental to the holdings in the cases. So far as the facts recited in the two opinions show, the agents who conducted the searches had no idea what they were going to find. Neither traveler was a target of an investigation and neither did anything at the border to draw attention to himself as a potential carrier of child pornography. Mr. Ickes and Mr. Arnold simply had the bad luck to singled out for searches which extended to their laptops. The met the Black Swan.

Furthermore, if you think the CBP is unlikely to search your laptop because you are a respectable, well-dressed traveler, then consider this answer from the CBP website to the question, "How do officers decide which passengers to examine or search?"

Please be aware, some of CBP's biggest seizures have come from inspections of "respectable looking" people, such as grandmothers, corporate executives, college professors, etc. Everyone is subject to a CBP inspection when they arrive in the U.S.
If even grandmothers are potentially suspect, then German venture capitalists and lawyers must be even more so.

And if this sweeping everyone-is-a-potential-suspect attitude were not enough to constitute a risk to business travelers, the CBP has an explicit policy of conducting random inspections of air passengers as shown in this excerpt from the CBP website:

RANDOM EXAMS

One of CBP missions (sic) is to ensure that travelers entering the United States comply with U.S. laws. In support of this mission, CBP conducts random compliance examinations (COMPEX).

Essentially, COMPEX examinations involve random selection of vehicles and/or air passengers that ordinarily would not be selected for an intensive examination. [emphasis added]

...

It is possible that, upon your entry into the United States from a foreign country, you may be selected for a COMPEX examination and experience a slight delay in your Customs processing.

In addition to the policy of random search, CBP is linked with something called "IBIS", a network of other federal government agencies, and uses information from that network to select travelers for inspection:

CBP officers also rely on the Interagency Border Inspection System (IBIS) to determine which individuals to target for secondary examination upon arrival in the United States.

CBP, along with law enforcement and regulatory personnel from 20 other Federal agencies or bureaus, use IBIS. Some of these agencies are the Federal Bureau of Investigation (FBI), Interpol, the Drug Enforcement Administration, the Bureau of Alcohol, Tobacco and Firearms and Explosives, the Internal Revenue Service, the Coast Guard, the Federal Aviation Administration, Secret Service, and the Animal Plant Health Inspection Service. Information from IBIS is also shared with the Department of State for use by Consular Officers at U.S. Embassies and Consulates.

IBIS assists the majority of the traveling public with expeditious clearance at ports of entry while allowing the border enforcement agencies to focus their limited resources on potential non-compliant travelers. IBIS provides the law enforcement community with access to computer-based enforcement files of common interest. [emphasis added]

In other words, data in IBIS can by used to target specific persons for border searches, including, in particular, border searches of laptops. And the list of agencies given in the above quote from the CBP website can be extended to include, e.g., the Securities and Exchange Commission, The Food and Drug Administration and the Department of the Treasury, among others.

Properly understood, as it undoubtedly is by the agencies mentioned, the power of CBP to conduct at-will border searches of laptop hard disks, memory sticks, external hard drives, CD's and handheld devices such as Blackberries is a potent investigative tool for agencies of the federal government. This power gains a special potency from the fact that CBP is able to exercise it free from the legal protections of U.S. law, such as the Fourth Amendment guarantee of freedom from unreasonable searches and seizures, otherwise applicable to searches carried out by these agencies.

Business travelers therefore need to recognize that although the liklihood of a laptop search at the border may be slight (or it may not be -- we do not know, although a lawsuit has been filed to obtain policies and procedures on border laptop searches under the Freedom of Information Act), the consequences of such a search can be enormous. The data captured from your laptop may travel a long way through the channels of the U.S. government, branching into many interested departments along its way. If that data is confidential client information on the laptops of lawyers, sensitive intellectual property or economic information on the laptops of VC's or entrepreneurs, or private health or financial information about the traveler, then the traveler in question must carefully consider his position. You can protect against the extreme impact of a border laptop search, e.g., by leaving your laptop at home or by carrying only non-confidential data, but there is nothing you can do to assure your laptop will not be searched, i.e., that you will not meet the Black Swan.

In subsequent posts we will examine three specific cases in which the possibility of a border laptop search exposes the travelers in question, and their clients or employers, to dangerous risks. We will also consider what measures a traveler might take to minimize the impact of a border laptop search if it should occur.

1 comment:

Nyx said...

Well written article.