The federal government currently enjoys, and has historically held, broad powers of search and seizure of persons and electronic devices at border crossings into the United States. The Fourth Amendment’s prohibition against unreasonable searches and seizures does not apply at the border – courts have based that governmental power on its interest in combatting crime and terrorism. Recently, however, several cases have been filtering through the federal courts challenging the government’s broad powers at the borders. According to the New York Times – Border Agents’ Powers to Search Devices Is Facing Increasing Challenges in Court, “several court cases seek to limit the ability of border agents to search, copy and even seize travelers’ laptops, cameras and phones without suspicion of illegal activity.”
As an individual or as a business, you might say: 1) my business does not take me (or my employees) outside of the United States; or 2) neither I (nor my employees) act like terrorists or associate with terrorist groups – so why should this concern me? For the most part you might be right – the number of such searches is fairly small. The New York Times reported that between October 1, 2011, and August 31, 2012, 11.9 million travelers were referred to secondary screening (an enhanced screening and interrogation process) upon entering the United States. Of those chosen for enhanced measures, 4,898 searches included electronic devices.
The Department Of Homeland Security disclosed to the New York Times its policy on electronic searches saying that “officers can keep these devices for a ‘reasonable period of time,’ including at an off-site location, and seek help from other government agencies to decrypt, translate or interpret the information contained. If travelers choose not share a password for a device, the government may hold it to find a way to gain access to the data.” So how long can the federal government hold your device and your data? That is an open question.
In one federal case, House v. Napolitano, border agents at Chicago O’Hare Airport confiscated a laptop, camera and USB drive from David House, a computer programmer, and kept his devices for seven weeks. The Complaint asserted the following:
Plaintiff challenges as a violation of the First and Fourth Amendments the prolonged seizure of his laptop computer and other electronic devices and the review, copying, retention, and dissemination of their contents. Plaintiff also alleges that the materials seized by the government contain confidential information identifying members and supporters of a political organization, the Bradley Manning Support Network, and that Defendants’ review, retention, and disclosure of that information intrudes on the right of associational privacy protected by the First Amendment. Plaintiff seeks a declaratory judgment that the search and seizure violated the First and Fourth Amendments, and an injunction requiring Defendants to return or destroy any seized data in their custody or control and to inform Plaintiff whether that data has been disclosed to other agencies or individuals.
(You might recall, Pfc. Manning is the former military intelligence analyst accused of leaking documents to the group WikiLeaks.) The Federal District Court in Massachusetts, already denied the government’s motion to dismiss the case. The judge ruled the government did not need reasonable suspicion to search someone’s electronic devices at the border, but the power did not strip Mr. House of his First Amendment rights.
In another example reported by the Times, Laura Poitras, a documentary filmmaker and recipient of a 2012 MacArthur Fellowship, estimated she had been detained at the U.S. border more than 40 times. After one trip abroad in particular, her laptop, camera and cellphone were seized by the government for 41 days, as well as having her notes and credit card copied.
The legal question remains whether confiscating an electronic device for days or weeks, and analyzing its data at an off-site location goes beyond a permissible border detention and search. For many individuals, this question might not matter. But companies who issue mobile devices to employees should care about this issue. Many employees go on vacation abroad… and how many of those employees take your company provided mobile devices with them on vacation – whether a laptop, smartphone, or tablet? Or maybe your company permits employees to bring their own device (“BYOD”) to work – and your confidential information is stored on your employees’ personal devices. I certainly take my mobile devices with me. And I would guess most, if not all, of your employees do the same.
What would happen if, for some unknown reason, the government seizes your employee’s work computer or mobile device for weeks or months? What personal or confidential business information might be compromised by such a detention and seizure? Although this issue arises with relatively small frequency, it’s always important to think about the confidential information we carry around with us on a daily basis – whether we travel outside of the U.S. for business or pleasure or are simply running an errand to the local store.
This reinforces the need to secure your mobile devices and have contingency plans in place if they go missing, or as these examples suggest – the government seizes them. Do you have a plan in place? Do you have the resources and tools in place to manage and control the information on those devices?