Homeland Security: We can seize laptops for an indefinite period

The U.S. Department of Homeland Security has concocted a remarkable new policy: It reserves the right to seize for an indefinite period of time laptops taken across the border.

A pair of DHS policies from last month say that customs agents can routinely--as a matter of course--seize, make copies of, and "analyze the information transported by any individual attempting to enter, re-enter, depart, pass through, or reside in the United States." (See policy No. 1 and No. 2.)

DHS claims the border search of electronic information is useful to detect terrorists, drug smugglers, and people violating "copyright or trademark laws." (Readers: Are you sure your iPod and laptop have absolutely no illicitly downloaded songs? You might be guilty of a felony.)

This is a disturbing new policy, and should convince anyone taking a laptop across a border to use encryption to thwart DHS snoops. Encrypt your laptop, with full disk encryption if possible, and power it down before you go through customs.

Here's a guide to customs-proofing your laptop that we published in March.

It's true that any reasonable person would probably agree that Customs agents should be able to inspect travelers' bags for contraband. But seizing a laptop and copying its hard drive is uniquely invasive--and should only be done if there's a good reason.

Sen. Russell Feingold, a Wisconsin Democrat, called the DHS policies "truly alarming" and told the Washington Post that he plans to introduce a bill that would require reasonable suspicion for border searches.

But unless Congress changes the law, DHS may be able to get away with its new rules. A U.S. federal appeals court has ruled that an in-depth analysis of a laptop's hard drive using the EnCase forensics software "was permissible without probable cause or a warrant under the border search doctrine."

At a Senate hearing in June, Larry Cunningham, a New York prosecutor who is now a law professor, defended laptop searches--but not necessarily seizures--as perfectly permissible. Preventing customs agents from searching laptops "would open a vulnerability in our border by providing criminals and terrorists with a means to smuggle child pornography or other dangerous and illegal computer files into the country," Cunningham said.

The new DHS policies say that customs agents can, "absent individualized suspicion," seize electronic gear: "Documents and electronic media, or copies thereof, may be detained for further review, either on-site at the place of detention or at an off-site location, including a location associated with a demand for assistance from an outside agency or entity."

Outside entity presumably refers to government contractors, the FBI, and National Security Agency, which can also be asked to provide "decryption assistance." Seized information will supposedly be destroyed unless customs claims there's a good reason to keep it.

An electronic device is defined as "any device capable of storing information in digital or analog form" including hard drives, compact discs, DVDs, flash drives, portable music players, cell phones, pagers, beepers, and videotapes.

[The 3rd Nipple]

Invasive is right! It's not like what is contained within a drive of an electronic device poses an immediate threat of harm to people at that location or in the country. Just another way of Uncle Sam taking our freedoms away. That's all it is.

[Lerianis]

You are quite right that it isn't like anything on a drive would be of use to the police to prevent imminent or immediate harm to people.

[ikramerica--2008]

While I find it excessive, it is clearly legal under the "border search doctrine" as it would be in any other nation under the sun. Congress can change the law and limit access, but until that time...
Taking things in and out of countries has always been a hairy game. The advent of technology that helps hide your 'stuff' doesn't provide you with new rights that weren't there before. Before computers, the border agents could detain you and inspect every piece of paper you were carrying. This is no different, just now it's electronic.
You want complete immunity? Try a diplomatic pouch. Make nice with the embassy of your choice, and you are good to go.

[imthefrizzlefry]

My biggest problem is that they can take a $1000+ piece of equipment from you for an indefinite amount of time, and then copy sensitive information off of that device.

I believe your comparison is incorrect because they are not limited to only inspecting the contents of your computer in or at least near you. They can tell you to move along while they ship your computer to some other organization to decrypt files and potentially copy that data without your knowledge or permission.

Although I admit it is an extreme case, it is possible that a government employees may decide that I have something they want on my computer. Potentially they may steal patent or copyright information.

[declan00]

Saying "it is clearly legal" overstates the case a little. We have an appeals court decision on point, but that dealt with inspecting, not taking the physical hardware, holding it for an indefinite time, copying it, waiting, and perhaps eventually returning it. There is a difference.

[Get_Bent]

Apparently, no one at the Department of Homeland Security can read, or they conveniently ignore the foundation of U.S. law:

United States Constitution, Bill of Rights, Fourth Amendment:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Don't give me any of that "searched at the border" crap. If I am on U.S. soil when the search is requested, then U.S. law is in full force. This is yet another example of the Bush administration trampling on the rights of U.S. citizens.

[Xtoo]

Since when our government has followed any policy? Let alone the constitution? Our Bill of Rights, complete Constitution and First Amendment died with the very same people who signed it. After that is all up for twists and twicks.

[Renegade Knight]

They should make government officials swear to uphold the constituion just like the military

[The_Decider]

"They should make government officials swear to uphold the constituion just like the military"

They do

[btdonovan]

Until you've cleared customs you're not on US soil. The area of the international terminal between the gate where you leave the aircraft and the gate where the customs agent stamps your passport is technically up for grabs. I hearby claim it and establish the sovereign nation of Customania. First order of business: Restore the fair use portion of of copyright law. Media shifting is allowed. According to Customanian law when you bought that DVD you bought a irrevocable license to the contents of that DVD and you can store said contents on whatever medium you so choose. Same goes for music and video games. All child pornographers will save us all a lot of trouble and shoot themselves in the head so we don't have to waste a lot of time trying to prove that they are child pornographers by searching everyones laptops. k thnx bye.

[ewelch]

Never did Sen. Huey Long hit the nail on the head better than when he said: "When fascism comes to America, it will be wrapped in an American flag."

[Lerianis]

No, when fascism comes to America, it will be wrapped in the unjust fear of 'child pornography' and pedosexuals like myself, who are no better nor any worse than anyone else, even taking into account our sexual proclivities.
We really need the American public to GET SMART and realize that if you legalize pedosexuality and child pornography, and make the latter into a government regulated business, you will be making children safer by not having pedosexuals have to rape/murder children in order to satisfy their sexual desires.

[waldolc]

All in the name of National Security, eh? Why should I be prosecuted for the books that I read? Or the music that I listen to? Or the pictures and artwork that I look at? Or the movies and television that I view? I have nothing that most people want, don't do anything construed as illicit or illegal and yet, by merely using a computer I may be inadvertently doing something that violates some law enacted to protect ME.

When the heck will our government become "by the people: for the people", or have we gone too far? Before September 11th 2001, I was skeptical about the way our Country was being manipulated. Afterwards, I can only describe my feeling as nauseous. What future DO we have if not the one described to us in the movie wall*e?

[sbwinn]

I can't for the life of me figure out why anyone would need to physically move these evil electronic files to get them into the US. How many unpatched PCs do we have here that are begging to be appropriated for some malicious FTP? Or Zip 'em up and e-mail them to yourself at Yahoo, Gmail, or anywhere else. Ta Da!

And now that they can keep your laptop indefinitely with little or no reason, do you think they are more or less likely to hand it back to you if they find out your hard drive is encrypted? My advice is don't use words like Bomb, Assassination, or Jihad in file or directory names and you'll probably be just fine.

As for the felonious shared files, a whole drive full of ripped commercial DVDs may be a bit hard to explain.

[imthefrizzlefry]

Even in the case of a drive filled of ripped commercial DVDs, it is supposed to be the copyright holder's responsibility to enforce the copyright. Police are not supposed to go out looking for copyright infringement, that is the responsibility of the copyright holder.

Although I thought copyrights went too far when they started covering non-commercial use, but at the same time I guess prior to P2P non-commercial distribution required a friend physically handing you a DVD for you to copy.

[The_Decider]

Since the only way to bring in digital documents over the border is by walking it in makes this policy valid....

Sadly, the only way to get this totalitarian BS stopped will likely require a revolution.

On another note I would love to see some clueless border agent prove that the music on my laptop or iPod was "illegally downloaded". They would have a hell of a time proving it was downloaded, much less done so illegally.

[Dalkorian]

"On another note I would love to see some clueless border agent prove that the music on my laptop or iPod was "illegally downloaded". They would have a hell of a time proving it was downloaded, much less done so illegally."

Uh, in this new repuke world order, I wouldn't desire to see that at all, for either you or me.

"Sir, was all this music legally purchased?"

"Yes, of course it was."

"Prove it."

"Excuse me?"

"Sir, are you resisting the TSA? That device will have to be retained until we can determine if it's a threat to the United States of Amerikka or not. GUARDS!!"

[sanenazok]

I agree that this is invasive, but it should be possible unless outlawed by Congress. Search and seizure law is based on expectations of privacy and no country on Earth as far as I know provides for "privacy" at border crossings. It's a necessary evil to have your bags checked and in today's information driven world it means having your digital briefcase checked as well.

Just because DHS says it has a right to do this, it doesn't mean that it will pick out people at random. I think they had cause to interview Mr. Romm (on whose computer child porno was found and who sued claiming the search was illegal) who was bounced back from Canada. I'm for prosecuting people for serious crimes detected at border crossings, including child pornography. It would be different if the policy was being applied against IP violations...

[Dalkorian]

I guess the only way to ensure your laptop makes it safely across customs with you is to plaster it's case with American Flag and pro-repuke stickers, right?

It's sickening how quickly we're falling down the path that failed nazi germany.

[mikeburek]

Hey, could you loan me a laptop for the next 8 months while mine is being searched at DHS?

[Lerianis]

Better yet, simply legalize and REGULATE child pornography like adult pornography. Let's face facts here people: making love with a child does NOT harm them at all, coming from my own experiences as a child having sex with adults and teenagers.
The ONLY thing it does is make it so that those children have a more lax view of human sexual 'morality' and some people later in life try to guilt them into thinking that what they did with adults as children was 'wrong' (and which I say we should EXECUTE those people for!) and create the problems that they then try to blame on the sexual relationships themselves.

[n3td3v]

Ruining their own country and freedom of its citizens because of an artificial threat that they created through their false flag attack against the world trade center, building 7 and the pentagon, and then the anthrax delivered to congress.

[Lerianis]

I'm pretty sure as well that if Bush and his cronies didn't PLAN the 9/11 attacks, that they allowed it to happen.
This is another time when they are making people 'fearful' of another group of people in order to make the first group give up their rights so they can harass/find the second 'easier'..... though it really WON'T be any easier.

[twstedmonkey]

"Preventing customs agents from searching laptops 'would open a vulnerability in our border by providing criminals and terrorists with a means to smuggle child pornography or other dangerous and illegal computer files into the country,' Cunningham said."

So, the standard method of getting dangerous or illegal files into the country is to physically carry them across the border? Maybe these criminals should come up with a different method...like a series of virtual "tubes" that can magically transfer files from one computer to another without wires or cables. Ahh, science fiction.

[Dalkorian]

lol - thanks. I started taking this to seriously and I needed a good laugh. Yeah, we're safer now!

[pgp_protector]

Having Movies is legal, I transfer my DVD's do my Laptop for watching all the time.
As for "Bad" / "Illegal" files. If I wanted to transfer them, I'd just encrypt them, and e-mail the zipped files.

[doconn7]

Invasive is not even close, this should be categorized as illegal and voyeuristic! No seized information from citizens will ever be used to help security. The criminals will just send it on the net. Only the honest hard working citizens will be hurt. This is an out rage and should be dealt with immediately! Fear mongering voyeuristic criminals is all these DHS people are!

[Lerianis]

You hit the nail on the head. The fact is that our world would be MUCH safer if we would stop trying to marginalize pedosexuals like myself, bring pedosexuality out into the open, tell parents that they had better damn well do their jobs and watch their children to make sure that adults, teenagers, other children, etc. are not forcing them into sexual situations, and arresting those parents if their children are sexually assaulted by someone who they leave their children with.
The facts are that it is FREAKING easy to tell if someone is a pedosexual: everyone knows that I am one before I even introduce myself to them, and once they get to know me...... WOW! Most of them like me and have no problems leaving their children alone with me because I do adhere to SOME morality (though not the same morality as 'society').

[eldon21]

Whatever happened to probable cause? Oh, wait, this is DHS and they used the word "terrorist". Nevermind.

Geesh.

[declan00]

In the 1990s, there were three passphrases to the U.S. Constitution and Bill of Rights that had to be repeated together in unison to bypass civil liberties: drug smuggling, money laundering, and child pornography. See FBI Director Louis Freeh's testimony to Congress asking for a ban on encryption products without backdoors for government eavesdropping.

Now the U.S. government has become more efficient. The consolidation of the security apparatus under the Department of Homeland Security has resulted in greater cost-savings on the part of federal agencies in their efforts to bypass civil liberties. The new passphrase is simply: "terrorism."

[pgelawis]

What I have a problem with is the author of this article encouraging you to encrypt your hard drive! That would certainly give DHS an excuse to hold on to your laptop! It shows you've got something to hide! Hello! If you've got nothing to hide that why worry? Afradi of some accountability?

[declan00]

I'm the author of the article; I'm not forcing you at gunpoint to encrypt anything. It's your choice. All I can do is make a recommendation.

You may think you've nothing on your hard drive that police wouldn't be interested in, and perhaps you're right. But given sufficient data and time, and given the state of the law today, police and prosecutors can frequently find that even the most outwardly law-abiding citizens are guilty of some crime or another. Check out Harvey Silverglate's forthcoming book on this subject.

[imthefrizzlefry]

It is just an unnecessary risk that I need to take for absolutely no increase in protection.

My concern is that data that I am using to file a copyright, or patent could be present on my computer, and after my computer is seized that one in a million employee who sees a free meal ticket could have a chance to steal that data and beat me to the paperwork. It's a fringe case, but it is close enough to the way that Apple and Microsoft got started to make me worry. If I want to sell information to a corporation with an over-seas headquarters, the easiest and safest way to get the data there is to carry it. If I make it available over the internet then I need to go through the hassle of making sure all of the software I am using is completely secure, or password data could even be stored in the computer that identifies both where the data is and what credentials are needed to access it.

If the airlines want to freak out about anyone taking some sort of sharp metal object then ok, but when you mess with my data I take it very personally.

[fdunn3]

I am an Analyst at a University Medical School, ALL of our laptops are mandated full disk encryption so that we don't inadvertantly (through theft) release Patient Health Information (PHI) as mandated by HIPAA.
Our research Doc's go to conferences and work collaboratively with other researches outside the U.S..
I agree with you that if a laptop came through with a full disk encryption then the likelihood of that laptop being seized through this ridiculous program is very high.

But more and more Universities and corporate data is being encrypted through government mandates (HIPAA, Sarbanes Oxley, FERPA, and on and on).

I still think probable cause should be the rule but the U.S. has become a type of Government that we used to shun as it is so close to what Russia and the old Soviet Union had. Rendition, a President that refuses subpoenas from Congress, Agencies that can violate every aspect of the constitution at will.

What have we let happen?

[Marc Myers]

I have a lot of personnel correspondence on my laptop that's no one else's business. I also have proprietary information about projects in development that could ruin my company if competitors got hold of it. I already keep the project reports encrypted for that reason. I do have something to hide. Don't we all? Our private "papers" (as they're called in the Fourth Amendment) should be allowed to remain private.

[Dalkorian]

Fourth Amendment Marc? What's that, care to enlighten us? Isn't that just some piece of annoying paper, or was that toilet paper?

What my government has become over the last decade sickens me to no end.

[mikeburek]

Hey, here's a guy without encryption on his computer. He must be using some type of transparent encryption where the data is really stored hidden in the pictures of his kids. His "ordinary Joe" look must be cleverly crafted. Let's keep his stuff until he can prove that he was really the 2nd gunman on the Grassy Knoll.

[rcfa]

The reasoning that encrypted files show that you have something to hide is false.

Anyone who's just a tiny bit aware of computer security and cryptography knows that you should ROUTINELY encrypted just about EVERYTHING, exactly such that the volume of encrypted information will overwhelm any entity trying to find potentially private information, and also such as to make sure that the presence of encrypted information does not in itself give any information.

If you only encrypt that which is secret, then encrypted information will show that something worth protecting is present. If you encrypt everything out of principle, then the presence of encrypted information will not provide any clue as to whether or not what is on your computer contains secrets.

It is therefore imperative that preferrably ALL e-mails are encypted (S/MIME or openPGP), and that whole-disk encryption be used on all portable computers.

I can only reiterate the recommendation of the article's author: the more people routinely encrypt their drives properly, the less information can be learned from such seizures and the more the so-called authorities will be trying to decipher information on the devices.

Given the political climate, where we have replaced the red scare with the terrorist scare and where no politician dares to vote for/against anything that would make him look "soft on terrorists", we can't expect these laws to change any time soon.

What we can do, is subvert them by encypting even the most trivial pieces of information and causing the resulting searches and seizures to be essentially worthless.

Now, who knows an insurance company that will pay for a new laptop while yours is being "indefinitely" held by the feds?

[jasamaha]

yes i have many exploding programs on my laptop!?...

[rcfa]

I mean, we're all terrorists:
programs crash, systems panic, we kill processes, we squash bugs, swap files blow up, we run slave processes and torture tests, etc.

Obviously laptops are WMDs...

[cifs]

I develop software and have my own copyrighten (sp? copywritten) software, also I deal in medical records and I must have some of the data encrypted. The last time I crossed the border, I stored all the important information in encrypted DVDs in my checked baggage and mostly wipped my PC.

[mpitogo]

Dang....

Encrypt your physical drive which runs a virtual machine guest who's drive is also encrypted and store your data in an encrypted disk in the virtual guest machine and use multiple keys. Is that what we have to resort to keep our bits private?

[common_mann]

I see this as a feature. Finally, the airport is adding free curbside electronic recycling. Make sure you wipe the harddrive clean first.

[thedreaming]

Dear Homeland Security,

What is to stop a real terrorist from having two laptops on either side of the border and all their data is simply kept in "The cloud"?

[declan00]

Dear thedreaming,

Why do you think real terrorists would be smart enough to think of such a novel solution?

[Lerianis]

Because terrorists are not as dumb as people apparently believe they are, declan00. Frankly, most terrorists are geniuses who have gotten tired with their lives on this planet, and therefore want to end their lives because they, while being smart, have been raised to think that there is some imaginary 'god' who is going to reward them for killing other people in a 'jihad'.

[Dalkorian]

Lerianis, I fear you missed the sarcasm in Declan's answer. Basically, this DFS (Department of Fatherland Stupidity) bull isn't making anyone ACTUALLY safer, but it looks good during an election year to the sheeple who know nothing. Hell, the terrorists will just set up an old discarded P1 box as a server in their caves, powered by a camel on a treadmill, and connect to that remotely when they get here. Only honest citizens will be "inconvenienced" by this.

[itsaspork]

A terrorist or tactical information won't be found this way - they'll use other means to transfer it. This is similar to the ID protocol the govt. is trying to force on us in the name of security. The terror planners deploy nobodies with clean IDs, like the bunch who destroyed the WTC. The "cherry" operatives can walk in with their actual ID no problemo, because it's not attached to a watch list or criminal record. These Homeland Security efforts are no help in fighting actual terror threats. You have to wonder about the government's motivation for these restrictions.