US Courts Consider Legality of Laptop Inspection 595
ceide2000 writes "The government contends that it is perfectly free to inspect every laptop that enters the country, whether or not there is anything suspicious about the computer or its owner. Rummaging through a computer's hard drive, the government says, is no different from looking through a suitcase. One federal appeals court has agreed, and a second seems ready to follow suit." This story follows up on a story about laptop confiscation at the borders from a few months ago.
Luckily (Score:2, Informative)
Re:Suitcase opening... HAH! (Score:5, Informative)
Re:By that logic... (Score:3, Informative)
Re:Suitcase opening... HAH! (Score:5, Informative)
Re:But (Score:5, Informative)
So, if we actually followed the Bill of Rights, no one should be compelled to give that information, regardless of where they come from.
Re:No you have a choice. (Score:5, Informative)
It's called TrueCrypt [truecrypt.org] and is available for Windows, Linux and to some degree for OS X.
* Creates a virtual encrypted disk within a file and mounts it as a real disk.
* Encrypts an entire hard disk partition or a storage device such as USB flash drive.
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
1) Hidden volume (steganography - more information may be found here).
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
* Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: LRW.
Further information regarding features of the software may be found in the documentation.
The 4th does not apply to border searches (Score:5, Informative)
The 4th amendment only covers "unreasonable" search and seizure. Border searches are considered reasonable, and therefore require no warrant. This was formally codified by the 1st Congress (thank you Findlaw), who could be assumed to know the intentions of the founding fathers. More intrusive operations over and above a cursory search (such as X-Rays, or I supposed computer checks) only require "reasonable suspicion", as opposed to the more strict "probable cause".
The current version of the law states:
19 USC 1581:
(a) Customs officers
Any officer of the customs may at any time go on board of any vessel
or vehicle at any place in the United States or within the customs
waters or, as he may be authorized, within a customs-enforcement area
established under the Anti-Smuggling Act [19 U.S.C. 1701 et seq.], or at
any other authorized place, without as well as within his district, and
examine the manifest and other documents and papers and examine,
inspect, and search the vessel or vehicle and every part thereof and any
person, trunk, package, or cargo on board, and to this end may hail and
stop such vessel or vehicle, and use all necessary force to compel
compliance.
I would think a search of the hard drive falls well within a "package".
SirWired
Re:next will be... (Score:3, Informative)
Are you kidding? There is no fundamental law which protects the stuff you mention. Instead there is a patchwork of laws like HIPAA, ECPA, Fair Credit Reporting etc that protect against various egregious abuses, but many if not most of these laws have massive loopholes. For example, the Government is forbidden to take its records and create dossiers on random citizens, but it can buy that same information from vendors on the open market.
And most of these laws have explicit exceptions of law enforcement and intelligence activities.
There is no fundamental right to privacy recognized in US law, especially if you are a strict constructionist. The only protection for individual privacy in the US is political; if people get mad enough, then Congress will places the biggest patch on the problem that they can get past the lobbyists.
Re:Just create a dummy account? (Score:1, Informative)
Re:Suitcase opening... HAH! (Score:5, Informative)
Re:next will be... (Score:3, Informative)
Re:next will be... (Score:3, Informative)
Re:No you have a choice. (Score:3, Informative)
I think you missed the point... TrueCrypt allows you to hide an encrypted volume in the same filespace as another innocuous encrypted volume. TrueCrypt can also run as a portable app... no registry entries etc; you can run the entire thing off of a USB drive or SD card. Of course, there will still be visible data in the OS's pagefiles....
The other trick TrueCrypt uses is that it doesn't leave recognizable headers, so you could have 10 truecrypt files with innocuous names hidden within other files, and unless you know they're there, there is no way to identify them. Use a standard TrueCrypt archive and the TrueCrypt software to store your home computer inventory or something similar, and you can show this to anyone who wonders why you've got an encrypted partition on your drive/USB drive.
Of course, as I mentioned elsewhere, the best way to go about this is to have a multilayer truecrypt drive file named DSCINDEX.TOC and store it on the SD card you keep in your digital camera. Such files are generally treated as junk files, and an examination of the file would make it look like junk... unless you tried to mount it with TrueCrypt after mounting the card on your computer desktop.
Probably easier just to use TrueCrypt to encrypt your laptop drive at the drive level though, and have two passwords to reveal two different sets of data. That way your pagefile will be encrypted too, and the only way to analyze the sensitive data would be to read the RAM chips with a special device. Of course, an examiner could still accidentally erase your real data while examining the device, which would be a shame.
Re:No you have a choice. (Score:2, Informative)
Re:Huh? (Score:1, Informative)
http://en.wikipedia.org/wiki/Checkpoint_Charlie#Clay_responds [wikipedia.org]
Re:SmartCard (Score:3, Informative)
Chris Mattern
Re:The 4th does not apply to border searches (Score:2, Informative)
Re:But (Score:3, Informative)
So, you can refuse a search, but then again, they can refuse to let you into their country. The control is left to you and them (mostly them).
So, remember, whilst in an international terminal, whether airport or border crossing, you are in a place where only international law applies until that country says you are in their country. Until they say you are in their country, they have every right to search anything you bring with you, and every right to confiscate anything deemed as contraband, every right to send you back where you came from, and every right to use anything they found as evidence against you according to their country's laws after they say you are "in their country".
Re:Ridiculous (Score:3, Informative)
No, they are pretty much just looking for naughty pix of little kids - that's it. And much as someone might find that offensive, sorry it just aint "dangerous."
Another thing it ain't is "gonna accomplish much of anything."
Anyone who really thinks some bored customs/security folks are going to be able to competently identify the contents of, say, a 500GB drive with two hundred thousand files on it is smoking something. What're they going to do? Haul the laptops off someplace and spend an afternoon checking every directory and making sure the files are really what they're named? People like the one in TFA aside, they're not likely to find much doing this unless they're willing to take their sweet time holding someone while they fine-tooth-comb their computer to do so. For anything resembling a reasonable-length search at customs, any contraband's either going to be glaringly obvious to a non-expert who's going through the motions, or it won't show up at all.
As one of the comments in the article says, this is just more fishing in the dark, like no-fly-lists or people demanding I explain why I'm wearing boots every time I fly in the winter.
Re:Ridiculous (Score:3, Informative)