EFF To Fight Border Agent Laptop Searches

snydeq writes "The EFF and the Association of Corporate Travel Executives have filed an amicus brief with the 9th Circuit Court of Appeals requesting that the full court rehear and reverse a three-judge ruling (PDF) that empowers border agents routinely to search files on laptops and mobile devices. The case in question involves US citizen Michael Arnold, who, returning from the Philippines in July 2005, had his laptop confiscated at LAX by custom officials after they opened files in folders marked 'Kodak Pictures' and 'Kodak Memories' and found photos of two naked women. Later, when Arnold was detained, officials uncovered photo files on Arnold's laptop that they believed to be child pornography. In addition to raising Fourth Amendment issues, the amicus brief (PDF) reiterates the previous District Court ruling on Arnold's case regarding the difference between computers and gas tanks, suitcases, and other closed containers, 'because laptops routinely contain vast amounts of the most personal information about people's lives — not to mention privileged legal communications, reporters' notes from confidential sources, trade secrets, and other privileged information.'"

Seizure the real problem

[jrumney]

I don't see the search itself as being as much of a problem as his laptop being seized because of two (presumably legal, as the article says women, and the alleged children came later) porn images.

Re:Seizure the real problem

[Yvanhoe]

It is assuming that an information can be of danger to the state. That and the fact that they won't disclose to you what they are searching for. Maybe this guy don't want the police to know that he has two naked pictures on his laptop, maybe (who knows ?) one of this women is one of the agent's daughter. Maybe the other agent is an ultra-catholic who will just use his (PATRIOT-act given) powers to harass this guy because of pictures he finds immoral ?

In a perfect world, search wouldn't be a problem. Privacy rights exist because police agents, custom agents, administrative officials are all fallible humans that are allowed to have weird opinions, small IQ, various beliefs and can usually be bribed.

Re:Seizure the real problem

[goaliemn]

This has nothing to do with the Patriot act.. they've always had this power at the border. Courts, for decades, if not over 100 years, have always ruled you have limited/almost no rights at the border. US citizen or not..

Customs has the right to look for anything that could be against US Law, as well as looking for imports to collect duty and taxes on. They always have. Its just now, people are carrying more with them and on their laptops than before.

Do the limits need to be updated? Maybe somewhat, but I'd still want customs to have the authority/ability to do their job.

Re:Seizure the real problem

[Yvanhoe]

What is their job again ? To check that goods entering are legit and that people entering are legit. Information that you have to CARRY are not trade goods but private data that you can't easily prevent carrying. They may revel some past criminal activity from their owner but determining this is the role of a court, not a custom authority. A custom only has to stop known criminals.

And if you want, I can elaborate on why separating judgment and enforcement of a judgment are activities that must be carried by different organizations.

Re:Seizure the real problem

[d3ac0n]

. I'm seriously starting to wonder if all those calls for a tighter border and a giant wall between us and Mexico isn't to keep us in as much as to keep them out.But that is my 02c,YMMV

Please don't try and conflate the issues of Illegal Search and Seizure with border security.

I find this entire situation vile. While it's disgusting that this guy had kiddie porn on his laptop, it is NOT the business of customs to be searching through this guy's personal info on a fishing trip for possibly illegal stuff. That's Totalitarian behavior.

Incidentally, I put many of these types of incidents at the feet of a unionized and unaccountable customs bureaucracy. Why the heck do we respond to the issue of Islamofascist terrorism with a bureaucratic nightmare organization that blanket targets everyone with no due process? It's moronic, ineffective and self-defeating.

However, properly securing our borders against infiltration by both Illegal Aliens and Foreign Agents is an integral part of National Defense. Not to mention that it spares the border environment the horrific amounts of garbage Illegals have been leaving in our delicate sub-desert ecosystems.

I'm all for making easier to legally emigrate to America. Less red tape and paperwork is always good. I think America should rightly welcome all who wish to come here and participate in Freedom and Free Enterprise by working hard (or smart) and earning their way to a comfortable and happy life for them and theirs. However, I am NOT interested in paying for those who would come here ILLEGALLY, flaunt our laws, commit all sorts of crimes, and try and use our social welfare systems as a hammock while they send cash back home. Sorry, America isn't your sugar daddy.

So you see, even a died-in-the-wool Conservative like me can see that these are two separate issues, and it is possible to support them both without being either a pedophile or a racist.

Re:

[sam0vi]

i will say this for the very last time: TrueCrypt hidden volumes. and you will be done with the problem. period.

Re:Seizure the real problem

[Falstius]

Privacy is not a right the limited to the technical elite. The proverbial 'grandma' should be able to expect crossing the border to "just work" without having to set up full disk encryption (which if discovered they would detain you for until you unlock it, so you need to know how to hide it and then make a second dummy installation for them to discover and this really all sounds like a bunch of bullshit to go through when you think about it). The solution is to demand our individual rights, not to hide behind technological barriers.

Re:

[mrchaotica]

Actually, privacy at the border is limited to diplomats. Everybody else doesn't have any.

QUOTE the part of the Constitution where it says the Fourth Amendment ends at the border, or SHUT THE FUCK UP!

Re:Except....

[element-o.p.]

Actually, privacy at the border is limited to diplomats. Everybody else doesn't have any.

Huh. I don't remember reading that in the Constitution. Guess I just missed it, then.

 

Don't cross the border with things you don't want customs agents to find. That goes for...trade secrets...on a laptop.

So if you are a businessperson, traveling for business purposes, you shouldn't be able to take information across the border that will clench the deal? Or maybe, once you arrive at your destination, you should hook up to your hotel's ultra-secure public internet connection and download the gigs of data at the cheapest fricking broadband speed the hotel could buy from the local ISP -- which, incidentally, is shared among all 200 guests in the hotel. And God forbid that the hotel's internet connection should be down when you arrive. I'm sure your business rival would be more than happy to give you a second chance to make your sales pitch to the prospective client before they make their sales pitch. </sarc>

Nack. The Bill of Rights gives us freedom from search and seizure without due process of law. If agents of the government have no reason to suspect I have committed a crime -- and by definition, crossing the border in compliance with the laws of the countries involved cannot possibly be interpreted as "committing a crime" -- then by a strict interpretation of the Bill of Rights, they have no probable cause to search my laptop at the border. All of this bunk about how the Constitution doesn't apply at the border is just that -- bunk.

Re:Except....

[Damvan]

As a person who once made the mistake of trying to drive a Volkswagen Bus from Canada to the US, as a US citizen, no, the Constitution does not apply at the border.

My vehicle, without any just cause, no drug dog etc, was completely taken apart and destroyed by Customs officials, and I had no recourse. This was in 1989. They cut up and removed the seats, dash, headliner, carpet. They drilled a hole in the gas tank and drained it. They removed all 4 wheels and the tires from the wheels. They took all my luggage and dumped it out on the ground. Then, when they didn't find anything, told me I had 30 minutes to remove everything from their parking lot or it would be confiscated and destroyed. 30 minutes to remove a vehicle with no gas and a hole in the gas tank, no seats and no wheels. I basically packed up my suitcases and bags, grabbing as much as I could carry, and left the vehicle behind. Walked across the border, hitched a ride into town, and took the Greyhound home. Never did find out what they did with my Bus.

While they were tearing apart my vehicle, any protest I made was greated with the usual "You are interferring with Customs Officials, if you continue, you will be arrested."

Re:Seizure the real problem

[palegray.net]

No, you won't be done with this problem at all. You're still complicit in the stomping of the privacy rights of U.S. citizens. It will get worse, I assure you.

I'm not saying encryption is a bad practice (hell, my workstation's partititions are *all* encrypted). I'm simply saying that finding a way around the system isn't a suitable replacement for long term efforts to fight it.

Re:Seizure the real problem

[zwei2stein]

Sir, can you explain us why you have 2/3rd of your drive encrypted?

Can you give us key to take a look?

No? Too bad. Let us persecute you a bit.

Sorry, but encryption is NOT an option.

Being smartass wont help you either. Disk failure tale is not gonna hold water and missing substantial disk space is highly suspicious.

Re:

[zapakh]

Being smartass wont help you either. Disk failure tale is not gonna hold water and missing substantial disk space is highly suspicious.

http://www.truecrypt.org/hiddenvolume.php [truecrypt.org]

The existence of a hidden volume does not reduce the free space available to the standard volume.

Just don't try to write anything to the standard volume when you haven't also mounted the hidden volume, or bye-bye data.

Perhaps they could do some checksumming and Reed-Solomon magic on the hidden volume to detect and recover data errors the next time you do mount it; but I haven't read about anything like that.

Re:

[Orange Crush]

Grub on a one-second dual boot will do the trick too. Of course, the best way to protect privacy overseas is to wipe the drive before you leave, and download what you need when you get there. They can't rummage through data that isn't there.

Re:Seizure the real problem

[Anonymous Coward]

In a perfect world, search wouldn't be a problem. Privacy rights exist because police agents, custom agents, administrative officials are all fallible humans that are allowed to have weird opinions, small IQ, various beliefs and can usually be bribed.

I agree with you in principle, but I would argue that any "rights" exist on a much stronger basis than "to protect us."

A right is a fundamental, inherent to the existence of a human being. You have the RIGHT to live, not to protect you from someone taking that right away form you, but because here you are.

Privacy PROTECTIONS exists because any and all people in a position of power have opportunity to abuse their authority for personal gain, thus violating your RIGHT to privacy.

You could as well say the Constitution grants you rights. This isn't true at all. There are no Constitutionally granted rights, only Constitutionally protected ones.

I know this sounds like quibbling over semantics, but I think there's an important fundamental distinction here.

Now I'll climb off my soapbox.

Re:Seizure the real problem

[palegray.net]

Outstanding points. Unfortunately, our children are routinely taught in grade school that rights are somthing *given* to us by goverment officials. Even the average teenager (at least many I've spoken to) seem to think it's well within the government's power to take away your rights whenever it's "justified." They also seem to run with the general opinion that bad things won't happen to them; things like illegal searches only happen to "real criminals." Scary stuff.

Re:

[networkconsultant]

Simply use a USB Hard Drive and Ship it to your destination or use the following line: The National Secrets act prevents me from displaying the contents of my USB encrypted hard drive to Border officials due to your lack in clearance, Are you Secret or Higher? (Unless the border officall is Cleared to the Highest level which is unresaonable, they would not legally check your portable hard-drive without incidient) if they ask what you are doing with "Sensitive" information, you tell them that your clients

Re:Seizure the real problem

[interstellar_donkey]

That's really dangerous thinking, along the lines of "You have nothing to worry about if you have nothing to hide, so random and indiscriminate searches are okay".

There's a reason why we have privacy laws. The border agents here have really overstepped their bounds.

Re:

[rtb61]

Of course searching at the 'border' is nonsense. You are either outside of the country and not subject to searches by that country or inside the country and fully protected by all your rights as a citizen and the constitution. The lie that somehow the border has width is just that a lie, which abusers of power seek to masquerade their illegal searches as legal.

The confiscation of legally owned assets, based upon the assumption of guilt rather that the legally defined right of innocence is also a criminal

Re:Seizure the real problem

[Patrick Bowman]

Two important issues: 1. There is nothing illegal about pornography in general. It doesn't matter whether he had two or two million pix of naked women. Their discovery is as irrelevant as wedding photos. 2. Nowadays there are so many ways to carry files around - SD chips, CDs/DVDs, on your iPod, on an encrypted HD partition, not to mention just downloading them later - that this sort of search is largely pointless. Any serious importer of child pornography wouldn't even be inconvenienced by them. This is not to downplay the legitimacy of the child porn issue - but measures like this waste time and effort that could have been used elsewhere. In Bruce Schneier's phrase, security theater.

Re:Seizure the real problem

[palegray.net]

Hiding and encrypting your data is a good idea in general, even when not crossing the border. Here's the problem, though... how long until the mere presence of any encryption software whatsoever is taken as open permission to confiscate your gear until you feel like giving them the passphases they want? Who says you'll ever get it back at all, or won't wind up on a watch list? Aggresive legal measures need to be taken now to stop this crap.

To me, the most idiotic part is the fact that anyone sufficiently sophisticated to harbor a lot of illegal information, or information deemed dangerous to national security, would most likely be smart enough to send it over the net to its intended destination via an encrypted link. Oh, wait... does that mean the government will start considering data streams entering our country as liable to unquestioned search? Think about it.

Bad Case

[Nerdfest]

While I agree with the privacy infringements, I really wish it wasn't someone suspected on child porn complaining about it. It certainly won't garner much support from the general public, informed or not.

Re:Bad Case

[ArsenneLupin]

What it really takes to get this child porn nonsense to stop is that finally somebody important (CEO of large company, politician of major party) will be framed with some.

Until then, you can't even discuss the issue without being suspected of being a perv.

Re:Bad Case

[Speare]

What it really takes to get this child porn nonsense to stop is that finally somebody important (CEO of large company, politician of major party) will be framed with some.

If kiddo pix were found on one major political figure's desktop, that figure would be sent to jail and everyone would just shrug. Think of all the recent "family values" politicos who are simply erased with a shrug or lambasted for hypocrisy. Some of them may be innocent for all we know, but we're so jaded that hypocrisy is easier to explain than a frame-up.

Your plan would only work if the ones who framed a politician then came clean immediately afterward with PROOF of HOW they framed them, and more convincingly, framing two opposing figures at roughly the same time with different methods. At that point, when proving it was false to begin with, hit hard on the "if you've got nothing to hide" nonsense. Of course, if you plan to do such a campaign, you had better be able to remain firmly unfindable. Or you will be found hanging in your garden shed with a very convincing suicide note.

Re:Bad Case

[masdog]

What it will take to get this stopped is an innocent father or mother who is detained because they have a picture of their baby's first bath on the computer.

What's absurd these days is that parents are being investigated as child pornographers for baby bath pictures.

Re:Bad Case

[DrLang21]

Considering that two underage teens were prosecuted for statutory rape for having sex with eachother, I don't think that is enough to get it to stop.

Re:

[mazarin5]

It's happened already. (I don't know if this is the specific case I'm thinking of, but this article [salon.com] is related.)

Re:Bad Case

[Doctor_Jest]

Well true, but two naked photos of grown women (I assume that's what the initial search uncovered) do not constitute "probable cause" to search for kiddie porn.

It's a fluke, from what I've understood of this case so far, that they uncovered child porn in the first place. The problem I have is that the "search" of the laptop initially produced something unrelated to a search for kiddie porn. Nudity != perverse pictures of children.

Even though this particular case shows a "positive" from the investigation, we need people to realize that in our system of justice and freedom the ends do not justify the means. We have protections and guaranteed rights (not granted ones) because we are protecting people from the system's possible abuses. We grant them power but never in exchange for our rights and freedoms. That is a common misconception of the "great unwashed" and it's up to us (and the EFF is helping) to educate people.

We need to focus away from the actual child porn found and focus on how they got to that... If we don't, the end result will become the justification, and like The Patriot Act, we'll be stuck with something that endangers us all.

Re:Bad Case

[elp]

Thats why child porn is so great for false accusations. You accuse someone of it and its almost impossible to prove your innocence. If you are feeling brave or you live in a slightly more chilled country search P2P for the R Kelly child porn video. She doesn't look or act even slightly underage but to anyone who hasn't seen it R Kelly is instantly an evil child molester and pornographer.

Re:

[Vr6dub]

I saw it years ago and I agree that she didn't "act" like a child. The fact is though, he knew she was fourteen. So yes, she was a child. Call it what you want. Oh, and he pissed on her. So what we have is a grown man peeing on a fourteen year old girl.

Re:

[gyranthir]

Public support or not, protection of privacy and protection from illegal seizure are protected rights.

It's a sick sad world we live in and even if this guy was caught with whatever illegal stuff, if it was uncovered illegally he cannot be tried for it. (whatever he had probably wasn't illegal, just the media spinning it whatever way they want to sensationalize the story)

Lock stock and barrel searchs of someones laptop or other electronic device based on that it "could contain" illegal materials, is ab

Re:Bad Case

[Harin_Teb]

There is not now, nor has there ever been a right to privacy at border crossings... unwarranted searches at border crossings is standard practice, and has been for a while, and has been upheld as being constitutional. Now the seizure resulting from the described image may or may not have been legal, we don't know enough facts to determine if the standard was met.

I for one agree with the governments analogy of computers to papers. If you want to encrypt your handwritten papers that would be fine, likewise if you encrypt your data it is fine, but the government still gets to look at it when you enter the country (Note that does not mean you are bound to give them the decryption key).

Re:

[mrchaotica]

There is not now, nor has there ever been a right to privacy at border crossings... unwarranted searches at border crossings is standard practice, and has been for a while, and has been upheld as being constitutional.

And that's complete and utter bullshit, and always has been!

The Fourth Amendment:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, suppo

Re:

[mrchaotica]

While I agree with the privacy infringements, I really wish it wasn't someone suspected on child porn complaining about it. It certainly won't garner much support from the general public, informed or not.

And that's exactly why they accused him of having child porn instead of something else!

Strong encryption for personal data

[pegr]

Strong encryption is obviously the answer to keeping data safe from prying eyes. What I don't think is legal is the government keeping an image of the disk just for having passewd through customs with encrypted data.

Re:Strong encryption for personal data

[jeiler]

Strong encryption is an answer, not the answer. In this particular case, there should have been no need for any encryption: computer data should not be searchable without a warrant or probable cause. And no, "I need to see if you're carrying pictures of naked kids" is not probable cause without substantive evidence of wrongdoing.

Re:Strong encryption for personal data

[BobMcD]

...computer data should not be searchable without a warrant or probable cause...

I agree completely.

The traditional notions of privacy are no longer sufficient. We need a legal affirmation of privacy as a right here in America. It has thus far been assumed that one is entitled to privacy in your own home, as is reflected in the constitution, but our lives have extended WAY beyond that. In this age of instant global connections we need to attach privacy to the INDIVIDUAL - not merely that individual's home - and follow the notion through to every end of that individual's life.

Child pornography, though quite despicable, is NOT a border-control issue. I cannot imagine ANY kind of porn that would be such. In fact, I can't picture any kind of information that would fall under a border guard's purview at all. Think about it: If the same data could travel freely from state to state over the wire, what kind of restriction should one apply at the border?

No, there is no good reason for such a search, and it is only being allowed because our citizens have no right to privacy. If there were such a right, the need to respect it would greatly outweigh some bored TSA's curiosity.

Re:

[jeiler]

We need a legal affirmation of privacy as a right here in America.

Griswold v. Conneticut provides an explicit statement of the implicit right.

Child pornography, though quite despicable, is NOT a border-control issue.

Now, here I disagree ... sort of. Border patrol agents are law enforcement agents: if they have a court order, or a warrant, to search a particular person's laptop, they are then authorized to do so. However, I quite agree that laptop contents should not be searchable without court authority.

Re:

[BobMcD]

Griswold v. Conneticut provides an explicit statement of the implicit right.

Yes, sort of, for married couples as it relates to their sex lives. Again, though, the concept is attached to what was already deemed private. I'm getting at the sort of privacy one should reasonably be able to expect even when in public.

The right to keep your genitals covered is one example of this. The right to keep your laptop's content safe from prying eyes is, at least to me, similar. In either case the state may have a need that outweighs this right, either to enforce the law or uphold the common

Re:

[Inf0phreak]

There are lots of good reasons to encrypt the data on your laptop, but keeping it from the eyes of U.S. customs agents is not one of those reasons. Because that customs agent will say "assume the position and supply the password!" and if you refuse, he/she will just confiscate the laptop or deny you entry to the country (note: "logical or") - oh, and you might get a body cavity search too just for good measure.

I don't understand the argument

[niceone]

I would rather they couldn't search laptops, but I don't understand the argument put forward here. For example, if I had "privileged legal communications" in my suitcase they could still open it, right?

Re:I don't understand the argument

[morgan_greywolf]

I would rather they couldn't search laptops, but I don't understand the argument put forward here. For example, if I had "privileged legal communications" in my suitcase they could still open it, right?

The reason they can search your suitcase is that it might have a bomb in it. Of course, I think that violates the 4th Amendment too (and I think many would agree), but I understand their point.

OTOH, a file on the HDD can't contain a real bomb, only a virtual bomb. Virtual bombs don't blow up airplanes.

Re:I don't understand the argument

[Ihlosi]

The reason they can search your suitcase is that it might have a bomb in it.

Customs doesn't search for bombs. They search for anything that is illegal to bring into the country (drugs, weapons, large amounts of cash without proper paperwork, certain kinds of foodstuffs, etc).

Re:

[Ihlosi]

doesn't the X-Ray machines you pass your bags through show up most of this stuff anyway?

Your bags don't get sent through x-ray machines after you've landed.

Customs Agents != TSA

[mdmkolbe]

This is about border agents, so it has nothing to do with bombs. It is about illegal or undeclared goods being smuggled into the country.

So the argument will go that as long as certain forms of information are illegal to bring into the country, in order to do their job (stopping smugglers) the customs agents need to be able to search for illegal information. I'm not saying I agree with that argument, but in order to convince anyone other than the choir you need to understand the real issues and not some straw man argument about bombs.

Any counter argument will have to indirectly argue that customs agents don't have to keep illegal data out of the country. For copyright, such an argument is easy to make (e.g. "customs agents have no way to tell if a work on a laptop is involved in criminal infringement they may have permission from the copyright holder or it may be fair use"). For child porn, the argument is harder. The court will likely end up weighing the cost of invading people's privacy against the benefit of stopping child porn at the border. Given that the technique has already proven effective (they caught the guy), guess which one the courts will side with.

Again I'm not saying I agree with the government's position, but you have to know your enemy and the battle ground in order to win.

Re:

[1u3hr]

The court will likely end up weighing the cost of invading people's privacy against the benefit of stopping child porn at the border. Given that the technique has already proven effective (they caught the guy), guess which one the courts will side with.

But of course there ISN'T any benefit. There are many other ways of transmitting images from one country to another, securely, aside from putting them on a laptop hard disk and carrying it on a plane. Obviously this does nothing to protect the innocent citiz

Re:

[gstoddart]

This is about border agents, so it has nothing to do with bombs. It is about illegal or undeclared goods being smuggled into the country.

Well, let's face it. Rightly or wrongly, border agents have become the "first line of defense" for the security apparatchik -- they cover much more than undeclared good and duties.

Governments have made their function much more about securing the borders and keeping out people we don't want lately. And, consequently, their searches have become much more invasive.

Cheers

Re:

[querist]

The difference here, though, is that they can look at a file folder, see paper, an realize that there is no bomb. In theory, their search should stop there. Unless they have a specific reason to read the documents, they shouldn't.

On the computer, however, they are looking at the content of the files to try to find "suspicious" materials. This is a more difficult situation because, in order to differentiate between "acceptable" and "suspicious", they must examine the contents of the files. This is not as sim

Do they really have a right?

[Rik Sweeney]

Can't I just refuse to let them access my laptop? Sure, they can turn it on to prove that it's really a laptop and not a bomb, but besides that they shouldn't be allowed to go through photos of me giving my 6 month old son a bath.

Personally, what I'm more worried about is that the pillock on customs manages to erase data from my computer / SD card.

Re:

[jeti]

AFAIK you're free to refuse. But you won't be allowed to enter the US.

It was never a problem before.

[arthurpaliden]

In the past, the time before computers, you never traveled with all your personel papers, love letters, note books, and your corporate trade secrets in your luguage because the border gaurds would be searching your stuff and possible reading it. So why is storing it on a computer so different. If you do not want it looked at don't put it there.

Re:It was never a problem before.

[pla]

you never traveled with all your personel papers, love letters, note books, and your corporate trade secrets in your luguage because the border gaurds would be searching your stuff and possible reading it. So why is storing it on a computer so different.

Because I can't realistically take the contents of my desk, my filing cabinet, my credenza, my photo albums, and my "memento box" with me every time I decide to take a quick trip to Montreal.

I can, however, take my laptop.

Similarly, while I don't need to take all those physical things to do an on-site service call for an important Canadian customer, I absolutely do need to take my laptop.

In Soviet Russia...

[Lurker2288]

Is not problem, comrade! If you have nothing to hide you have nothing to fear!

Re:

[SlashTon]

Times change. It wasn't a problem in "the time before computers", because it was not possible (or at least not very practical) then to carry all your personal papers. And even then some people did travel, carrying private papers or letters. And I suspect back then you could reasonably expect these papers NOT to be "routinely" (an important phrase in this whole discussion) read by border 'gaurds' (people, Slashdot has an automated spell checker, use it, please). Because of changes in technology and society,

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[MichaelSmith]

The guy was arrested for underage porn.

Which guy? The lab technician?

So what would I do...

[Anonymous Coward]

...with my company laptop which I will bring with me this monday ? Should I let it be searched by customs, or should I call the legal department of my (very large) company to handle the situation ?

As this is on topic here, some advice would be nice :)

Re:So what would I do...

[Ihlosi]

...with my company laptop which I will bring with me this monday ?

Don't bring it with you. Or don't have any important information on it.

Should I let it be searched by customs, or should I call the legal department of my (very large) company to handle the situation ?

To answer this question, first consider this simple question: Who will the customs officer detain/subject to full cavity search/deport/mark for disappearance - the person carrying the object in question or some companys legal department ?

Re:So what would I do...

[dthomas9]

You ask your legal department for advice, before you travel.

Re:

[mdmkolbe]

If you are not flying internationally, this doesn't effect you. This is about customs agents, not the TSA.

If you are flying internationally, consult your companies legal department before you leave. At the very least it may raise awareness in the company that this might be a problem and if companies start to dislike the idea maybe they can get it changed.

Schneier says...

[Lurker2288]

Bruce Schneier's recommendation for this situation is that your company have a secure VPN in place so that once you're across the border you can connect to the office and download any sensitive material you need. Before you return, VPN in again and upload your work back to the office so that the laptop is clean as a whistle when it goes through customs.

Re:

[MichaelSmith]

Bruce Schneier's recommendation for this situation is that your company have a secure VPN in place so that once you're across the border you can connect to the office and download any sensitive material you need. Before you return, VPN in again and upload your work back to the office so that the laptop is clean as a whistle when it goes through customs.

But how do you stop customs cloning the VPN key at the border?

Re:

[slashname3]

Use Secure ID tokens. Of course the boarder guards might find it alarming that you have something that counts down repeatedly.

Re:

[interstellar_donkey]

Depends. Would your company's legal department and bosses back you up here? If so, call 'em. The border agents might detain you, have you arrested, throw you in jail, give you a file with homeland security (I mean, a negitive file) etc. etc.

If you're willing to go through all of that, and know that your company won't leave you high and dry, then call 'em. Otherwise, no.

Re:

[sukotto]

You use GNU Shred to wipe all the data off.
After you arrive in the US, you connect to your corporate intranet via VPN and download the stuff you need.

This makes it hard to get anything done on the plane though.

If you're really security conscious, you'll encrypt the stuff you download or you'll keep everything on the corp intranet and only have the apps on the laptop.

Oh, and make sure you set all your applications to request your password when they start up (that goes for online resources too). Otherwise the

Let me know how that goes

[Anonymous Coward]

The EFF and the Association of Corporate Travel Executives have quite the fight on their hands.

Really all the government has to do is use the branding of we are looking for child pornography terriosts that have weapons of mass destruction and guess what, poof there goes any right to privacy. Right now, they pretty much have a free ticket to do just about what ever they please.

Every time I hear stories similar to this I think back to an episode of the Simpsons, where Helen Lovejoy keeps saying, "Won't somebody think of the childern?" It was satire that they would do just about anything, if it was for the childern.

Historians will look back on two things this decade, how hurricane katrina changed how oil companies charge people for gas (they can also do just about anything they want) and how 9/11 affected personal freedoms and privacy.

Waiting for another Geek Squad incident...

[FataL187]

I wonder how long it will be before we hear about how the customs agents have a shared collection of porn from all the hard drives they search.

Boot to command line

[assemblerex]

Clearly these people are stupid enough to think that my mouthwash and nail clippers are lethal weapons.

I doubt they have the faintest idea what to do when confronted with a command line.

"How do you start windows?"

Re:Boot to command line

[robot_love]

Let's say you do that.

Which of the following two scenarios is more likely:

1. Government official says, "this guy is obviously a smart ass. I'd better just give him back his things and let him go."

2. Government offiical says, "this guy is a smart ass. I'd better confiscate his computer permanently."

I mean, I realize it's funny to say they won't know how to deal with a command prompt, but if you think that their ignorance will lead to them leaving you to pass unmolested, you're being hopelessly naive. You might as well suggest that if you simply put a lock on your briefcase and claim you don't have the keys they're going to wave you right through.

No. No they're not going to do that. You won't like what they're going to do.

Re:Boot to command line

[Alsee]

Better yet when they get that command line and they come to you asking what to do, start screaming at them "What did you do to my computer?! YOU BROKE MY WINDOWS!"

-

Border agents != TSA

[Lurker2288]

As posted ad nauseum above, the guys inspecting your stuff when you cross the border are not the same guys who make you take off your shoes to get on a plane.

Re:

[DrLang21]

Just put your own copyrighted nude pictures on the desktop. When they copy them, sue them for copyright infringement following RIAA standards of damages.

Pervs/terrorists/spys never buy thumb drives

[gatkinso]

or other such media.

They teach this in PTS school.

That Eeee pc looks better and better

[kurt555gs]

The time is coming that using a 'throw away' laptop will be needed for all foreign trips. Everyone will need a server in some 'safe' country to upload everything to, documents and pictures will be needed to be uploaded to Google Docs and Picasa respectively. Any pictures, or letters that were on the laptop will need to be deep erased.

then , just add the cost of having the mini laptop seized to every trip.

Seems simple to me.

 

Re:

[MichaelSmith]

The time is coming that using a 'throw away' laptop will be needed for all foreign trips. Everyone will need a server in some 'safe' country to upload everything to, documents and pictures will be needed to be uploaded to Google Docs and Picasa respectively. Any pictures, or letters that were on the laptop will need to be deep erased.

But to access your information store with any decent level of security you still need to carry a secret across a border. If the secret is a GPG key they can still try to get the passphrase off you, then when you access your data they can intercept the data stream and decrypt it.

I don't think this method is more than a stopgap.

Re:

[Dopefish_1]

But to access your information store with any decent level of security you still need to carry a secret across a border. If the secret is a GPG key they can still try to get the passphrase off you, then when you access your data they can intercept the data stream and decrypt it.

So just keep the GPG key on the server with your data, and memorize the passphrase. Then the only "secret" you're carrying across the border is in your head, with no outside indication that it exists. This should keep you safe unt

I told you so

[bytesex]

I've said it before; trade secrets will be the most important aspect of this (whether or not they should be is of minor importance); especially for foreign business travelers, since American intelligence agencies have shown themselves time and again incapable to contain themselves when it comes to passing around business secrets to local competitors.

Re:I told you so

[MichaelSmith]

I've said it before; trade secrets will be the most important aspect of this (whether or not they should be is of minor importance); especially for foreign business travelers, since American intelligence agencies have shown themselves time and again incapable to contain themselves when it comes to passing around business secrets to local competitors.

The secret you are carrying might actually be US government IP, which you are just not allowed to show to the people at the border, even though they work for the same organisation.

And why not

[VincenzoRomano]

also browsing the traveller's books, post-its (tm), cameras, camcorders, USB sticks, cell phone memory ... and so on?

Re:

[Ihlosi]

also browsing the traveller's books, post-its (tm), cameras, camcorders, USB sticks, cell phone memory ... and so on?

They're already doing that, too. Oops.

Re:

[VincenzoRomano]

Don't think so: it'd take hours to check a single passenger. And skills, technology and ... a brain.

Re:

[Ihlosi]

Don't think so:

Oh really ?

http://tech.yahoo.com/blogs/null/90325 [yahoo.com]

And they're not checking every single passenger, of course. But for the ones that do get checked, the procedure may take hours.

Career dampner

[joaommp]

This is one of the reasons for me to be unwilling to accept any offer to move to the Redmond division. Out of my fundamentalist principle that my data is mine. Nobody has nothing to do with it, especially not without a warrant.
Besides, there have been stories of officials that just want to confiscate the laptops and magically their kids get new laptops for Christmas.
I usually carry around something like $7000 from home to work in equipment. I wouldn't take it near a US border unless the "chair-man" provided

Privacy and Cultural Issues

[MBHkewl]

For Arabs, and Muslims, it's a very big problem, since strangers are allowed to look at private pictures of family members.

This is both a cultural and a religious difference, which this law doesn't address nor respect.

It's against our customs and culture to post our women's pictures online for the public to see, let alone having the customs look at them and take a copy of them as well!!

And what is considered childpr0n, maybe as well be nude pictures of man's 16 year old wife. That's the legal age to get married in some of the countries in the Middle East.

Apart from pictures, business men carry sensitive information, that shouldn't be copied, and if encrypted, they're forced to provide the key/password to decrypt them.
When there's a leak of information, is the US customs going to be responsible for such cases?

Re:

[Metorical]

You make good points until you get to this...

And what is considered childpr0n, maybe as well be nude pictures of man's 16 year old wife. That's the legal age to get married in some of the countries in the Middle East.

When you're in someone elses country you generally follow their rules. If some country existed where you could take pictures of 3 year old naked children would you expect someone from that country to be able to keep these pictures in America?

4th ammendment

[methuselah]

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

it pretty much covers this so, i guess that liberalisms creative reading and interpretations of the constitution has pretty much trashed the whole thing now.

First the came for the

New busines model

[owlnation]

Hey Entrepreneurs...

1. Buy lots of laptops, and some insurance.
2. Set up some servers offering secure online file storage.
3. Market your new short-term laptop hire company.

There's obviously a market for this. Getting on a plane has to be one of the worst experiences of modern life. In what way have the "terrorists" not already won?

People need to resist

[moxley]

At least the EFF is taking this on.

How can people not see what is really happening in the US? Most of these people in charge of homeland security and who are constantly pumping fear into the populace - they do not care about the people at all - most of them would WELCOME another attack as their power would increase (obviously I am not talking about the people at the lower or mid levels of such organizations, I am sure most of them have their hearts in the right places)...basically the people are being manipulated to feel like they only way they will be "safe" is if the country turns into a gigantic jail.

Even if you think this sort of crap has any value you have to know (if you have any technical expertise at all) that any terrorst or criminal would use encryption or some other method to conceal their sensitive data.....So really the only people this affects is the general populace.

America is becoming a textbook fascist state, I don't say that as an exaggeration or for shock value - it is a fact - we meet all 14 points of fascism that Dr. Laurence Britt, a political scientist identified after studying the fascist regimes of: Hitler (Germany), Mussolini (Italy), Franco (Spain), Suharto (Indonesia), and Pinochet (Chile). I am sure that these 14 points have been posted here before so I won't repeat it - if you are interested you can google "14 points of fascism" or go to a site like:

http://www.secularhumanism.org/library/fi/britt_23_2.htm [secularhumanism.org]

Almost a year ago I had a chance conversation with a couple who lived in Germany during the thirties through the forties - the are terrified and cannot believe what is happening here - they came to America in the 50s convinced that what happened in Germany could never happen here, and both of them say they see the exact same incremental processes happening here.

I wish I had recorded what they told me, but it was a spur of the moment sort of thing. I came across the paragraphs below on a website today and it reminded me very much of what they had to say (although coming from them it was so much more powerful and straightfoward):

"What no one seemed to notice. . . was the ever widening gap. . .between the government and the people. . . And it became always wider. . . the whole process of its coming into being, was above all diverting, it provided an excuse not to think for people who did not want to think anyway . . . (it) gave us some dreadful, fundamental things to think about . . .and kept us so busy with continuous changes and 'crises' and so fascinated . . . by the machinations of the 'national enemies,' without and within, that we had no time to think about these dreadful things that were growing, little by little, all around us. . .

Each step was so small, so inconsequential, so well explained or, on occasion, 'regretted,' that unless one understood what the whole thing was in principle, what all these 'little measures'. . . must some day lead to, one no more saw it developing from day to day than a farmer in his field sees the corn growing. . . .Each act. . . is worse than the last, but only a little worse. You wait for the next and the next. You wait for one great shocking occasion, thinking that others, when such a shock comes, will join you in resisting somehow.

You don't want to act, or even talk, alone. . . you don't want to 'go out of your way to make trouble.' . . .But the one great shocking occasion, when tens or hundreds or thousands will join with you, never comes. That's the difficulty. The forms are all there, all untouched, all reassuring, the houses, the shops, the jobs, the mealtimes, the visits, the concerts, the cinema, the holidays. But the spirit, which you never noticed because you made the lifelong mistake of identifying it with the forms, is changed. Now you live in a world of hate and fear, and the people who hate and fear do not even know it themselves,

My Russian friends say U.S. more like Soviets

[bodhisattva]

I work for a Russian company and mostly Russian and Ukranian native co-workers. They say that the U.S. becomes more like the Soviet Union every day.

Re:

[Muad'Dave]

Dude, this was AN AMERICAN CITIZEN. They treat us like Bin Laden's favorite, too.

Re:Good luck with that one! LOL!

[morgan_greywolf]

Dude, this was AN AMERICAN CITIZEN. They treat us like Bin Laden's favorite, too.

Right. It's not about paranoia regarding 9/11 or anything else. It's about control. Scare everyone to death, make everyone walk around with papers, take away everyone's rights and tell them it has it's for their own protection against the big, bad ugly terrorists.

Anyone know the last time this tactic was used? Oh yeah, Nazi Germany.

(first Godwin!)

Re:

[Muad'Dave]

I agree wholeheartedly. I used to be a Republican until they started taking away rights not 'for the babies' as the left does, but in the name of 'the war on terror'. My own government is the only organization terrorizing me.

They're turning me into a real conspiracy theorist, let me tell you.

Oceania at war with East Asia, no Eurasia, anyone?

Re:

[sukotto]

No, this is the "good" treatment. If they think you might be Bin Laden's favorite then they disappear you and you're never heard from again (Except maybe in a show trial with secret evidence and/or information they acquired by torturing you)

America has become a scary place.

Re:

[interstellar_donkey]

Um, have you been to Heathrow? That place is as scary and gives off the impression of totalitarian authority as much as any US airport.

My favorite is the polite recording that plays every few minutes that says "unattended baggage will be . . . destroyed".

Re:Paranoia

[Ihlosi]

What the hell has that to do with the security of the flight?

Nothing. And that's perfectly ok - customs doesn't care about the security of flights, because they search your stuff after the flight is over. They're looking for things that are illegal to bring into the country (narcotics, weapons, large amounts of cash without proper paperwork, certain kinds of foodstuffs, etc).

Re:

[Mattsson]

But what files is illegal to bring into the US?
Well, child-porn is obvious... But that can't be the only thing they look for, right?
What else?

Or just dual-boot.

[Rob T Firefly]

Boot into a dummy partition containing Windows 95 or some damn thing, leave a few scattered icons of "business.xls" or "memo.doc" around, and let them search the hell out of it. Meanwhile your real stuff is safely tucked away on the rest of the drive.

"That's right officer, there is only a 100 meg hard drive in this brand-new Thinkpad. Want to play Microsoft Hearts with me, or perhaps sign up for a free trial of Prodigy?"

Re:

[Ihlosi]

A good chunk of cell phones now can hold at least 2GB on a memory stick.

Yes, they do check cell phones. What could be more interesting than the people you're in contact with ? They also check cameras, camcorders, Mp3 players, etc.

Re:

[JasterBobaMereel]

1st does not apply at customs - you can say something to raise the suspicions of customs officials and they do have the right to stop and search you and your belongings

4th does not apply at customs - your papers and personal effects can be searched for anything that illegal to bring into the country, and can be seized for further investigation or if found to be or contain anything illegal

5th does not apply at customs - encrypting data should raise the suspicions of customs officials and cause them to ask fo

Re:

[mlwmohawk]

1st: still applies at customs. What you say will be interpreted carefully and it may increase suspicion, but you still have the right to say what you want.

4th: At entry into the country your personal effects can not be seized unless there is legal cause.

5th: It has already been ruled by the supreme court that the 5th amendment applies to password to encrypted data.