If you have watched the privacy-related news recently , you are likely familiar with the issue of the U.S. Department of Homeland Security (DHS) seizing laptops at the U.S. border, and the resulting fight that privacy advocates have launched against it. Now, the DHS has posted its official policy on laptop confiscation.
The DHS will take your laptop, resistance is futile. (IMG:DHS)
The Washington Post broke the story this morning, and says in part that:
"Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement...
"DHS officials said that the newly disclosed policies — which apply to anyone entering the country, including US citizens — are reasonable and necessary to prevent terrorism... The policies cover 'any device capable of storing information in digital or analog form,' including hard drives, flash drives, cell phones, iPods, pagers, beepers, and video and audio tapes. They also cover 'all papers and other written documentation,' including books, pamphlets, and 'written materials commonly referred to as pocket trash..."
What is shocking to some is not the policy itself or that border agents have been taking things at will for some time, but rather that the DHS is posting the policy for public viewing and slapping U.S. citizens in the face in the process. Privacy advocates have pressured the government to make its full policies known for some time, but no one really expected them to do it.
Now the good thing, in the defense of the DHS, is that if no probable cause for the seizure is detected after your laptop and its contents are reviewed, then copies of the data confiscated must be destroyed, and data sent to other outside agencies must be returned to the DHS.
However, that being said, nothing has been disclosed regarding notes and other things written and recorded by border officials doing the investigation, which may amount to information that could potentially be used at a later time. There is also no criteria mentioned that defines what would qualify a person to be selected for investigation.
According to the Post, DHS Secretary Michael Chertoff wrote in June that: "the most dangerous contraband is often contained in laptop computers or other electronic devices."
Searches have apparently uncovered "violent jihadist materials" as well as images related to child pornography. The child porn found, while there might have been legit examples, led to the case of Michael Arnold.
Arnold was stopped at LAX (Los Angeles International Airport) and had his laptop searched after he returned to the country from the Philippines on July 17 of 2005. Customs and Border Protection (CBP) agents said they discovered images that could be child pornography. During the trial, Arnold wanted the images and the search suppressed, but the government argued that it had reasonable suspicion a crime had been committed. However, officials added that even if they had no suspicion at all, the search was allowed because it took place at a border point of entry.
Originally the court ruled in favor of Arnold, but that was later reversed by the 9th Circuit Court of Appeals prompting free-speech advocacy group the Electronic Frontier Foundation (EFF) to take up Arnold's case, requesting that the government set standards as to the when, how, and why a person’s computer can be searched.
Speaking to the Post about the recent DHS announcement, Greg Nojeim, senior counsel at the Center for Democracy and Technology said: “They're saying they can rifle through all the information in a traveler's laptop without having a smidgen of evidence that the traveler is breaking the law.”
This is sad; paranoia and fear have led the U.S. to a state of security at the cost of our personal rights. So what can you do to help yourself if you have to travel outside the U.S. and want to come back in without risking your data? Well, there have been calls for encryption, which is good to a point, but there is the risk that you will cause more problems for yourself by invoking the ire of the border agents.
However, if you do want to lower the personal exposure of your information, then cryptographer and computer security specialist Bruce Schneier advises that the best defense is to clean up your laptop.
"A customs agent can't read what you don't have," offers Schneier. "You don't need five years' worth of email and client data. You don't need your old love letters and those photos (you know the ones I'm talking about). Delete everything you don't absolutely need. And use a secure file erasure program to do it."
"While you're at it, delete your browser's cookies, cache and browsing history," he adds. "It's nobody's business what websites you've visited. And turn your computer off -- don't just put it to sleep -- before you go through customs; that deletes other things."
The best online comment TTH has seen that puts all this into perspective comes from "brasscount" on Schneier’s blog, who wrote:
"I love the fact that due to the strategic placement of appropriate candidates in the judiciary this: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. " Becomes: "Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement. "
The need for security at the border is one thing, but with no set limits and no defined terms, then the government is just tossing our rights out the window. We know what it can and will do, but we do not know what causes it to select someone for investigation, nor will we anytime soon -- if ever.
Welcome to the United States, if you or your laptop looks suspicious we will take it, rifle through it, share whatever we want with whomever we want, and then maybe, we might give it back to you later.
MarvinAug 1st, 2008 - 22:02:36
Sigh.. Bad government policy. A real bad deal for the PEOPLE! Unconstitutional. Wake up you foolish sleeping Americans, your government is stepping all over your rights!
Read this website - www.truecrypt.org to review REAL (and free) encryption for THE ENTIRE hard drive, even before the OS starts. The DHS can copy the hard drive all they want, they won't get anything but random data. Don't give out your password!
Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
1) Hidden volume (steganography) and hidden operating system.
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
Encryption algorithms: AES-256, Serpent, and Twofish.
Report this comment