Border agents accused of unconstitutionally searching, seizing travelers' computers

Border agents accused of unconstitutionally searching, seizing travelers' computers

By Hugo Martín, Los Angeles Times

September 13, 2010

Anyone who has traveled abroad with a laptop or other electronic device might cringe to hear about the criminal defense attorney who had the contents of her computer searched by border agents after flying into Houston from Mexico.

And then there is the freelance photographer who was stopped at the U.S. border with Canada where officials scanned through his laptop files.

Perhaps the most unnerving tale is that of the graduate student who was riding a train from Montreal to New York when border guards confiscated his laptop and external hard drive for 11 days.

The three Americans are cited in a lawsuit filed last week by the ACLU, the National Assn. of Criminal Defense Lawyers and others against the Homeland Security Department. The lawsuit alleges that border agents seize and search the electronic devices of international travelers without establishing suspicion of wrongdoing, in violation of the U.S. Constitution.

------------------

The lawsuit cites the tales of attorney Lisa Wayne, graduate student Pascal Abidor and photographer Duane Kerzic to suggest that anyone who crosses the U.S. border with an electronic device could get the same treatment.

"It affects criminal lawyers. It affects photographers. It affects businessmen with trade secrets," said Michael Price, a spokesman for the lawyers group. "It affects everybody."

Between Oct. 1, 2008, and June 2 of this year, more than 6,500 people had their electronic devices searched by border agents, according to the lawsuit. In 280 cases, border agents shared information gleaned from such devices with other law enforcement agencies, the lawsuit said.

http://www.latimes.com/business/la-fi-travel-briefcase-20100913,0,7803428.story?track=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+latimes%2Fmostviewed+%28L.A.+Times+-+Most+Viewed+Stories%29

The legal problem is that your possessions may be searched when you re-enter the country. That's a long-maintained precedent. Customs officials have been doing this for a very, very long time. The thing is that your laptop can't be searched in a matter of minutes, so they've extended the search by seizing your hardware until it can be searched for "contraband." What are they looking for? Well, they can give you an answer that will satisfy a court. Contraband is anything that cannot be legally imported. So, things like child pornography, pirated copes of intellectual property obtained while in another country, etc., are all legally legitimate objects for such a search.

It's all just a technicality of course. They just want to look through your files. If you travel with a notebook computer, or even a smart phone, make sure there's nothing on it that you give a crap about. You'll probably get your hardware back, eventually, but who knows what will be missing or broken, and there's not a lot you're going to be able to do about it, legally.

And don't expect a law to be passed to protect your data when you return from another country. I don't think there's a chance in Hell of such a law even being introduced.

Fire up my laptop and all you'll see is Windoze. Open a command terminal, and I will wish you many years of luck. :D

Your hidden, encrypted partition wouldn't stand up for five minutes. And its existence would mean that they'd be interested enough to send your laptop over to the NSA, which would access everything in that partition before the first coffee break in the morning. You're very naive, it seems to me.

:rofl:

Ok, whatever you say, and I doubt you know much about cryptography or resource allocation.

USAF, and I've been screwing with computer hardware and data since 1963. Trust me, your hard drive is an open book there. You apparently know little about their capabilities. You are naive.

Not insinuating you are a dolt, nor will I call you any other names.

Meanwhile, the Chinese are eating our lunch.

if you use very good encryption it will become an exercise for a couple of hours and raise the bar of suspicion. Let's just say... they will suspect you DO have something really nefarious to hide. Me... ok a history book I am working on, a few novels, a few shorts and a bunch of PDF's... no, I do not travel with any financial data. Hell, we don't keep any of that in any hardrive... there is a reason for that...

You know why I use my name online and not a handle? If anybody is motivated enough they will find my computer access to the network in five seconds flat, and my real ID in fifteen, twenty five if the network is really slow and they have to take different routers.

What is true is that most Americans believe that the people working in cryptography are dolts... after all they work for the government... and those who work for the government are dolts. Which of course is far from reality. We have SOME dolts in government, usually Appointees, but the GS folk are very good at what they do.

Oh and we do know a white hat that works for IBM... but he is a WHITE HAT... what do you think he does all day? Just like the people at NSA that is what they do all day... why I know it is an exercise in futility, and I just take a cheap netbook... that yes I can afford to lose. All data been backed up... anyway.

What concerns me is not whether a government agent can get into my HD... that is a legal matter... in the gray zone that is a border crossing... having done many of them in an ambulance I am aware just how gray that is. But that we are increasingly becoming the dystopias I dreams up decades ago... or others dream up decades ago... that is the matter here.

Very good cryptography does not merely rely on mechanical, computer encryption, and does not raise red flags. ;)

Nevertheless, I do not travel with personal, private documents except my passport and visas.

putting that kind of cryptography is an afternoon of work, and a challenge.

TRIPLE HINT.

If they took your system they are LOOKING for things.

TRIPLE HINT.

Sorry, I take the word of somebody who does this for a living... why we don't keep anything really sensitive on a computer. And yes I travel with my history material.. backed up anyway and will be sent to google docs anyway. That scares me more actually, than uncle sam.

His suggestion to store files online do not help, but instead lands your files right in the hands of the NSA, etc.... especially if you use Google.

Btw, I use Google a lot and store files online because I have nothing interesting there, which is why I am not worried for the most part.

Just on principal, I am pissed off at people in our government who have violated our right to privacy in the name of security.

that was ours since the AHR articles are free for the taking anyway... and as far as I am concerned, maybe readying the Habakkut Hypothesis will put them to sleep.

As to the rest, fully agreed, it pisses me off. BUT... but fat BUT... under international law those border crossings are gray zones where governments can do a lot of things that otherwise they could not. See drug dogs... been used like forever. You want to know what is fun? Having one of them have a hit on an ambulance... yes, he had a hit on my opiod, not quite morphine, that is part of my medical gear. THAT is fun.

And when traveling, don't matter if you are crossing into Mexico, the US, France or whatever, customs is always a pain because they always assume you guilty... that is what they do. I don't like it, but that's the way it is. And no form of encryption will stop them. PERIOD... if they are motivated enough... as he used to joke, get a mountain dew, and a few bags of Cheeto. Yes ironically, he is your archetypal computer nerd.

And your discussion, if you remember, was about encryption on lynux. Given most of those machines run on any given flavor of OS... they prefer unix...

:D

Btw, I am certain I can encrypt data that no one could break without deploying way too many resources and manpower, only to find an Onion article or two. :D

Cryptography has many many many methods that even us normal folks can learn to use, plus one could add in a few simple red herrings into the mix. ;)

That is my question...

Yes, having spent three hours 'splaining to the moron at INS that yes an ambulance carries drugs... yes we do carry injectable happy juice...

Oy...

At least patient went to the hospital, but moron had several officers, his fellow officers 'splain this to him, we are an ALS rig (Mexicans, cannot have ALS)... finally a supervisor got involved from pretty high up.

So forgive me for saying this, but I am not in favor of giving any of these people probable cause.

No red flags. They cannot investigate what they cannot see, smell, or taste.

Scenario: For some reason, a TSA employee wants to see the contents of my computer. When they turn on my computer, they will see Windows XP and a few travel documents (PDFs of maps and hotel destinations regarding my trip), and maybe a PowerPoint of my conference presentation. They will then say, "thank you" and hand back my computer. The end.

I have never had a problem no ever to expect a problem. Nevertheless, I am royally pissed off at our government and all those who claim they are 'just doing their job'. I don't want or need their fucking brand of security because it does not make me secure at all.

to make sure it works.

You are confusing the TSA, "sniff them feet" crowd (yes I know a few and that is their joke), with INS and Border Protection... very different animal.

And no red flags... mkay... if they think you are hiding anything... and they took it at a BORDER CROSSING... legally they can keep it as long as they want...

Why I backup ALL my files and take a CHEAP computer that I can afford to replace.

:rofl:

I'm willing to bet my experience is far more recent that yours (as in less than a year old) -- there are open-source encryptions freely available that even the NSA has admitted are mathematically impossible to break in any realistic amount of time. By realistic amount they mean on the order of billions of years.

This FAQ from the PGP website (www.pgp.net) states it pretty well:
Q: Can't you break PGP by trying all of the possible keys?
A: This is one of the first questions that people ask when they are first introduced to cryptography. They do not understand the size of the problem. For the IDEA encryption scheme, a 128 bit key is required. Any one of the 2128 possible combinations would be legal as a key, and only that one key would successfully decrypt the message. Let's say that you had developed a special purpose chip that could try a billion keys per second. This is far beyond anything that could really be developed today. Let's also say that you could afford to throw a billion such chips at the problem at the same time. It would still require over 10,000,000,000,000 years to try all of the possible 128 bit keys. That is something like a thousand times the age of the known universe! While the speed of computers continues to increase and their cost decrease at a very rapid pace, it will probably never get to the point that IDEA could be broken by the brute force attack.

And 128 bit is considered outdated now. I use 256 bit on my computer, and up to 512 bit is available.. I'm not sure this space would be big enough for all the zeros to show how many years it would take for a brute force attack to work on a properly-built 512 bit key.

And before you fall back to the last-ditch "but...but..." of the mysterious "back doors", there is no such thing in any open-code algorithm. If there were, the thousands of geeks in the worldwide crypto community who pore over every line of code in a new algorithm hoping to be the one to spot "the flaw" would have found them by now. Hell, one pair in Japan got their names in lights for finding a "flaw" in the Twofish algorithm that MIGHT reduce the brute force cracking time to only a few hundred million years! Yippee!

When the first quantum computer rolls off the assembly line, the current algorithms are dead meat. Until then, they're effectively unbreakable as long as your password isn't "password" or something asinine like that.

Edited for an instance of dyslexic sentence structure.

In addition to 256 bit (512 bit is on my to do list), there are many ways to encrypt data that is centuries old, which can be combined in numerous ways in addition to 256 bit+ tech.

:thumbsup:

bringing any US ITAR-controlled data back into the US, because that means you probably had it when you left the US, which is obviously an ITAR violation without the proper export licenses.

thanks. I learned something tonight...

is my daily life. I sometimes throw out those acronyms and technical and defense jargon without even thinking about who I'm talking to.

I travel with a CHEAP NETBOOK.

I need to do a backup of my docs though...

leaving. While travelling, store important files online. If for no other reason, they'll be safe if your netbook is stolen or physically damaged.

I have a google docs account for that.

Right now doing the humongous backup into a thumbdrive that don't travel.

http://www.wired.com/dangerroom/2010/03/pentagon-backed-venture-aims-for-google-underground

Cloud storage will not help much either, except to keep 85 IQ TSA staff off your back.

I know I am not paranoid...

If I can make a point, then it is this: most of us have nothing to worry about because the USA does not have enough trained experts to sift through millions of hardware devices and quadrillions of bits of data, and AI is still not capable of culling the information in a way that is practical. However, Big Brother will likely 'become aware' in the not-so-distant future. Currently, targets of interest are acquired by many other means, and are usually well-known before they walk into an airport.

The most practical defense is to avoid TSA and their prying eyes. You can encrypt a HD partition and/or use online storage. Those methods will suffice to avoid being hassled by idiots who work in airports.

If they are motivated enough, they will get to anything you want to hide, PERIOD. As to aware... it is pretty aware already.

And we are willing helpers... facebook comes to mind.

I will not be hassled unless someone simply does not like my name or the way I look. There is no reason for me to every be 'hassled', but I do assume it will happen, which is why I make my data completely unavailable.

It seemed to me the poster above tried to inject paranoia into the conversation by assuming my stuff would be sent to the NSA and that I am silly and naïve, then he claimed to be an NSA contractor, so I started joking around.

I am not paranoid, but I am PISSED OFF at our government for wasting our money and taking away our rights in the name of security.

In my experience the cryp agencies don't have close to the number of people they need to look at even the unencrypted external (international) communications that they KNOW are coming from/going to bad people. If they did they wouldn't have missed some shit that was pretty important to me in the not so distant past.

One large text file saying "FUCK YOU GESTAPO!" repeated in bold large font until it takes up about 10 gigs of drive space.

Once I got it back and back home I would reinstall the OS from an image kept there, download any data that I uploaded wherever I was and that would be it.

micro SD cards are small and easy to carry or even mail.

And, no, I'm not telling which digits I substituted.

:)

You have to find ways to adjust. I know enough not to risk it. I know we are not free to live our lives normally.