Sen. Wyden Wants Answers From New DHS Head, Introducing Legislation To Create Warrant Requirement For Border Phone Searches
from the annual-Fourth-Amendment-restoration-project dept
There aren’t many rights extended to anyone in the “Constitution-free zones” we like to call “borders.” You may have rights 100 miles inland, but the government’s needs and wants outweigh citizens’ and non-citizens’ rights wherever immigration officers roam. According to the Supreme Court, warrants are required for cell phone searches. But neither the Constitution nor Supreme Court rulings apply within 100 miles of the border, where the government’s needs and wants are considered more important than the protections they can avail themselves of everywhere else in the country.
Senator Ron Wyden is looking to change that. Rather than cede more ground to the rights-swallowing concept of “national security,” Wyden is looking to change the laws governing the “Constitution-free zones.”
Sen. Ron Wyden will soon introduce legislation to prevent Customs and Border Patrol agents from demanding the passwords to online accounts and mobile devices from American travelers without a warrant.
In a letter to Secretary of Homeland Security John Kelly dated Feb. 20, the Democratic senator from Oregon said border searches that take place without a warrant circumvent the right to privacy and “weaken our national and economic security.”
We’ll see how that sits with John Kelly. Kelly appears to be on board with the new administration’s “extreme vetting” immigration stance. He’s offered to take the DHS’s requests for immigrants’ social media account info to the next level — moving it from a voluntary request on visa application forms to mandatory demands for account passwords. Chances are, Kelly has about as little use for citizens’ rights as he has for non-citizens in general. The security of the nation is prized above presenting the appearance of a Constitutional republic to the outside world.
Given the current climate in the White House, the legislation will be facing a steep uphill grade. But while we wait for the security vs. privacy legislative fistfights to commence, perhaps DHS head John Kelly will help us pass the time by explaining exactly what it is that he feels gives him the right to search devices without a warrant and/or demand this country’s visitors hand over their social media account passwords. From Wyden’s letter [pdf]:
1. What legal authority permits CBP to ask for or demand, as a condition of entry, that a U.S. person disclose their social media or email account password traveler?
2. How is CBP use of a traveler’s password to gain access to data stored in the cloud consistent with the Computer Fraud and Abuse Act?
3. What legal authority permits CBP to ask for or demand, as a condition of entry, that a U.S. person turn over their device PIN or password to gain access to data? How are such demands consistent with the Fifth Amendment?
4. How many times in each calendar year 2012-2016 did CBP personnel ask for or demand, as a condition of entry, that a U.S. person disclose a smartphone or computer password, or otherwise provide access to a locked smartphone or computer? How many times has this occurred since January 20, 2017?
5. How many times in each calendar year 2012, 2013, 2014, 2015, and 2016 did CBP personnel ask for or demand, as a condition of entry, that a U.S. person disclose a social media or email account password, or otherwise provide CBP personnel access to data stored in an online account? How many times has this occurred since January 20, 2017?
Then again, perhaps not. Government officials are kind of used to ignoring questions they don’t feel like answering. This will put Wyden back in a familiar position: repeatedly asking unanswered questions of agency officials at any Congressional hearing his opponents can’t keep him from attending.
Filed Under: 4th amendment, border patrol, border searches, cbp, dhs, ron wyden
Comments on “Sen. Wyden Wants Answers From New DHS Head, Introducing Legislation To Create Warrant Requirement For Border Phone Searches”
We dont even pretend...
That the US constitution even matter anymore.
Now that we already ignore the founding document of the nation, what will these new laws do for us? They will just be ignored like the rest are.
More politicians exercising their jaws for public opinion and the fools eat it up.
Re: We dont even pretend...
There is nothing in the Constitution that grants the government the authority to waive the requirement that the government obey the Constitution.
So the federal government likes to pretend that only the US Code (statutes) applies to it. But there’s a problem there — it is illegal by US federal statutes to violate the Constitution.
So, they simply ignore the statutes too. What does that leave? Might makes right. The government is collectively mightier than any individual, therefore the government is right to ignore all inconvenient laws.
But the thing is, an individual government agent might not be mightier than an individual citizen. And if might makes right, then it would be perfectly morally and ethically okay to simply open fire when you see a government agent.
They can’t have it both ways.
Like I have said here before, before crossing the border into the United States, you just simply factory reset your phone, and wipe it clean. That will solve the problem of phone searches.
Wiping your phone like that does not violate either US or Canadian laws. When I go on road trips in North America, I always wipe my phones before crossing the border to either Canada or the United States, so that anything I don’t know about that can either get me refused entry or land me in the local jail cannot recovered.
Re: Re:
The problem of phone searches is the government seizing and searching your personal property and violating your privacy without a warrant.
Deleting your data in order to protect it from the government is not a solution to this problem. It’s a workaround, and a high-cost one at that. It may be advisable, it may even be necessary, but it does nothing to address the fundamental problem: This is attack on our civil and human rights.
Re: Re: Re:
Also, It is not necessarily an effective workaround, if they can run file recover tools on the phone.
Re: Re: Re: Re:
Another way to do it, if you are driving is to take the SD cards out of your phones and hide them where CBP cannot find them. There is a place I hide my SD cards where CBP or CBSA will NEVER think to look for them.
Re: Re: Re:2 Re:
Here’s an interesting article about crossing borders with tablets, laptops and phones:
https://qz.com/912950/never-bring-your-phone-on-an-international-flight-unless-you-want-us-border-control-and-customs-to-take-your-data/
My takeaway: Leave your phone at home and get a “burner” one when you get there (and leave it there, after factory resetting it, or destroy it before you go back)….and don’t take your laptop or tablet either. If you don’t have anything with you when you transit, CBP agents can’t find anything that they can “get lucky” with.
Re: Re: Re:3 Re:
But then not having any electronic devices on you in this day and age is in itself suspicious.
Re: Re: Re:3 Re:
As far as your laptop goes, that can be taken care of with KillDisk. KillDisk can wipe the hard drive to the point where nothing can be recovered, then you just reinstall Windows and all your programs and CBP will never know your hard disk was ever wiped.
Get a burner phone, set to your phone to forward to it. Load only the apps you want. Take your pics, upload, text, etc. Then reset burner phone before coming back.
Do the same general idea if you have a tablet or laptop.
I guess this is how it felt to be a Russian during the Cold War.
CFAA
For a CBP agent to access your social media is a criminal act because it violates the CFAA. According to Facebook’s and just about every other social media site out there, the ToS authorizes only the owner/ creator of the account to access it unless a warrant is presented.
Re: CFAA
Also, what happens if you simply say, No, I’m not going to give you my account passwords? If you are a foreigner then they can refuse you entry but they cannot legally keep you from re-entering the country if you’re a citizen. At least not yet and I’d be willing to be that the courts would have a lot to say about any attempt to allow that.
Re: Re: CFAA
In Sidd Bikkannavar’s case, they detained him for hours until he finally agreed to give them up.
http://www.theverge.com/2017/2/12/14583124/nasa-sidd-bikkannavar-detained-cbp-phone-search-trump-travel-ban
But they can detain you, and the standards for doing so are unclear.
https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/02/13/can-federal-agents-detain-citizens-at-border-checkpoints-until-they-disclose-their-smartphone-passcodes/
Re: Re: Re: CFAA
If you do give CBP the passcode, and your boss fires for it, just simply leave that company OFF your work history when you go for your next job. Problem solved
Re: Re: Re:2 CFAA
What the hell are you talking about?
Don't go to Florida!
If you are anywhere in florida, you are less than 100 miles from the border and therefore subject to search at anytime?
One way that Facebook and others could fight back against this is to block access from the entire IP address range of DHS and CBP.
If Facebook went this route, there is nothing that DHS or CBP could do about it.
If I were running Facebook, that is exactly what I would be doing now. I would have the IT staff block the IP addresses of CBP and DHS.
Re: Re:
While it would be a significant political statement from those providers, it would not be technically effective to prevent access.
They could just use the standard mechanisms that are advised for downloaders or geo-block defeating or people behind regimes like China’s Great Firewall – VPNs, proxies, etc.
Of course, that could open up another can of worms. I seem to recall a case (details escape me, therefore I could be completely, utterly wrong) that was reported here on TD a while back, where someone was convicted, I think under the CFAA, for bypassing those types of blocks. The accused had received C&Ds to stop accessing a service and the IP blocks were then regarded as technological access control measures (so maybe it was the DMCA?), therefore bypassing them was a breach of something-or-other.
Re: Re: Re:
As far as bypassing geoblocking, it is not illegal to bypass geographical restrictions in the United States. I would imagine that a re-negotiated TPP will bring such laws in whatever countries do ultimately ratify TPP and bring it into force.
So those, who, say, use a VPN in Britain to listen to the online streams of radio stations in Britain are not breaking US laws (though they maybe breaking British ones).
For me this seems so simple. A agent of the US government working for the government should need a warrant to search a US citizen no matter where they are. The location should have nothing to do with it. The same should also apply to non US citizens.
Someone has come up with a tool that will defeat forensic analysis of cell phones. You run Android Data Eraser, then run factory reset, and any previous data on your device will be totally unrecoverable.
Re: Re:
That’s a workaround, though, and a time-consuming and annoying one at that. And, more to the point, most users aren’t savvy enough to do it.
The problem isn’t that there’s no technical way of removing sensitive data from your phone. The problem is that government officials can search your phone without cause.
Can't see the elephant
Senator Wyden’s letter blatantly ignores the elephant in the room: that these rules don’t just apply to persons entering the United States.
I live in Orlando, Florida. The center of the city is 40 miles from the east coast, 80 miles from the Tampa coast. There is nowhere in Central Florida I am not subject to these rules.
Not even in my bed.