Most people are sailing through passport control and customs just as they did before the inauguration. But for travelers from foreign countries—particularly those targeted by President Trump’s travel ban—and the unlucky few American citizens and legal residents who get pulled aside for what is known as “secondary inspection,” tales of electronic searches and disconcerting requests from border guards abound.
U.S. border agents have increasingly been demanding to search the electronic devices of some travelers entering and exiting the country and even requesting the passwords to their social media accounts. “The idea that it will become a concerted part of screening is very new,” says Alex Abdo, a senior staff attorney at the Knight First Amendment Institute at Columbia University.
So what does a U.S. citizen or legal resident need to know about returning to the United States from abroad—and flying domestically? Here, we break down the history of technology searches at the border, the likelihood of being searched when you travel, what you should do if you are pulled aside, and the best ways to protect your data at the border.
Electronic Searches Aren’t That Common—Yet
Phone and computer searches were happening before President Trump was elected, but privacy advocates worry they have since ramped up. Between October 2016 and March 2017, border agents searched the electronic devices of 14,993 arriving international travelers, according to newly released data from U.S. Customs and Border Protection (CBP), a nearly 79 percent increase from the same period a year earlier.
Searching electronic devices at the border is not a new tactic for CBP: The practice began a decade ago, in the waning years of George W. Bush’s presidency. The current policy, which allows for searches of “computers, disks, drives, tapes, mobile phones and other communication devices, cameras, music and other media players, and any other electronic or digital devices” has remained the same since 2009.
What has changed is how invasive those searches now are, thanks to the ubiquity of social media, smartphones, and mobile cloud storage, as well as advances in computer-assisted search methods for electronic devices. These days, most smartphones are continuously logged into their users’ email accounts and apps and contain everything from medical and financial records to cloud-stored archives of digital photos and social media messages.
At the moment, technology searches affect only a tiny fraction of overall travelers entering the United States—0.008 percent within the past six months, according to CBP.
How to Protect Yourself and Your Data at U.S. Borders
When entering the country, travelers can protect their digital privacy in myriad ways—by traveling with data-free “burner” phones, deleting apps and sensitive data from devices, and encrypting their contents—but ultimately, if CBP officials request it, “You can’t refuse to turn over your physical device,” says Abdo. “They have clear authority to look at it.” He cautions against resisting an agent’s request to hand over a device: “We’ve seen some cases of people being physically subdued.”
U.S. citizens have not and cannot be prevented from entering the country for refusing to give up their passwords or unlocking their devices, but the issue is murkier for foreign visitors, who don’t have a right to come into the country and can be denied entry. “If you are a U.S. person, they eventually have to let you into the country, but they can make life inconvenient,” says Abdo. “They can detain you at the border for hours—there are cases where courts have approved of six-hour detention. They can take your device and hold onto it for five days.”
After a device is seized, CBP officials can take it off-site, try to crack its encryption, and copy its files and metadata, says Esha Bhandari, a staff attorney at the Speech, Privacy, and Technology Project of the American Civil Liberties Union. What happens to your copied data after the government has access to it? “They are supposed to decide within 21 days whether there is probable cause to keep that information,” Bhandari says. “But the notes CBP takes about you can be retained up to 75 years. If you verbally told someone your password, that could remain in a government database for a very long time.” If this happens to you, it is recommended that you change all of your passwords.
CBP officers may ask for your permission to search the content of your device. You do not have to grant it, Adbo says. “You should make clear you do not consent to searches of the devices” so as to not forfeit your legal rights. But this may very well result in your technology being taken from you for a temporary period.
Is Searching a U.S. Citizen’s Smartphone Legal?
Electronic device searches at the border exist in something of a legal gray area because the U.S. Supreme Court has not ruled on the issue. The border agency believes that device searches can be conducted without suspecting a person of a crime, or of being inadmissible, at U.S. ports of entry. But some legal experts dispute this reading of the law, saying that device searches at the border are so invasive they should require a warrant based on probable cause, as they are inside the country. “Most people think the writing’s on the wall,” says Abdo. “When it reaches the Supreme Court, they will decide these searches of U.S. persons’ devices are unconstitutional.”
The agency contends that it acts within the bounds of the law. “CBP’s searches of electronic devices is based on policy that ensures a disciplined, deliberate, and lawful approach, which affects less than one hundredth of one percent of travelers upon arrival in the U.S.,” says CBP headquarters branch chief Jennifer Gabris.
The Consequences of America’s Border Policy
The U.S. border policy is in flux right now, and technology searches may soon become more common at ports of entry, particularly for visa applicants. “Now we are hearing of proposals being floated by DHS [Department of Homeland Security] that they might ask for passwords for social media accounts for travelers to the U.S.,” says Bhandari. The proposed measures could see foreigners from all over the world being asked to turn over their devices, provide their social media passwords and financial records, and answer questions about their beliefs as a condition of arrival.
Of course, it’s not just foreign travelers to the United States who are affected by the uptick in technology searches at the border. The valuable U.S. tourism industry, which supports 15.1 million jobs and benefits the U.S. economy to the tune of $2.1 trillion has already reported a sharp drop in foreign arrivals in 2017—which some industry groups attribute to the Trump administration’s immigration policy.
Requiring foreign travelers to disclose sensitive information such as their social media passwords could have far-reaching consequences for American travelers and legal residents. “This could lead to reciprocal requests from other countries,” warns Bhandari. “It would be chilling if this became the norm for international travel—for Americans to hand over their social media passwords when visiting other countries.”
In addition to privacy concerns, measures like this are also worrisome from a freedom of speech perspective. “Requiring foreign travelers to provide this information amounts to a test of ideology at the border,” Abdo says. “That should give anyone pause”—American citizens and foreigners alike.
“Whenever you engage in dragnet searches, you will inevitably pick up information that is useful,” he says. “If you drain the ocean, you’ll catch fish. But what is the proper balance between legitimate needs and the cost of the authority?”
>>Next: Another Day, Another Ban