On June 20th, US Customs and Border Protection (CBP) Commissioner Kevin McAleenan sent a letter to Senator Ron Wyden (D-Ore.) admitting that border security officers have no legal authority to check a person’s social media account or any other information contained in the cloud. The letter was sent in response to a missive from Wyden asking for answers to a set of questions regarding the border patrol’s practice of searching phones. NBC News, who gained access to the letter on Wednesday, July 12th, reported that the letter’s contents were significant because they clarified certain aspects of pertinent laws granting broad authority to border security officers.
Several laws allow for the types of searches being executed at the border, according to McAleenan. Additionally, the commissioner indicated in the letter that searches are necessary to protect against “terrorism, illegal smuggling or child pornography,” among other illegal activities.
However, McAleenan said that a guidance had been sent in April to border control officers detailing what is and isn’t allowed during phone inspections. Of primary concern to privacy advocates is the CBP’s policy regarding data on the cloud.
“[…] Border searches conducted by CBP do not extend to information that is located solely on remote servers,” he wrote in the letter. To clarify, he added, “In conducting a border search, CBP does not access information on remote servers on an electronic device presented for examination, regardless of whether those servers are located abroad or domestically. Instead, border searches of electronic devices apply to information that is physically resident on the device during a CBP inspection.”
Thus, the CBP can only access information like phone numbers, addresses, texts and anything that is literally contained in the device itself. This excludes all data that is accessible via the internet or 3G services, such as social media, email and any other apps that rely solely on remote servers.
The Bad with the Good
Nonetheless, it is troubling that, according to McAleenan, the CBP has the authority to detain phones regardless of whether a person gives permission or whether the officer has a warrant. To make matters worse, according to a number of publicly available test results, Homeland Security has been working ceaselessly on hacking phones that require a key code for access.
And as pointed out by The Verge, CBP could search cloud-based apps if they are already open on the phone because, once loaded, an app is not technically supported entirely by the cloud.
Too Many Searches, Too Many Unanswered Questions
Privacy advocates (such as the ACLU and Electronic Frontier Foundations) are concerned about the number of searches being conducted at the border, especially since Trump took office. Between FY2016 and FY2017, the number of searches climbed from 8,383 to 14,993, according to data released by CBP. Other reports have offered different figures. An AP news report found that, in 2016, border patrol officers searched 23,877 electronic media devices, a sharp increase relative to 2015 when 4,764 searches were conducted.
It is doubly concerning to advocates that McAleenan neglected to include figures pertaining to searches by border patrol on behalf of other law enforcement agencies. This is worrying because agencies like the FBI and DEA must obtain warrants before collecting phone-related data. The letter’s conspicuous lack of statistics on the matter is thus cause for concern.
What’s to be Done
So what’s to be done? Wyden has indicated through a spokesperson that he “will continue to push both for an answer to that question and a statistic on the number of Americans searched,” according to NBC News. The Senator had intended to push for answers at McAleenan’s confirmation hearing, but the hearing has been postponed until further notice.
There’s also a bipartisan bill on the horizon that could effectively dampen the draconian measures being implemented at the border. The bill – introduced by Senators Wyden and Rand Paul (R.-KY) and Representatives Jared Polis (D.-CO) and Blake Farenthold (R.-TX) – would put an end to the “legal Bermuda Triangle that currently allows law enforcement agencies to search Americans’ phones and laptops […] when they cross the border without suspicion or a warrant,” according to a press release from Wyden’s office.
For now, we will have to wait and see how the legislation fares in Congress.