Federal agents may take a traveler's laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. My laptop is like my partner. I don’t think I would look at it the same way after such a violation. It may lead to some long nights of intense conversation. I can understand the need with returnees coming back from Beijing but no suspicion of wrongdoing?
Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement. And to add to the indignation, they are going to pass around my laptop image to break, hack, violate the integrity of the encryption, translate, analyze the data from their view and rosy colored glasses mining the data like Dr. Tim Thomas! I wonder if any of them attended the University of Washington http://blogs.csoonline.com/useful_skills_for_your_first_corporate_job ?
The policies state that officers may "detain" laptops "for a reasonable period of time" to "review and analyze information." This may take place "absent individualized suspicion." What if my laptop spills the beans and talks? I’d best have that discussion with it before my next flight. If my laptop is only 1.5 years old, can they interrogate it without an adult present?
That does not give me a warm and fuzzy feeling either with some overseas travel coming up and the amount of data I have on my laptop. My trip is to talk about Cyber Jihad. I have a bevy of related data in both Arabic and English on my laptop that I use during the seminar including jihadist info garnered from searching the web. You know, I always had a hankering to go to Cuba but this sounds like a one way trip to Guantanamo!
The policies cover "any device capable of storing information in digital or analog form," including hard drives, flash drives, cellphones, iPods, pagers, beepers, and video and audio tapes. They also cover "all papers and other written documentation," including books, pamphlets and "written materials commonly referred to as 'pocket trash' or 'pocket litter.' " Pocket litter? I’d best not forget to take the microdot off the wooly boogers that collect in my pockets. Does this also include belly button lint? I’d better search for the FAQ.
Reasonable measures must be taken to protect business information and attorney-client privileged material, the policies say, but there is no specific mention of the handling of personal data such as medical and financial records. Not something I carry with me anyway but I might wish to get some attorney type info together since I may be going away for a long time.
Customs Deputy Commissioner Jayson P. Ahern said the efforts "do not infringe on Americans' privacy." In a statement submitted to Feingold for a June hearing on the issue, he noted that the executive branch has long had "plenary authority to conduct routine searches and seizures at the border without probable cause or a warrant" to prevent drugs and other contraband from entering the country. Several years ago on a jaunt from Jiddah to Riyadh, I had the pleasure of being stripped searched upon arrival in the capital. It wasn’t as unpleasant as I had imagined (don’t go there) but nonetheless, a virtual strip search is something I’ll have to ponder.
Homeland Security Secretary Michael Chertoff wrote in an opinion piece published last month in USA Today that "the most dangerous contraband is often contained in laptop computers or other electronic devices." Searches have uncovered "violent jihadist materials" as well as images of child pornography, he wrote. Well, I can eliminate the second but I’ll have to submit for a read on the first. Will the fact that the encrypted flash drives, encrypted laptop, encrypted hard drive, steganography, Mujahideen Secrets, al-Durrah, and other such tools on my laptop lead to suspicion? Wait a second, that’s not required for a virtual strip search. I’m getting the feeling that there will be more than just a virtual strip search.
In April, the U.S. Court of Appeals for the 9th Circuit in San Francisco upheld the government's power to conduct searches of an international traveler's laptop without suspicion of wrongdoing. The Customs policy can be viewed at:
And people wonder why I look so happy in my picture ...
This is the DHS going too far on their policies invading confidential and privileged information on corporate and personal laptops. Besides that they are confiscating a tool we need to conduct everyday business. Imagine someone returning from a business trip from overseas and they get their only computer confiscated by the DHS without any recourse leaving the traveler without a computer to do their work.
There are ways around this crazy obstacle:
Above all make sure you use data encryption, encrypting the entire drive using plausible deniability methods to protect your information stored on the hard drives. The best defense here is using secured network servers and gaining access using VPN at your overseas destinations.
Anyone is welcome to contact me.
George Moraetes, CISM
Information Security Executive and Enterprise Architect
Web: http://www.moraetes.com
Linkedin: http://www.linkedin.com/in/moraetes
I imagine you've already thought of this, but just in case: the hidden encryption within a truecrypt protected volume does wonders to hide this sort of thing. price is right too.
Post new comment