US Customs Owns Your Data?

Ok here’s something controversial for you guys to digest, there has been anecdotal evidence of US Customs seizing laptops before and examining the data…but it now seems to be rather more widespread.

It’s a little worrying to me how a government can just rummage through your data when you are totally innocent and they don’t even have any evidence that you have or will commit any wrong doings. With not so much as a warrant, they can take your cellphone, read all the SMSes, check all your contacts and copy all the data from your laptop and mp3 player.

Nabila Mango, a therapist and a U.S. citizen who has lived in the country since 1965, had just flown in from Jordan last December when, she said, she was detained at customs and her cellphone was taken from her purse. Her daughter, waiting outside San Francisco International Airport, tried repeatedly to call her during the hour and a half she was questioned. But after her phone was returned, Mango saw that records of her daughter’s calls had been erased.

A few months earlier in the same airport, a tech engineer returning from a business trip to London objected when a federal agent asked him to type his password into his laptop computer. “This laptop doesn’t belong to me,” he remembers protesting. “It belongs to my company.” Eventually, he agreed to log on and stood by as the officer copied the Web sites he had visited, said the engineer, a U.S. citizen who spoke on the condition of anonymity for fear of calling attention to himself.

Imagine that? As stated in the article it’s entirely different from looking through your suitcase. A laptop can be an extremely personal thing for many people, especially those net junkies like us.

Perhaps have a dual boot laptop with a minimal Windows install and a Linux install PGP encrypted with all your data on it.

It’d be invisible to the Windows partition, and it’d keep your personal information and surfing habits safe.

Maria Udy, a marketing executive with a global travel management firm in Bethesda, said her company laptop was seized by a federal agent as she was flying from Dulles International Airport to London in December 2006. Udy, a British citizen, said the agent told her he had “a security concern” with her. “I was basically given the option of handing over my laptop or not getting on that flight,” she said.

The seizure of electronics at U.S. borders has prompted protests from travelers who say they now weigh the risk of traveling with sensitive or personal information on their laptops, cameras or cellphones. In some cases, companies have altered their policies to require employees to safeguard corporate secrets by clearing laptop hard drives before international travel.

I think they should be sued, this is a serious privacy infringement and a very clear violation of human rights and civil liberties. The US praises itself for it’s excellent human rights…but it doesn’t seem to apply the same rules if you are brown, yellow or any other minority.

Almost all travelers involved in the case are of Muslim, Middle Eastern or South Asian background.

TSA has confirmed this is a Customs issue and they will not be seizing any laptops.

Source: Washington Post

Posted in: Legal Issues, Privacy

, , ,

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

27 Responses to US Customs Owns Your Data?

  1. goodpeople February 13, 2008 at 10:23 am #

    All you have to do is remove your data partions from the partitiontable of your harddisk.

    I cannot, of course, disclose any identities, but I know of someone (ahum) that, when he last travelled to the States, “removed” a partition from his harddrive by changing it’s partitiontype to Amoeba.

    They can look all they want, the data simply isn’t there.

  2. Pantagruel February 13, 2008 at 1:11 pm #

    US customs officers are not the brightest bulbs of the bunch.
    They weren’t able to figure out why a 2 GB USB stick appeared to be empty except for some bs data. Guess they never read about TrueCrypt ( and alikes. And indeed switching partition types (they also seem to forget about Knoppix and other bootable cd’s/dvd’s/usb-stick distro’s loaded with tools) is enough to fool them or keep them from looking any further. Another option is to keep the data on an external server and get it via SSH (PuTTY/WinSCP/etc) once you’re past customs. Enough ways to keep them from finding anything valuable.

    But as usual the average user doesn’t know about this or has the opportunities to do these kind of tricks and thinks customs can be trusted. It’s also quite sad that bigger firms seem to forget about educating their traveling workforce about the risk of non encrypted firm data. It’s annoying to be kept in hold for 1 to 2 hours because they want to scour/image your laptop/mobile/pda/mp3 player/usb-drive or stick but more stupid if your employer could have prevented this.

  3. Ian Kemmish February 13, 2008 at 1:14 pm #

    Last I knew, the INS outsourced all of its IT to a company called Acxoim, who biggest other claim to fame is the ease with which its servers can be hacked even by curious script-kiddies.

    Since last summer, of course, the data the INS is entrusting to Acxiom includes your credit card details which the INS has forcibly extracted from your airline.

    I no longer travel to the US.

  4. Sir Henry February 13, 2008 at 5:11 pm #

    Being a US citizen, I can only confirm what Pantagruel stated in that the US customs and TSA employees are definitely not the brightest bulbs. What is unfortunate is that these employees are the equivalent of a night shift security guard, but has the power to do very bad things to you and your name. The attitudes and ignorance and intense power trips exhibited by these individual is nothing less than infuriating. Unfortunately, there is not much that can be done. If you protest, they have been known to gang up on you and take you off to non-descript rooms where you can be held for no reason, but will be treated as if you are a criminal (or, dog forbid, a terrorist). So, it comes as no surprise to see the details in this post.

    I agree with the sentiments here. Preparation needs to be made with disk encryption tools that obfuscate or simply hide the data you want to keep personal. On my corporate laptop, there is full disk encryption, but it looks as though just not inputting the password would not help get you on your plane.

    Absolutely maddening. If you want to find out more about the abhorrent TSA, just hop on over to Schneier’s blog. He has interviewed the head of the TSA and really pokes holes in their validity and value in the security of airports and the “war on terror”.

    sorry for the diatribe. This is something that infuriates me on a constant basis.

  5. ZaD MoFo February 13, 2008 at 5:49 pm #

    Curiously, these attitudes make me think to those that existed in the pre-war period of the Nazi germany. The history books are full of similar stories. The names, locations, dates being accessories. With just a bit more power, it can become common to detain people (obviously in ther inability to exercise their rights) until their humiliation threshold is reached to obtain “cooperation” sought. This is very regrettable. A hard disk is a technological medium, an extension of human memory of the person who wrote it. It should be treated as such : A private place as it exists in our thoughts, our inner sanctuary.

  6. zupakomputer February 13, 2008 at 6:20 pm #

    All the more reason why anti-gravity tech and so forth needs to be released and fast; commercial air travel is an unbearable nightmare, all the moreso since that big fake 9-11 event was totally staged to usher in 1984-NWO Prison Earth.

    3 hours to check in, passports needed to travel within the same country, and all to sit in a tin can breathing fake pressurised air……airships and more sea-faring vessels would be preferable to that. Roll on anti-grav personal vehicles.

  7. zupakomputer February 13, 2008 at 6:28 pm #

    I almost forgot about trains; the likes of the maglev are waaay faster than air travel is right now, because of no-waiting for check-in and no or less need for connections.
    And just the fact that if you want to, you can get off at any connecting station, have a smoke or whatever, and resume journeying later – it’s so much better paced and comfortable.

    Before the planet got even more trashed with needless roads, there was (and still is in some places) a great rail link network between the worlds cities; of course it doesn’t link the Americas to Eurasia, but within those two areas rail travel should be developed in a good application of one-world thinking – without wrecking the environment or villages etc of course.

  8. J. Lion February 13, 2008 at 6:42 pm #

    It sounds like a bad case of profiling.

    Does US Custom have the right/authority to make you login to a laptop? What if you refuse – would they deport/detain you?

  9. zupakomputer February 13, 2008 at 7:12 pm #

    What exactly do they think they are looking for anyway, datawise?

    Travelling with sensitive data actually on your person ( whatever that is – bomb plans you can assemble from components found in an airline toilet maybe ) surely it’s the least likely of all places to actually find sensitive data, given there’s countless other ways of sending it on without it ever being connected to the reciever or sender.

    Like you’d have secret plans that you’d travel with – and you wouldn’t instead just mail them someway, or use the internet to send them. And even if someone did that – like it’d be the sole copy of something that important to them.

    =On next week’s episode, MacGyver uses a can of hairspray and free headphones and a hairpin to make a hijackers bomb=…

    Next they’ll ban emergency exits in case a terrorist opens them during mid-flight.

  10. goodpeople February 13, 2008 at 7:15 pm #

    @Sir Henry,

    I totally agree with the outage you feel about this. That is why I (oops) simply make anything they might find interresting “disapear” from the harddisk.
    No use fighting a battle you can’t possibly win.

  11. goodpeople February 13, 2008 at 7:16 pm #

    btw, I also suggested this trick to that German student I have.

  12. Darknet February 13, 2008 at 9:43 pm #

    Yes they have the authority to make you login and if you refuse they can deny you entry.

  13. Pantagruel February 13, 2008 at 10:58 pm #


    You can get denied entry for far less obscure ‘crimes’ or just because an officer doesn’t like your face. A ban for 5 years can be obtained just by mentioning the fact that you will hand in a complaint just because you think they are disrespecting your civil rights (they always seem to forget about the Geneva convention or simple do not know about it). For any future trip long after the ban has expired you will be extensively greated, the customs will make you entrance pure hell, a misspelling in your residential address will warrant a full cavity search just because they say that you are providing false details.
    And just to finish things off; when suffering a medical condition for which your med’s are vital, ask you md for a signed statement and immediately ask for someone with a medical background. A customs officer is not capable to understand the combination: Diabetis type II and I need this injection of insuline. He/She will persist in holding you at gun point just because he/she thinks you will try to puncture him/her with this 8 mm needle screaming ‘lower your weapon’
    I wonder from what dark hole they get their people, but they always seem to find the dumb-*ss ones.

  14. J. Lion February 14, 2008 at 1:13 am #

    @ Pantagruel

    it’s often best not to upset US Custom agents – so always put up your best smile :D

  15. eM3rC February 14, 2008 at 3:49 am #

    Like Sir Henry I to am from the US and have seen the evolution of flight security over the last 8 years. Before 9/11, passengers were able to bring whatever they wanted on the plane (including knives and the such). After 9/11 security was increased and anything that could be used as a weapon (how could someone kill with a spoon?) was banned. Now it looks like their doing more and more “random” (yeah right…) checks and want to get into peoples computers. My question is what justification was used to pass this aside from the patriot act? The odds of catching a terrorist with all his e-mails, maps, plans, fake IDs, etc, etc is like a billion to one (maybe less).

    For a conclusion, yes people should sue for whatever they can and spreading the word on how to hide your personal information should be a must.

  16. eM3rC February 14, 2008 at 3:56 am #

    Would just like to add a tidbit.

    Just read an article about a UN official that had a false charge of sexual harassment on his record and because of that is constantly harassed by airport officials, regardless of his UN status.

    Things have been getting way out of hand. For the UK cutting internet for pirating, then trying to ban hacking software, then the German white hat trojan, and now up the ass security in airports.

    Whats happening to the world?

  17. James C February 14, 2008 at 6:00 am #

    In first class you still get metal cutlery(US Airways). Cause everyone knows no terrorist could afford a first class ticket.

  18. eM3rC February 14, 2008 at 8:15 am #

    I noticed that also. They also give everyone metal silverware for the international flights. I guess they assume terrorists would get lost trying to get to the cockpit.

  19. goodpeople February 14, 2008 at 7:23 pm #

    Flying to the US cost me a set of darts once. And that was in ’95. I guess a pointy thing weighing 22 grams with which you throw at a board made of horsehair has been considered a lethal weapon for a long time…

  20. J. Lion February 14, 2008 at 7:33 pm #

    US Custom agent does not seems to own your data – not if it is encrypted!

    In Child Porn Case, a Digital Dilemma has some follow up discussions on it.
    Self Incrimination or Privacy

  21. J. Lion February 14, 2008 at 7:41 pm #


    Darts were weapons back in the stone age

  22. eM3rC February 15, 2008 at 5:56 am #

    Didn’t you know that terrorists can throw darts at very high speeds and can aim more precisely with darts than knifes? ;)

    Sorry about your loss.

    @J. Lion
    Still… What are the odds of finding something vs going through people’s personal information?

  23. eM3rC February 15, 2008 at 5:57 am #

    -Quick note-
    Thanks for the controversial article Darknet!

  24. zupakomputer February 15, 2008 at 6:25 pm #

    The cavity search is the one I find most ugly – frankly I don’t care what anyone would hide up there; they can keep it there. I can’t imagine what kind of person would want to perform such a search.

    It’s one of those things where I very happily encourage the use of some type of x-ray of the person – if I was going to conceal anything anyway it sure wouldn’t be there.

    I’ve never had problems with customs myself, although one time I took a musical instrument on a flight and they were very interested in that. Then I realised it must have looked like an automatic weapon – all the parts laid out in a case.

    Some of the things banned recently were totally ridiculous though – bottles of liquid for example. Like anyone’s going to sit assembling bombs on the headrest trays, and use a curly straw to condense or distill fuels or accelerants. “Steward, he’s syphoning freon or something from the toilets to make bombs.”

  25. eM3rC February 16, 2008 at 3:47 am #

    That was a great post. Thing is you could just keep like plastic explosives in a toothpaste tube and a fuse in some other part of your luggage although I’m not sure what you could use to subdue the pilots. Maybe a rubber duck…

    Anyway, can’t wait to see what happens if I have to bring my instrument with me on some trip. (36 feet of tubing and a ton of slides)

  26. zupakomputer February 17, 2008 at 6:42 pm #

    Pilot subduction: announce the mini-bar is on happy hour, or use a credit card like Burt Renyolds in Heat.

    DidYouKnows#216-888-42: chemical fertilisers were mass-produced to facilitate the construction of nitroglycerine bombs.

  27. eM3rC February 17, 2008 at 10:41 pm #

    That is very interesting. (Both points)

    The Did You Know is why the UN was checking all the fertilizer plants in Afghanistan and Iraq. Higher levels of chemicals could be a telltale sign of bomb production in progress.

    Anarchist’s Cookbook is a terrorists bed time buddy.