Should US Border Cops Need a Warrant To Search Devices?

Use Netsparker


The answer from me is, OF COURSE, f&ck yes. They can’t search your home, car and anywhere else in the country, they would need a warrant to search devices too.

Should US Border Cops Need a Warrant To Search Devices?

A case by the EFF (Electronic Frontier Foundation) is heading to the Fifth Circuit Court of Appeals in the US to find out what should actually be happening. It’s a touchy subject for most people as with social media accounts, e-mail archives and back-up/cloud services your whole life can be sucked down by a forensic tool using API calls with 1 single access.

The controversial topic of electronic device searches at the US border, and whether customs agents should be required to get warrants before sucking data off them, is heading to the Fifth Circuit Court of Appeals.

For several years the legal issues surrounding what border agents are entitled to do with your electronic devices has been under scrutiny, but a sudden uptick in cases in 2017 where people had their devices taken away has spun a spotlight on the issue.

In a legal filing this week, the Electronic Frontier Foundation (EFF) argues that customs officers should be required to get warrants before searching people’s mobile phones (and iPads, laptops etc) in the same way they are typically required to do in the rest of the country.

“Our cell phones and laptops provide access to an unprecedented amount of detailed, private information, often going back many months or years, from emails to our coworkers to photos of our loved ones and lists of our closest contacts,” notes EFF attorney Sophia Cope. “This is light years beyond the minimal information generally contained in other kinds of personal items we might carry in our suitcases.”

She argues that it is “time for courts and the government to acknowledge that examining the contents of a digital device is highly intrusive, and Fourth Amendment protections should be strong, even at the border.”


I’m glad the EFF is taking this to the highest echelons of the US court system to make sure people and their privacy is treated well, the laws are fairly well defined but because of the lack of oversight officers pretty much have autonomy to define someone who is ‘suspect’ and needs to have all their devices examined.

There’s some weird nuances too like the fact that they legally can’t make someone rat themselves out, which means a password in your head is off limits. But a fingerprint, which is classified as physical evidence is fair game, so they can make you put your fingerprint on a fingerprint scanner, but they can’t force you to type your long passphrase in.

The Supreme Court has already recognized the difference and decided that the police are required to obtain a warrant to search the contents of the phone of someone who has been arrested – because of the Fourth Amendment about unreasonable searches. Although the issue of location data is still up in the air. The EFF wants that same rule applied to phones (and laptops) at the border.

But again, the border comes with different rules. The idea of only searching a device with the internet turned off may sound like a compromise. But it would end up being procedurally very specific and create the obvious problem that people would simply pass all their files onto cloud services and then download them once inside the country.

Of course, the counter-argument is that if border agents have reason to suspect someone was up to no good, they could apply for a warrant to connect the phone to the internet and then look at the resulting data.

The US government – which brought the case against Molina-Isidoro – is almost certain to aggressively defend its right to look at people’s possessions at the border, leaving the Fifth Circuit in a difficult position to try to answer yet another complicated legal issue deriving from our love of extremely powerful smartphones.

Whatever it decides, it will almost certainly be appealed to the Supreme Court. Whether the Supreme Court would take the case on or choose to bat it back down until another case and another Appeals Court takes a different approach, as it has with other similar cases – only time with tell.

Hopefully the US courts do clarify it better, add more oversight to the process of seize and search when it comes to border control and make sure everyone is being treated fairly.

It’s a fairly complex issue, especially with the US wanting to be so proactive about national and border security in particular, it seems like 1984 is coming true. Must be hard to travel as Richard Stallman in 2017.

Source: The Register

Posted in: Legal Issues, Privacy


Latest Posts:


StaCoAn - Mobile App Static Analysis Tool StaCoAn – Mobile App Static Analysis Tool
StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications.
snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.


Comments are closed.