EFF and security experts to Congress: We need hearings on Customs laptop seizures and snooping

The Electronic Frontier Foundation's Rebecca Jeschke sez, "Bruce Schneier and Whitfield Diffie join EFF and and others in calling for oversight hearings on the Department of Homeland Security's search and seizure of electronic devices at American borders."
"Our computers, cell phones, and other electronic devices hold a vast amount of personal information like financial data, health histories, and personal emails and letters," said EFF Staff Attorney Marcia Hofmann. "In a free country, the government cannot have unlimited power to read, seize, and store this information without any oversight."

So far, the Department of Homeland Security has refused to release its policies and procedures for conducting these intrusive searches. EFF and the Asian Law Caucus have filed suit against the Department of Homeland Security to obtain the information through the Freedom of Information Act.

"Your privacy could be at risk even if you don't travel yourself. Your financial institution, your insurer, and other enterprises hold extensive personal data about you and your family," said EFF Senior Staff Attorney Lee Tien. "If agents of those groups travel internationally, your information could be exposed to officials at the border or potentially copied and stored in government databases. Americans should know how and why electronic data is seized and kept by the government, and who is able to access it at the border and in the years afterwards."

Link (Thanks, Rebecca!)


  1. You mean, at some point I might not need to securely delete most of the files from my laptop, then encrypt it using filevault before I travel, then restore everything from a backup when I get back? Amazing!

  2. For most people it won’t matter. And for those who have issue with it, don’t carry sensitive data around with you. Use your device to access it on line. That may not alway be possible (can’t connect to the net), but then that’s the price to be paid for keeping all your secrects safe and sound. Unless the Feds really want what you’ve got, in which case you better make sure your data is kept in an off-shore, Fed-proof facility that you can trust. And if the data suddenly goes missing, the facility where it was held might just get infected with a very nasty bug.

  3. Jeff —

    Cases in the past have decided you no expectation of privacy in data shared with a third party (such as an online storage site), so unless you’re encrypting it with a key that your OSP doesn’t know, the courts have decided that you do not have any constitutional rights to have that data protected from government access (you have a little bit of statutory protection in a few cases, like recent stored emails, but not much).

  4. And for those who have issue with it, don’t carry sensitive data around with you.

    But the point is that someone other than you could spill your info. Your bank, your insurance company, your landlord all have your personal info. You can control yourself, but you can’t control them. Your insurer doesn’t care about protecting your from exposure.

  5. well, better than just disclosing the methods and procedure would be to reform the DHS/Border Control to NOT preform illegal search and seizers from American Citizens in the first place. This is a good first step, but what we need is precedent to have our 4th amendment rights not stop at the border.

  6. See, I always figured that it made sense to run an encrypted virtual machine for any sensitive data, with trivial data left lying all over the place on the machine.

    I doubt that the individuals involved would be technically skilled enough to be able to tell the difference between a 4.2gb ripped movie and a 4.2gb encrypted virtual machine. Especially if the file names were deceptive.

    “The movie isn’t playing? dang… must have gotten corrupted…”

    For smaller virtual disks, the encrypted file could be given a semi-random name and dumped into a folder of web cache files. Good luck sorting that out.

    Of course, if you’re really concerned, just keep all of your sensitive data on a SD/HD card that’s inserted into your digital camera. I doubt they pull them out and check them for non-photographic data.

  7. Nope, right thread (unless you posted that comment in the wrong thread, in which case hilarity would ensue).

Comments are closed.