Join 3,442 readers in helping fund MetaFilter (Hide)


Woe betide those at CollegeHumor.com
December 25, 2005 11:24 PM   Subscribe

Just how much are the customs/Department of Homeland Security people allowed to go through your personal information on your laptop?

Okay, this may sound a bit naive, but bear with me.

I just flew back to the US from Asia and upon arriving in San Francisco International Airport everyone has to go through the customs two step. That's normal; I assume it's because they probably get a lot of people trying to smuggle drugs back or what have you.

As I approached the counter, one of the guys asked if I had a digital camera or a laptop computer. Laptop I said, patting my backpack.

Now, in the past, whenever I have travelled with a laptop the security people -- that is, the folks who x-ray your stuff before you can board -- would swipe it with special Q-Tips (I believe testing for the presence of chemicals/gases), maybe ask me to start it up or wake it from sleep just to make sure it was in fact a working laptop.

This was the first time however that I had flown into the US with my laptop.

So after checking my "normal" luggage, the man takes the laptop over to a desk, plugs it in and boots it up. A minute later he calls me over, turns the laptop to face me and asks me to type in my login password -- the optional password you can set up on a Mac so that you have to type it in before you can get access.

I type it in, and he turns the laptop back around and starts mousepadding around. This is taking a while I think, I mean, obviously it boots up and it's a regular working computer. I pass my time watching one of the guards going through another flyer's luggage. A few minutes later my guy says "Okay, I give up, can you show me where you keep the photos?". So I open the Applications folder and launch iPhoto which has most of my photos.

Now, I'm guessing they're looking for photos of you and your friends at some Vietnamese opium bar, clutching full Ziploc bags and pointing at your suitcase, or something more nefarious like people shooting AK-47s in a camp in the desert.

My question is : ...going through your personal files/photos without any sort of suspicion/warrant... is all of this legal? Isn't there some sort of self-incrimination thing at play here? Or does it fall under the category of "Man, if you're stupid enough to document your idiocy...."?
posted by anonymous to Law & Government (34 answers total) 1 user marked this as a favorite
 
Perfectly legal. They went through my brother-in-law's PC on his way back to the US from Canada last year. They determined from their search that he (a Canadian citizen on a work visa) had been doing prohibited work in the US based on what they found, and ordered his deportation.
posted by solid-one-love at 11:43 PM on December 25, 2005


Wow, this is both horrifying and idiotic - how the hell would they know you hadn't just logged into a sanitized second user account?
posted by nicwolff at 12:01 AM on December 26, 2005


If you agree to any LE's desire to search anything they're allowed to because you let them. When you gave him your laptop he could do as he pleased as long as he didn't damage anything.

He wasn't necessarily looking for photos of you and the opium den, more likely photos of banks, military bases, refineries, power plants and government buildings.
posted by raaka at 12:32 AM on December 26, 2005


Note to self: zip up the photos of my underage drug-smuggling prostitutes before going through customs.
posted by I Love Tacos at 12:33 AM on December 26, 2005


Legal, no consent required. Not horrifying or idiotic if you think keeping illegal stuff out of the country is important.

The border search exception permits searches at the border of the United States "or its functional equivalent." United States v. Montoya De Hernandez, 473 U.S. 531, 538 (1985). The idea here is that the United States as a sovereign has a right to inspect stuff entering or exiting the country as a way of protecting its sovereign interests, and that the Fourth Amendment permits such searches. Courts have applied the border search exception in cases of PCs and computer hard drives; if you bring a computer into or out of the United States, the government can search your computer for contraband or other prohibited items at the airport or wherever you are entering or leaving the country. See, e.g., United States v. Ickes, 393 F.3d 501 (4th Cir. 2005) (Wilkinson, J.).

Depending on where you were flying in from, your gender, age, etc, they might have thought you fit the profile of someone who might bring back illegal porn (underage, or whatever).
posted by Brian James at 12:35 AM on December 26, 2005


It's a complete waste of time, though, isn't it? If I'm going to come back with Asian kiddie porn, I'm going to mail it back and carry a clean computer with me. Or hell, just download it from the illegal kiddie porn server after I get home.

It's easier to circumvent the border check than go through it with the illegal material. What, exactly, is being prevented here?
posted by Mikey-San at 1:02 AM on December 26, 2005


Just because a laptop search won't be 100% effective 100% of the time doesn't mean that searches are a complete waste of time.

First, there's deterrence value. The professional pervs will find some way to get their porn, but it deters the more casual ones. Second, go ahead and mail it in--the border search allows them to search that too. Third, you're assuming that the smugglers are informed of the risks and act rationally. But every summer, scraggly college kids arriving back from Amsterdam wonder why they might possibly be singled out for a bag search.

Point being: some criminals are dumb, and the fact that some are smarter than others is no reason to do away with measures to catch the dumb ones.
posted by Brian James at 1:16 AM on December 26, 2005


Remind me to put a goatse pic on my Powerbook before my next trip.
posted by neuron at 1:23 AM on December 26, 2005


I understand the basic stupidity factor of people, especially criminals. But the point is that it's unequivocally easier to bypass the efforts that invade returning citizens' privacy.

You must balance the amount of effort necessary to address an issue and the consequences of taking those steps against the severity of potential incident and the ease and likely frequency of circumvention. I simply wonder if our government bothers to do this, that's all.
posted by Mikey-San at 1:37 AM on December 26, 2005


Second, go ahead and mail it in--the border search allows them to search that too

Come again?
posted by madman at 1:37 AM on December 26, 2005


I meant "border search exception," the legal principle in my original comment that allows warrantless searches of stuff entering the country.
posted by Brian James at 1:39 AM on December 26, 2005


Second, go ahead and mail it in--the border search allows them to search that too

Yeah, but how often is this going to happen? A LOT of mail comes through the border, and a LOT of it is software. Very, very little is stopped because of the amount of difficulty required to do so. Because border checks are so easy and dangerous to get caught at, that CD-R with all your military secrets or kiddie porn is better off coming back par avion.

I ship plenty of software overseas, and I've never had a customer complain that his or her package was opened by anyone, and all of those packages are clearly marked as "software" on the attached customs form. I could be shipping them instructions on how to fly planes into buildings, for all anyone knows.

Echelon: I'm not sending instructions on how to fly planes into buildings. Go do something better with your time.
posted by Mikey-San at 1:45 AM on December 26, 2005


Wow, crazy. I suppose a lot of these pervert types head to east-Asia to get their kicks though, so it makes sense in some ways.

And obviously if you're getting off the plane they're not worried about bombs.
posted by delmoi at 2:49 AM on December 26, 2005


The folks over at FlyerTalk have been discussing this search lately.
posted by blue mustard at 5:09 AM on December 26, 2005


"Now, I'm guessing they're looking for photos of you and your friends at some Vietnamese opium bar, clutching full Ziploc bags and pointing at your suitcase, or something more nefarious like people shooting AK-47s in a camp in the desert."

Actually they are probably looking for obscene material or child porn. I normally carry _alot_ of data on my laptop + external HD. It took me over two hours to pass customs the last time I was in the States.
posted by Mitheral at 6:15 AM on December 26, 2005


hmmm. this has never happened to me (travelling fairly regulalrly with laptop to the usa).

i'm curious - do they manually poke around? do they run software? if so, how do they get software on there? what about linux/dual boot? are they looking only at the public/os layer, or do they try looking for "deleted" files too?
posted by andrew cooke at 7:14 AM on December 26, 2005


ok, so reading blue mustard's link it seems to be just looking at directories by hand, and perhaps searching for jpgs, gifs etc.

odd.
posted by andrew cooke at 7:31 AM on December 26, 2005


Seconded. Crossing a U.S. border implies consent to be searched. No other 'cause' is needed.
posted by NucleophilicAttack at 7:56 AM on December 26, 2005


People often assume they have nothing incriminating to find, then lo and behold here's a digital camera pic they forgot they took. It happens a lot.

Also, customs and border agents are usually watching you and your behavior more than they are your pictures. They want to know how you react.
posted by mumeishi at 10:13 AM on December 26, 2005


Wait a sec. You're saying that DHS and US Customs agents can take my laptop and look at anything they want, for no reason, and I have no legal ground to refuse?

Forgive me for being naive, but I don't understand why this isn't an illegal search.
posted by shifafa at 10:42 AM on December 26, 2005


Wow. I did not know this. It seems pretty easy to circumvent, however, especially if the search is being done by people who can't open iPhoto. Like andrew, I'm wondering if they run any software, etc. Anyone have more info/documentation on this?
posted by youarenothere at 10:44 AM on December 26, 2005


just fyi, truecrypt seems to be a reliable open source solution that will encypt data for you. it appears to allow you to generate files that, when "open" (unencrypted) appear to the operating system as a disk and, when "closed" appear as a file containing noise. obviously you still have to explain a large, apprently "noisy" file, and it will slow access time to data (and will probably make data more sensitive to disk errors). for more info see this wikipedia article.
posted by andrew cooke at 11:24 AM on December 26, 2005


oooo. this is a rather nice feature.
posted by andrew cooke at 11:26 AM on December 26, 2005


Customs has a whole section describing their search authority. I would assume this is constitutional and supported by case law up to the Supreme Court; this has been a presumptive federal authority since the beginning of the republic. The laptop searches are just a new wrinkle.

I would, of course, put great stock in being able to obfuscate whatever I wanted to from the average Customs officer -- but don't make the mistake of assuming these guys are like TSA, either.
posted by dhartung at 1:31 PM on December 26, 2005


US Customs and Border Protection (CBP) Authority to Search
posted by fourstar at 2:05 PM on December 26, 2005


ditto shifafa; what exactly is the procedure for those who refuse to enter the login password, or enter the username and password CustomsDemo?

What about having encrypted files? Documents in a folder labelled "Correspondence with My Attorney"?
posted by odinsdream at 2:13 PM on December 26, 2005


If Customs can open and view photographs you've taken with a digital camera, does this mean they can seize and process the film and print the photographs taken with your analog camera?
posted by fandango_matt at 3:39 PM on December 26, 2005


<pointless> calling fillm cameras 'analog' cameras just seems silly to me. Old-school NTSC cameras were analog as well. I suppose you could use that for taking pictures. Anyway, I prefer the term film camera or chemical camera.</pointless>
posted by Paris Hilton at 4:00 PM on December 26, 2005


<even more pointless>if you decide to wipe your disk and replace it with an encrypted volume using the truecrypt software above (which appears to work very nicely in win2k at least) then make sure you back everything up. because if you lose a week's worth of code just because you didn't see what right the man had poking round on your disk you'd be feeling pretty stupid about now. fuck fuck fuckity fuck.</even more pointless>
posted by andrew cooke at 6:52 AM on December 27, 2005


odinsdream writes "what exactly is the procedure for those who refuse to enter the login password, or enter the username and password CustomsDemo?"

Remember that just like a locked car trunk or siutcase they can simply hold onto the object that is defying inspection until they can inspect it. I'd imagine the back log in these kind of situations is fairly lengthy.

Truecrypt and varients are viable using a purloined letter method. Hide the encrypted files in something like a game's data files directory. I'd bet even something like plain encrypted zip would work you just need to rename the files to match those in the directory.
posted by Mitheral at 8:40 AM on December 27, 2005


some more detail on truecrypt:

- it can create an encrypted disk "inside" a file. as mithereal points out, you then have to make that file look unsuspicious (not so easy if it's many Gb).

- alternatively, you can divide a disk into partitions (this has nothing to do with truecrypt in particular, it's true of operating systems and disks in general); each "partition" is like a separate disk

- truecrypt can put an encrypted file system on a partition

- looking at a partition treated in this way there's nothing that shows it's got truecrypt data on it. there's nothing to see when you open it up in the explorer and an expert would only see random noise (which might suggest, but is not proof of, something like truecrypt). this is a bit better than the "hidden" file, since it's less obviously "something odd".

- you can go one step further, and put a second truecrypt disk inside a first. if you put some "fake" secret data in the first disk then, when confronted with evidence that you are using truecrypt, you can unlock the outer disk and show the fake data. there's no evidence that the second inner disk exists - the only way to access it is by knowing the password - and with the fake data there need be no reason for the people searching to not believe you have given them everything.

having said all that, if you divide a disk into partitions and simply dismount the data partitions you don't want anyone to see that will also probably be sufficient for non-automated / non-specialist searches.
posted by andrew cooke at 10:52 AM on December 27, 2005


I guess you should limit your border crossings to driving (not always possible, of course). I cross the U.S./Canada border several times a year. Not once have I been asked about a laptop or software or camera.
posted by deborah at 9:08 PM on December 28, 2005


My two hour ordeal was at an Alberta-Montana crossing I drove across. My understanding is they have a roaming team of specialists so you don't get checked out everytime just when the team is at your crossing.

I wasn't alone either, it appears that virtually every trucker who crosses the boarder is carrying a laptop.
posted by Mitheral at 7:54 AM on December 30, 2005


I have a friend, who was stranded in Canada for six months, awaiting a new visa. Phd in molecular biology. Had a job at Yale. Another friend in Turkey just got refused a visa. When does the revolution start? Count me in.
posted by fletcher at 2:44 AM on January 7, 2006


« Older MTBFFilter: Why is Microsoft's...   |  We gave our dogs a couple of r... Newer »
This thread is closed to new comments.