Customs and laptops
August 27, 2006 12:57 PM

Are customs officials allowed to search you laptop's hard drive?

After reading THIS post by the man who unknowingly caused the iPod bomb scare on an Ottowa bound plane the other day, I have a question.

The post basically retells the story from his perspective, all the way from his realization that he had lost his iPod to being released by the authorities.

At one point a customs offical actually searches the hard drive of his computer:

"[The customs offical] then asked me to turn on my laptop. I did, and he began using it. I saw him open Spotlight and begin searching.

"Do you connect to the Internet on this laptop?"
"Yes."
"Have you downloaded and images?"
"Huh? What do you mean?"
"Do you have any pornography?"
"No."

I waited in total silence for about 10 minutes as he kept searching and searching, until I finally asked him, "What are you looking for?"

"Contraband," he said without looking up at me."

Is this legal in the US, Canada or the UK?

Even if you don't have an answer to this question, the linked post is worth a read...
posted by ASM to Law & Government (36 answers total) 2 users marked this as a favorite
They can do full body cavity searches under certain conditions, so I'm sure they can search your MacBook!
posted by reverendX at 1:00 PM on August 27, 2006


Yes, there was a post about this earlier -- where someone actually had to show the customs official how to turn on their computer or something idiotic like that. If you are worried, ship the hard drive via FedEx. Note that this may confuse and upset customs official. If I had information I didn't want to be seen I would keep it on a separate hard drive entirely, I doubt they are searching external drives.
posted by geoff. at 1:16 PM on August 27, 2006


Case recently of a man convicted of child porn in his cache found through search of his laptop at Canadian border US 9th Circuit opinion, US v. Romm Google HTML version of PDF.
posted by johngumbo at 1:19 PM on August 27, 2006


Yes, they can do this in the US, and I imagine any country in the world can do this at their ports of entry. Previously.
posted by Brian James at 1:25 PM on August 27, 2006


Look at it this way -- what's the difference between your laptop and anything else, for instance any books you're carrying?

If you had ten books, and one of them was called "How To Blow Up Planes" by Osama Bin Laden, wouldn't it be reasonable for him to look through your books?
posted by AmbroseChapel at 1:52 PM on August 27, 2006


Yes. So if you are planning on crossing an international border with a notebook computer, make sure you backup your drive before you leave. And, ah, if you have anything that might be considered Bad on your drive, you might consider deleting it and defragging your drive. Or at least rename it from "Child-Porn-Archive.sea".

On preview: As far as the 4th Amendment is concerned, please keep in mind that we are referring to International travel. Customs is an entirely different beast from local law enforcement. They have the right to make sure you are not bringing illegal *things* into the country, whether it is crack, Cuban cigars, enriched uranium, endangered species, or kiddy porn.
posted by ilsa at 3:00 PM on August 27, 2006


Searches don't require probable cause. Warrants do. Searches require reasonableness.

You're stopped and searched when you try to board a plane; they have no probable cause, but under the circumstances such searches are reasonable. Same principle applies when you're entering the country.
posted by Brian James at 3:01 PM on August 27, 2006


geoff. writes "If I had information I didn't want to be seen I would keep it on a separate hard drive entirely, I doubt they are searching external drives."

Canada Customs does. I was delayed at the border for several hours the last time I was forced to travel to the US while customs ran their tools on both my laptop and the three hard drives I had in my bag.
posted by Mitheral at 3:20 PM on August 27, 2006


Oh wow, I wouldn't have thought that. Well at least shipping your drive would probably be the better choice. The act of crossing an international border is in itself giving a consent to search, as is boarding an airplane. I just wouldn't have thought the customs agents were hip enough or cared enough to search external drives. I'm surprised child porn is that big of a problem.
posted by geoff. at 3:32 PM on August 27, 2006


Actually I would not ship the hard drive separately unless you put your laptop in checked baggage in which case it would not be searched anyway--if it has no hard drive and you carry it on I would like to here you explanation and their reaction when you tell them you shipped the hard drive separately. I concur with the posters who suggest that when engaging in international travel you are subject to a thorough check
posted by rmhsinc at 3:37 PM on August 27, 2006


So it sounds like you can be searched by customs. Allow me to expand on the question a bit... Can TSA search your hard drive's contents while going through security to board a plane (either domestic or international flight)?

I understand why searches can be conducted entering a country, but what if I were just hopping on a flight instead of getting off a flight?
posted by ASM at 3:40 PM on August 27, 2006


Can TSA search your hard drive's contents while going through security to board a plane (either domestic or international flight)?

From the 9th circuit's decision:
"Under the border search exception, the government may conduct routine searches of persons entering the United States without probable cause, reasonable suspicion, or a warrant. See United States v. Montoya de Hernandez, 473 U.S. 531, 538 (1985). For Fourth Amendment purposes, an international airport terminal is the “functional equivalent” of a border."
posted by Civil_Disobedient at 4:03 PM on August 27, 2006


I would not ship ... unless you put your laptop in checked baggage in which case it would not be searched anyway

You can't make that assumption any more, rmhsinc. Now we're specifically instructed NOT to lock our luggage in order not to hinder any random inspection of checked baggage.
posted by Rash at 4:33 PM on August 27, 2006


What are they looking for? Just kiddie porn? What about mp3s?
posted by thirteenkiller at 6:07 PM on August 27, 2006


If you're concerned about Customs searching your hard drive, and you're using Windows or Linux, get Truecrypt and encrypt any (or all) of your data. This makes it entirely irrelevant if they want to search your drive - at most they'll find a large file containing nothing more than random data (because it's encrypted). Even if they force you to decrypt the file, you're still covered, since Truecrypt supports hidden volumes, creating a situation of plausible deniability.

Actually, this is a good idea for any laptop. Truecrypt is easy to use, but makes it impossible for the government (or some idiot who swipes your laptop) to get at any of your data.
posted by gwenzel at 6:23 PM on August 27, 2006


unless you put your laptop in checked baggage in which case it would not be searched anyway

When you go through customs all of your baggage is subject to search, checked or no.
posted by caddis at 7:40 PM on August 27, 2006


I honestly don't see your point. In the U.S., at least, there's the 4th amendment

I think other people have covered this, but the person wasn't in the US. And more to the point, no matter what your rights when you're in a country, they don't apply when you're standing at customs applying to enter that country. Quite the opposite.
posted by AmbroseChapel at 9:34 PM on August 27, 2006


Remember, only those that are gulity have something to hide.

We must work hard to make the world plus safe.
posted by oxford blue at 11:19 PM on August 27, 2006


To me it seems like searching a person's laptop is going to be ultimately pointless. It almost sounds like the stuff of urban legend. I have tons of images on my computer, many of which are nekkid women. Unfortunately for customs, I don't keep it all in a folder titled "pr0n" and the images are not titled "nekkid_chix.jpg". More often than not, they are in a folder titled "Images 054" with file names like "P0034556.jpg". Good luck on the search, random TSA official. And tags, no I don't use them, sry.

But the few times when I have shipped a computer overseas, the HD was in my carry-on. Of course they check it for explosive residue, as they should. For the safety of plane passengers, which is all the TSA should be busy with, what is on my hard drive should not matter. Customs is another matter, and they should have the right to search for contraband but any self-respecting porn smuggler should know better than not hiding their illicit porn. Hiding files from casual searches is so easy, even on Windows systems that anyone that gets caught with their pants down deserves it.

Of course, searching the laptop of everyone would be a huge waste of time and an exercise in futility but if Customs wants to do it then fine. It sure will make my smuggling of food items easier if they are spending all of their time searching for laptop data!! So sure, I'm all for it.
posted by JJ86 at 6:47 AM on August 28, 2006


How hard is it so search *.jpg and find all of your images?

Answer: not very.
posted by sic at 7:14 AM on August 28, 2006


Naming a file p1234890.jpg isn't going to hide it from anybody, and a customs search isn't a casual search. They're not browsing through explorer when they look it over.

Re:TrueCrypt, am I correct in reading that nothing stops the OS from overwriting your hidden drive if the first password is given but the second isn't?
posted by Mr. Gunn at 7:18 AM on August 28, 2006


JJ86 writes "I don't keep it all in a folder titled 'pr0n' and the images are not titled 'nekkid_chix.jpg'. More often than not, they are in a folder titled 'Images 054' with file names like 'P0034556.jpg'. Good luck on the search, random TSA official. And tags, no I don't use them, sry."

These kind of fishing expeditions are all about catching the stupid and ignorant. Lots (_lots_) of people have a flat file stucture with all files stored at the root of C:\ or My Documents and then sorted in directories by description of contents.

I also think they run a program that looks for image files matching the exact size and dimensions of known child porn images (like that disney land series the guys in toronto were looking for). Most people don't modify the images they download.
posted by Mitheral at 8:07 AM on August 28, 2006


Mr. Gunn mentioned: Naming a file p1234890.jpg isn't going to hide it from anybody, and a customs search isn't a casual search. They're not browsing through explorer when they look it over.

When a customs official wants to spend several hours manually searching through several thousand images named "p1234567.jpg" for porn that may or may not be there I would applaud their dedication or stupidity. One of the two.

When they do a search, what do they use? Do they hook it up to a network machine? I was under the impression they just boot up the machine and manually search with the Windows Search tool. I know of no software that can visually analyze a photo for pedophilia. I would definitely be impressed if such a thing existed.
posted by JJ86 at 8:09 AM on August 28, 2006


When they do a search, what do they use?

According to one case I read, they used a product named Encase which will even find deleted files that have not been overwritten. I'm not sure if this is a program that is run from within the OS, or if it is a bootable live-cd style search tool.

What I want to know is how do custom officials handle encrypted drives. Since the border is a special case with respect to searches, can they attempt to force you to unencrypt the data? If you refuse, can they detain you? I would think this would be an issue for anyone running Mac OSX with FileVault enabled.
posted by jsonic at 8:19 AM on August 28, 2006


It's also a pretty simple matter to disguise files or make a batch editing process to take a jpg file, copy and paste the header to the end of the file, rename it to something like "Patch022506.exe" and change it back when the coast is clear. Unless you have a program that will search the innards of a file, you can disguise just about anything.
posted by JJ86 at 8:59 AM on August 28, 2006


rash and caddus--yes, you are right--all baggage is subject to search--I think even on domestic if they want to--I was curious as to the reaction of a customs agent who searches a laptop and there is no hard drive??

thanks for the correction
posted by rmhsinc at 9:34 AM on August 28, 2006


Isn't refusing to decrypt a drive functionally the equivalent of refusing to allow a search?

In practice, I'd think you'd have to be a bit more crafty -- say, leave most of your files decrypted, so everything looks "normal", but encrypt only the Good Stuff and rename it [whatever].exe, etc.
posted by LordSludge at 1:46 PM on August 28, 2006


I had my stuff searched by Customs *in Japan* when travelling to Tokyo once. They didn't give a crap about anything else, they were only concerned with pornography.

This was in 1997.

Short answer, yes, they can look. If you really need porn with you on a trip, burn it to DVD instead. I've had my laptop checked out several times but they never ever bothered to look in the rest of the bag. Just the "Please come over here, turn on your laptop, and prove to us that it's a functional unit." bit. I usually leave it sleeping, so it was easy enough to open the screen and launch "Chess" and go on with my day.
posted by drstein at 3:26 PM on August 28, 2006


It's always seemed to me that customs officials can do whatever they want and there is no type of recourse whatsoever. If you're worried about stuff on your laptop, install linux, encrypt the filesystem and/or sensitive files, remove your CD-Rom drive, and then let them try to figure out how to access stuff.
posted by blue_beetle at 6:02 AM on August 29, 2006


Note that some cryptography programs still require an export license
posted by Mitheral at 6:45 AM on August 29, 2006


Note that nobody gives a shit about cryptography export restrictions save lip-service-paying companies and the asshats that frequent the debian-legal mailing list.
posted by blasdelf at 8:34 AM on August 29, 2006


Searching for (bomb manual, kiddie pr0n, pdfs of the constitution, etc) is done much like a virus scan. Files are searched for known signatures of verified offending pictures/movies. It won't matter what name you change it to, where you put it, or whether it's deleted or not.

So you'd need to encrypt the data (truecrypt) and wipe the files using a file wiper (many also wipe free space and cluster tips). Wipe your browsing history. Even then the swap file can be scanned (you could turn this off). Also a hibernate will write memory to disk, so anything in memory could be scanned.

The UK was trying to pass a law in which you'd get jail time for not giving up encryption keys. The US tried to pass a law in which an encryption chip would be used that the government had keys to.
posted by jeblis at 11:22 AM on August 29, 2006


Just noting that the laptop in the story that started this off appears to have been a Mac running Tiger.

"I saw him open Spotlight and begin searching."

posted by AmbroseChapel at 1:58 PM on August 29, 2006


As noted in the message board post, they're not always looking for child porn, either (although that's certainly one thing they do look for). Hate propoganda against groups protected under the Charter of Rights and Freedoms and the Canadian Human Rights Act cannot be imported into Canada.

Spouting off about your protected American amendment rights is bound to annoy these guys, hence the Border Services Officer's quite amusing (imho) response of "What country do you think you're in?"
posted by aclevername at 2:12 PM on August 29, 2006


I tried to research this last month... I couldn't find a clear answer on what US customs would do with a US citizen who was re-entering the US with undeniably encrypted data and refused to divulge a password. I can say it's not at all clear to me it would end well for the citizen.

I concluded that it's not worth it to travel internationally with a laptop.

But deniable encryption is definitely where it's at. I'm impressed by DCPP's claim to allow a wholly deniable OS, but I haven't tried it.
posted by Zed_Lopez at 2:27 PM on August 30, 2006


By the way... if you create a non-admin user on your Mac laptop, and leave that user logged in while the laptop sleeps, then Spotlight won't be able to find files in any other user directories.

Just sayin'.
posted by mikewas at 7:32 AM on September 7, 2006


« Older Mac Accounts Basics   |   Music Stores in DC? Newer »
This thread is closed to new comments.