CBP Directive 3340-049B: Border Search of Electronic Devices

itstotallykyle

It's wild, I have worked internationally for a long-time and the rule when going to certain countries was bring a burner device. Going to China essentially meant the device was nuked on return to the States, now it is the same feeling to/from the US.

userbinator

The legalese is thick but this is a notable point I saw from a quick skim: 5.3.2 "Passcodes or other means of access may not be utilized to access information that is only stored remotely."

Topology1

Is this not old? Since then they have also required all social media to be public.

somebudyelse

Don't think this is anything new? Have seen various cases from years ago where they searched texts to determine if the person was planning on working or visiting. Edit: the first directive apparently was from 2009: https://www.jdsupra.com/legalnews/new-policy-for-device-sear...

soyunpendej0

> 5.1.3 An officer may conduct a basic search of an electronic device with or without suspicion, subject to the requirements and limitations provided herein and applicable law. > 5.1.4 An officer may perform an advanced search of an electronic device only in instances in which there is reasonable suspicion of activity in violation of the laws enforced or administered by CBP or, in the absence of individualized reasonable suspicion when there is a national security concern. In this climate, the qualifiers in 5.1.4 should be assumed to apply 100% of the time. So, if you bring a device, be prepared to either unlock it and hand it over to be mirrored or abandon it and deal with whatever consequences fall out of that decision. I'm probably never leaving this shithole again but, if I do, I'm coming and going empty-handed.

217

what does this mean in practice? is everyone being / going to be forced to unlock the devices during the border crossing

chrsstrm

This directive was issued in January of this year, what is relevance of being posted today? I love all the instances where it says, we will not do this or infringe in this way... unless it is a matter of national security, which we don't have to disclose to you. So basically, do what you want as long as you write it up properly. And this part: 5.3 Review and Handling of Passcode-Protected or Encrypted Information 5.3.1 Travelers are obligated to present electronic devices and the information contained therein in a condition that allows inspection of the device and its contents. If presented with an electronic device that is protected by a passcode, encryption, or other security mechanism, an officer may request the individual's assistance in presenting the electronic device and the information contained therein in a condition that allows inspection of the device and its contents. Passcodes or other means of access may be requested and maintained for the duration of the search if needed to facilitate the examination of an electronic device or information contained on an electronic device, including information on the device that is accessible through software applications present on the device that is being inspected or has been detained, seized, or retained in accordance with this Directive. I had thought (and Supreme Court ruled) you could not be compelled to unlock an encrypted device, which is why I always powered mined down before crossing. That goes against the obligated to present devices in a condition that allows inspection portion.

KennyBlanken

A friendly reminder that the CBP has decreed itself to have authority within 100 miles of any US border, as that it is its interpretation of "a reasonable distance" from said border. That basically encompasses two thirds of the population. The last two years have demonstrated a radical need to curtail that range of authority and shift from it being vaguely specified to a concrete legislative specification. Even ten miles seems (pardon the pun) borderline excessive. There is no reason CBP can't hand off stuff to local, county, state, or federal domestic law enforcement. We have no shortage whatsoever of law enforcement in this country and they're able to communicate inter-agency better than ever via cell phone, tools like slack/teams, text messages, email, and long distance digital radio systems. Maybe in the 1950's when all they had were shitty radios given them that sort of range was appropriate. Not anymore.

trebligdivad

So hmm this allows 'electronic or digital' information to be examined - so you're fine transporting your information read out on cine film?

delichon

We need a constitutional amendment that says "we really mean it" with respect to the 4th and 9th amendments, explicitly including personal digital data and criminalizing general surveillance. With fangs.

floatin

I just factory reset the phone or tablet and pull my data back down from cloud storage.just show up with the phone on the choose your language screen.

SanjayMehta

When you enter Tibet, Chinese Border Patrol (heh!) will go through your photo album looking for images of the Dalai Lama. If you have a picture of yourself wearing a "Free Tibet" t shirt they will delete it. That's about it.

ChrisArchitect

More recently: EFF to 4th Circuit: Electronic Device Searches at the Border Require a Warrant https://news.ycombinator.com/item?id=48115059

natch

This kind of device access also affects others whose private information is shared privately on the device of the traveler. CBP partly justify the invasion of privacy by citing a supposed reduced expectation of privacy when traveling. But people whose data is caught up on the devices of others are not the ones traveling, but they are still having their messages read and photos copied.