More than 325,000 people enter the United States via airports every day, with hundreds of thousands more crossing by land at the borders. Not only is that a lot of people, its also a lot of computers, smartphones, and tablets riding along in our pockets, bags, and trunks. Unfortunately, the Fourth Amendment protections we enjoy inside the U.S. for our devices arent always as strong when were crossing bordersand the Department of Homeland Security takes advantage of it. On the other hand, the border is not a Constitution-free zone. What are the limits to how and how much customs and immigrations officials can access our data?

To help answer those questions, were offering the second in our series of posts on the Constitution at the border, focusing this time on the Fourth Amendment. For Part 1 on the First Amendment, click here.

The Fourth Amendment forbids unreasonable searches and seizures by the government. In most circumstances, the Fourth Amendment requires that government agents obtain a warrant from a judge by presenting preliminary evidence establishing probable cause to believe that the thing to be searched or seized likely contains evidence of illegal activity before the officer is authorized to search.

Unfortunately, the Supreme Court has sanctioned a border search exception to the probable cause warrant requirement on the theory that the government has an interest in protecting the integrity of the border by enforcing the immigration and customs laws. As a result, routine searches at the border do not require a warrant or any individualized suspicion that the thing to be searched contains evidence of illegal activity.

But the border search exception is not without limits. As noted, this exception only applies to routine searches, such as those of luggage or bags presented at the border. Non-routine searches such as searches that are highly intrusive and impact the dignity and privacy interests of individuals, or are carried out in a particularly offensive manner must meet a higher standard: individualized reasonable suspicion. In a nutshell, that means border agents must have specific and articulable facts suggesting that a particular person may be involved in criminal activity.

For example, the Supreme Court held that disassembling a gas tank is routine and so a warrantless and suspicionless search is permitted. However, border agents cannot detain a traveler until they have defecated to see if they are smuggling drugs in their digestive tract unless the agents have a reasonable suspicion that the traveler is a drug mule.

How does this general framework apply to digital devices and data at the border? Border agents argue that the border search exception applies to digital searches. We think they are wrong. Given that digital devices like smartphones and laptops contain highly personal information and provide access to even more private information stored in the cloud, the border search exception should not apply.

As Chief Justice Roberts recognized in a 2014 case, Riley v. California:

Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans the privacies of life.

Snooping into such privacies is extraordinarily intrusive, not routine. Thus, when the government asserted the so-called incident to arrest exception to justify searching a cell phone without a warrant during or immediately after an arrest, the Supreme Court called foul.

Why is the Riley decision important at the border? For one thing, the incident to arrest exception that the government tried to invoke is directly comparable to the border search exception, because both are considered categorical exemptions. Given that the intrusion is identical in both instances, the same privacy protections should apply.

Moreover, with the ubiquity of cloud computing, a digital device serves as a portal to highly sensitive data, where the privacy interests are even more significant. Following Riley, we believe that any border search of a digital device or data in the cloud is unlawful unless border agents first obtain a warrant by showing, to a judge, in advance, that they have probable cause to believe the device (or cloud account) likely contains evidence of illegal activity.

However, lower courts havent quite caught up with Riley. For example, the Ninth Circuit held that border agents only need reasonable suspicion of illegal activity before they could conduct a non-routine forensic search of a travelers laptop, aided by sophisticated software. Even worse, the Ninth Circuit also held that a manual search of a digital device is routine and so a warrantless and suspicionless search is still reasonable under the Fourth Amendment. Some courts have been even less protective. Last year a court in the Eastern District of Michigan upheld a computer-aided border search of a travelers electronic devices that lasted several hours without reasonable suspicion.

EFF is working hard to persuade courts (and border agents) to adopt the limits set forth in the Riley decision for border searches of cellphones and other digital devices. In the meantime, what should you do to protect your digital privacy?

Much turns on your individual circumstances and personal risk assessment. The consequences for non-compliance with a command from a CBP agent to unlock a device will be different, for example, for a U.S. citizen versus a non-citizen. If you are a U.S. citizen, agents must let you enter the country eventually; they cannot detain you indefinitely. If you are a lawful permanent resident, agents might raise complicated questions about your continued status as a resident. If you are a foreign visitor, agents may deny you entry entirely.

We recommend that everyone conduct their own threat model to determine what course of action to take at the border. Our in depth Border Search Whitepaper offers you a spectrum of tools and practices that you may choose to use to protect your personal data from government intrusion. For a more general outline of potential practices, see our pocket guides to Knowing Your Rights and Protecting Your Data at the Border.

Were also collecting stories of border search abuses at: borders@eff.org

And join EFF in calling for stronger Constitutional protection for your digital information by contacting Congress on this issue today.

Follow this link:

The Bill of Rights at the Border: Fourth Amendment Limits on Searching Your Data and Devices - EFF