In a decision that should be hotly contested but likely won't be, the Ninth Circuit Court of Appeals stated that laptop content may be searched without suspicion of wrongdoing. In short, probable cause doesn't apply.
To clarify, if you had questionable content on your laptop in the back seat of your car while driving to a location and are pulled over, the police may not search your hard drive for content. In that case, specific evidence of criminal activity does not exist. Therefore, there is no probable cause. But if you are driving that car over a border, Customs agents DO have a right to search your hard drive. And according to the Ninth Circuit Court, an International airport is the equivalent of a border.
From the San Francisco Chronicle:
Border agents would need grounds for suspicion before conducting a body search, but a "piece of property simply does not implicate the same dignity and privacy concerns as highly intrusive searches of the person," the court said. Judge Diarmuid O'Scannlain wrote the 3-0 decision.
The ruling overturned a federal judge's decision barring the computer evidence and has implications for a suit filed in San Francisco two months ago by the Electronic Frontier Foundation, a privacy-rights group, and the Asian Law Caucus.
Citing complaints about airport interrogations and searches from returning travelers, mostly South Asians and Muslims, the suit seeks information from the Department of Homeland Security on the policies that guide agents in searching or copying material from laptops, cell phones and other electronic devices. The groups also want to know what standards agents use in questioning travelers about their trips and their political views.
The case that started this involves 43-year-old Michael Arnold. In 2005, he was arrested on charges of transporting child pornography on his laptop computer. He was returning to the United States after a three week vacation in the Philippines, when he was randomly selected for a secondary Customs screening. At that time, agents discovered what they believed to be pornography involving minors and seized the laptop. Arnold was arrested two weeks later.
Arnold filed a motion to suppress the evidence, arguing that the search of his computer and storage devices was unreasonable and unwarranted. The district court supported that argument but the government appealed it, saying that the boundaries of reasonable suspicion did not apply to border searches.
This case should cause business to consider what information may be stored on a local device. Certainly, no one is condoning the possession of pornography, and frankly, it is unfortunate that this case involves pornography. We really should be considering the larger question. What if the document or image was something else — like information about the prototype of a defense weapon? Or evidence for a trial? Or HR files?
So we now know that crossing a border with a laptop may open the individual to search. This includes your laptop as well, but should it?
From WSJ Law Blog:
Marilyn Bednarski, a partner in Pasadena, Calif.-based Kaye, McLane & Bednarski, said she plans to seek an en banc review of the case. Bednarski said she could see the point in turning on a laptop computer to make sure it's not a bomb or a container full of illegal substances. But opening files bothered her. "What this decision allows [border agents] to do without limits," she said, "is keep opening up and keep reading forever."
And a comment to that blog:
"Yikes. I think I may have to reevaluate my policy of taking critical documents on my laptop for international trips." - Anonymous
Really, that comment says it all.
Bottom Line for IT Leaders
Business should consider what information may or may not be stored on a laptop, because it appears that the possessor of that laptop may not be able to safeguard that information. That by itself should have business considering the best way for their employees to access necessary files when out of town.
What are your company's policies on transporting information? Are you required to encrypt files? Or are you not allowed to transport files? How do you manage confidential information when crossing a border?