Business travelers should consider what electronic devices they really need when crossing international borders and leave anything they DON'T need back at the office or packed in checked luggage. With the new rules, border agents can download any of the information contained on your device, or simply confiscate it.
On April 23rd I wrote about the Ninth Circuit court and their decisions about what is considered private and what isn’t. Today a new voice weighs in.
The Association of Corporate Travel Executives is now warning its members to limit the amount of proprietary business information they carry on laptops and other electronic devices because the government can seize that information at United States border crossings.
Is it just me? Or are we all feeling a need to don a tinfoil hat in our homeland U.S.?
It doesn’t help that the case that is the focus of this ruling involved child pornography. I think that the material draws attention away from the real issue at hand. Regardless, we have learned a lesson and hopefully an understanding of what must change as we carry information around.
Specifically, the ACTE is worried that corporate information can be downloaded by border agents. This can lead to potential security breaches and exposure of supposedly private data. And if you think that the devices that could be targeted are limited to your laptop, guess again. They can confiscate PDAs, cell phones, USB devices and digital cameras. And they DO confiscate them.
Business is slow to understand that their private information may be downloaded to a secondary device with little to no oversight . But they are getting the picture and it isn’t pretty.
I used to fly with up to 60 open projects short-cutted from my desktop. Now I wouldn’t get on a plane carrying a laptop that I hadn’t freshly formatted. I would use an online secure storage provider. Tech Republic’s Michael Kassner gave us a look at one provider called Iron Key that will store your private information online and requires only an encrypted key to access the data. Sounds like a good way to go.
Here’s some input from PCWorld:
In February, a lawsuit was filed in U.S. District Court in San Francisco by the Asian Law Caucus (ALC) and the Electronic Frontier Foundation (EFF). In the legal filing, the two groups asked the court to order the DHS' Customs and Border Protection (CBP) division to release records about its policies and procedures on the "questioning, search and inspection" of travelers entering or returning to the U.S. at various ports of entry.
On May 8th, both organizations and nearly 30 other civil rights and individual privacy rights advocates are submitting a letter to lawmakers asking for a Congressional oversight hearing on the issue. The letters are being sent to the House and Senate Judiciary committees and to the House and Senate Homeland Security committees, said Marcia Hoffmann, staff attorney for the EFF.
"I think that (Appeals Court) decision has focused this issue for us," Hoffman said. "The courts certainly are not stepping in to act as [a] check to abusive searches. On top of that, it has been difficult getting information from the DHS on such searches.
"We hope members of Congress will look into this and force the DHS to disclose information on what its practices [are]. Ideally, it would be wonderful if Congress would pass legislation to put some safeguards for travelers," she said.
The issue leaves business in the position of needing to re-classify information. It is no longer “simply” a case of Internal Use, or Confidential. It has become “May travel, May not travel” as well. And this should have business thinking of new and better ways to connect to information on the road.