The rapid expansion of the database and the ability of 2,700 CBP officers to access it without a warrant — two details not previously known about the database — have raised alarms in Congress about what use the government has made of the information, much of which is captured from people not suspected of any crime. CBP officials told congressional staff the data is maintained for 15 years.
[…]
Agents from the FBI and Immigration and Customs Enforcement, another Department of Homeland Security agency, have run facial recognition searches on millions of Americans’ driver’s license photos. They have tapped private databases of people’s financial and utility records to learn where they live. And they have gleaned location data from license-plate reader databases that can be used to track where people drive.
[…]
the revelation that thousands of agents have access to a searchable database without public oversight is a new development in what privacy advocates and some lawmakers warn could be an infringement of Americans’ Fourth Amendment rights against unreasonable searches and seizures.
[…]
CBP officials declined, however, to answer questions about how many Americans’ phone records are in the database, how many searches have been run or how long the practice has gone on, saying it has made no additional statistics available “due to law enforcement sensitivities and national security implications.”
[…]
CBP conducted roughly 37,000 searches of travelers’ devices in the 12 months ending in October 2021, according to agency data, and more than 179 million people traveled that year through U.S. ports of entry. The agency has not given a precise number of how many of those devices had their contents uploaded to the database for long-term review.
[…]
The CBP directive gives officers the authority to look and scroll through any traveler’s device using what’s known as a “basic search,” and any traveler who refuses to unlock their phone for this process can have it confiscated for up to five days.
In a 2018 filing, a CBP official said an officer could access any device, including in cases where they have no suspicion the traveler has done anything wrong, and look at anything that “would ordinarily be visible by scrolling through the phone manually,” including contact lists, calendar entries, messages, photos and videos.
If officers have a “reasonable suspicion” that the traveler is breaking the law or poses a “national security concern,” they can run an “advanced search,” connecting the phone to a device that copies its contents. That data is then stored in the Automated Targeting System database, which CBP officials can search at any time.
Faiza Patel, the senior director of the Liberty and National Security Program at the Brennan Center for Justice, a New York think tank, said the threshold for such searches is so low that the authorities could end up grabbing data from “a lot of people in addition to potential ‘bad guys,’” with some “targeted because they look a certain way or have a certain religion.”
[…]
The CBP directive on device searches was issued several years after a federal appeals court ruled that a forensic copying of a suspect’s hard drive had been “essentially a computer strip search” and said officials’ concerns about crime did “not justify unfettered crime-fighting searches or an unregulated assault on citizens’ private information.”
The Wyden aide also said that the CBP database does not require officers to record the purpose of their search, a common technical safeguard against data-access misuse. CBP officials said all searches are tracked for later audit.
[…]
CBP officials give travelers a printed document saying that the searches are “mandatory,” but the document does not mention that data can be retained for 15 years and that thousands of officials will have access to it.
Officers are also not required to give the document to travelers before the search, meaning that some travelers may not fully understand their rights to refuse the search until after they’ve handed over their phones, the Wyden aide said.
CBP officials did not say which technology they used to capture data from phones and laptops, but federal documents show the agency has previously used forensic tools, made by companies such as Cellebrite and Grayshift, to access devices and extract their contents.
[…]
Source: DHS built huge database from cellphones, computers seized at border – The Washington Post
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft