The U.S. government has taken the opportunity during the global pandemic, when people aren’t traveling out of the country much, to roll out a new platform for storing information they believe they are entitled to take from people crossing the border. A new filing reveals how the U.S. Border Patrol will store data from traveler devices centrally, keeping it backed up and searchable for up to 75 years.
On July 30 the Department of Homeland Security published a privacy impact assessment detailing the electronic data that they may choose to collect from people crossing the border – and what happens to that data.
- Border Patrol claims the right to search laptops, thumb drives, cell phones, and other
devices capable of storing electronic information” and when they call it a ‘border search the can do this not just when you’re “crossing the U.S. border” in either direction (i.e. when you’re leaving, not just when you’re entering the country) but even “at the extended border” which generally means within 100 miles of the border, which encompasses where two-thirds of the U.S. population lives.
- They needed an updated privacy impact assessment because of a new “enterprise-wide solution to manage and analyze certain types of information and metadata USBP collects from electronic devices” – and they they actually keep on file.
Border Patrol will “acquire a mirror copy of the data on the device” they take from a traveler and store it locally. Before uploading it to their network they check to make sure there’s no porn on it (so they search your devices to find porn first). Then once they’ve determined it’s “clean” they transfer the data first to an encrypted thumb drive and then to the Border Patrol-side system called PLX.
Examples of what they plan to keep from travelers’ devices include e-mails; videos and pictures; texts and chat messages; financial accounts and transactions; location history; web browser bookmarks; tasks list; calendar; call logs; contracts. Information is stored for 75 years although if it’s not related to any crime it may be deleted after 20 years.
The government emphasizes they’ve been collecting this information, what’s changed is simply that they’ll be storing it in a central system where everything “will now by accessible to a larger number of USBP agents with no nexus” to suspected illegal activity. They promise, though, to restrict access and train staff not to do anything they aren’t supposed to. And they don’t see risk to privacy because they’ve published a notice (that I’m now writing about) telling you how your privacy may be violated.
It’s not clear though that these searches are all actually legal. In November 2019 a federal judge in Boston ruled that forensic searches of cell phones require at least reasonable suspicion “that the devices contain contraband.”