Slashdot Mirror

← Back to Stories (view on slashdot.org)

Homeland Security Border Agents Can Seize Your Phone (cnn.com)

Posted by EditorDavid on from the unreasonable-search-and-seizure dept.

Slashdot reader v3rgEz writes: A Wall Street Journal reporter has shared her experienced of having her phones forcefully taken at the border -- and how the Department of Homeland Security insists that your right to privacy does not exist when re-entering the United States. Indeed, she's not alone: Documents previously released under FOIA show that the DHS has a long-standing policy of warrantless (and even motiveless) seizures at the border, essentially removing any traveler's right to privacy.
"The female officer returned 30 minutes later and said I was free to go," according to the Journal's reporter, adding. "I have no idea why they wanted my phones..."

9 of 319 comments (clear)

  1. Encryption by Anonymous Coward · · Score: 5, Informative

    Keep your phone encrypted and always power it off when crossing the border. They can seize your phone but can't compel you to decrypt it.

    1. Re:Encryption by Anonymous Coward · · Score: 3, Informative

      Same goes for your computers and any hard drives or usb sticks. They are allowed to copy all its contents. So better use encryption for those as well, and power off your computers so that they can't do cold boot attacks or hijack some internal bus to read out the decryption key.

      Either way, if its really important you should use burner hardware anyway, as they can always insert some backdoor into the hardware, nobody prevents them from that and the laws allow it in certain cases.

    2. Re:Encryption by Anonymous Coward · · Score: 2, Informative

      Exactly this. In this era of a complete disregard for the 4th amendment, anyone NOT using strong encryption on all their electronics: phones, desktop computers, laptops, etc, is asking for this. Even worse, they're enabling it, because it teaches the authorities that this kind of seizure works.

      How many times do we need to see the same thing happen before we learn?

      Encrypt everything. Turn it off before getting anywhere near the airport, or when anywhere near police. Leave it off until you get to your destination. It sucks, yes, but it's the only way to preserve a tattered shard of the civil rights you used to have.

    3. Re:Encryption by Wrath0fb0b · · Score: 3, Informative

      Incorrect. Prolonged (non-routine) detentions must be based on reasonable suspicion. Even then, the duration of the detention must be limited to the time necessary to confirm or dispel that suspicion. And even if there is reasonable suspicion, under no circumstances can the duration exceed 48 hours without a judicial hearing.

      See this handy guide [PDF] for more details and lots of citations. Or here's a quote for the lazy:

      There appear to be no âoehard-and-fast time limitsâ that automatically transform what would otherwise be a routine search into a non-routine search, nor render a non-routine search conducted under the reasonable suspicion standard unconstitutional. Rather, courts consider âoewhether the detention of [the traveler] was reasonably related in scope to the circumstances which justified it initially.â In order to provide perspective, the 16-hour detention in Montoya de Hernandez was considered a non-routine search (justifiable by reasonable suspicions), while a one-hour vehicular search did not require reasonable suspicion. The Second Circuit has characterized four- to six-hour-long detentions of individuals suspected of having terrorist ties as routine.

      However, the Fifth Circuit in United States v. Adekunle concluded that the government must, within a reasonable time (generally within 48 hours), seek a judicial determination that reasonable suspicion exists to detain a suspect for an extended period of time.

  2. 100-mile zone by Anonymous Coward · · Score: 5, Informative

    Agents can operate within a 100 mile zone of the border. (Most of the country)
    https://www.aclu.org/constitution-100-mile-border-zone

  3. Other news articles say the DHS 'tried' to take by schwit1 · · Score: 4, Informative

    https://reason.com/blog/2016/0...
    http://money.cnn.com/2016/07/2...

  4. Not just at the border... by QuietLagoon · · Score: 4, Informative
    ... but the ability for the Homeland Security Border Agents to do stuff extends to 100 miles from the border, in addition to the border crossings.

    .
    The Constitution in the 100-Mile Border Zone

  5. Re:A journalist does not know what is going on? by Nyder · · Score: 1, Informative

    A journalist (of the WSJ no less) has no idea what is going on in their country? That's what was the most surprising to me. I mean, I knew about the 100-mile border rule and I am neither a journalist, nor a US citizen. I thought the US journalists are in on it with the government by not drawing attention to the slowly eroding US constitutional rights, but in this case it is not some conspiracy, the journalist is an idiot. Where idiot here is also used in the original meaning from the ancient greek (no unicode to list it here) which was referred to people who were not interested in the affairs of the State.
    If a journalist whose job is to know stuff exactly like this, is surprised to find something like that out, what hope do the people in the US realize that they have let them take away their rights one by one?

    Pretty sure most journalists these days just forward stories written by the powers that be. Doesn't require thinking for yourself, or doing anything other then selling your morals.

    --
    Be seeing you...
  6. Wouldn't work by Anonymous Coward · · Score: 5, Informative

    No, they'd just bug her SIM card, and it would grab all her contacts the next time she switches on the phone.

    https://www.schneier.com/blog/archives/2014/02/gopherset_nsa_e.html

    (TS//SI//REL) GOPHERSET is a software implant for GSM (Global System for Mobile communication) subscriber identity module (SIM) cards. This implant pulls Phonebook, SMS, and call log information from a target handset and exfiltrates it to a user-defined phone number via short message service (SMS).

    (TS//SI//REL) Modern SIM cards (Phase 2+) have an application program interface known as the SIM Toolkit (STK). The STK has a suite of proactive commands that allow the SIM card to issue commands and make requests to the handset. GOPHERSET uses STK commands to retrieve the requested information and to exfiltrate data via SMS. After the GOPHERSET file is compiled, the program is loaded onto the SIM card using either a Universal Serial Bus (USB) smartcard reader or via over-the-air provisioning. In both cases, keys to the card may be required to install the application depending on the service provider's security configuration.

    ************

    The SIM card keys keys they stole 2 billion of them from Gemalto, the SIM card manufacturer, by hacking their network and tracking their employees. If it's a USA phone, they would just ask AT&T or Sprint to give them the SIM card key, US telcos have immunity for helping the NSA, regardless of the laws.