Feb 15, 2008
It would appear that the confiscation and analysis of personal electronics at the US border is intensifiying and that people are starting to get up in arms about it. It's more than just laptops that US ICE (Immigration and Customs Enforcement) are spiriting away (for up to two weeks at a time, which defeats the purpose of trying to fly anywhere): Cellular phones are being meddled with and sometimes data is erased (for one reason or another; I tend to lean toward Hanlon's Razor to explain this), corporate laptops are being taken away from travelers unless the log into the machines so that data (sometimes proprietary corporate data) can be copied for unknown reasons (perhaps ICE took some of the tales of the books of the ships to heart), and from time to time travelers are given a choice: Either fork over the laptop or they don't get on the plane at all. The EFF and the Asian Law Caucus have gotten involved by filing a lawsuit against to government to find out what the hell's up with this. As it turns out, the government is starting to equate data files with information printed on hardcopy, and is treating them in an identical manner.
The lawsuits filed have uncovered some of the parameters of these searches. First and foremost, US ICE does not require probable cause to copy data from an electronic device. If it looks interesting to them, they're legally permitted to take it from you. They can copy the data from just about anything that they think might be able to hold data, from the hard drive of your notebook computer to your wristwatch to your cellular telephone. Whether or not they try any forensics techniques on the storage media is unknown because the owners of the devices aren't there when all of this is done (but there are tools out there that are readily available and work quite well). However, it is known that they try to extract the history data from the web browsers installed (here are instructions for erasing your web browser history if you feel this is none of anyone's business), they go through the contact lists and call histories of cellular telephones (so make sure that you don't know anyone whose name might be on
In reaction to this, some security conscious companies are refusing to let anyone travel with business-related information - instead, they are issuing laptops containing only a VPN client, and all work is done remotely.
I've already ranted long and loud about this time and again - one of these days I should sit down and write a guide or something to keeping the important data private so that even if someone does decide to start poking around in your portable, they won't find anything useful.