What should I do to protect data when going across the US border with a computer?

What should I do to protect data when going across the US border with a computer? - From above crop anonymous male programmer in black hoodie working on software code on contemporary netbook and typing on keyboard in workspace

When I successfully (legally) immigrate into the USA, I had to move some of my computers which contain a client's sensitive data/project.

I was surprised when I found an article that says the CBP have the right to scan a computer (and can force me to enter the truecrypt password!)

I am unable to wipe any data, but leaking extremely sensitive data is a big problem for me (What should I say to the client, "the government wants your project"?)

I swear that I am not a terrorist of course, but I want to know what other businessmen do in this kind of situation.

usaborderselectronic-items


Best Answer

Disclaimer: IANAL

Allegedly if CBP officers find something clearly marked as "business confidential", they may not proceed without authorization of higher-ups.

Guidelines have been described in document DoHS's document "Privacy Impact Assessment: CBP and ICE Border Searches of Electronic Devices". Seems that according to this if CBP officers would disclose any of your trade secrets, they'd still be legally liable.

However, if you don't want to take chances with that, the recommended course of action is (for example for foreign lawyers):

  • use high grade encryption and upload encrypted files to a cloud
  • store (pass-phrase protected) encryption keys on small device (eg. microSD card)
  • sanitize your computer deleting sensitive data and encryption keys
  • download and decrypt your data as needed

Note, that this is going bit on paranoid side of things.



Pictures about "What should I do to protect data when going across the US border with a computer?"

What should I do to protect data when going across the US border with a computer? - Crop unrecognizable developer using laptop and smartphone
What should I do to protect data when going across the US border with a computer? - Crop faceless programmer working on laptop in studio
What should I do to protect data when going across the US border with a computer? - Crop anonymous person demonstrating carton signboard with slogan love should not hurt on blurred background of asphalt road and trees


Does immigration check your laptop?

Can customs agents check your mobile devices? In November 2019, a U.S. federal court ruled that the government cannot check an individual international traveler's devices\u2014including cell phones, tablets and laptops\u2014without reasonable suspicion, as it is a violation of the 4th Amendment of the U.S. Constitution.

Can I cross the border with my laptop?

The short answer is, no. Customs and Border Protection do not need a warrant or probable cause to search your phone or laptop. Since 2013, the Department of Homeland Security has claimed legal authority to search your electronic devices without a warrant or probable cause at the U.S. border or international airports.

What are 2 things that the US Customs and border Protection does to protect our borders?

Border Patrol Operations Some of the major activities include maintaining traffic checkpoints along highways leading from border areas, conducting city patrol and transportation check, and anti-smuggling investigations.

Can customs search your hard drive?

It is legal in several countries for airport security or border agents to check your laptop, hard drive, or any other electronic device you have on hand. This includes your mobile phone and flash drives. They often do this to search for pornography.


How To Protect Your Phone Data At The US Border



More answers regarding what should I do to protect data when going across the US border with a computer?

Answer 2

A random search of your computers seems very unlikely but what I read also suggests that you have basically no legal recourse against it should it happen. The only workable solution I am aware of is to upload the data somewhere and then download it once you are in the US.

Of course, this creates all sorts of new security issues (how to secure the transfer and server against whatever risks you are concerned about, etc.) but it would prevent border guards from accessing your data without doing anything illegal. I have no idea if many (business)people actually go to the trouble of doing it.

Answer 3

One possibility is to do a full drive encryption with some software like TrueCrypt. You can then store the key on a USB drive and have someone you trust send it to you once you make it across the border.

This way you are physically not able to decrypt the computer if asked/forced to. Make sure the thumb drive only gets sent to you once you're safely across the border. The only problems in this would be if the government made a copy of the encrypted data and then intercepted the drive in the mail.

Another alternative is to have a friend encrypt the key and upload it to the cloud. They could then tell you the password once you're safely in the US.

Answer 4

Although I wonder what could be so demanding to import an entire PC (a desktop) - I think there literally are no options if the CBP is bent on checking whatever you are bringing in to USA. Including the nuts and bolts that hold your PC.

I have shipped external hard drive(s) (VM images) in the past and FedEx/UPS had no problem delivering to and from third world countries. I have moved in and around the world freely with a couple of laptops in my backpack with no problems and no inspection at all (other than running them through the airport security scanners).

I feel at the maximum the CBP fellas will wanna inspect whats in the CPU tower versus what is in the hard disk. If the information isn't a terabyte you could also temporarily move the information to a pen drive. I have never heard someone's laptop of pen drive being perused for data.

Answer 5

From our related question on Security Stack Exchange:

tylerl's top answer mentions EFF recommendations:

  • Carry as little data as possible over the border.
  • Keep a backup of your data elsewhere.
  • Encrypt the data on your device.
  • Store the information you need somewhere else, then download it when you reach your destination.
  • Protect the data on your devices with passwords.

...US Customs policy giving themselves permission and responsibility to examine all incoming devices (and data on these devices), including computers, cell phones, etc.

...a number of cases of Customs officials placing monitoring/tracking software on transiting computers

...Finally, don't forget the value of Truecrypt hidden volumes. The plausible-deniability is helpful when dealing with governments.

And I would suggest that these are not activities limited to paranoiacs, but should be followed by any business-person travelling to the US. I don't take any devices with business data on if I can help it, and where possible I also avoid taking personal data.

Answer 6

You might be interested in reading this article. http://www.cba.org/CBa/PracticeLink/tayp/laptopborder.aspx

"Once at their destinations, employees work with data stored on company servers via secure virtual private network (VPN). (Secure connections are a must since, under certain circumstances, U.S. law permits interception of e-mail and remote server connections.) Employees may download files to their computers, upload the results of their work to company servers and “forensically clean” their computers before traveling again."

Sources: Stack Exchange - This article follows the attribution requirements of Stack Exchange and is licensed under CC BY-SA 3.0.

Images: Sora Shimazaki, Sora Shimazaki, Sora Shimazaki, Anete Lusina



Related Topics

Trouble with delays with American Airlines, international travel

Visiting Girlfriend in the USA for 10 days on a ESTA from the UK London (I am 30 years old)

How to get apostille at the U.S. State Department for FBI background check?

What is a copy of a valid state ID? Bus system application

Switching airline carriers at layovers

Applying for Canada visitor visa while extension of stay in US pending

Returning to the US from India as a US Citizen

Entry into France [closed]

ESTA or study Visa?

Problem with UK immigration when leaving via land border with Ireland?

Taking two cars to Tijuana from San Diego

How to go cheap way (train/bus/flight) from New York city to Oklahoma city (Stillwater)? [closed]

Which airlines are the US flag carrier?

Information Required for DS 160 Form [duplicate]

Are masks still enforced on Turkish Airlines flights from countries without a mask mandate?