How to Keep Border Guards From Reading Your Laptop
Did you know that U.S. immigration agents can seize your laptop, cellphone, digital camera and any other electronic devices at the U.S. border, no justification required?
The U.S. government's ability to search citizens at the border without a warrant is nothing new -- it dates back to the 1977 Supreme Court ruling in United States v. Ramsey. But as digital technologies become more prevalent, this so-called "exception to the Fourth Amendment" has come under renewed scrutiny.
"The problem is, now people bring with them a lot more stuff — not physically, but digitally," said Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation, a nonprofit digital rights group based in San Francisco.
"Computers, cellphones, tablets have lots of information," Fakhoury said. "The issue becomes: Do the prior justifications of a broad searching authority still extend to [the contents of] digital devices?"
MORE: 7 Computer-Security Fixes to Make Right Now
The answer to that question remains unclear. For now, there's no way you can prevent the feds from getting the gadgets if they want them — but you can make sure none of your sensitive data can be read.
Of course, the No. 1 way to safeguard your digital privacy is to not bring any digital devices with you to the border. But for many people, going without laptops and mobile phones is just not an option.
Here are some suggestions for what you can do to keep your sensitive data close to hand, but safe from prying eyes.
Bring a clean computer to the border
If you have the cash to burn, you can buy a cheap laptop or tablet to bring with you across the border. Then, before you leave on your trip, put all the documents and accounts you'll need in a secure cloud storage system.
Google Docs works, but you can also consider more secure cloud storage options such as SpiderOak, as well as the cloud-encryption software BoxCryptor.
So long as you're careful not to store any documents from the cloud onto your computer, you're not technically bringing any data to the border.
MORE: 13 Security and Privacy Tips for the Truly Paranoid
There's another way to bring a clean computer to the border: Wipe your own. But before you do, purchase an external hard drive and use it to create an image backup of your computer.
After that, you'll need to securely wipe everything on your laptop. You can do this by going into your computer's control panel and doing a factory reset, or you can install a whole new operating system on your computer, which will overwrite all of your computer's contents.
Leave the external hard drive at home, and take your newly blank laptop with you to the border. Once you get home, you can copy your hard drive's contents back onto your laptop and get back to work.
These methods are expensive, as they require spending at least a hundred dollars for a good external hard drive, or even more for a laptop that you'll rarely use.
The advantage is that if a border agent requests to view your device, you can comply without worrying about your privacy. This might also be the way to go if you're particularly eager to avoid a confrontation at the border.
The Fifth Amendment right against self-incrimination does protect you from having to hand over your password, even at the border. Yet many people feel uncomfortable saying "no" to a federal official. If the only devices you bring to the border are clean, even handing over your password won't compromise your data.
Encrypt your data
Another option is to encrypt the data on your devices. This will take more time than purchasing a whole new device, especially if you're new to encryption. But it's not too difficult once you've gotten the hang of it, and you can encrypt your data with the same secure algorithms used by the military without spending a dollar.
On your computer, programs such as the free open-source program TrueCrypt can encrypt a few of your documents, or even your entire hard drive. The only way to see your data is to enter a password.
MORE: 13 Free Software That Encrypt Your Data
TrueCrypt also has a feature that lets you create a decoy password, so that you cannot only lock your data up, but also hide it away in what's called a "hidden volume."
Think of it as a box within a box — the only difference is that anyone looking in the outer box won't be able to tell that the inner box is there.
If someone demands access to your encrypted files, you can give them the password to the outer box, or volume, and they'll be able to see any documents you chose to store in that area.
However, they won't even know that your truly sensitive data is stored in a second layer of encryption.
For your part, you can access the hidden volume by entering the hidden volume's password instead of the outer volume's. In this way, the outer volume, and the outer volume password, are merely dummies you can surrender to others so that it seems like you're complying.
Just remember to choose a secure password, preferably more than 10 random characters in length. You can also use a passphrase, such as a sentence or verse, so long as it's more than 50 characters in length.
You may be wondering: Does encryption make you look more suspicious to border agents and other security personnel?
The official answer is no. According to the Supreme Court case United States v. Cotterman, which ruled that border inspectors need to prove "reasonable suspicion" before conducting a forensic test on a seized device, encryption alone is not to be considered suspicious.
Unofficially, however, Fakhoury says that "the government takes the position that [encryption] is a sign of someone trying to hide something."
Some of the documents leaked by former National Security Agency contractor Edward Snowden, for example, suggest that intelligence agencies pay extra attention to encrypted communications, and that a legal loophole allows the agencies to store these encrypted communications for a longer period of time.
So if you take a computer with encrypted documents across the border, you should prepare to spend some extra time in customs, as you might find yourself being detained.
You don't have to give up your password or passphrase, but if you'd like to avoid the stress and hassle entirely, extensive encryption might not be your best option.
Computers aren't the only data storage devices you have to worry about at the border. Nowadays, it's possible to go without your laptop for a few days. But your mobile phone? Not so much.
Most phones contain contacts, emails, banking and credit card info from shopping apps, location-based data and tracking information, photos and more.
Despite this wealth of sensitive data, there are some challenges to secure storage on a mobile phone, challenges that don't exist with computers. For one, it's more difficult to truly delete files on a mobile phone.
If you're a customer of T-Mobile or AT&T, or any other carrier that uses the international Global System for Mobile Communications (GSM) standard, you can buy a cheap phone and move your SIM card into it.
That way, you can leave your data-rich phone at home and people will still be able to contact you using your existing number.
If you put a passcode on an iPhone, the device will also encrypt its data using that passcode as the key, thus adding another layer of security.
If you have an Android smartphone you can use the "Encrypt Phone" feature to secure your data. There are also several apps that provide strong additional encryption, such as "SSE-Universal Encryption App" and "WhisperCore."
You can also use encrypted messaging services like Wickr and Silent Text that can securely delete messages soon after they're sent.
For an excellent comprehensive guide to the legal and practical considerations of crossing the U.S. border, check out the Electronic Frontier Foundation's PDF "Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices."
This story was provided by Tom's Guide, a sister site to LiveScience. Email jscharr@techmedianetwork.com or follow her @JillScharr. Follow us @TomsGuide, on Facebook and on Google+. Originally published on Tom's Guide.
Copyright 2013 LiveScience, a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
