CIO Magazine: November Issue

Confidential Business Data at Risk at the Border

U.S. agents can search and seize the laptops of international travelers at the border, so take precautions to protect confidential business information

Several recent court decisions have re­inforced the principle that government agents may examine laptops, cellphones and other electronic devices in the possession of people crossing the border into the U.S.--even when there is no suspicion of wrongdoing.

Most border searches appropriately target serious crimes, such as terrorism and child pornography. But in light of the many international white-collar criminal investigations being conducted by the Department of Justice and the Securities and Exchange Commission, this broad power to capture electronic data at the border poses a serious privacy risk for business executives and lawyers traveling to the U.S.

In 2009, both the Immigration and Customs Enforcement (ICE) agency and the Customs and Border Protection (CBP) office issued directives explicitly authorizing the search and seizure of electronic devices at international borders "with or without individualized suspicion." For the most part, federal courts have upheld the orders.

The government search of files and images on a laptop or smartphone could last up to five days under the CBP rule or up to 30 days under the ICE rule.

Consequently, business executives traveling into the U.S. should take precautions. When possible, travelers should fully erase any data (including browser data) that they do not need from their electronic devices before they travel. Companies could also send employees on business trips with forensically clean laptops to limit the amount of proprietary information at risk.

However, "clean" electronic devices are often not a realistic option, particularly when traveling for business reasons. A more practical option for business travelers is using cloud storage services such as DropBox and CloudSafe to store and work on sensitive business-related documents and presentations. VPNs can also give travelers remote access to private office networks and shared files, which means sensitive documents don't have to be stored on devices carried across the border.

Lee Dunst is a partner, and Rachel Brook is an associate, at the law firm Gibson, Dunn and Crutcher.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO October 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.