Knowing how law and technology meet at US borders

Border crossings have long posed a risk for journalists. In many nations, reporters and photographers alike have been subjected to questioning and having their electronic devices searched, if not also copied. But more recently, protecting electronically stored data has become a greater concern for journalists, including those who are U.S. citizens, upon entering or leaving the United States.

“This is an issue in the U.S., but it is just a fraction of what journalists are facing in countries around the world,” Josh Stearns, journalism and public media campaign director of Free Press, a U.S.-based media reform organization, told CPJ.

Last month a National Public Radio producer, Sarah Abdurraham, along with members of her family and friends, all of whom are U.S. citizens, were on their way home from a wedding in Ontario when they were detained for six hours at the Niagara Falls border crossing while each of their electronic devices were searched.

“I generally came out of the experience wondering what our rights are,” Abdurraham later said in an interview with NPR‘s “On the Media” program, where she works.

Abdurraham did not specify whether she meant the rights of journalists or U.S. citizens generally. But, according to Michael Price, counsel at New York University Law School and the Brennan Center for Justice’s Liberty and National Security Program, it doesn’t make any difference. He told CPJ that to date, there are no court rulings providing U.S. journalists with any added protection against having their electronic devices searched when crossing a U.S. border.

But a few federal courts have ruled that U.S. citizens crossing U.S. borders have certain rights. Last year in Boston, a judge denied a government motion to dismiss a lawsuit challenging a border search of electronic devices, before the case was settled, after hearing arguments from the American Civil Liberties Union including on First Amendment grounds. This year in San Francisco, a panel of appellate judges ruled that U.S. border agents must at least have “reasonable suspicion” before searching the data stored on U.S. citizens’ electronic devices.

“If you are flying into the West Coast you have one rule, into the East Coast you have another,” said Price, referring to the San Francisco court ruling for the 9th Circuit.

All the same, U.S. journalists flying in or out of any part of the United States should expect the possibility that their electronic devices could be searched, copied, or even seized, he and other experts told CPJ. Meanwhile, citizens of other nations, including journalists, enjoy no effective protections from having their data searched upon entering or leaving the United States.

“The safest option is to not travel with any sensitive data and instead store it in a cloud,” Dan Auerbach, staff technologist at the San Francisco-based Electronic Frontier Foundation told CPJ. He noted, however, that safely uploading and downloading sensitive data to any independently hosted platform raises “practical challenges,” including whether one trusts the firm or group hosting the cloud, and whether the uploads and downloads to the cloud could be intercepted.

Another option would be to openly encrypt one’s entire hard drive or other device. But journalists who do so should use open-source software, as opposed to proprietary commercial software, as the manufacturer could have built the software with a “back door” to allow secret government access, said Auerbach.

“Only a judge can make you give up a password,” he said. But he also noted that defying agents of U.S. Immigration and Customs Enforcement, a division of the Department of Homeland Security, could also lead agents to seize one’s equipment.

“What they generally do is make a mirror image of the hard drive,” Price told CPJ. Authorities could then try to crack the password later.

A third option for journalists would be to try and encrypt sensitive files surreptitiously. One digital safety tool called TrueCrypt allows users to create “hidden volumes” or unseen partitions on their hard drive to load with encrypted data that may look like something else, such as a corrupted video file. But Auerbach warns that successfully hiding data on a disk may only work if one also lies about it to keep it secret.

“Lying to border agents is not advisable, because it can be a serious crime,” reads EFF’s online guide. Although now nearly two years old, the EFF guide still provides timely advice for anyone carrying electronic devices across U.S. borders.

CPJ’s Information Security chapter in our Journalist Security Guide also provides useful guidance. Advice specifically for bringing sensitive information across U.S. borders is also posted online by the Canadian Bar Association, which complains that Canadian attorneys, much like journalists, have had “the contents of their entire computer hard drives and other storage media” copied “for later review.”

Their advice: Fully turn off your computer five minutes before the border, so the machine’s random access memory no longer retains any data; protect any FireWire ports to prevent data from being quickly copied; use PIN codes on cellphones and strong passwords on other devices; back up your data and scan if not reformat any hard drives that were taken out of your possession.

The CBA’s first tip is also important. “Be anonymous,” or be the gray man, to put in security culture parlance, to blend into the cross-border traffic. Of course, that won’t work for anyone already on the U.S. government’s radar.

Laura Poitras has been on the government’s radar for years. She is an independent U.S. journalist and filmmaker. Since 2006 and the release of her film, “My Country, My Country,” which profiled an Iraqi doctor critical of the U.S.-led occupation of his nation, Poitras has been detained and questioned and had her electronic devices searched more than 40 times–virtually every time she has entered or left the country, according to her colleague Glenn Greenwald writing last year in Salon.

More recently, Greenwald’s partner, David Miranda, a Brazilian citizen, was detained and had his electronic devices seized in London by U.K. border agents, as he was returning to their home in Rio de Janeiro after meeting Poitras in Berlin. Greenwald and Poitras have jointly and separately broken news based on documents provided by former U.S. National Security Agency contractor Edward Snowden.

But stories don’t even need to be sensitive to provoke a search. In 2007, U.S. photojournalist Duane Kerzik was returning to the United States after photographing lighthouses and national park scenes in Canada when agents detained him and briefly searched his laptop. The ACLU and National Press Photographers Association later jointly filed a lawsuit on behalf of him and another U.S. citizen that is pending.

“People used to think it doesn’t happen here in the U.S.,” said Stearns. “Now it is really unsettling because they have taken their First Amendment rights for granted.”