Skift Take

It should come as no surprise that the government isn't following its own rules when it comes to securing the traveler data it seizes from personal devices. Another reminder to take precautions, even if your chance of getting searched is rather low.

In the days following the initial travel ban instituted by President Trump, concerns emerged that the U.S. Customs and Border Protection agency would also ramp up searches of the electronic devices of those entering the country.

In recent weeks, the Office of Inspector General for the Department of Homeland Security has released the results of an audit exploring the policy and outcomes of electronic searches since 2016.

The good news is that only a small fraction of travelers have had their devices searched, even if it recent years represent a record high for the 10-year-old program. The bad news is that those who have had their devices searched are more likely than not to have had their civil liberties violated due to incompetence by customs officials.

“CBP processed more than 787 million travelers upon arrival at U.S. ports of entry in fiscal years 2016 and 2017, and searched approximately 47,400 electronic devices,” reads the report. “In fiscal year 2016, CBP processed more than 390 million travelers arriving at U.S. ports of entry and searched the electronic devices of an estimated 18,400 of those inbound travelers (.005 percent). In FY 2017, CBP processed more than 397 million travelers and searched the electronic devices belonging to more than 29,000 of those inbound travelers (.007 percent).”

The criteria for more advanced searches is redacted from the document for security reasons, which makes it clear that a field officer can execute a search for any reason whatsoever.

Here is a breakdown of the searches that were audited; 67 percent of the 194 reports audited featured at least one problem.

Problems Identified in CBP Electronic Media Reports Out of 147 Audited
Vague Narrative Describing Border Search 62
Inaccurate Notes or Action Details 31
No Witnessing Supervisor Documented 29
Missing Information on Forms 7
Review More Than 7 Days From Incident 18

Source: CBP

The problems discovered with the search process should trouble both travelers and privacy advocates. First, the audit found that officers weren’t disabling the mobile connection on devices, meaning they could improperly access data in the cloud, which violates government policy.

The bigger issue could be that customs officials aren’t deleting the data they acquire after examining it. In fact, it seems like most ports of call aren’t deleting sensitive data when appropriate and leaving it lying around on USB sticks instead. There isn’t even a policy to ensure that this data is protected.

“We physically inspected thumb drives at five ports of entry,” states the report. “At three of the five ports, we found thumb drives that contained information copied from past advanced searches, meaning the information had not been deleted after the searches were completed. Based on our physical inspection, as well as the lack of a written policy, it appears OFO has not universally implemented the requirement to delete copied information, increasing the risk of unauthorized disclosure of travelers’ data should thumb drives be lost or stolen.”

Read the full report below.

Download (PDF, 2.52MB)

smartphone

The Daily Newsletter

Our daily coverage of the global travel industry. Written by editors and analysts from across Skift’s brands.

Have a confidential tip for Skift? Get in touch

Tags: customs, security

Photo credit: A customs officer at a border crossing in California. Mani Albrecht / U.S. Customs and Border Protection Office of Public Affairs Visual Communications Division

Up Next

Loading next stories