Here’s what you need to know about data searches at he United States border, and how you can protect sensitive data.
August 2009 Update: The U.S. announces revised and sweeping guidelines on border searches of electronic devices: “The U.S. Department of Homeland Security released directives regarding its data search policy on August 27, 2009, which detail what constitutes a lawful search and the process governing devices that are reviewed and/or detained at the borde Solicitor-client material stored on a laptop will not necessarily be exempt from data searches under the guidelines, but it might invoke new procedures that apply to sensitive documents.” View article
Do you regularly travel to the U.S. on business? If you take confidential information of any kind with you, take heed: US policy allows offers of Customs and Border Protection (CBP) to search and confiscate computers, phones, personal digital assistants, cameras, digital music players and other data-storing devices. Operating under the U.S. Policy Regarding Border Search of Information, agents have also downloaded the contents of entire computer hard drives and other storage media for later review. (Note: similar situations occur at the borders of other countries as well.)
For many travelers, CBP reassurances that confidential data is handled carefully ring hollow. And travelers who resist searches, even by insisting that such searches would require a warrant and probable cause if conducted within the United States, can be detained, sent back to their country of origin or otherwise grievously inconvenienced. These recent developments have many legal experts and others asserting that the “border privacy” playing field is undeniably tilted in favour of border agents.
This article suggests 10 steps you can take to shield sensitive information, like that protected by solicitor-client privilege, when crossing the border. Each one comes with caveats, the most important of which is that there are no guarantees. You should consult an IT security expert to help you choose the best options for your needs.
1. Be Anonymous
Thousands of travelers cart thousands of devices through America’s borders each day. The CBP has to weigh security concerns with the limited time available for searching. Many travelers believe the odds will stay in their favour. If you aren’t one of these, read on.
2. Travel with a “Bare” Computer
Be “forensically clean”
The CBP can’t read what a computer doesn’t contain. That’s why certain companies give their employees “forensically clean” computers for travel. These computers contain the operating system, required applications, and little or no data.
Once at their destinations, employees work with data stored on company servers via secure virtual private network (VPN). (Secure connections are a must since, under certain circumstances, U.S. law permits interception of e-mail and remote server connections.)
Employees may download files to their computers, upload the results of their work to company servers and “forensically clean” their computers before traveling again.
Given widespread availability of broadband Internet access throughout the United States, traveling with a clean laptop presents few problems unless particularly large files or problematic Internet access hampers the employee’s ability to access data.
Use software with "Saas"
Following in the footsteps of phenomena such as Google Docs, more companies offer software based on the Internet. All their customers need to access these applications is a standards-compliant web browser.
Conceptually, customers use software as a service (SaaS – on the software developer’s servers) rather than as a product (on a computer’s hard drive). And, importantly, the data resides on the same server as the SaaS application.
This tactic is less secure than total forensic cleanliness for several reasons, not the least of which is your web browser. It records your Internet activity using cookies, history and other data. Delete all these traces of your Internet activity before you board your next flight. (For more information, refer to "Files to Delete” sidebar.)
Saas: One issue to Consider
What if border agents really want your data? If a server (your company’s or a SaaS provider’s) resides within America’s borders, the US Patriot Act enables US government agents to access your data (and impel the SaaS company to keep the breach quiet).
Should the data reside outside US borders but the company head office or chief executives reside within, the data must be turned over upon request or the company/executives may face charges.
Files to Delete
Not everybody travels with forensically clean laptops provided by their firms. If this describes you, consider the following list of file types to remove from computers you take across borders.
Look for all the usual suspects like .doc, .xls, .ppt, .pdf and so forth.
Mac owners: since the Mac does not need to save files with file name extensions, you might miss file types by searching for extensions. Make sure the Mac shows all file name extensions before you search.
E-mail and PIM information
Carefully review your email for messages you can delete.
Personal information managers store calendars, tasks, contact lists, notes and other information – check this as well.
Temporary files and folders
Various programs keep copies of documents and other information in temporary folders, and do not always delete them once you quit the program.
Temp files can reside in several places: a global search on the word “temp” will help find them, as will consultation of the software’s documentation.
Look for files with extensions like .jpg, .png, .gif and so forth, as well as information inside image handling software you use (e.g. Adobe Photoshop, Apple iPhoto).
Certain digital cameras produce RAW photos, some in proprietary formats with esoteric file name extensions. Check your camera manual for specifics.
To supplement the RAM, the operating system may use a part of your hard drive as “virtual RAM.”
Windows allows you to turn virtual memory off. If you can’t live with the performance hit, make sure your entire hard drive is encrypted.
Whenever you surf the Web, your browser records your wake in its history of pages visited, a cache containing downloaded pages, the cookies any sites might write to your hard drive, the names of any files you downloaded and so forth.
The default settings in most browsers allow a certain amount of this information to build up on your hard drive. Change those options so that the browser promptly deletes all such information once you shut down the browser, or soon after. Recommendation: Mozilla Firefox can automatically delete all surfing traces each time you shut down the browser.
3. Turn Off Your Computer, Early
If you must bring data on your computer, turn it off five minutes prior to reaching customs.
While running, computers store unencrypted information in random access memory (RAM). If you walk through customs with a computer in sleep mode, the RAM shows what you were working on.
RAM does not void itself of information until five minutes after the computer has been turned off. So when the “Fasten Seat Belt” sign comes on, turn your computer off.
4. Back Up Your Data
Should border agents confiscate your computer, they won’t stop your ability to work billable hours – as long as you left a copy of your data in a safe place, such as another hard drive or your company’s servers, and you can quickly recover all that data (documents, calendars, e-mail and so forth.)
5. Use a Different User Account to Hold Sensitive Information
Any modern computer can be used by different people, each with their own sets of documents. Users can password-protect their accounts so other users with access to that computer can’t access documents that don’t belong to them.
Privacy application: the traveler can use the computer via a “clean” non-administrative account while in transit and carry sensitive documents in a “safe” account for which the traveler does not know the password. Upon confirmed arrival at the final destination, the colleague who created the “safe” account can send the password to the traveler via secure e-mail.
Meanwhile, all that travelers can do at customs when asked about other accounts is shrug their shoulders. (Remember, all accounts should be encrypted.)
Choose Perplexing Passwords
Is your password your company’s name, your own name, the word “password” or something else that’s easy for you to remember?
Here’s a reality check: modern password-guessing software can generate tens or even hundreds of thousands of guesses a second – and it starts with the most commonly used passwords.
However, if your computer is confiscated, forensic specialists rarely try to “crack” a password. Instead, they look for places where your computer might have written the password to the hard disk (registry, swap files, deleted space), or places where a user may have done so (e-mail, contact file, text file). Strong encryption that covers the whole drive provides a good first line of defence.
Security experts still recommend you make passwords as difficult to crack as possible. Here are a few hints:
- Don’t use actual words, which are susceptible to “dictionary attacks” where programs throw every word in the dictionary at your signin system until one works.
- Choose longer passwords over shorter ones.
- Don’t use passwords like your name, age, address, or any other personal information of yours or of people you know.
- If the software allows, make passwords case-sensitive. Sprinkle upper-case and lower-case liberally throughout the password.
- Again, if the software allows,include numbers, punctuation and special characters as well as letters.
6. Partition and Encrypt Your Entire Hard Drive
Hard drive partitioning, like encryption, is a common IT practice that enables people to use a hard drive as though it were two or more drives. These partitions can be encrypted using different passwords. And some of today’s partitioning tools can hide partitions.
Privacy application: Encryption and partitioning, when combined, allow a traveler to decrypt a partition that contains “safe” data for border agents to inspect. Agents might not know to look for other partitions if the partitioning tool hides them – a tactic known as steganography.
To increase the chances this subterfuge will work, buy a larger hard drive for your laptop, make the “safe” partition the same size as that of the drive sold “standard” with the laptop, and put the rest of the hard drive in other partitions.
Even if you don’t partition, strong encryption of an entire computer hard drive, and electronic data of any sort, is a security best practice and should not raise eyebrows. Why the entire hard drive? Certain programs can record information outside of encrypted areas without a user’s knowledge.
While strongly recommended, encryption is not foolproof: border agents can simply ask you to type your password. The consequences of denying this request could prove onerous.
7. Protect FireWire Ports
FireWire is a type of data port that allows for faster data transfers than are possible via USB. Certain higher-end Windows-based computers and just about every Mac in existence has FireWire.
The CBP can quickly copy an entire hard drive via FireWire. Macs let their owners block this option by setting an Open Firmware Password. Consult your IT provider for advice on how to protect your FireWire port.
8. Store Data on Small Devices
Camera memory cards and USB memory keys can store huge amounts of data. Since they’re small, you can carry them inconspicuously. Also because they’re small, they are easily lost, and just as easily confiscated by border agents if found, so use strong encryption on these devices as well.
The Ironkey is a military-grade USB flash drive that actually self destructs after 10 failed login attempts. (https://www.ironkey.com).
9. Protect Phones and PDAs
Phone records, text messages, emails, documents – today’s phones, particularly smartphones like RIM’s BlackBerry, Apple’s iPhone and Palm’s Treo carry amazing amounts of information.
But keep the device as “clean” as possible if you think it might be confiscated. Also, enable any password locking and encryption tools, if available. Another possible solution: certain smartphones can be “wiped clean” remotely when they are reported lost. And every one allows users to synchronize the data on them onto their computers so that they can quickly put the data onto a replacement unit should the need arise.
10. Clean Your Laptop When Returned
Border agents might even return confiscated laptops with a little something extra: spyware that tracks the owner’s computer activity and sends log files back to “Big Brother.” “Fedware” may be invisible to onboard spyware scanners, so the first thing to do when you get your laptop back is to boot it using an external drive and scan the onboard drive for anything that should not be there.
Tools for Protecting Electronic Data
Want to protect your electronic data? Here are a few tools that might come in handy, some of which you might already have. (Comprehensive lists of such tools reside on www.VersionTracker.com and other software lists on the web.)
Encryption and hard drive partitioning
Modern computers ship with their own encryption tools. Microsoft bundles Bitlocker Drive Encryption on certain versions of Windows Vista while Apple includes FileVault on every Mac.
If you need more sophisticated options, PGP Disk and TrueCrypt lead a largely capable pack of hard drive encryption options.
Not sure whether your password is up to snuff? Download a password generator that can take away the guesswork.
(Mac owners already have Apple’s Password Assistant, stowed away in the Accounts System Preference application that Apple offers if owners want help creating a password for a new account on the Mac.)
For more information on passwords, refer to the "Choose perplexing passwords" above.
When you delete a digital file by emptying the Recycle Bin/Trash Can, the operating system doesn’t actually obliterate the file – it just refuses to recognize its existence and allows other applications to overwrite that section of the hard disk. That’s why files that owners think are long gone can turn up under forensic examination. It’s like the difference between putting a piece of paper in a recycling bin and throwing it into a roaring fire.
In addition to software designed specifically for the purpose, today’s major operating systems ship with “secure delete” features that overwrite specific portions of the hard drive to the point that the original file is unrecognizable and unrecoverable.