Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Saturday, May 03, 2008

Groups warn travelers to limit laptop data

A recent federal district court ruling upholding seizures of electronic devices, such as laptops and iPhones, at the U.S. border has traveler- and civil-rights organizations worried that personal and sensitive data could be put at risk.  On Thursday, almost three dozen organizations—including civil-rights advocates, academic groups, and religious and minority groups—sent an open letter to four congressional committees, asking that their members consider legislation to “protect all Americans against suspicionless digital border inspections.”

The letter came ten days after a federal appeals court in the Central District of California ruled that border agents could search laptops without reasonable suspicion of illegal activity.  “In a free country, the government cannot have unlimited power to read, seize, store and use all information on any electronic device carried by any traveler entering or leaving the nation,” the signatories stated in the letter.

The level of surveillance by the United States government has become an increasing worry to civil-rights advocates as well as professional, minority and religious groups that believe their members could be targeted.

As part of its “War on Terror,” the Bush Administration has instituted a program to eavesdrop on Internet and phone communications, an initiative that violates the Foreign Intelligence Surveillance Act (FISA) and has become the focus of a battle in Congress to craft a new law to govern such wiretapping.

The Electronic Frontier Foundation, a digital-rights group and one of the sponsors of the letter, has requested information on the conditions that would trigger a digital search by border agents.  “We don’t really know what the Department of Homeland Security’s procedures and practices are here,” said Marcia Hofman, a staff attorney with the EFF.

The case at the heart of the debate concerns whether evidence from the July 2005 search of a laptop owned by then-43-year-old Michael Arnold can be used by prosecutors.  Returning from a three-week trip from the Philippines, Arnold was stopped by customs agents in Los Angeles International Airport and asked to show that his laptop was functioning, according to court filings.  Perusing through the files in those folders, the agents found pictures of two nude women and decided to conduct a more thorough investigation, which turned up suspected child pornography.

The Association of Corporate Travel Executives, one of the letter’s signers, recommended that workers not use their personal laptops for international travel and limit the amount of proprietary and personal data stored on any notebook computer taken across borders.  “In a time of heightened international security, it will take a brave Congress to rule that parties may not be subject to suspicionless searches,” Susan Gurley, the executive director of ACTE, said in a statement. 

Following the ruling, there is nothing preventing authorities from a more comprehensive search program, said Fred Schneider, a privacy and security expert and professor of computer science at Cornell University.  “It won’t be long before customs agents can efficiently perform a thorough search on every machine,” Jennifer Granick, civil liberties director at the EFF, said in a discussion of the impact of the ruling.

Encrypting the hard drive, having a separate account on the PC owned by the worker’s company, or traveling with a clean laptop and using an encrypted VPN to access data are all possibilities, Granick said.

Posted on 05/03