econintersect.com
       
  

FREE NEWSLETTER: Econintersect sends a nightly newsletter highlighting news events of the day, and providing a summary of new articles posted on the website. Econintersect will not sell or pass your email address to others per our privacy policy. You can cancel this subscription at any time by selecting the unsubscribing link in the footer of each email.



posted on 11 January 2018

Going Abroad? Remember Your Digital Hygiene

from STRATFOR

-- this post authored by Scott Stewart

As more and more travelers have begun carrying their cellphones and laptops abroad, the searching of these and other electronic devices by customs inspectors has become a contentious issue. On Jan. 4, U.S. Customs and Border Protection (CBP) released an updated directive to its workers on the searching of electronic devices at border crossings. According to CBP statistics published on Jan. 5, the agency processed 397 million international travelers in fiscal year 2017 and searched 30,200 devices. This is an increase from the 19,051 device searches in fiscal year 2016, which recorded 390 million travelers. CBP noted the percentage of searches rose from .005 percent in 2016 to only .007 percent in 2017. But because of the increasing amount of personal information on these devices, travelers have been pushing back against these intrusions.

In September 2016, the American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF) filed a lawsuit against the Department of Homeland Security on behalf of 11 travelers whose phones and laptops were searched at the U.S. border without warrants. The lawsuit asserts that the Fourth Amendment to the U.S. Constitution should govern the border searches and therefore customs agents should be required to obtain search warrants. However, based on case law and a long history of international law, the lawsuit faces an uphill battle because border inspections traditionally have been treated separately from searches in criminal investigations that are governed by the Fourth Amendment. Sovereign countries have long had the ability to control commerce at their borders, and customs inspectors have had wide leeway to search goods and travelers' belongings for contraband at the border. Even citizens have less of an expectation of privacy at an international border crossing or a border zone than inside the country.

Because of these rulings and understandings, it is unlikely that the lawsuit will cause a massive legal change. But even if it did, it would change only U.S. policy and would have no impact on other governments, which follow similar, or even more aggressive, guidelines on searching electronic devices. The updated CBP directive serves as a great reminder of how incredibly vulnerable personal and proprietary business information in electronic devices is during international travel.

What Is and Is Not Covered?

Under the CBP order, customs inspectors have the authority to conduct a basic search of any electronic device without having probable cause of a crime or even suspicion of a crime. Devices are defined not only as computers, phones and tablets, but also as digital storage media, including external hard drives and thumb drives. Such a search is confined to information on the device, and it cannot be used to retrieve external data, such as that stored in the cloud. Officers will ask the owners to disable their device's internet connectivity during such a search. The basic search consists of the officer reviewing the contents of the device with his or her eyes.

Travelers can be compelled to provide passwords for the devices. Foreigners who refuse to provide the password to unlock a device or decrypt data on it can be denied entry to the United States. If a U.S. citizen refuses to provide the password, the device can be retained for up to five days, but the citizen cannot be denied entry to the country. CBP personnel are ordered to destroy passwords after using them to unlock the device. If after a basic search, the CBP officer develops reasonable suspicion that a device contains evidence of a violation of the law, or of a national security concern, the officer must contact a supervisor to request an advanced search, which is defined as one using external equipment to review, copy or analyze the device's contents.

But again, these guidelines pertain only to the CBP. The customs officials in other countries have similar policies when it comes to searching the electronic devices of international travelers. In many parts of the world, the authorities have broad leeway to inspect electronic devices, either at a border or elsewhere. Indeed, it is not unusual for travelers to have their hard drives imaged or accessed when passing through customs or copied surreptitiously when left unattended in a hotel room. Most intelligence and security agencies have "unlimited data plans" when it comes to collecting potentially valuable information, and travelers should protect their information accordingly.

Protecting Your Privacy

The ACLU-EFF lawsuit notes quite correctly that "People now store their whole lives, including extremely sensitive personal and business matters, on their phones, tablets, and laptops." And this is the first problem from my perspective. People simply should not carry that much sensitive information with them when they travel. Indeed, I would bet that a large majority of the traveling public isn't even aware of everything they have in their phones and laptops. In the past I've said that most people are unaware of what they have in their wallets or purses and noted that this lack of awareness makes it difficult to reconstruct what personal information was in their wallets or purses. This problem is magnified exponentially when it comes to the gigabytes of data stored on smartphones and computers, especially when those devices are used to connect to social media, online banking and shopping, and other services. Border searches by the authorities are not the only threat to this data. It is not unusual for travelers to have their devices stolen, and then the data can be exploited by criminals.

Besides personal information, proprietary business information is also a hot commodity. The Chinese government publicly stated that it was trying to acquire critical technologies by whatever means necessary when it established its 863 program, set up in 1986 to stimulate the development of advanced technologies. In addition to its normal appetite for weapons-related proprietary information, the Russian government recently announced that it was launching a program to develop its internal capability in 77 key technologies. The Russians will likely accomplish a good deal of this "development" by stealing the technology from others rather than starting from scratch. And Russia and China are only two of the many countries that have an interest in looting proprietary information to help them develop their industrial bases. The bottom line is that no matter your business, you probably have proprietary information of interest to someone, and it is vulnerable during travel.

To remedy this vulnerability, we've recommended for many years that people leave their primary computers and phones at home and carry alternative devices when they travel - especially abroad. These travel devices should contain only the personal or business information required for a specific trip. It is also not a bad suggestion to place any files you need for a trip on a file-sharing site in the cloud and in an account set up for that trip. Some people recommend carrying your data on a SD card, which you can hide in your possessions or clothing. But I believe that looks too much like espionage activity - and it is safer to simply park the data on the cloud. Furthermore, with the enhancement of security technologies inside air terminals, certain screening machines will be able to detect a hidden storage device.

What's the Password?

Another concern is password security. In a situation in which you can be compelled to provide a password to unlock your device, it is doubly important that you not use the same password for multiple devices and accounts, because that one password can be the key to everything. It is far better to use separate passwords. Password managers are helpful tools, but if they reside on your device, they are vulnerable during a border search because people can be forced to open even encrypted files. Because of this, only take the passwords you need for your trip, and ensure they are robust and unique.

Beyond the concern about having your personal or business information compromised just once, there is the danger that a government or other hostile actor will place malware on your devices to give them access to the information you add later. There is also software that can turn your phone, laptop or tablet into a mobile spying device for eavesdropping on your business meetings and other activities. Due to this, I recommend that you not trust devices that have been out of your possession, and leave them outside the room during sensitive business meetings.

Because of the malware threat, we recommend that your travel equipment be wiped and reformatted after each trip and that it never be connected to your corporate or home networks where it can spread to other devices. Digital hygiene is very important.

Finally, when considering international travel with electronic devices, it is important to understand that some commonly used electronic items are restricted in certain countries and possession of them can land a traveler in hot water. For example, satellite phones are illegal in China, Iran, Cuba and Myanmar. Russia and India also have laws regulating satellite-enabled devices, including such personal tracking devices as inReach and SPOT. It is best to check the local laws before you travel.

And, by all means travel for fun and profit, but make sure you travel wisely.

"Going Abroad? Remember Your Digital Hygiene" is republished with permission of Stratfor.

>>>>> Scroll down to view and make comments <<<<<<

Click here for Historical News Post Listing










Make a Comment

Econintersect wants your comments, data and opinion on the articles posted. You can also comment using Facebook directly using he comment block below.




Econintersect Contributors








search_box
Print this page or create a PDF file of this page
Print Friendly and PDF


The growing use of ad blocking software is creating a shortfall in covering our fixed expenses. Please consider a donation to Econintersect to allow continuing output of quality and balanced financial and economic news and analysis.







Keep up with economic news using our dynamic economic newspapers with the largest international coverage on the internet
Asia / Pacific
Europe
Middle East / Africa
Americas
USA Government




























 navigate econintersect.com

Blogs

Analysis Blog
News Blog
Investing Blog
Opinion Blog
Precious Metals Blog
Markets Blog
Video of the Day
Weather

Newspapers

Asia / Pacific
Europe
Middle East / Africa
Americas
USA Government
     

RSS Feeds / Social Media

Combined Econintersect Feed
Google+
Facebook
Twitter
Digg

Free Newsletter

Marketplace - Books & More

Economic Forecast

Content Contribution

Contact

About

  Top Economics Site

Investing.com Contributor TalkMarkets Contributor Finance Blogs Free PageRank Checker Active Search Results Google+

This Web Page by Steven Hansen ---- Copyright 2010 - 2018 Econintersect LLC - all rights reserved