Saturday, April 07, 2007

Laptops, pornography and the right to privacy.


(And now, for something wildly different ...)

Given that I'm a) playing with setting up some encrypted filesystems on my Linux laptop, and b) travelling to the U.S. next week, I was reminded of something I read some time back about a man who, while going through customs, was asked to turn on his laptop, at which point a couple of customs officials proceeded to run a forensic analysis on it. To which my immediate reaction was ... what the fuck!? Which brings us to the topic of this post -- just what the hell are my rights these days?

Let's start with a couple case studies, shall we, like this one:

... Mr. Furukawa was being processed through United States customs upon arrival on an international Northwest Airlines flight from Tokyo, Japan. He was waiting in line for a routine inspection after being been referred from passport screening to "baggage control secondary" based upon a computer screen alert indicating that he may have purchased access to a Internet site that contained child pornography. [Um ... how did they determine that??] The referral was made by Customs Officer Bulov...

The officer then proceeded to examine Mr. Furukawa's checked and carry-on luggage and found that the defendant was carrying a laptop computer and an external hard drive. Officer Schmidt promptly opened the laptop, booted up the computer, and asked the defendant to sign in and enter his password. The officer designated the Windows 2000 operating system and the defendant entered his screen name and password without objection...

After gaining access to the designated program, Schmidt began a search for video and picture files which are construed as merchandise for customs purposes. The officer discovered a file list and thumbnail photos which included materials that were suspected to be pornographic.

You can read the whole thing, but my first question is: does this constitute reasonable grounds for search? Do customs officers need any grounds for this type of search? But let's head on to the next case study:

In July 2005, after a nearly 24-hour, coach-class flight from the Philippines, Michael Arnold arrived at Los Angeles International Airport. He collected his luggage and stood in line to go through the customs checkpoint. US Customs and Border Patrol (CBP) Officer Peng asked a few routine questions and inspected Arnold’s luggage and carry-on bag, which contained what many travelers today have in carry-on bags: a laptop computer, a separate hard drive, a memory stick, and several CDs. Officer Peng made the customary request that Arnold turn on the computer to verify that it would operate. She then transferred the laptop to a second CBP officer who noticed numerous icons and folders on the display screen, including two folders labeled “Kodak pictures” and “Kodak memories.” (The term “Kodak memories” is part of popular North American parlance and appears in testimonials by Americans and Canadians on Kodak Web sites, such as www.kodakgallery.com/oprah_bigadventure/ and wwwcaen.kodak.com/CA/en/motion/publication/onFilm/jcLabrecqueQA.jhtml.) Purporting to act on those allegedly suspicious labels, the CBP officers clicked open the folders to view the contents. Among the images, they found one of two naked adult women.

Again, read the whole thing, but let's appreciate two facts here: first, there is nothing suspicious about folders named "Kodak pictures" or "Kodak memories" and, second, the last time I looked, regular porn was still legal, so pics of naked adult women still doesn't seem to constitute grounds for continuing the search. And the case studies keep piling up:

In January 2004, Stuart Romm traveled to Las Vegas to attend a training seminar for his new employer. Then, on Feb. 1, Romm continued the business trip by boarding a flight to Kelowna, British Columbia.

Romm was denied entry by the Canadian authorities because of his criminal history. When he returned to the Seattle-Tacoma airport, he was interviewed by two agents of Homeland Security's Immigration and Customs Enforcement division.

They asked to search his laptop, and Romm agreed. Agent Camille Sugrue would later testify that she used the "EnCase" software to do a forensic analysis of Romm's hard drive.

That analysis and a subsequent one found some 42 child pornography images, which had been present in the cache used by Romm's Web browser and then deleted. But because in most operating systems, only the directory entry is removed when a file is "deleted," the forensic analysis was able to recover the actual files...

The 9th Circuit refused to overturn his conviction, ruling that American citizens effectively enjoy no right to privacy when stopped at the border.

So here we have an American citizen, being denied entry to Canada and, upon return to U.S. soil, having Homeland Security dig into his laptop. How odd.

[As a side note, it was my understanding that, if you were denied entry to a country and were forced to return, you technically never left the first country. So I have no idea what grounds Homeland Security would have for searching Mr. Romm since, technically, he never left the U.S.]

Which all brings us to the obvious question: What right do border officials have to tear apart someone's laptop, and how much do I have to co-operate?

Regarding the first question, there are two places where you might be searched: at security when boarding, and at customs after deplaning. I would think that the first location has no right to poke around looking for stuff like illegal porn. Their job, it would seem, is to guarantee passenger safety, and I think it's safe to say that my personal well-being at 30,000 feet is in no way jeopardized by child porn on someone else's laptop. (Unless it's the pilot's, but let's not go there, shall we?)

On the other end, if I'm returning to Canada, I'm a Canadian citizen, so if I refuse to allow any sort of examination of my laptop's contents, what are they going to do? Refuse to let me back in? I'm a Canadian, I have a right to enter the country, one would think. But here's where it gets amusing.

Just how effective is this forensic search strategy going to be? If I seriously wanted to import naughty pictures, I can encrypt them. Or misname them. Or put them in hidden folders. Or just not bring them at all, and get them later via e-mail or from a web site. I mean, Jesus Christ, the possibilities are endless. Really, you'd have to pretty stupid to get caught smuggling porn on your computer. But that's not the best part.

My laptop doesn't run Windows. It runs Linux. And with that comes all sorts of roadblocks I can throw up if someone wants to boot my system and start digging around.

First, maybe I'll have a BIOS password. Then a bootloader password. After which those poor fuckers will be presented with the graphical login screen, which requires a username and yet another password. Am I supposed to be helping them along this whole time, typing one password after another?

So I let them log in with my non-administrative account, at which point they're prevented from having access to protected directories on my system. So do I give them yet another password -- the superuser password?

And maybe I'll keep all those naughty pics in an encrypted filesystem or, better yet, in an unmounted filesystem so that it doesn't even show up in a regular forensic scan, which assumes they even have software that can search a Linux system. (Of course, maybe I'll have a dual-boot system that boots harmlessly to Windows just so they can amuse themselves. So many options, so much amusement.)

In any event, what this all boils down to is, without due cause, what do these imbeciles have the right to do? I'm happy to turn on my system just to show them that it actually boots (since, as we all know, there's no way anyone could hide a bomb inside a working laptop. Uh huh.) But, beyond that, I think that asking for anything more than that is going to get us into some ugly social dynamics.

My laptop. My data. And you can have the root password when you pry it from my cold, dead hands.

THE LEGAL SHIT
: Here.

AFTERTHOUGHTS: "grog" suggests the following:

Fundamentally, where US Customs and Immigration are concerned, you have no rights at all.

If they decide to take a crowbar to your laptop, there's SFA you can do about it.

Note, though, that in one of those cases (Romm), the U.S. officials proceeded to search the laptop of an American citizen, after he was already back on U.S. soil. Does this suggest that border guards have more law enforcement power than, say, police officers? Because if an American citizen was walking down a street in the U.S., I'm fairly sure a police officer has no right to just walk up to him and demand to search his laptop. But the argument that's being made here is that customs officials have exactly that power, which I find odd.

And note that that legal decision doesn't really clarify anything:

Lawyers throughout North America are trying to come to grips with the fallout of a decision by the Ninth Circuit Court of Appeals of the United States. The opinion of the Court, which held that computer devices and the data they contain can be thoroughly examined at the border, opened the floodgates to more thorough border crossing searches. However, even as the ink on that decision was beginning to dry, another opinion released by a court in the Central District of California, in the same Ninth Circuit, reached the opposite conclusion, adding to the confusion of an otherwise settled doctrine of border searches of persons and their goods.

"anonymous" also comments, but he's just being an asshole.

AND THE GAMES CONTINUE: Backseat Blogger gets all shrieky when he comments:

But, by all means, play around with the customs officers.

But don't plan on seeing the light of day anytime soon if you do.

In the first place, I have gotten my way with American customs officials. On one occasion, when passing through the security screen, I sent my laptop through the X-ray machine, and walked successfully through the metal detector.

At that point, an official asked me to step to the side for a random search of my person -- shoes, belt, etc. I said, sure, and started to walk over to get my laptop first. The official told me to just leave it where it was, at which point I made it abundantly clear that I wasn't leaving the X-ray conveyor area without my computer and, no, that wasn't open for negotiation. After a second or two, she relented and I got my computer.

And as for not seeing the light of day, BB, I gather you don't get out very often. The worst U.S. officials can do is refuse to let me enter the country. It's made perfectly clear to all travellers that, at any time, you can simply leave the inspection area and return to Canada.

But nice try, BB. I see being wrong is still a force of habit with you.

22 comments:

MgS said...

Fundamentally, where US Customs and Immigration are concerned, you have no rights at all.

If they decide to take a crowbar to your laptop, there's SFA you can do about it.

(This doesn't make it right - just a statement of the current status)

Anonymous said...

Suggestion:

Despite what you may believe, you have no right to enter the United States. So, to avoid issues with your child porn collection, don't go.

P.S., Nice mouth, boy.

Anonymous said...

what those guys said above.

you have zero rights. Not only can they do a complete forensic audit on your computer, they can do body cavity search on you, should they feel like it.

But, by all means, play around with the customs officers.

But don't plan on seeing the light of day anytime soon if you do.

Silly cynic.

Anonymous said...

Re "asshole" crack (no pun intended):

As I said, nice mouth potty-boy.

CC said...

And yet, for all your alleged outrage, here you are. Interesting.

Anonymous said...

Not really.

Anonymous said...

I wonder, though, why do you constantly go to a country so opressive and full of idiots? What draws so clever a person as you to such a backward place?

Anonymous said...

I mean, what draws you AND your laptop?

Anonymous said...

I mean, as you bravely confront the minimum wage earning security workers, do you ever ask yourself (or your laptop), "Why do I constantly come back?"

I mean, I don't often find my self returning to Haiti. You know, once is enough ... like.

Ti-Guy said...

The hell?...

Anonymous, lay off the Advil and stool softeners. The combo's making you loopy.

CC, your creepy trolls are really hoping you get stripped, probed, and possibly rendered to Syria. What a bunch.

Anonymous said...

Oh! Ya got me, Ti-Guy!

Stool softeners! Har!

At least you never travel outside your sad burg.

Anonymous said...

But seriously, if CC could get sent to Assad or ... gasp! ... Gitmo, I really think he ought to reconsider his attempt to enter the bad ol' Yoo Ess ... eh?

Ti-Guy said...

At least you never travel outside your sad burg.

I've been all over the world, my friend. I've crossed the borders into the Soviet Block during the 80's. I was even detained once by Canada Customs on the suspicion of drug smuggling. I told them categorically I was not going to submit to a cavity search. After two hours of standing around, they let me go.

I have never had a problem at the US border (except for attitude). But I refuse to travel there since March 2003, for obvious reasons.

The safe assumption is that you don't have any rights when you cross the border into a foreign country. Travel with your Canadian passport, don't do anything wrong, smile a lot, speak only when spoken to and hope for the best.

Ti-Guy said...

...oh, and be as white as possible.

Anonymous said...

CC, the right to be secure against unreasonable searches and seizures is guaranteed in the Fourth Amendment of the US Constitution. The US Constitution is, like most common law rules, territorial in its scope, i. e., it applies in the US; it does not apply outside the US (Gitmo). A person who applies for entry into the US is not in the US yet; therefore, he has no Fourth Amendment protection.

Please remember that the Foruth Amendment is the basis of protection within the US against unreasonable seizures as well as unreasonable searches. That means, in my opinion, if they have a mind to do so, they can prevent you from returning to Canada if hey want to. Am arrest, under American law, is essentially a "seizure" of the person.

The best rule of thumb at the US border is that you have no rights. Your only protection is that they are too busy to hassle everybody. My advice is to keep a low profile and cooperate. And clean your hard drive before you decide to enter the US. By the way, I am deadly serius about this advice.

CC said...

the seer writes:

"... in my opinion, if they have a mind to do so, they can prevent you from returning to Canada if [t]hey want to."

But not at the airport. Remember, Canadians flying into the U.S. clear U.S. customs while still in Canada.

If you decide you don't want to co-operate with U.S. customs, you are entirely free to turn around and walk away, and there's nothing they can do about it.

Ti-Guy said...

There was a case a while back involving a woman (beige, of course) in Vancouver who was prevented from turning around and walking away (although she was let go eventually). I haven't heard any follow-up on that. Probably, because like the Arar case, everyone probably stone-walled.

...of course, I could look it up.

Anonymous said...

If you read slash dot, encryption is no protection. There was some ruling a year or two ago where the US court decided that encryption is proof of intent when it comes to child porn.

Anonymous said...

Here is the story I was talking about. Be careful about the encryption on the laptop when traveling to the US.

http://news.com.com/Minnesota%20court%20takes%20dim%20view%20of%20encryption/2100-1030_3-5718978.html

Zorpheous said...

The EnCase Forensic software package can read any operating systems file structure and the drives do not need to logically mounted inorder for them to access the data one the drive. I owe a legal copy of EnCase, and it is what CIA, FBI, and RCMP use for examining computer operating systems. It can hack it's way through most encryptions schemes (just takes time), the stuff is very powerful. It also runs for about $4500.00 per pop.

I am surprised that Border Agents have access and training for this software since it is not mickey mouse software, it also takes a lot of time of run an analysis on a hardrive, not something that can be done in a quick security screen,.. unless they have come out with much newer and fast apps to do the job (my version is several years old, bought it back in 2004)

The entire EnCase software pack that includes a whole wack of tools for hacking a system drive can run for $8000.00. One of the great little hardware tools thet they sell is hard drive block reader that can lift background images off a hard drive, even after it has been formatted and bulk ereased.

It is very troubling that bordering egents have access to this tech.

Anonymous said...

Just pull out the hard drive and put it on a shelf or just chuck it.

Use a Live puppy linux CD.
It works WITHOUT a hard drive.
All you need is a little online storage.

No hard drive nothing to unerase.

OmegaWolf747 said...

US citizens should have full rights the moment we set a toe nail on US soil. My laptop is my business, not the government's. If I ever do travel internationally with the laptop, I will use TrueCrypt, which can hide everything on an encrypted partition and set up a dummy OS that will be the only thing CBP goons will see if they decide to paw through my files.