Border Patrol Says It's Barred From Searching Cloud Data On Phones (nbcnews.com) 74
According to a letter obtained by NBC News, U.S. border officers aren't allowed to look at any data stored only in the "cloud" -- including social media data -- when they search U.S. travelers' phones. "The letter (PDF), sent in response to inquiries by Sen. Ron Wyden, (D-Ore.), and verified by Wyden's office, not only states that CBP doesn't search data stored only with remote cloud services, but also -- apparently for the first time -- declares that it doesn't have that authority in the first place." From the report: In April, Wyden and Sen. Rand Paul, R-Ky., introduced legislation to make it illegal for border officers to search or seize cellphones without probable cause. Privacy advocates and former Homeland Security lawyers have said they are alarmed by how many phones are being searched. The CBP letter, which is attributed to Kevin McAleenan, the agency's acting commissioner, is dated June 20, four months after Wyden asked the Department of Homeland Security (PDF), CBP's parent agency, to clarify what he called the "deeply troubling" practice of border agents' pressuring Americans into providing passwords and access to their social media accounts. McAleenan's letter says officers can search a phone without consent and, except in very limited cases, without a warrant or even suspicion -- but only for content that is saved directly to the device, like call histories, text messages, contacts, photos and videos.
Well obviously (Score:5, Insightful)
Obviously if your data is in the cloud, the government already has access to it if it needs. This just looks like a territorial dispute between different parts of the government...
Re: (Score:2)
Re: (Score:2)
Re: Only apps can app apps! (Score:1)
"I'm a fucking proud atheist .... I just wish all of them would burn in hell for all eternity"
So funny. Even in denial, he believes.
Re: (Score:2)
Thank you for your reply.
Good night and God bless.
Re: Only apps can app apps! (Score:2)
Misdirection (Score:4, Funny)
CBP: "That's right folks. Store your data in the cloud because that is where it is most secure." Well played but no thanks.
Re: (Score:3)
Re: (Score:2)
so many things, I would have done; but clouds got in my way...
Re:Misdirection (Score:5, Interesting)
CBP: "That's right folks. Store your data in the cloud because that is where it is most secure." Well played but no thanks.
What would you rather want, a ruling that they can? Also, remember that "the cloud" is not a legal term - if they can legally access your Dropbox/Facebook account, they can also access your personal Linux server you saved the ssh password for. Besides this fully makes legal sense, border control has the right to search the data you are trying to bring into the country. Data on a remote server you may potentially never access from or bring to the US should obviously not be part of the border search. I know many people here don't like concept of an electronic search at the border at all, but if you want that limited to a physical search for contraband the law needs to change. Until then use one of the many obvious ways to not have your private data accessible at the border.
Re: (Score:1)
"The cloud" doesn't have to mean "someone else's server". It can simply mean "a server that I run from my basement" in this case, since that's also not on the device itself.
Thanks to Trump, that has changed. (Score:1)
Now they can reject asylum [theguardian.com] seekers without even bothering to process them.
Soon they'll be free to deport anybody that simply isn't a loyal enough American, eh, Comrade?
And the border wall will be transparent [vanityfair.com] as well as solar powered.
Somebody please tell me that he's sundowning.
Follow the data (Score:1)
Loyal to America? No.
Trump does "loyal to Trump" not "loyal to America". Foreign spies are fine, dictators flagged as enemies of the US are fine... as long as they help *Trump*.
1) It should be clear from the emails that Trump knew about his Russian help.
2) If you look at the data Russia hacked, it was ELECTORAL ROLLS mostly.
3) This is the same data that Trump is trying to get now as his role of Whitehouse squatter.
4) So if you follow the data that will have gone to someone to help Trump 'win' an election.
5)
IBM & Amazon paid their bribes (Score:2)
"without consent" (Score:2)
Re: "without consent" (Score:2)
At what point would that become coercion?
Re: (Score:3)
Based on recent court rulings, I'd guess somewhere around the third tooth they drill out without anesthetic.
Re: "without consent" (Score:5, Insightful)
At what point would that become coercion?
Doesn't fucking matter. The average citizen does not have the financial means to defend even a single unconstitutional action against them. The Legal Industrial Complex is second only to the Medical Industrial Complex in terms of committing financial ass-rape against consumers. And those committing illegal actions against citizens know this.
Your only real chance is to arm yourself with enough legal knowledge to damn near pass a Bar Exam in hopes of diffusing a situation without being forced to defend yourself in a courtroom. Otherwise, you're likely going to be financially fucked. Is pissing away a chunk of your net worth or going into considerable debt really worth not giving up a social media password? Sorry kids, Daddy can't afford to help you with college. Refused to comply with an illegal search a few years ago. Kind of ate up the college fund.
The only Right we have left is the Right to ignorantly assume we can still afford any other Right history has bestowed upon us.
Re: (Score:3)
People have returned to the USA with material that results in further investigation on their camera SD cards or on the past film.
Digital devices can now hold many images or video files.
Now that same interesting data is been uploaded to cloud services.
Metadata could show gps locations in nations of interest to the USA not covered by any visa or digital passport entry/exit records.
Thats why images and modern files with metadata are of so much
Look At The Other Hand (Score:4, Interesting)
Ohh, it's a look at the other hand story, a magic trick. Folks they are not searching you phones for data, they grab it search your identity and then decide whether or not they install software onto your phone. They do not want to search your phone once, they want to search it for as long as it lasts. If it was about searching your phone, they would do it too your face, to watch reaction as they searched each directory. Nope, they hide the search from you, don't let you see it because they are not taking off but adding on and they most definitely do not want you to see that.
You can store a lot on phones nowadays and creating a copy via a USB (searching is not copying everything for ever) and getting a 100mb off a phone takes quite some time, queues at airports would be many kilometres long and really they only take enough time to add software rather than copy data.
I think people are starting to realise and hence are becoming far more cautious and are not travelling through US espionage customs with zero digital devices. Cheaper to buy a burner phone at the new location than attempt to clean a spy ridden one. When travelling overseas leave your personal phone at home and buy a new one when you get there. When you want to bring your digital data back from over seas, encrypt it and send it back to your localised ISP storage or on a device you had hooked up to your home network. When they ask, do you have anything to declare, answer in a proud voice, I like me privacy and I have nothing for you to search or add spyware to.
Re: (Score:3)
The detection rate would be even more easy then.
Normal people have a smart phone with history. Normal people show what is on their phone and the details go back years in an average and normal way.
A person with no phone in 2017 is interesting.
A wealthy person with a new phone with no contacts or history?
What happened to their old phone? Lost? Stolen? Why not recover all data back into the replacement? O
Re: (Score:2)
I believe your argument works against you. The people in your example stuck out because they were strangers in a strange land, not just because they had a nice haircut and a sunny demeanor. Certainly their appearance and demeanor added to the "oddness" effect but I have my doubts that was the only reason they were given scrutiny.
A person that knows the local customs, because they are locals, would not trigger the "oddness" detector like a person that did not know those customs. People even in 2017 don't
Re: (Score:2)
The really good news now is that a lot of shared mil/gov/police and private sector databases exist. All kinds of nations and some unexpected nations support the USA in finding criminals and interesting people.
So many images are captured around the world by all kinds of groups and given back to US law enforcement.
Social media is packed with interesting people supporting banned groups trying to enter or exit the USA.
The more a "normal" person tires to hide
Re: (Score:2)
"Normal people have a smart phone with history. Normal people show what is on their phone and the details go back years in an average and normal way."
no they don't. Most people do not transfer absolutely everything to their phone every time. Even Photos and videos do not auto transfer and all the apps only a handful you tell to do a "cloud sync" will transfer any data.
Also most people use their phone replacement as an opportunity to clean house.
If you think there is years of data on there then you have
Re: (Score:2)
Re:Look At The Other Hand (Score:5, Interesting)
Bonus points if you intentionally craft the phone/laptop's browser history with embedded Javascript to pwn the agent's own computer when s/he goes to view it using some badly-written viewer that naively renders it straight into an IE window. And plenty of JPEG cat images crafted to exploit buffer overflow vulnerabilities.
Or, if you just want a free ticket to Defcon next year as a speaker, make an image backup of your hard drive & any embedded firmware onto immutable media (like BD-R) prior to passing through customs, let CBP have fun installing malware on it, then diff your homemade honeypot against that backup when you get home and reverse-engineer any changes they made.
Re: (Score:2)
Well yeah (Score:2)
Re: (Score:2)
Can't tell if serious or just an elaborate troll... but in other words, privacy is fine until you want to enter a country. Then you should have to provide all information about everywhere you've been, everyone you've communicated with and the contents of that communication, every group or organization you're ever been a member of, every photo you've ever taken, basically every scrap of information about your life from birth to present day? Sounds like a fascist country I wouldn't want to visit. Sounds more
Re: (Score:2)
Great.
Mistakes and poor grammar protect against been considered as having any social influence.
A level of good grammar, an expensive education, good spelling, project names are often topics for later human review.
People working for the police and security service also look for interesting people who can influence a lot of people on social media with one comment thats well written, articulate and could show some public relations effort. The sort of education they had.
Does/d
Re: (Score:3)
GCHQ has tools to manipulate online information, leaked documents show (15 July 2014)
https://www.theguardian.com/uk... [theguardian.com]
The term automated would cover that effort.
Re:border crossing (Score:2)
-Place phone in plastic bag.
-Duct-tape phone to $400 drone.
-Place drone near border crossing maybe a few miles away.
-Cross border.
-Drive a few miles.
-Fly drone with phone across border.
-Proceed on merry way.
Good. (Score:2)
Those assholes should not be able to search phones in general.
Hoping that even more is taken from them to restore our rights once more.
Re: (Score:2)
Anything within 100 miles of the border is a Constitution-free zone, don't you know. So I assume they mean everyone. But especially anyone who looks like they might be from the Middle East.