Border agents who seize and search people's tech devices at entry points to the United States without any suspicion of criminal activity are violating Fourth Amendment rights, a federal judge ruled this week in a case likely headed to the Supreme Court.
The American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF) sued in 2017 on behalf of 11 travelers—10 American citizens and one permanent resident—who had been ordered by Department of Homeland Security officials to let them review and copy the contents of their devices without any sort of warrant or explanation of what agents were looking for.
Customs and Border Patrol (CBP) and Immigration and Customs Enforcement (ICE) officials have long been arguing the authority for these warrantless searches on the basis of the so-called "border search exception." Courts have traditionally ruled that America's sovereign interest in controlling what and who it allows to enter its borders permits officials to search people and property coming into the country (or within 100 miles of a border) without needing a warrant or any sort of suspicion.
While this has historically been a mechanism for fighting smuggling, in a post-9/11 era it has been escalated into a demand to search people's technology and access their files and contents. Each year, CBP searches tens of thousands of devices of people crossing the border.
The ACLU and EFF have been fighting these violations of privacy, and lawmakers like Sens. Rand Paul (R–Ky.) and Ron Wyden (D–Ore.) have been proposing legislation to mandate warrants for tech searches.
In a 48-page decision in Alasaad v. McAleenan handed down Tuesday, Judge Denise J. Casper of the U.S. District Court of Massachusetts ruled that there are limits to the extent that officials can engage in warrantless, suspicionless border searches, and these intrusive tech searches cross the line, violating the Fourth Amendment rights of the plaintiffs. While it's true Americans should expect less privacy at the border, it doesn't mean they have absolutely none.
In the ruling, Casper notes that, unlike border searches of property and vehicles looking for contraband people might be trying to smuggle into the country, these tech searches are typically about accessing data that officials argue may alert them to criminal activity. But that's similarly true of the data of tech devices once they're inside the country, and police still need to get warrants to search them. Casper notes that DHS is defending these searches by claiming they might catch contraband like child pornography, but DHS did not provide data as to how frequently such contraband is found during random searches (thus Casper could not perform any sort of privacy balancing test). According to her ruling, DHS has supplied that they've uncovered 34 cases of "digital contraband" via tech border searches. But they've performed more than 100,000 searches of tech devices between 2012 and 2018. Those aren't terribly good numbers to justify mass, intrusive violations of people's personal information.
Casper further notes, on a more technical level, that these tech searches are not "routine" because of the exceptionally intrusive nature of looking through a person's phone or laptop, compared to searching somebody's luggage or vehicle. Some of the data officials accessed through the plaintiffs' tech devices included confidential communications with attorneys, email and text message histories, and troves of deeply personal information. Some plaintiffs' devices were seized and kept for weeks before they were returned—after border officials had copied the contents of the files into their own systems.
Casper writes in her ruling that the Supreme Court decision in Riley v. California is "particularly instructive." In that 2014 case, the Supreme Court ruled unanimously that police need to get a search warrant to look through the contents of the cell phone of a person they've arrested. DHS does not want that ruling to extend to border tech searches, which is why they're leaning so heavily on the border exception. The Riley ruling rejected the idea that a search of a phone is no different from a search of a person's body and possessions when they're arrested. Similarly, Casper is rejecting the idea that searching a phone at the border is no different from looking through somebody's luggage for drugs.
In the end, Casper denies the plaintiffs' request to force the feds to expunge all the data they've collected from their tech devices. But she does declare that the current guidelines for border tech searches by CBP and ICE violate the Fourth Amendment rights of the plaintiffs because the guidelines require no reasonable suspicion that the devices contain contraband to justify extensive searches and seizing the devices and copying of the contents. But she stops short of putting in place an actual injunction prohibiting the feds from continuing these searches while DHS considers its options.
It seems obvious that this case will be fought all the way to the Supreme Court. For now, the ACLU and EFF are celebrating the ruling. The two organizations put out a joint statement:
"This ruling significantly advances Fourth Amendment protections for the millions of international travelers who enter the United States every year," said Esha Bhandari, staff attorney with the ACLU's Speech, Privacy, and Technology Project. "By putting an end to the government's ability to conduct suspicionless fishing expeditions, the court reaffirms that the border is not a lawless place and that we don't lose our privacy rights when we travel."
"This is a great day for travelers who now can cross the international border without fear that the government will, in the absence of any suspicion, ransack the extraordinarily sensitive information we all carry in our electronic devices," said Sophia Cope, EFF senior staff attorney.
Read the ruling here.