An investigation of US border controls shows that data copied from mobile phones, PCs or tablets are not erased or stored securely
If between 2016 and 2017 US Customs agents inspected smartphones, laptops, USB sticks, tablets or other electronic devices that you had brought with you on the road, they could still have kept, and without it being necessary, your data. At the beginning of December, the inspectors of the US Department of Homeland Security published the results of a survey on electronic device controls at the borders. It comes out a portrait not exactly flattering. Agents often do not disconnect devices, especially cell phones, from networks, thus having access to information that they would not be required to verify. Or they forget to delete data stored on external archives. And again: they do not have security tools updated enough to protect the information collected.
Agents can decide to inspect, even after electronic records, electronic equipment, to determine if the person can cross the border or to unmask crimes such as terrorism, child pornography or importing drugs or counterfeit products. Last March a control of this type made it possible to identify terrorist videos and materials, blocking the suspect from customs.
For some accesses, 67 to be precise, it can also take an even more in-depth examination (within an experimental project started in 2007), which consists in loading the copy of the data package onto a program that compares them with the existing information.
The Department of Security inspectors analyzed the checks carried out between April 2016 and July 2017 and discovered a series of flaws in these procedures. First: agents often do not document the results of their investigations in detail. And therefore there remain partial or incomplete traces of the checks. Analyzing 194 reports, it emerged that 67% had at least one problem.
Second problem: the devices are not disconnected. Agents at the borders of the United States can rummage in data on a smartphone or computer, but only on those stored physically on the device. Those stored remotely, for example in the cloud, are not included. The rule therefore would require you to disconnect the device before inspecting it. Practice often bypassed, as evidenced by the analysis of the 194 reports examined by the department inspectors. In 154 of these there was no evidence that the internet was blocked.
Third: agents forget to delete data copied and saved on external memories to compare them with police software. The information should be discarded immediately after the check, but it is not. The inspectors analyzed the external memories used in five gates where the United States is experimenting with this advanced form of investigation. And they found that in three out of five cases the devices contained data from past controls.
Fourth catch: the antivirus. To prevent the infection of state computers during inspections, the devices should be equipped with antivirus and updated software licenses. But even in this case good intentions are on paper. Department inspectors have discovered a seven-month hole in the program's license that allows them to analyze devices without importing illegal material. From 1 February 2017 to 12 September of the same year, according to the results of the report, the offices remained uncovered. And therefore exposed to all the risks involved.