CBP Directive on Search of Electronic Devices and How to Ensure Ethical Responsibility Over Confi
In the continuous effort to strike a balance between its onus of protecting national security and confining its practices to those allowed by statutory and constitutional law, on January 5th, 2019, U.S. Customs and Border Protection issued its first directive governing border searches and electronic devices since the 2009, approximately a decade prior.
Due to the wide authority consigned to CBP in conducting its searches at U.S. ports of entry as long upheld by judicial decrees in cases concerning such authority, it is imperative that law practitioners be aware of CBP practice both generally and as contained in the updated directive in order to continue to best protect client information if ever faced with such a search.
Changes Introduced by the New CBP Directive
CBP enjoys an expansive breadth of authority concerning its ability to search and inspect the contents being conveyed across U.S. ports of entry, including data stored on electronic devices. While it's worthy of note that the number of searches has been on the increase, CBP examines less than one-hundredth of one percent of travelers entering the U.S. Nonetheless, due to the wide discretion given to CBP officers in their ability to conduct searches, attorneys with the responsibility to protect privileged client information should embrace all reasonable preparedness at the possibility.
The updated directive includes noteworthy practice guidance concerning the inspection of electronic devices that affected law practitioners should be aware of.
Guidance for Attorneys Whose Practice Requires the Protection of Confidential Client Information
In the most general and obvious sense with concern to CBP's almost unmitigated authority in conducting searches of personal effects when one is entering the U.S., attorneys should be aware of all privileged materials they are transporting in such scenarios and should be sure to educate clients on their personal need to assert the privileged nature of any communications contained on their own devices upon entering such circumstances.
More specifically, as per the American Bar Association (ABA) as well as direct guidance promulgated by the New York City Bar Association's Ethics committee, attorneys should be mindful to address the protection of client data (1) before approaching a U.S. port of entry, (2) when a U.S. border officers ask to review information on their electronic device, and (3) after the officer's review of sensitive information. Attorneys should also be sure to carry identification regarding their attorney status and notify clients of any disclosure of confidential information to a third party if it occurs.
The following practices could also prove extremely useful in adopting as a means to safeguard confidential client information:
• Use of temporary or travel laptops stripped of local documents and client information. Necessary documents can be accessed through a law firm VPN, cloud-based document storage, and other such services.
• More generally just use Software as a Service (SAAS) – software housed on the internet.Use of temporary mobile phones devoid of client contacts and other client information. Clients can be requested to use an office number while on travel, which is forwarded to the new cell phone number that remains unpublished.
• Travel with a bare or "forensically clean" computer.
• Turn off the computer at least 5 minutes before reaching the inspection point so as to bar access to the Random Access Memory (RAM).
• Back up data before crossing.
• Use a different user account to hold sensitive information.
• Make utilization of strong encryption and complex passwords.
• Partition and encrypt the hard drive.
• Protect the FireWire data port.
• Clean laptops or phones once they are returned.
• Wipe smartphones remotely.
Most importantly, in light of all the information above and one's ethical duties as a law practitioner, it must be remembered that attorneys are required as part of their professional responsibility to take all reasonable measures in advance to avoid disclosing confidential information, this case being the potential scenario in which a border officer attempts to search one's electronic devices.
See the full article at: https://www.calivisa.com/
If there are any questions, please contact us at:
Powell Immigration Law, PC