Boarding an airplane is one of those times you realise just how vital laptops are to modern life. If yours was left behind in a checked bag at some airport terminal, you’d be rendered somewhat useless until you got it back. If you’re on a deadline, you need it to work on the plane. They contain so much personal data that being separated from them for an extended period of time is frightening.
With new rules enforced Tuesday, you will no longer be able to bring your beloved laptop on flights coming to the U.S. from 10 airports within Muslim-majority countries — and some people are rightfully worried about authorities being able to comb through your data without your consent. So, what happens to your data when it’s out of your hands?
“Journalists, activists and human rights lawyers have very sensitive data on their computers, on their tablets and other electronic devices,” human rights lawyer Arjun Sethi said. “Often we don’t let these devices leave our sight, and the prospect that they could be in the hands of a foreign government — even for a short period of time — is disconcerting and troubling.”
The ban prohibits passengers flying to the U.S. from select airports in Jordan, Egypt, Turkey, Saudi Arabia, Kuwait, Morocco, Qatar and the United Arab Emirates from carrying laptops, tablets, e-readers, cameras, DVD players, some game systems and more, though smartphones are allowed. This could subject around 6.75 million passengers to the possibility of placing their devices and data into the hands of government officials on multiple continents over the next 12 months.
This has worried a cross-section of folks including immigration and human rights lawyers as well as the Electronic Frontier Foundation (EFF).
“The government should be more transparent about the need for the new rule, which affects the privacy of our data,” said Danny O’Brien, the international director at the EFF in an emailed statement. He also called on Congress to “make it clear” that agents need a warrant before accessing electronic devices.
The problem, of course, is that U.S. agents don’t need such a warrant. They can ask to see phones and other devices at the border. Now officials will know which flights have bags filled with devices that store personal information.
Now officials will know which flights have bags filled with devices that store personal information.
It’s the latest in a string of strict regulations that can affect travelers’ privacy.
Following President Donald Trump’s attempts at a de facto Muslim ban, immigration lawyers said they heard many stories from clients and others who have been asked to provide device passwords so agents can snoop through whatever they like. Many people who have traveled internationally have opened a checked bag to find a note saying their bag’s been searched.
Licelle Cobrador, an immigration lawyer, said it’d be simple to say there’s a “national security issue” of some type to justify why certain bags were checked, and officials wouldn’t necessarily have to reveal which bags.
That’s not to say it’d be the easiest job in the world. Rick Nelson, a former counterintelligence official now with the Center for Strategic and International Studies, said it’d be difficult to target a certain bag after it’s been checked, find the device officials are looking for, copy or search through the data, and get it back in place before a plane takes off or before the bags are sent to be picked up.
That may be true in some cases, but several lawyers in multiple fields of expertise pointed to technology that can quickly download and store data off phones and laptops.
You might remember Cellebrite, the Israeli company that helped the FBI crack the encryption on a phone that belonged to a perpetrator of the 2015 mass-shooting in San Bernardino, California. Cellebrite devices can copy data from laptops and other electronics simply by being physically connected to them. Once connected, Cellebrite users can select how much data they’d like to take.
With such technology, agents wouldn’t need to ask for your password if they wanted your data.
The company has contracts with many U.S. government agencies, including Immigrations and Customs Enforcement (ICE) and the Transportation Security Administration (TSA). With such technology, agents wouldn’t need to ask for your password if they wanted your data.
Bradley Shear, a lawyer with expertise in social data, said the main way to protect yourself is to limit the data on the devices you travel with.
If you can afford a second laptop, it might make sense to travel with a small laptop free of much of the data you keep on the other one. If that’s not an option, make sure to back up your data on a separate drive that stays at home, or at least put your information on the cloud.
“Whatever you’re bringing with you, you’ve gotta be prepared that there’s going to be a very invasive security screening,” Shear said.