September 15, 2022

Sen. Ron Wyden (D-Oregon), a member of the Senate Select Committee on Intelligence, sent a letter to CBP Commissioner Chris Magnus voicing concerns about the electronic privacy of travelers who pass through U.S. ports of entry, including land border crossings and airports. Sen. Wyden accused CBP of “pressuring travelers to unlock their electronic devices without adequately informing them of their rights” and “downloading the contents of Americans’ phones into a central database, where this data is saved and searchable for 15 years by thousands of Department of Homeland Security employees, with minimal protections against abuse.”

The Washington Post and Gizmodo reported on the letter, and on CBP’s apparent exception to the Constitution’s Fourth Amendment allowing it to carry out “advanced searches” of travelers’ phones—including those of U.S. citizens—if they have a “reasonable suspicion” that the individual is breaking the law or poses a “national security concern.” “It’s not immediately clear what a ‘national security concern’ is, or what differentiates it from reasonable suspicion, an already low evidentiary standard,” Gizmodo reported.

Even without such suspicion, CBP claims the power to access travelers’ electronic devices, looking at “anything that ‘would ordinarily be visible by scrolling through the phone manually,’ including contact lists, calendar entries, messages, photos and videos,” the Washington Post explained citing a 2018 CBP “Privacy Impact Assessment Update.” With the “reasonable suspicion” standard, CBP can copy the entire contents of the phone or device. “That data is then stored in the Automated Targeting System database, which CBP officials can search at any time.”

CBP is collecting further, “advanced” data from “less than 10,000” border-crossers’ devices each year, Sen. Wyden’s letter indicates that agency personnel told his office. The number appears to refer only to the “advanced” searches: CBP’s Enforcement Statistics web page indicates that the agency subjected 45,499 international travelers to “electronic device search” in fiscal year 2022, a 21 percent increase over 2021. In the case of “advanced” searches, CBP retains the copied data for 15 years.

Sources told the Washington Post that about 2,700 or 3,000 CBP personnel have access to this collected data, all without a warrant. CBP personnel are not required to record the purpose of their searches, Sen. Wyden noted, “even though auditable records of this sort are an important safeguard against abuse.”

Sen. Wyden’s letter called on CBP to change its policy, laid out in a January 2018 directive, and halt warrantless searches of U.S. citizens’ phones. The Senator asked the CBP Commissioner for “a written plan,” by October 31, 2022, describing the steps that CBP would take to address his concerns.

CBP officials declined to answer Washington Post questions “about how many Americans’ phone records are in the database, how many searches have been run or how long the practice has gone on, saying it has made no additional statistics available ‘due to law enforcement sensitivities and national security implications.’”

— Sen. Ron Wyden (D-Oregon). “Wyden Letter to CBP on Border Searches of Devices,” September 15, 2022. <https://www.wyden.senate.gov/imo/media/doc/Wyden%20letter%20to%20CBP%20on%20border%20searches%20of%20devices.pdf>.

— Harwell, Drew. “Customs Officials Have Copied Americans’ Phone Data at Massive Scale.” Washington Post, September 19, 2022. <https://www.washingtonpost.com/technology/2022/09/15/government-surveillance-database-dhs/>.

— Dell Cameron and Lauren Leffer. “Border Agents Are Taking Data From Americans’ Phones Without Warrants.” Gizmodo, September 15, 2022. <https://gizmodo.com/border-patrol-surveillance-cell-data-no-warrants-1849540504>.

— “Privacy Impact Assessment Update for CBP Border Searches of Electronic Devices.” U.S. Customs and Border Protection, January 4, 2018. <https://www.dhs.gov/sites/default/files/publications/PIA-CBP%20-%20Border-Searches-of-Electronic-Devices%20-January-2018%20-%20Compliant.pdf>.

Screenshot from CBP Enforcement Statistics web page, January 14, 2023 (Washington: U.S. Customs and Border Protection, January 14, 2023) <https://www.cbp.gov/newsroom/stats/cbp-enforcement-statistics>.

— “CBP Directive 3340-049A: Border Search of Electronic Devices.” U.S. Customs and Border Protection, January 4, 2018. <https://www.cbp.gov/sites/default/files/assets/documents/2018-Jan/CBP-Directive-3340-049A-Border-Search-of-Electronic-Media-Compliant.pdf>.

Sector(s): Border-Wide

Agency(ies): CBP

Event Type(s): Civil Liberties or Privacy Infringement

Accountability Status: Unknown

Victim Classification: