Sunday, August 20, 2006

TSA Copying Hard Drives? 4th Amendment Issues?


I'm hearing the TSA is copying the hard drives from laptops (some, I assume, not all) that are taken through airport screening.

I'm hearing they're using a pretty simple process, to expedite the copying (which, if true, dealt with my initial disbelief that this is happening -- the problem of how much time it would take to do a true mirror image of many/some of the laptops people bring with them to their flights).

What I'm hearing comes from people I think are credible sources, so I'm going to assume it's true, at least for now.


That brings to the issues which I have been asked about, namely, how can they do this? Isn't this a violation of the constitution? Don't we have a right to privacy in the contents of our laptop data?


Briefly, the answer to the last question is "yes," and the answer to the second question is, I'm afraid, "no."

And that brings us to the first question: How can they do this?
The only constitutional provision that would be implicated is the Fourth Amendment, which protects us from "unreasonable searches and seizures." "Reasonable searches and seizures" are ok. Searches are "reasonable" if they are conducted pursuant to a search warrant OR if they fall within an exception to the warrant requirement.

The TSA agents definitely do not have a search warrant. They must, therefore, be relying on either of two exceptions to the Fourth Amendment's warrant requirement.


One possibility is the border search exception. The border search exception is one of the oldest 4th Amendment exceptions. It lets officers/agents search you, your bags, all that without a warrant AND without probable cause or reasonable suspicion (as you can see from the opinion quoted below). The premise is that governments have the right to control what comes into/out of their border. We are probably all familiar with this in the context of customs searches of luggage when someone comes into (or goes out of -- the exception applies both way) the United States.


I started noting federal court decisions on the appliability of the border search exception to laptops a few years ago. I suspect the issue had never come up until then. The early (2-3 years ago) arguments on this tried to say something courts have found credible in other contexts: That a laptop is a "container," like luggage, but it is a much more complex container than luggage, can contain so much information it should be treated differently . . . basically as a container+.

That argument has worked elsewhere but has failed miserably in the border search context. Courts have done what the 9th Circuit does in the case quoted below, said a laptop is a container like any other container and can be searched by customs agents as such.


I can't find law on TSA searches, but I suspect that the same basic rationale is being applied here OR that these searches are based on another exception, the administrative search exception, which supports DUI checkpoints and airport screening generally.

The "administrative search" exception (which some think is about to swallow the Fourth Amendment) lets the government conduct searches and/or seizures without a search warrant when it is acting for a purpose other than the enforcement of criminal law.
So DUI checkpoints are (the Supreme Court has said) NOT about catching people who are driving drunk just so they can be prosecuted; the checkpoints are, instead, about ensuring safety on our highways by discouraging drunk driving.

The same thing holds for airport screening: When we go through the metal detectors and have our luggage screened it's not because the agents are trying to gather evidence to be used to convict us -- each of us -- of a crime. It is, instead, for a different, administrative purpose -- air travel.


Now, I wonder how and why checking the contents of someone's hard drive contributes to that administrative function. If and when this comes up in court, it seems to me that the person whose laptop hard drive was searched can argue that the search was unreasonable in scope, i.e., that copying and seachng the data on someone's hard drive is not sufficiently related to maintaining airport security to bring it within the scope of the adminstrative search exception.


One more point: Copying someone's hard drive is, I think, a "seizure" not a "search." Searches violate privacy, while seizures violate possessory interests. Since they don't actually "read" the files when they make the copy, there is no compromise of privacy, no "search." I'd say, though, that there is definitely an interference with possessory interests because (a) the laptop is taken away and "held" while the copy is made and (b) the government "takes" the copy, which means you no longer have exclusive possession and control of the data on the hard drive.


Ninth Circuit border search exception case:


First, we address whether the forensic analysis of Romm's laptop falls under the border search exception to the warrant requirement. We review the legality of a border search de novo. United States v. Okafor, 285 F.3d 842, 845 (9th Cir.2002). Under the border search exception, the government may conduct routine searches of persons entering the United States without probable cause, reasonable suspicion, or a warrant. See United States v. Montoya de Hernandez, 473 U.S. 531, 538, 105 S.Ct. 3304, 87 L.Ed.2d 381 (1985).


For Fourth Amendment purposes, an international airport terminal is the "functional equivalent" of a border. See Okafor, 285 F.3d at 845 (citing Almeida-Sanchez v. United States, 413 U.S. 266, 272-73, 93 S.Ct. 2535, 37 L.Ed.2d 596 (1973)). Thus, passengers deplaning from an international flight are subject to routine border searches. . . .


We assume for the sake of argument that a person who, like Romm, is detained abroad has no opportunity to obtain foreign contraband. Even so, the border search doctrine is not limited to those cases where the searching officers have reason to suspect the entrant may be carrying foreign contraband. Instead, " 'searches made at the border ... are reasonable simply by virtue of the fact that they occur at the border.' " United States v. Flores-Montano, 541 U.S. 149, 152- 53, 124 S.Ct. 1582, 158 L.Ed.2d 311 (2004) (quoting United States v. Ramsey, 431 U.S. 606, 616, 97 S.Ct. 1972, 52 L.Ed.2d 617 (1977)). Thus, the routine border search of Romm's laptop was reasonable, regardless whether Romm obtained foreign contraband in Canada or was under "official restraint."


United States v. Romm, --- F.3d ----, 2006 WL 2042827 (Ninth Circuit Court of Appeals, July 24, 2006).

5 comments:

Anonymous said...

I'm an airport sceeener and I would like to know exactly how we are supposed to be copying the information from hard drives while in front of passengers within a time period of less than a minute. Any information describing how this copying is conducted would make for interesting reading.

Susan Brenner said...

It's a very good point, and I'm at fault: I referred to TSA (for reasons that don't matter here), but the screening of this type actually seems to be carried out by Customs Agents.

I heard about a case recently in which agents went through the hard drive of a laptop being carried into this country, by a citizen, and the files he had on an external hard drive. The owner of the laptop consented (though there is some dispute as to the voluntariness of his consent), and the agents then took both the laptop and the hard drive away and went through them for some time . . . during which, of course, they found child pornography, which resulted in the owner's being tried.

So, you're right and I'm sorry.

Anonymous said...

Susan, are there any updates? I just read the following comment at another website, and hope you can respond (thanks):
I have one laptop for both work and personal, and it locked down insanely tightly, encrypted directories, encrypted swap etc... But if the TSA has the 'right' to take files at will then they likely have the 'right' to compel you to reveal a password. Failure to do so could land my arse in jail, and I'd rather not go there. I do realize the courts have ruled that not sharing a password is protected by the 5th Amendment whereas not turning over a physical key isn't, but actions like this could shoot holes in that.

Susan Brenner said...

There have been updates -- as far as the 5th Amendment issue is concerned -- since I did that post.

If you check out this post,

http://cyb3rcrim3.blogspot.com/2009/03/5th-amendment-bummer.html

it'll let you access both of them. As I explain in this post, I think the magistrate was correct in the initial opinion, holding that you can take the 5th Amendment and refuse to give up an encryption key. So far, there haven't been any other reported cases on the issue, and I don't know if Boucher is going to appeal the decision this post deals with.

Susan Brenner said...

There have also been developments in terms of new regulations governing border searches of laptops and other electronic media.

You can read about them here, and find a link to the site where they're posted (along with updates):

http://cyb3rcrim3.blogspot.com/2009/08/new-border-search-directives.html