Light Dark
January 11, 2018 By Douglas Bonderud 2 min read

The rules that regulate the inspection of electronic devices at U.S. border entry points are changing. As noted by ABC News, almost 20,000 devices were inspected by border agents in 2016, and that figure rose nearly 60 percent to just over 30,000 devices last year.

Not surprisingly, the increased scrutiny and seizure of devices has digital privacy groups worried. How much power is too much when it comes to accessing personal electronic devices? A new directive from U.S. Customs and Border Protection (CBP) has redrawn basic data handling rules and placed restrictions on how agents manage specific searches.

CBP Intensifies Inspection of Electronic Devices

Under the old rules, agents were allowed to conduct device searches, which involved physically examining devices, viewing photos and messages, copying data and accessing information stored in the cloud, with or without suspicion.

According to Threatpost, the new directive divides such searches into two categories: basic and advanced. Basic searches can still be conducted without suspicion but are limited to viewing photos and messages and physically examining the devices. Advanced searches now require reasonable suspicion. Agents are allowed to “review, copy and analyze a digital device’s contents,” but not to access cloud data.

As noted by Lexology, while this is a significant change from prior policy, it is largely a reflection of a recent Federal Court of Appeals finding, which confirmed that “officers needed reasonable suspicion of criminal activity before they could justify a forensic search of a laptop seized at the border.”

It also doesn’t affect agents’ ability to seize devices with supervisor approval and hold them for a “reasonable period of time.” Typically, this period is no more than five days, but if CBP claims “extenuating circumstances,” the seizure could be extended indefinitely.

The Traveler’s Dilemma

There’s a real and growing need to manage the influx of digital data across U.S. points of entry, but tech-savvy travelers are understandably reticent to hand over their mobile devices. Travelers are used to having bags and briefcases searched, but digital devices often contain personal and business data that many are unwilling to share with anyone, including customs agents. Even under the new rules, basic searches are permitted without suspicion, and officers typically ask travelers to provide their passcodes to simplify access and speed evaluation.

As noted by the Electronic Frontier Foundation (EFF), travelers can limit their risk by leaving some devices at home and deleting data on devices they carry. It’s also worth noting that U.S. citizens cannot be denied entry to the country if they refuse to consent to device searches, but foreign visitors can be turned away.

Even with redrawn lines of authority, CBP agents still possess broad powers when it comes to the inspection of electronic devices. The requirement for reasonable suspicion and restrictions on accessing cloud data are solid starting points, but more work is required to balance the need for data security against the digital privacy of citizens.

 |  |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from

March 4, 2025

FYSA — VMware Critical Vulnerabilities Patched

< 1 min read - SummaryBroadcom has released a security bulletin, VMSA-2025-0004, addressing and remediating three vulnerabilities that, if exploited, could lead to system compromise. Products affected include vCenter Server, vRealize Operations Manager, and vCloud Director.Threat TopographyThreat Type: Critical VulnerabilitiesIndustry: VirtualizationGeolocation: GlobalOverviewX-Force Incident Command is monitoring activity surrounding Broadcom’s Security Bulletin (VMSA-2025-0004) for three potentially critical vulnerabilities in VMware products. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, have reportedly been exploited in attacks. X-Force has not been able to validate those claims. The vulnerabilities…

February 21, 2025

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

February 14, 2025

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature