U.S. Customs and Border Protection has advised a Senator that while it has the power to search electronic devices and examine all data stored on them, these powers do not extend to searching data stored in the cloud …
The disclosure was made in reply to written questions submitted by Sen. Ron Wyden, D-Ore.
CBP’s authority to conduct border searches extends to all merchandise entering or departing the United States, including information that is physically resident on an electronic device transported by an international traveler. Therefore, border searches conducted by CBP do not extend to information that is located solely on remote servers.
One word in that response does need to be emphasized, however: ‘solely.’ This implies that any data stored both on a device and in the cloud is fair game.
Engadget notes that Homeland Security previously acknowledged that it carried out 5,000 searches of travelers’ electronic devices in one month in 2016, compared to the same number during the whole of 2015. Assuming the month concerned was typical, this suggests a 12-fold increase in the number of searches.
The response to Wyden’s questions also confirmed that while foreign visitors can be denied entry to the USA if they refuse to unlock their devices for search, the same is not true of U.S. citizens. However, refusal to cooperate does permit Border Protection to retain the device for further inspection.