[Senate Hearing 110-589]
[From the U.S. Government Publishing Office]
S. Hrg. 110-589
LAPTOP SEARCHES AND OTHER VIOLATIONS OF PRIVACY FACED BY AMERICANS
RETURNING FROM OVERSEAS TRAVEL
=======================================================================
HEARING
before the
SUBCOMMITTEE ON THE CONSTITUTION
of the
COMMITTEE ON THE JUDICIARY
UNITED STATES SENATE
ONE HUNDRED TENTH CONGRESS
SECOND SESSION
__________
JUNE 25, 2008
__________
Serial No. J-110-103
__________
Printed for the use of the Committee on the Judiciary
U.S. GOVERNMENT PRINTING OFFICE
45-091 PDF WASHINGTON DC: 2008
---------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800
DC area (202)512-1800 Fax: (202) 512-2250 Mail Stop SSOP,
Washington, DC 20402-0001
COMMITTEE ON THE JUDICIARY
PATRICK J. LEAHY, Vermont, Chairman
EDWARD M. KENNEDY, Massachusetts ARLEN SPECTER, Pennsylvania
JOSEPH R. BIDEN, Jr., Delaware ORRIN G. HATCH, Utah
HERB KOHL, Wisconsin CHARLES E. GRASSLEY, Iowa
DIANNE FEINSTEIN, California JON KYL, Arizona
RUSSELL D. FEINGOLD, Wisconsin JEFF SESSIONS, Alabama
CHARLES E. SCHUMER, New York LINDSEY O. GRAHAM, South Carolina
RICHARD J. DURBIN, Illinois JOHN CORNYN, Texas
BENJAMIN L. CARDIN, Maryland SAM BROWNBACK, Kansas
SHELDON WHITEHOUSE, Rhode Island TOM COBURN, Oklahoma
Bruce A. Cohen, Chief Counsel and Staff Director
Stephanie A. Middleton, Republican Staff Director
Nicholas A. Rossi, Republican Chief Counsel
------
Subcommittee on the Constitution
RUSSELL D. FEINGOLD, Wisconsin, Chairman
EDWARD M. KENNEDY, Massachusetts SAM BROWNBACK, Kansas
DIANNE FEINSTEIN, California ARLEN SPECTER, Pennsylvania
RICHARD J. DURBIN, Illinois LINDSEY O. GRAHAM, South Carolina
BENJAMIN L. CARDIN, Maryland JOHN CORNYN, Texas
Robert F. Schiff, Chief Counsel
Lauren B. Petron, Republican Chief Counsel
C O N T E N T S
----------
STATEMENTS OF COMMITTEE MEMBERS
Page
Brownback, Hon. Sam, a U.S. Senator from the State of Kansas..... 4
Feingold, Hon. Russell D., a U.S. Senator from the State of
Wisconsin...................................................... 1
prepared statement and attachments........................... 114
Leahy, Hon. Patrick J., a U.S. Senator from the State of Vermont,
prepared statement............................................. 142
WITNESSES
Carafano, James Jay, Assistant Director, Kathryn and Shelby
Cullom Davis Institute for International Studies, and Senior
Research Fellow, Douglas and Sarah Allison Center for Foreign
Policy Studies, The Heritage Foundation, Washington, D.C....... 15
Cunningham, Larry, Assistant District Attorney, Bronx County;
Assistant Professor of Legal Writing, St. John's University
School of Law, Queens, New York................................ 12
Gurley, Susan K., Executive Director, Association of Corporate
Travel Executives, Alexandria, Virginia........................ 10
Khera, Farhana Y., President and Executive Director, Muslim
Advocates, San Francisco, California........................... 13
Sales, Nathan A., Assistant Professor of Law, George Mason
University School of Law, Arlington, Virginia.................. 8
Swire, Peter P., Professor, Moritz College of Law, The Ohio State
University, and Senior Fellow, Center for American Progress,
Washington, D.C................................................ 17
Tien, Lee, Senior Staff Attorney, Electronic Frontier Foundation,
San Francisco, California...................................... 6
QUESTIONS AND ANSWERS
Responses of Larry Cunningham to questions submitted by Senator
Brownback...................................................... 36
Responses of Farhana Khera to questions submitted by Senator
Feingold....................................................... 40
Responses of Lee Tien to questions submitted by Senator Feingold. 44
SUBMISSIONS FOR THE RECORD
Ahern, Jayson P., Deputy Commissioner, Customs and Border
Protection, Department of Homeland Security, Washington, D.C.,
statement...................................................... 52
Asian Law Caucus, Inc., Shirin Sinnar, Staff Attorney, San
Francisco, California, statement and attachments............... 60
Carafano, James Jay, Assistant Director, Kathryn and Shelby
Cullom Davis Institute for International Studies, and Senior
Research Fellow, Douglas and Sarah Allison Center for Foreign
Policy Studies, The Heritage Foundation, Washington, D.C.,
statement...................................................... 81
Cunningham, Larry, Assistant District Attorney, Bronx County;
Assistant Professor of Legal Writing, St. John's University
School of Law, Queens, New York, statement..................... 87
Gurley, Susan K., Executive Director, Association of Corporate
Travel Executives, Alexandria, Virginia, statement............. 124
Khera, Farhana Y., President and Executive Director, Muslim
Advocates, San Francisco, California, statement................ 131
Muslim Bar Association of New York, Asim Rehman, Esq., President,
New York, New York, letter..................................... 144
Organizations urging the Committee on the Judiciary to hold
hearings on Department of Homeland Security practices:
May 1, 2008, joint letter.................................... 146
June 20, 2008, joint letter.................................. 149
Sales, Nathan A., Assistant Professor of Law, George Mason
University School of Law, Arlington, Virginia, statement....... 153
Swire, Peter P., Professor, Moritz College of Law, The Ohio State
University, and Senior Fellow, Center for American Progress,
Washington, D.C., statement.................................... 162
Tien, Lee, Senior Staff Attorney, Electronic Frontier Foundation,
San Francisco, California, statement........................... 174
U.S. Immigration and Customs Enforcement, Julie L. Myers,
Assistant Secretary, Washington, D.C., directive............... 187
U.S. News and World Report, June 24, 2008, article............... 197
Washington Post, February 7, 2008, article....................... 199
LAPTOP SEARCHES AND OTHER VIOLATIONS OF PRIVACY FACED BY AMERICANS
RETURNING FROM OVERSEAS TRAVEL
----------
WEDNESDAY, JUNE 25, 2008
U.S. Senate,
Subcommittee on the Constitution,
Committee on the Judiciary,
Washington, D.C.
The Subcommittee met, pursuant to notice, at 9:06 a.m., in
room SD-226, Dirksen Senate Office Building, Hon. Russell D.
Feingold, Chairman of the Subcommittee, presiding.
Present: Senators Feingold, Durbin, and Brownback.
OPENING STATEMENT OF HON. RUSSELL D. FEINGOLD, A U.S. SENATOR
FROM THE STATE OF WISCONSIN
Chairman Feingold. Welcome to this hearing of the
Constitution Subcommittee entitled ``Laptop Searches and Other
Violations of Privacy Faced by Americans Returning from
Overseas Travel.'' We will be hearing this morning from a panel
of experts who can help us explore the legal and practical
implications of this important issue.
Let me start by making a few opening remarks, then I will
recognize the Ranking Member, Senator Brownback, for an opening
statement, and then we will turn to our witnesses.
If you asked most Americans whether the Government has the
right to look through their luggage for contraband when they
are returning from an overseas trip, they would probably tell
you yes, the Government has that right. But if you asked them
whether the Government has the right to open their laptops,
read their documents and e-mails, look at their photographs,
and examine the websites they have visited, all without any
suspicion of wrongdoing, I think those same Americans would say
that the Government has absolutely no right to do that. And if
you asked them whether that actually happens, they would say,
``Not in the United States of America.''
But it is happening. Over the last two years, reports have
surfaced that customs agents have been asking U.S. citizens to
turn over their cell phones or give them the passwords to their
laptops. Travelers have been given a choice between complying
with the request or being kept out of their own country. They
have been forced to wait for hours while customs agents
reviewed and sometimes copied the contents of their electronic
devices. In some cases, the laptops or cell phones were
confiscated and returned weeks or even months later, with no
explanation.
Now, the Government has an undeniable right and
responsibility to protect the security of our borders. The
Supreme Court has thus held that no warrant and no suspicion is
necessary to conduct ``routine searches'' at the border. But
there is a limit to this so-called ``border search exception.''
The courts have unanimously held that invasive searches of the
person, such as strip searches or x-rays, are ``non-routine''
and require reasonable suspicion. As the Supreme Court has
stated, these searches implicate dignity and privacy interests
that are not present in routine searches of objects.
So the constitutional question we face today is this: When
the Government looks through the contents of your laptop, is
that just like looking through the contents of a suitcase, car
trunk, or purse? Or does it raise dignity and privacy interests
that are more akin to an invasive search of the person, such
that some individualized suspicion should be required before
the search is conducted?
This administration has argued in court that a laptop can
be searched without any suspicion because it is no different
from any other ``closed container.'' I find that argument to be
disingenuous, to say the least. The search of a suitcase, even
one that contains a few letters or documents, is not the same
as the search of a laptop containing files upon files of
photographs, medical records, financial records, e-mails,
letters, journals, and an electronic record of all websites
visited. The invasion of privacy represented by a search of a
laptop differs by an order of magnitude from that of a
suitcase.
Ultimately, though, the question is not how the courts
decide to apply the Fourth Amendment in these uncharted waters.
I guarantee you this: Neither the drafters of the Fourth
Amendment nor the Supreme Court when it crafted the ``border
search exception'' ever dreamed that tens of thousands of
Americans would cross the border every day, carrying with them
the equivalent of a full library of their most personal
information. Ideally, Fourth Amendment jurisprudence would
evolve to protect Americans' privacy in this once unfathomable
situation. But if the courts cannot offer that protection, then
that responsibility falls to Congress. Customs agents must have
the ability to conduct even highly intrusive searches when
there is reason to suspect criminal or terrorist activity. But
suspicionless searches of Americans' laptops and similar
devices go too far. Congress should not allow this gross
violation of privacy.
Aside from the privacy violation, there is reason for
serious concern that these invasive searches are being targeted
at Muslim Americans and Americans of Arab or South Asian
descent. Many travelers from these backgrounds who have been
subject to electronic searches have also been asked about their
religious and political views. As we will hear today, travelers
have been asked why they chose to convert to Islam, what they
think about Jews, and their views of the candidates in the
upcoming election. This questioning is deeply disturbing in its
own right. It also strongly suggests that border searches are
being based, at least in part, on impermissible factors.
The disproportionate targeting of this group of Americans
does not mean that other Americans are exempt. The Association
of Corporate Travel Executives has surveyed its members, and 7
percent of business travelers who responded to the survey had
experienced seizures of their laptops or other electronic
equipment. That is an incredible number when you consider how
many Americans are required to undertake overseas business
travel today and the amount of confidential business
information stored on their laptops. As we will be hearing
today, the problem is large enough to have a real impact on the
way Americans do business.
Americans have tried to find out from the Department of
Homeland Security what its specific policies are on searching
and seizing electronic equipment at the border. Two nonprofit
organizations filed a Freedom of Information Act request in
October 2007 to get DHS to turn over its policies. Eight months
later, DHS has not complied with that request. My own questions
for Secretary of Homeland Security Michael Chertoff on this
issue, which I submitted to him in early April after his
appearance at an oversight hearing held by the full Judiciary
Committee, have not been answered, despite my specific request
that they be answered before this hearing.
I asked DHS to send a witness to testify today. DHS
responded that its preferred witness was unavailable on the day
of the hearing. So I asked DHS to send a different witness, but
DHS declined. I felt it was so important to have a DHS witness
here that I wrote a letter to Secretary Chertoff last week
urging him to reconsider, and that letter will be made part of
the hearing record. The Secretary has not responded.
DHS did provide written testimony. That testimony--which,
incidentally, was submitted over 30 hours later than the
Committee rules require--provides little meaningful detail on
the agency's policies and raises more questions than it
answers--questions that no one from DHS is here to address.
Needless to say, I am extremely disappointed that the
Department of Homeland Security would not make a witness
available to answer questions today. Once again, this
administration has demonstrated its perverse belief that it is
entitled to keep anything and everything secret from the public
it serves and their elected representatives, while Americans
are not allowed to keep any secrets from their Government. That
is exactly backward. In a country founded on principles of
liberty and democracy, the personal information of law-abiding
Americans is none of the Government's business, but the
policies of the Government are very much the business of
Congress and the American people.
[The prepared statement of Senator Feingold appears as a
submission for the record.]
In any event, I look forward to hearing from the witnesses
who did accept my invitation to testify today so we can begin
to explore this important issue in more detail. But first let
me recognize the Ranking Member, Senator Brownback, for any
comments he would like to make.
STATEMENT OF HON. SAM BROWNBACK, A U.S. SENATOR FROM THE STATE
OF KANSAS
Senator Brownback. Thank you, Mr. Chairman. Let me pass on
my condolences to you and the State of Wisconsin for the
flooding that had happened up there. We are going to dealing
with it throughout the Midwest. We have had a lot of storms in
our part of the country. We have not had quite the level of
flooding that you have had, and I know that is something that
is concerning all of us and concerning people--
Chairman Feingold. It is rough, yes.
Senator Brownback. Yes, just amazing numbers of things we
are going to need to deal with. That is aside from this
hearing.
I want to thank the panelists for all being here, and I
want to thank you for holding this hearing. I find it a very
interesting topic and one I think that is certainly worthy of
this Subcommittee to be exploring and to be looking at. I
believe it is always informative and challenging to explore the
intersection between the needs to safeguard our country against
terrorists and criminal threats and the desire and need to
protect our citizens' privacy interests. It seems like to me
that has been one of the big challenges that we have had to
confront as we have served in the U.S. Senate, and we have
certainly seen a great amount since 2001 and the September 11th
attacks that we have had. These questions only seem to become
more and more complicated as technology advances, as travel and
communications reflect an ever more globalized society, and as
the dangers we face shift from easily identifiable, nation-
specific threats to threats from more diffuse terrorist groups
and affiliations. These just get to be more and more
complicated and difficult, and they need a lot of expertise.
That is why I am appreciative of the panel being here and
providing your thoughts and your advice.
New technology in some cases, unfortunately, brings with it
new ways to misuse technology. The sad fact is that while the
vast majority of Americans and visitors to our country use
laptop computers and other digital devices for purely
legitimate reasons and purposes--business, academic research,
personal household management and the like--others use
technology for more nefarious purposes. All the cases to
address laptop searches at the border, for example, have
involved individuals who are transporting child pornography on
their computers. We also know that terrorists take advantage of
this kind of technology. Mr. Moussaoui, for example, kept
information on his laptop computer that, if discovered, might
have prevented the September 11th terrorist attacks. That is a
sobering thought.
As we examine the question of when and how Government
officials may search laptop computers at the border, we face
two sets of questions--the first are legal, the second seem to
be practical. As a legal matter, it seems clear to me that
Government officials do have the right under the Constitution
to search laptop computers and similar devices without probable
cause or reasonable suspicion at the border. I think you
address that as such. The Fourth Amendment prohibits
unreasonable searches and seizures. However, the Supreme Court
has long held that border searches are inherently reasonable
and, therefore, do not violate the Fourth Amendment. In the
United States v. Ramsey, the Court examined that 2 months
before Congress proposed the Bill of Rights, including the
Fourth Amendment, it had enacted a customs statute that gave
officials ``full power and authority to enter the search'' and
search ``any ship or vessel in which they shall have reason to
suspect any goods, wares, or merchandise subject to duty shall
be concealed.''
The close timing of the customs statute and the Bill of
Rights makes it abundantly clear that Congress did not think
that border searches and seizures were unreasonable, nor did it
intend to require a warrant or probable cause for such
searches. The reason for the border search exception seems
obvious. Within constitutional limits, a sovereign nation must
have the ability to control who and what enters the country. In
certain cases, of course, the search will be so intrusive that
it must be justified and justifiable by reasonable suspicion.
The Supreme Court and the Federal appellate courts have
recognized that strip searches, body cavity searches, prolonged
detentions, and certain x-ray examinations, so-called non-
routine searches are so invasive and embarrassing that they
must be based on reasonable suspicions. And I think those are
right and those are appropriate to have those limitations on
those non-routine searches. Only in cases where they are
actually destructive, though, or conducted in a particularly
offensive manner do property searches require reasonable
suspicion. Otherwise, they are deemed routine searches and are
considered reasonable by nature of the very fact that they
occur at the border.
The reason that I went through some of the legal analysis
very quickly on this--and this does not do any of it just--is
it seems here we are having the discussion, OK, what is
reasonable and routine, and what is not reasonable and non-
routine. And that goes to the question that we are involved in
here today.
I hope, Mr. Chairman--and I have a fuller statement to put
into the record, but rather than going through that, I would
like to get to the panel. I hope we can go through this on a
very basis of protecting an individual's right, but also
looking at trying to protect the country and getting
information that we need to have to be able to protect the
country or to get at criminal elements trying to bring material
into the country that would be deemed inappropriate, and that
we can have a good discussion of what that intersection is in
this technology age, in this age of ever increasing
globalization, that we can look at this in both a
constitutional way and in a way that we can protect the
citizenry of the United States.
So I appreciate very much your holding the hearing. I look
forward to the witnesses' comments and testimony as we explore
this topic.
Chairman Feingold. Thank you, Senator Brownback. I think
you have certainly correctly characterized the way we should
look at this issue, and I believe your comments were very
consistent with my opening remarks as well. We are trying to
make sure we get this right.
We will now turn to our panel of witnesses. Will the
witnesses please stand to be sworn in? Will you all please
raise your right hand to be sworn? Do you swear or affirm that
the testimony you are about to give before the Committee will
be the truth, the whole truth, and nothing but the truth, so
help you God?
Mr. Tien. I do.
Mr. Sales. I do.
Ms. Gurley. I do.
Mr. Cunningham. I do.
Mr. Khera. I do.
Mr. Carafano. I do.
Mr. Swire. I do.
Chairman Feingold. Thank you. You may be seated.
I want to welcome you and thank you for being here with us
this morning. I will ask that each of you limit your remarks to
5 minutes, as we have a full panel today. Your full written
statements will, of course, be included in the record.
We will begin today with Mr. Lee Tien. Mr. Tien is a senior
staff attorney at the Electronic Frontier Foundation, a
nonprofit organization that works to protect civil liberties
and consumer rights in the digital age. Along with the Asian
Law Caucus, EFF filed a Freedom of Information Act lawsuit
seeking disclosure of DHS policies on border searches and
searches of electronic devices. Mr. Tien specializes in free
speech and privacy litigation and has written several law
review articles on free speech and privacy issues.
Mr. Tien, we are pleased to have you here today, and I
appreciate your traveling here from San Francisco to give us
your testimony. You may proceed.
STATEMENT OF LEE TIEN, SENIOR STAFF ATTORNEY, ELECTRONIC
FRONTIER FOUNDATION, SAN FRANCISCO, CALIFORNIA
Mr. Tien. Thank you very much. Mr. Chairman, Ranking Member
Brownback, the Electronic Frontier Foundation is pleased to
discuss an issue of growing importance to Americans' privacy.
The problem is simple. The Government claims that it can search
any laptop, cell phone, or BlackBerry at the border. It does
not matter whether you are a Senator on a fact-finding trip or
a tourist on vacation. Your data is fair game.
It is clear that most people regard this as a serious
privacy invasion. People keep their lives on these devices:
diaries, personal mail, financial records, family photos. Even
Secretary Chertoff told this full Committee back in April, and
I quote, ``There are absolutely privacy concerns.''
It is also a free speech problem. Journalists' laptops and
cell phones contain drafts of works in progress and records of
their sources. The Government should not be able to read this
information without a good reason.
And it is a business problem. It is no surprise that a
major law firm like Arnold & Porter recently warned its clients
about the risks of laptop border searches.
Now, EFF does not dispute that the Fourth Amendment works
differently at the border, but differently does not mean not at
all. Under the Fourth Amendment, any search must be reasonable.
And while a routine border search is reasonable by definition,
not all border searches are routine.
There is no bright-line rule here, but the Supreme Court
has said that non-routine searches are largely defined by their
invasion of a person's dignity and privacy interests. As you
have already pointed out, most courts agree that strip
searches, x-ray examinations, and body cavity inspections are
non-routine.
Our point is that data searches also invade dignity and
privacy. Invasiveness is not just physical. Wiretapping invades
privacy without any kind of physical intrusion. And because our
devices store our thoughts and communications, these searches
implicate the First Amendment as well. Fourth Amendment
requirements apply with scrupulous exactitude where speech is
at issue. In short, searching a laptop, iPhone, or BlackBerry
invades dignity and privacy interests and threatens freedom of
speech and should require reasonable suspicion, not no
suspicion.
I have two more quick points before moving on to a few
recommendations. First, the word ``search'' in this context is
slippery. Border agents do not just look at laptops. They copy
data and even seize devices. We feel that copying data is a
seizure of that data. If the Government has a copy, you have
lost your property right to control it. That is especially
invasive.
Now, Secretary Chertoff said in April that, as a matter of
practice, DHS searches the contents of laptops or cell phones
only when there is a reasonable suspicion, and that he believed
DHS uses a probable cause standard before seizing a device or
retaining copies of its contents. Well, if that is the real
policy, there is no reason why these standards cannot be
codified in the law.
Second, if border agents can legally search any device at
the border, then they can search every device at the border.
``Any'' really means ``every.'' Without a standard, resources
are the only limit on this power, and technology is removing
that limit. In February, Microsoft announced the COFEE, which
stands for Computer Online Forensic Evidence Extractor. It is a
USB thumb drive that contains 150 commands that can
dramatically cut the time it takes to gather digital evidence.
In May, the CSI Stick, which stands for Cell Seizure
Investigator Stick, was announced. It can capture all data on
most models of cell phones or just grab the text messages,
phone books and call logs, or multimedia messages.
Now, CBP may already be using such devices. My point is not
that they should never do so; rather, it is that agents have
great practical power to search and seize personal information.
And with great power comes great responsibility. After all, the
Fourth Amendment is intended to prevent arbitrary and
oppressive interference by enforcement officials with the
privacy and personal security of individuals.
Ideally, the courts would modernize border search law. But
so can Congress. As Senator Leahy once noted, the law must
advance with the technology to ensure the continued vitality of
the Fourth Amendment. The same is true here. Congress can
protect the privacy of devices that typically contain e-mail
and other stored communications and records. Congress can
clarify that seizing data and devices requires probable cause.
And, finally, Congress can make DHS accountable by requiring
border agents to report their search and seizure activities and
informing people of their rights about any seized data or
devices.
Thank you for allowing me to testify.
[The prepared statement of Mr. Tien appears as a submission
for the record.]
Chairman Feingold. Thanks so much, Mr. Tien.
We will now turn to Professor Nathan Sales. Professor Sales
is an Assistant Professor at the George Mason University School
of Law, where he teaches national security law and
administrative law. Prior to joining the faculty of George
Mason, Professor Sales served as Deputy Assistant Secretary for
Policy Development at the Department of Homeland Security, and
he previously served as Senior Counsel in the Department of
Justice Office of Legal Policy.
Professor Sales, thank you for being here today, and you
may proceed with your testimony.
STATEMENT OF NATHAN A. SALES, ASSISTANT PROFESSOR OF LAW,
GEORGE MASON UNIVERSITY SCHOOL OF LAW, ARLINGTON, VIRGINIA
Mr. Sales. Thank you, Mr. Chairman, and thank you, Mr.
Brownback, both of you, for holding this hearing on an
important issue.
Before we talk about the law of laptop searches, I would
like to spend a few minutes talking about the policy. Why does
CBP occasionally search travelers' computers at the border?
Well, the answer is because it is an effective way of detecting
child pornography and terrorism. Here is the key statistic.
There have been 11 Federal decisions testing the ability of CBP
to search laptop computers at the border. Every single one of
those cases has involved child pornography.
Let me tell you about a man named Stefan Irving. Irving
used to be the pediatrician for a school district in New York,
but he lost his license and was sent to jail after a 1983
conviction for attempted sexual abuse of a 7-year-old boy. In
1998, after serving his time, he flew back to the United States
from vacation in Mexico. Customs officers searched his luggage
and found children's books. They also found children's
drawings. They also discovered two computer disks. When they
looked at the disks, they discovered numerous images of child
pornography. It turns out that Irving was in Mexico to visit--
and these are the court's words--``a guest house that served as
a place where men from the United States could have sexual
relations with Mexican boys''; Irving ``preferred prepubescent
boys, under the age of 11.''
Irving is now serving a 21-year sentence. Part of the
reason he is behind bars and no longer preying on innocent
children is because of a laptop search.
Laptop searches are not just about child exploitation. They
are also about terrorism. We have already heard that Zacarias
Moussaoui kept a wealth of data on his laptop, including
information about crop-dusting aircraft and wind patterns.
In 2006, more recently, a laptop search at Minneapolis-St.
Paul helped CBP detect a high-risk traveler. Officers inspected
this man's laptop and found video clips of roadside bombs being
used to kill soldiers and destroy vehicles. They also found a
video on martyrdom.
So what does the Constitution have to say about laptop
searches at the border? Not much, actually. The Fourth
Amendment applies differently at the border than it does inside
the country. Here is how the Supreme Court puts it: Routine
border searches ``are not subject to any requirement of
reasonable suspicion, probable cause, or warrant.''
Let me give you some more statistics. There have been 11
Federal decisions in this area. Seven of the 11 hold that CBP
can search laptops with no particularized suspicion whatsoever.
Three courts punted. In those cases, the officers had
reasonable suspicion to search the laptops, so it was
unnecessary to consider the legal issue. Other than a single
California district court that was reversed on appeal, no court
has held that CBP needs reasonable suspicion. No court has held
that probable cause is required. And no court has held that
Customs has to get a warrant.
My sense is the Supreme Court is unlikely to disturb this
lower court consensus for a simple reason: technological
neutrality. The privacy protections we enjoy should not depend
on whether we store our information on paper or in the digital
world. Officers can search mail, they can search address books,
they can search photo albums at the border with no suspicion at
all. Why should the rule change when we keep our
correspondence, contacts, or pictures on a laptop? The mere
fact of computerization should not make a difference to the
scope of our privacy rights.
Now, while the Fourth Amendment does not have much to say
about laptop searches, it is not the end of the conversation.
Policymakers should consider adopting a few safeguards above
the constitutional floor. For starters, CBP might usefully shed
some light on the standards it uses for picking people for
laptop searches. Are they selected randomly? Because of travel
history? Because of tips from other Government agencies? What
about observations regarding passenger demeanor? More
transparency here would help assure people whose laptops are
searched that they were picked for legitimate law enforcement
reasons and not because of impermissible characteristics such
as race or religion.
Also, CBP might adopt standards on what it does with data
copied from laptops. If a search does not uncover anything
illegal, CBP would be hard pressed to justify keeping files
from a passenger's computer. For data that it does keep, CBP
should strictly enforce policies that punish employees who
access it or disclose it without authorization. Also, CBP
should take special care to see that any sensitive business
information, such as trade secrets or attorney-client
privileged materials, are handled with all appropriate
discretion.
Mr. Chairman, thank you again for the opportunity to
testify. I would be happy to answer any questions.
[The prepared statement of Mr. Sales appears as a
submission for the record.]
Chairman Feingold. Thank you, Professor Sales.
Now we will turn to Susan Gurley. Ms. Gurley is the
Executive Director of the Association of Corporate Travel
Executives, a nonprofit education and advocacy organization
supporting the global corporate travel industry. Ms. Gurley has
been instrumental in the ACTE's development of data privacy,
travel security, and corporate social responsibility
initiatives. Under Ms. Gurley's leadership, the ACTE has taken
an active role in voicing concerns about suspicionless searches
and seizures of electronic devices at the border.
Ms. Gurley, thank you for being here, and the floor is
yours.
STATEMENT OF SUSAN K. GURLEY, EXECUTIVE DIRECTOR, ASSOCIATION
OF CORPORATE TRAVEL EXECUTIVES, ALEXANDRIA, VIRGINIA
Ms. Gurley. Thank you. Chairman Feingold and Senator
Brownback and distinguished members of this Committee, I
appreciate this opportunity to present the views of the
Association of Corporate Travel Executives, known as ACTE. The
seizure of electronic devices from travelers is real, and it is
not mere speculation. ACTE represents the safety, security, and
financial interests of business travelers, and we represent
more than 2,500 members from 82 countries, including the United
States. ACTE's members represent over $300 billion in annual
business travel expenditures and are among the companies listed
in the Fortune 1000.
ACTE's member companies are responsible for over 1 million
business travelers and have hundreds of thousands of business
travelers on the road at any given time. They routinely cross
U.S. borders. All of these U.S. and international business
travelers who cross U.S. borders have two things in common: All
carry electronic devices, and all are currently subject to the
claimed authority of DHS officials to inspect and seize these
electronic devices without suspicion or warrant. Thus, ACTE is
requesting improved and transparent communications from DHS
regarding the policies and safety measures it has in place to
protect downloaded data.
We specifically ask that the following actions be taken:
We hope that this Committee requests a Privacy Impact
assessment from DHS on the number of seizures of laptops or
other electronic devices. The assessment should also ask for
the minimum, average, and maximum amount of time that it takes
to return the electronic devices to the owner and the reasons
for the seizure.
We request that the policies regarding electronic device
seizure and data retention policies be published by DHS in the
Federal Register and on the agency's home page. These published
policies should included at a minimum the following: policies
for protecting the integrity of the data; policies for the
length of time seized data will be stored and where and how it
will be stored; policies for whether the downloaded information
will be shared and, if so, with what other U.S. Government and
international agencies and under what circumstances;
information as to what rights the traveler has to ensure that
their electronic device is returned.
I am here to advise you that the seizure, copying, and
retention of sensitive business information imposes both a
personal and economic hardship on business travelers and their
corporations. In today's wired and networked and borderless
world, one's office no longer sits within four walls or a
cubicle. Rather, one's office consists of a collection of
mobile electronic devices. It is common for business travelers
to carry their electronic devices that contain business,
financial, and personal information. These devices constitute
the office of today. Under the U.S. Constitution, a warrant is
needed to search a physical space such as an office. Yet the
unanticipated seizure of one's mobile office has been allowed
to occur and can immediately deprive an executive or a company
of the very data and, most importantly, revenue a business trip
was intended to create.
As a businessperson returning to the U.S., you may find
yourself effectively locked out of your mobile office
indefinitely, and thereby deprived of the resources required to
sustain your livelihood. In the case of an independent
entrepreneur, a laptop seizure can represent the loss of his or
her entire business.
It can be argued that the percentage of seized computers
and data is small in comparison to the total number of
travelers crossing the border. But we simply do not know. Due
to DHS' lack of transparency, the actual number of seizures,
the extent of data downloading, and potential data breach are
not known. Here is what we do know: ACTE surveyed its members
in February 2008 on this issue. Seven percent reported that
they had been subject to the seizure of a laptop or other
electronic device. The survey also revealed that 81 percent of
survey respondents were unaware that the informational
electronic devices could be copied and held indefinitely. Even
though the total number of business travelers subject to these
searches and seizures can only be estimated, what is certain is
the severe economic and behavioral impact that can follow when
a laptop is seized. Fifty percent of the respondents to ACTE's
2008 survey indicated that having a laptop seizure could damage
a traveler's professional standing within a company. The
seizure of data or computers carrying business proprietary
information has and will force companies to implement new and
expensive internal travel policies.
In fact, this is already happening. Costly and time-
consuming travel measures that companies are mandating include
having their business travelers send data to themselves via
web-accessible e-mail, encrypting files, or using secure USB
drives. In addition, companies are purchasing additional
computers that are scrubbed of any prior e-mails so that they
can be used by business travelers on their trips.
All of these measures and business behavior changes cost
time and money. In today's economy, American businesses do not
need additional and unnecessary financial burdens placed upon
them.
Thank you very much.
[The prepared statement of Ms. Gurley appears as a
submission for the record.]
Chairman Feingold. Thank you, Ms. Gurley. I will now turn
to Mr. Larry Cunningham. Mr. Cunningham is an Assistant
District Attorney in Bronx County in New York City and in short
order will be starting work as an Assistant Professor of Legal
Writing at St. John's University School of Law. He has also
taught law courses at Brooklyn Law School, Texas Wesleyan
University School of Law, Stetson University College of Law,
and Texas Tech University School of Law.
Mr. Cunningham, welcome to you as well, and you may
proceed.
STATEMENT OF LARRY CUNNINGHAM, ASSISTANT DISTRICT ATTORNEY,
BRONX COUNTY; ASSISTANT PROFESSOR OF LEGAL WRITING, ST. JOHN'S
UNIVERSITY SCHOOL OF LAW, QUEENS, NEW YORK
Mr. Cunningham. Thank you, Mr. Chairman, and I would also
like to extend my appreciation to you for holding this hearing
on this very important topic.
I taught the law of search and seizure as both a full-time
and adjunct professor. I have also conducted research and
written in the area of border searches, and this is what I
found.
Historically, the Government has had broad authority to
conduct searches at the international border without suspicion
and without the need to obtain warrants. Case law speaks of the
sovereign having an inherent right to protect the country from
the importation of illegal or dangerous items. The Supreme
Court has also recognized that persons who cross the border
have a low expectation of privacy, in part because even if the
United States adopted a relaxed border search policy, travelers
would still be subjected to search by the countries that they
would be traveling to or from.
The Supreme Court has required reasonable suspicion only
when an invasive search of the human body is contemplated. The
rationale for this higher standard is concern for the dignity
of the person, not just privacy. I have uncovered no appellate
court decision that has extended this same protection to laptop
computers.
Without doubt, anyone whose property has been searched,
whether it is a laptop or a briefcase, will feel that his or
her privacy has been violated. However, the Constitution
recognizes that some governmental invasions of privacy are
permissible. After all, the Fourth Amendment does not prohibit
searches, only unreasonable ones.
There is also no doubt that many people do keep very
personal information on their laptop computers, but the same
can be said for travelers who keep their checkbooks,
medications, photographs, political literature, love letters,
or personal diaries in their briefcases or luggage. No one
likes the idea of the Government seeing these things, yet
absent a drastic change in the law, each of these tangible,
non-electronic items can be seen and examined by customs
without reasonable suspicion.
So the question boils down to this: Is there something
different about laptop computers that warrants disparate
treatment from briefcases, suit pockets, and purses? Some would
argue that there is, because laptops are readily capable of
storing large amounts of information and that in some cases
even deleted items can be un-deleted and read. However, the
Fourth Circuit in United States v. Ickes pointed out that in-
depth searches are likely to be few and far between because of
the lack of resources and time. In fact, the case law on this
subject demonstrates that the typical laptop search is quite
cursory, with travelers simply being asked to quickly open and
power on their computers for a quick visual inspection. Full-
scale searches and the un-deleting of files are reserved for
situations in which the initial observation has aroused an
agent's reasonable suspicion.
There are significant societal interests at stake here.
Each of the cases I have found, as Professor Sales mentioned,
have involved defendants attempting to bring child pornography
into the country. Congress itself has recognized the importance
of catching and punishing this criminal behavior by providing
steep penalties for the importation, distribution, and
possession of child pornography. Moreover, as the Fourth
Circuit recognized in Ickes, without a robust, random border
search policy, terrorist or other international criminals could
use laptops as a means to smuggle messages and plans into the
country for distribution to cells and allies. Such a means of
communication might prove more attractive than traditional
phone or Internet communications because of the possibility of
surveillance.
It would seem prudent, however, for the administration to
require these searches to be conducted by trained personnel,
under supervision, and away from public view, and to disclose
records of searches which they acknowledge in a Supreme Court
case that they keep to not only the DHS Inspector General but
also to this body in closed session to ensure that searches are
not being conducted in a racially discriminatory manner or for
other improper reasons.
Finally, nothing in the Constitution, at least in my view,
would permit the Government to seize a laptop or copy or
otherwise retain its contents without some suspicion that it
contained evidence of a crime. Such a seizure would be a
violation, in my view, not just of the right to privacy but
also of the owner's property interest in the computer.
Mr. Chairman, I would be glad to answer any questions that
you have.
[The prepared statement of Mr. Cunningham appears as a
submission for the record.]
Chairman Feingold. Thank you, Mr. Cunningham.
We will now turn to Farhana Khera. Ms. Khera is the
President and Executive Director of Muslim Advocates in San
Francisco, California. Muslim Advocates is a national legal
advocacy and educational organization dedicated to promoting
freedom, justice, and equality for all, regardless of faith,
and serving as a legal resource to promote the full and
meaningful participation of Muslims in American civil life.
Prior to her work with Muslim Advocates, I was lucky enough to
have Ms. Khera on my Constitution Subcommittee staff here in
the Senate. Ms. Khera and I worked together for 6 years, and I
am indebted to her for her work and advocacy on issues ranging
from the PATRIOT Act to racial profiling to women's rights. The
record should reflect that she is a wonderful person and was a
wonderful staff member. I am pleased to have her back in the
Senate, if only for the morning.
Ms. Khera, you may proceed.
STATEMENT OF FARHANA Y. KHERA, PRESIDENT AND EXECUTIVE
DIRECTOR, MUSLIM ADVOCATES, SAN FRANCISCO, CALIFORNIA
Ms. Khera. Thank you very much, Mr. Chairman, especially
for those very kind, kind words. I do not think I would have
imagined myself being on this side of the dais during those 6
years.
Mr. Chairman, Senator Brownback, good morning. On behalf of
Muslim Advocates, I am pleased to share with you the
experiences of Muslim, Arab, and South Asian Americans
returning home from international travel.
The Department of Homeland Security and Customs and Border
Patrol have an important duty to protect our borders. The
American people, including Muslim Americans, rightfully expect
these agencies to protect us from those who would seek to enter
to do us harm. But at the same time, we expect our Nation's
border policy to be sound. It should be rational, fair, and
effective.
Complaints from Americans traveling overseas received by
Muslim Advocates and other civil rights groups, however,
suggest otherwise. These Americans report that at airports and
border crossings, after they have verified their identity and
described the purpose of their travel, they have been subjected
to more intensive scrutiny, all without any reasonable
suspicion that they are engaging in criminal activity. These
experiences involve not only searches and seizures of laptops,
cell phones, and digital cameras, but perhaps even more
troubling, questions about First Amendment-protected matters.
Mr. Chairman, my written testimony sets forth a number of
these complaints, but this morning I would like to share with
you two of them.
The first is that of an executive vice president of a major
high-tech firm in the greater Seattle area. He is a husband,
father of three, and a business leader who has helped drive
innovation in our country. He has also been a community leader,
having established a mosque and spearheaded interfaith
activities with Christian and Jewish communities. He has
testified before Congress on IT issues, was recognized by the
Interfaith Alliance, and is proud to call America home.
He travels frequently due to the demands of working for a
global company. Since early 2007, on at least eight occasions,
he has been subjected to invasive and intensive questioning,
searches, and seizures upon his return home from travel to
various countries, including Japan, Canada, Turkey, the U.K.,
and Europe.
CBP agents have interrogated him about the names, birth
dates, and addresses of family members living abroad and in the
U.S., which mosque he attends, and his activities on behalf of
a lawful Muslim charitable organization he helped establish
near his home. CBP agents have also searched his cell phone,
made copies of various documents on several occasions, and
extensively searched his belongings, as well as those of family
members traveling with him.
Mr. Chairman, the second story is that of a young corporate
lawyer, a graduate of Georgetown University Law Center and
currently practicing with a prominent law firm on the west
coast. She in many ways embodies the American dream. The child
of immigrants from Pakistan, she grew up in the northern
central valley of California. She worked hard, went to top
schools, and has established herself with a stable career,
making her family proud. This spring, she took a trip to
Pakistan to visit her relatives. On her return, which was a 20-
plus-hour trip via East Asia to San Francisco, she was
exhausted from the long travel and frustrated after learning
that the airline had lost one of her bags. After she presented
her passport and verified her identity, she, nevertheless, was
pulled aside and her remaining bags were searched. The CBP
agent took her digital camera, viewed its images, and asked her
to identify the people photographed. Her camera included photos
of her mother during her travel overseas, as well as photos
taken of her family and friends while she was in the U.S. The
CBP agent also saw a book in her bag on one of the Presidential
candidates and then proceeded to ask her her views of the
candidates in this year's race.
We have reason to believe that these stories are not
isolated but, rather, suggest a troubling pattern of targeting
Americans who are Muslim or of Arab or South Asian descent. If
so, it would be wrong and a violation of the equal protection
guarantees of our Constitution.
These experiences also suggest that CBP's power at the
border is overly broad and its practice and policies
ineffective. I think we can all agree that neither the
corporate vice president nor the young lawyer pose a threat to
our security nor engaged in wrongdoing.
So why were these Americans stopped? How is CBP power being
used? These and other questions must be answered. DHS and CBP
have a critical responsibility to protect our Nation's borders.
At the same time, these agencies, which have been granted
enormous power by the American people, have an obligation to
wield that power consistent with the rights and protections
guaranteed by the Constitution to all Americans, regardless of
faith, ethnicity, or race. And Congress must ensure that they
do so.
I refer the Subcommittee to my written testimony for
specific recommendations for steps Congress can take.
Mr. Chairman, thank you for the opportunity to present the
views of Muslim Advocates and for holding this hearing. I look
forward to your questions.
[The prepared statement of Ms. Khera appears as a
submission for the record.]
Chairman Feingold. Thanks so much, Ms. Khera.
Next up is James Carafano. Mr. Carafano is the Assistant
Director of the Kathryn and Shelby Cullom Davis Institute for
International Studies, and Senior Research Fellow at the
Douglas and Sarah Allison Center for Foreign Policy Studies,
both at the Heritage Foundation. He is an expert in defense
affairs, military operations and strategy, and homeland
security. Mr. Carafano is a graduate of West Point, and he also
holds a master's degree and doctorate from Georgetown
University and a master's degree in strategy from the U.S. Army
War College.
Mr. Carafano, thank you for being here today to share your
testimony. You may proceed.
STATEMENT OF JAMES JAY CARAFANO, ASSISTANT DIRECTOR, KATHRYN
AND SHELBY CULLOM DAVIS INSTITUTE FOR INTERNATIONAL STUDIES,
AND SENIOR RESEARCH FELLOW, DOUGLAS AND SARAH ALLISON CENTER
FOR FOREIGN POLICY STUDIES, THE HERITAGE FOUNDATION,
WASHINGTON, D.C.
Mr. Carafano. Thank you, Mr. Chairman. I want to offer five
principles for congressional action. These are based on my
years of research and experience looking at border security
issues.
Just an observation as a preamble. The mission of Homeland
Security and, indeed, the mission of Government is to enable
Americans to live their lives in freedom, safety, and
prosperity and to implement policies that serve all three of
those goals equally well. That is nowhere more important than
the issues of border security.
One of my great frustrations is that we myopically often
talk about border security and just focus on the border when,
in reality, the way you make a border secure is addressing any
criminal or malicious or terrorist activities. It is really
thinking about the spectrum of terrorist travel or malicious
activity from its origin to its point of destination in the
United States, and not myopically focused just at the border.
However, border security is important, and nowhere is it more
important than at our ports of entry and exit. We have enormous
data on known terrorist travel, including the 9/11 Commission
report. Overwhelmingly what we know is known terrorists travel
mostly through established points of entry and exit. And we
know that a wide variety of criminal and malicious activity
also enter and exit our legal points of entry and exit. So
getting it right at the ports of entry and exit is nowhere more
important.
I think there are number of vital issues here for the
Congress to address. Actually, the legal issues would not be
highest on my list. Much more important, I think, are
infrastructure issues and creating a border infrastructure that
we need both to do inspections expeditiously and effectively
and to reduce transaction times in our border which are
increasing and are increasing the cost of doing business in the
United States.
Border searches are a vital part of the port of entry and
exit. I do not think that is questions. We all know the most
famous case of all, which was the millennium bomber, where a
border officer asking some very, very innocent questions--
including ``Where are you going? '' and ``Where are you
staying? ''--was able to identify a high-risk traveler, and an
inspection later showed that he was carrying explosives and was
planning to blow up a target in Los Angeles. So getting it
right is incredibly important.
For me, the efficacy of border searches will lie less in
the issues of narrow legal opinions and much more on the issues
of focusing on the critical technology and human capital
programs that the Department has to implement so it can do
these border searches in an effective and reasonable and secure
manner. So I would offer five guidelines for the Congress as it
thinks through where it is headed on this.
First and most importantly, from a security standpoint, it
would be a grave mistake and an error to create any technology
as a sanctuary, where someone had a sanctuary in terms of
bringing materials into the United States, and anything that
impeded the ability to conduct reasonable and routine searches
of any technology or emerging technology would be an enormous
mistake.
Second, the border agents need to retain broad authority in
how they implement their powers. They have limited time and
limited information to make their inspections. Obviously, human
capital programs and added technology will improve their
efficiency. But at the end of the day, we do rely on the men
and women standing at the border to get it right, and we have
to give them the broad authority that they need to do their
job.
And, third--and this I think is important; I do not think
anybody on the panel has mentioned it--we need to really make
sure that we do not force the Department to disclose a level of
information that would allow malicious actors, whether they are
criminals or terrorists, to identify specific patterns of
inspection and behavior that would allow them to figure out how
to bypass security inspections at the border. So we do, from an
operational security standpoint, have to be careful about how
much information we publicly disclose, although I think the
issue of transparency is vitally important. We should disclose
as much as possible, and certainly Congress should be informed
on these critical issues.
Fourth, any process of inspecting at the border has to be
risk-based. Any inspections that are merely based on whim or
any kind of racial profiling are wrong not just from a legal
standpoint, but they are even more wrong from an efficiency
standpoint. You have scarce time and scarce resources at the
border. Wasting them on people who are not high-risk travelers
is simply unconscionable behavior. And all inspections, all
reasonable searches, should be based on risk-based assessments.
My last point is that there should be, obviously, a
requirement that as DHS deals with any kind of data they
inspect at the border, that they deal with it in a responsible
and professional manner.
Thank you, Mr. Chairman.
[The prepared statement of Mr. Carafano appears as a
submission for the record.]
Chairman Feingold. Thank you, Mr. Carafano.
And, finally, we turn to Professor Peter Swire. Professor
Swire is a professor at the Moritz College of Law at the Ohio
State University and a Senior Fellow at the Center for American
Progress Action Fund. He is an expert in the fields of privacy
law and computer security. From 1999 to 2001, he served as
Chief Counsel for Privacy in the U.S. Office of Management and
Budget. In that role, he was responsible for coordinating
administration policy on public and private sector uses of
personal information.
Professor Swire, thank you for coming, and you may proceed.
STATEMENT OF PETER P. SWIRE, PROFESSOR, MORITZ COLLEGE OF LAW,
THE OHIO STATE UNIVERSITY, AND SENIOR FELLOW, CENTER FOR
AMERICAN PROGRESS, WASHINGTON, D.C.
Mr. Swire. Thank you, Mr. Chairman.
There is no dispute today that with the right factual
basis, the Government can search laptops. The focus of the
hearing is when they do not have that kind of suspicion and
basis, what should the policy and the law be, and that is what
we will focus on.
I agree with many of the concerns already expressed today
by you, Mr. Chairman, and by other witnesses. The focus of my
testimony is on comparisons to the encryption policy battles we
had in the 1990s and that I worked on when I was in the White
House. At that point, we treated things very differently in
encryption when across the border, and we tried to use the
border for a while as Government policy as an excuse to search
computing in very intrusive ways. That policy was eventually
rolled back, and I am going to list eight comparisons today
between the encryption battles then and laptop border searches
today.
The first one is that traditional legal arguments apply
badly to new facts about computing. In the encryption policy
area, there is a legal tradition that wiretap orders were going
to be effective, and so the Government wanted wiretap orders to
be effective even when there was encryption, so we needed to
get all the encryption keys.
Today, the Government in the laptop area is saying it is
the same old border searches we have always seen for 200 years;
there is nothing to see here and move on. But I think there is
something to see here, and that is why we have the hearing
today. A laptop contains all of the books printed in human
history up until sometime into the late 20th century, and the
idea that we are just going to trust the Government with this
amazing ability to copy all this data I think is a concern and
something different.
The second comparison is that the Government forces
disclosure of encryption keys. For people who do not spend
their time focusing on encryption, which is most normal people,
I will give a quote from the founder of EFF, who said, ``You
can have my encryption algorithm, I thought to myself, when you
pry my cold dead fingers from its private key.'' Getting
people's encryption keys at the border is a big deal. It led to
a big fuss once before.
Number three is that these kinds of searches are a severe
violation of computer security best practices. My testimony
explains this in some detail, but the basic rule in computer
security is do not let strangers into your computer. You can
get infected. You can have malware put on it. You can never
entrust that platform again. It violates best industry
practice. It violates all the training we are doing in our
security infrastructure if we have routine searches of business
computers. It should not happen.
Fourth, the U.S. policy can create bad precedents that
totalitarian and other regimes can follow. I invite you here to
think about if China or other countries going forward make
their customs something like this: step one, go through
customs; step two, make a copy of your hard drive; step three,
we will see you next time. And if that applies to Senators and
their staffs when they go on foreign missions, you are not
going to want to have that as policy. If the U.S. does border
searches all the time and it becomes increasingly easy with
technology to make these copies, then we have gotten on the
wrong side of the issue. It is hard for us to complain when
other countries intrude into our privacy.
The fifth comparison is severe harm to personal privacy,
free speech, and business secrets. Other witnesses and my
written testimony talk about these invasions of privacy, the
problems for free speech and the rest.
A sixth comparison with the encryption battles of the 1990s
is the disadvantages to the U.S. economy. That was a major
strike against the encryption policy because we were helping
foreign competitors. When it comes to foreign conferences that
will not want to come to the United States, when it comes to
the idea of whether the U.S. is open for tourists and for
business to visit without feeling deeply intruded, I think we
have to think about the effect on the U.S. economy of intrusive
searches at the border.
A seventh comparison to the encryption battles is the
political coalition that developed of civil liberties groups
and business. We see that today. It is a similar line-up to
what we had 10 years ago where we have EFF, we have the Muslim
Advocates, we have business groups complaining here. And for
someone such as I who spent a lot of time with the tech
community, I think this issue may be a much hotter thing than
people have realized. It may mobilize the reserve army of
outraged techies. And if that happens, we are going to see a
lot of yelling and screaming and a lot of concerns from
corporate and other security experts. This is, again, I think a
big deal.
The eighth and final comparison I would make between
encryption in the 1990s is the technical futility of current
U.S. policy. In crypto, we eventually saw that there were work-
arounds to the U.S. policy. Those work-arounds already exist
and are easily found on the Internet today. I cite in my
testimony articles on the Internet that tell you how to keep
your data secret from customs when you go through the border.
Any moderately smart terrorist can find these articles if they
just read the hearing transcript for today, for instance, and
they will be able to get through the border. And also if they
are willing to lie, they can get standard software today where
they can double encrypt their laptops so the customs people
cannot find it.
So for these eight comparisons, we see that it is bad
policy and ultimately futile to have this. It invades computer
security and privacy and free speech and business secrets and
sends the wrong signal to the rest of the world, and I think we
should change the policy.
Thank you, Mr. Chairman.
[The prepared statement of Mr. Swire appears as a
submission for the record.]
Chairman Feingold. Thank you so much, Professor, and thanks
to all of you for your excellent testimony.
I will start a round of questioning. Senator Brownback had
to go to something else, but he is going to try to come back to
ask questions as well. So I am going to start going through my
questions, but obviously, if and when he comes back, we will
turn to him and any other Senator who wants to ask questions.
Before we go to the questions, though, there have been some
very informative news reports on this subject recently,
including a February 7, 2008, article in the Washington Post
and an article posted yesterday on the U.S. News & World Report
website. Without objection, these will be made part of the
record.
Also, Senator Leahy, the Chairman of the full Committee,
has a statement he would like to put in the record, so without
objection, I will do that as well.
I will start the first 7-minute round. Professor Swire,
some of the witnesses here have testified that we must allow
suspicionless searches of U.S. citizens' laptops at the border
because laptops can contain evidence of serious crime or even
terrorism. Obviously, I do not dispute that laptops can contain
such information. But, of course, that very same evidence can
exist on laptops located inside U.S. citizens' homes. And yet
even if there were no constitutional barrier whatsoever to
police officers walking into your house to conduct
suspicionless laptop searches, I think we would all agree that
such searches should not be permitted.
As a policy matter, do you believe the liberty, privacy,
and economic interests at stake in these border searches
outweigh any security benefit to be gained by conducting them?
Mr. Swire. Yes, I do, Senator. Thank you. I think when
people cross the border these days using the Internet, they can
use strong encryption. We have that written into law now. When
people are at home, they can use strong protections against
these kinds of invasion. The idea that you are at the border
and you have to reveal your passwords and encryption keys is
something that is quite remarkable. It is very intrusive. It is
bad for privacy and security. And we do not--a couple of the
witnesses in their written testimony talked about the principle
of technology neutrality, that we should not treat laptops
different from other things. Technology neutrality is we can
cross the border today using strong encryption, using the
Internet. And I think technology neutrality says that same
computing should cross the border in laptops. So we as a matter
of policy should have much stricter limits than we do currently
in this area.
Chairman Feingold. Ms. Gurley, one argument in support of
allowing suspicionless laptop searches is that customs agents
have always been free to search the contents of briefcases,
which also carry confidential business information such as
trade secrets or attorney-client communications. But there is a
big difference between rifling through documents in a briefcase
to look for weapons or contraband and picking up the documents
and reading them. I would imagine that if customs agents had
been reading business documents, we would have heard about a
long ago.
Is that right? Or has it always been a normal part of
business travel for customs agents to read and even copy the
documents in travelers' briefcases?
Ms. Gurley. It is our understanding that customs would look
for contraband, and they would only copy the information that
had a nexus with the contraband or the actual potential crime.
The difference here is that they basically copy everything, so
the vast amounts of information that are being copied are
beyond the actual potential crime. So it is not just
contraband. It is anything, including the fact that if you were
a businessperson and you were carrying documents across the
border, those were physical documents. If I am carrying as a
businessperson my computer over, I also have erased documents.
They can get to that as well. If I have one or two, I drafted
something, I have deleted it, customs can, in fact, copy that
as well and find it. In the olden days, if I did not bring it,
they could not find it.
But the big issue for the business travel community is
let's say you are not a pornographer, let's say you are not a
terrorist. Let's say you are not engaged in any criminal
activity. You are a businessperson. You are people like us
doing their regular business, and your information is seized.
The data is downloaded. And it turns out there is nothing going
on. Why can't the U.S. Government tell us how long they are
going to retain the information? Are they going to destroy the
information? What are the doing with that information? That
lack of information causes incredible anxiety to the business
community, and putting all the constitutional law issues aside,
which are critical, the issue is we should have a transparent
Government. We find that there is no criminal activity. Why can
that information not be returned?
Chairman Feingold. Let me just pursue the briefcase
question so I can get a sense of what the current practices
are. Were you suggesting that the only thing that would trigger
the reading or copying of a document would be the presence of
contraband? Or let's say somebody was stupid enough to write
down in a letter that they would like to buy some drugs. Would
customs agents read that letter, apart from the contraband
being in there, and make a copy?
Ms. Gurley. I would assume they would make a copy of that,
and that makes eminent sense. If you find a letter saying I am
a drug dealer--
Chairman Feingold. Apart from there being contraband
present within the briefcase.
Ms. Gurley. Right. But now they would go through every
piece of information, including your love letters, including
your bank--so there is a big difference in how information is
disseminated and brought across borders now than even 15, 20
years ago.
Chairman Feingold. Fair enough. An excellent answer.
Mr. Tien, I have a related question for you. A few of
today's witnesses have claimed that under existing case law,
specifically United States v. Ramsey, customs agents are
allowed, without any reasonable suspicion, to read the contents
of paper documents that U.S. citizens carry or send across the
border. But as you know, the Supreme Court in Ramsey held only
that customs agents could open international mail--in that
case, to see if it contained heroin. Indeed, the primary reason
the Court rejected the defendant's First Amendment challenge is
that a Federal statute prohibited customs agents from reading
international mail without a warrant.
Are you aware of any case in which the Supreme Court has
held that customs agents can read the contents of travelers'
personal documents without any reasonable suspicion?
Mr. Tien. Well, Senator, you are absolutely right about the
way that Ramsey does that, and I am not aware of any cases that
have specifically authorized that kind of reading. This is one
of those situations where the Supreme Court case very, very
clearly says we do not need to decide this First Amendment
issue because we already have congressional and regulatory
protections for the privacy of people's mail. The current law
may be slightly different, and one of the things that I wanted
to point out, especially in conjunction with Ms. Gurley's
testimony about transparency, is that when we have asked CBP
for documents about how they handle the looking at or the
photocopying of documents, we get back from CBP redacted,
blacked-out sections about their policies and practices with
respect to documents. So it is very unclear.
Chairman Feingold. Thank you, sir.
Ms. Khera, the conduct you have described on the part of
customs agents is quite shocking. I think most people here
would agree that customs agents should not be asking travelers
why they converted to Islam, for example. I suspect if a DHS
official were here, he or she would say that DHS does not
condone these questions, that these are isolated cases of
customs agents behaving badly. But, of course, the only way to
ensure a certain level of conduct is to require it, and to
punish any violations of that requirement.
To your knowledge, are there any DHS regulations or any
Federal laws that specifically prohibit customs agents from
engaging in the kind of questioning identified in your
testimony?
Ms. Khera. Mr. Chairman, we are not aware of any specific
regulations that govern CBP in this area. We believe that CBP
is instead relying on age-old statutes as well as we have
reason to believe that they are relying on internal policy
guidance. But the problem is that that internal policy guidance
is not public. My colleagues, the Electronic Frontier
Foundation and the Asian Law Caucus, have actually sought to
get copies of policy guidance, directives, potential training
materials that are given to CBP agents. And CBP has not been
forthcoming about that material. I think as we have been
discuss this morning, in order to for Congress and the American
people to understand how the power, the immense broad power of
CBP is being used at the border, we do need that information,
and I think Congress should be rightfully seeking that
information.
Chairman Feingold. Thank you.
As promised, Senator Brownback has returned to do a round
of questions, and I also want to welcome Senator Durbin, who
has joined us.
Senator Brownback. Thanks, Mr. Chairman. I want to
apologize to the panel and to the Chairman. I had another
hearing that I was Ranking Member on. They did not both consult
me on the time of this. I do not know why I do not get a little
more respect around here. Maybe I should take that as a notice.
I want to ask, if I could, it seems like in both the
Chairman's and my opening statements, we agreed kind of on the
premise, and then we both have questions then on the
practicality and the implementation of this, is what the Fourth
Amendment applies to as far as at the border, the rights of the
country to be able to protect itself, and seeking information,
and then this area that the court has tried to figure out is
where does the search become so invasive that it is subject to
a higher-level standard of review. That is the rub point here.
Professor Sales, I wish I could have caught the rest of
your testimony. I apologize. But I appreciated your trying to
weave through that. How is it that you look at the issue of a
search of a laptop at the border? Is that something that needs
to have a heightened level of review or not, as you would look
and reading the Fourth Amendment decisions that have come down?
I take it from what your testimony was that the majority of
courts are saying it does not require that.
Mr. Sales. Yes, Senator, that is right. My sense is that
courts have held--and the Supreme Court, if presented with the
question, would hold--that reasonable suspicion is not required
to justify a laptop search at the border. There is no question,
Senator, that laptops are different from a suitcase. A laptop
is a container, like a suitcase is, but a laptop is capable of
containing vast amounts of data. An 80-gigabyte hard drive can
store, I think, the equivalent of tens of millions of printed
pages. So laptops are different.
The question, however, is whether laptops are different in
a constitutionally significant respect, and I think the answer
to that question is probably no. I think Customs already has
broad authority under the Supreme Court's border search
precedents to search property, even property that contains
extremely sensitive information. I would actually commend to
you a Texas district court decision that was released just last
week. This opinion discusses the sorts of property that are
subject to border searches, suspicionless border searches:
people's wallets, purses, locked glove boxes, locked containers
or luggage, State and Federal identification cards, Social
Security cards, medicines and medical records, names and
addresses of family and associates, day planners with
itineraries and travel documents, credit cards, checkbooks,
registries. The list that the court provided goes on and on.
Senator Brownback. When I have been on the border, I have
seen x-ray machines that sat there apparently for some routine
searches of big trucks in some settings like that. Those are
used even as, I guess, an invasive type of device.
But I have to say as well, too, you know, I do not like the
idea of coming across with my BlackBerry and somebody saying,
OK, I want to look through your whole BlackBerry, because I
have got a lot of things in it. I do not know what all is on
there in some cases, and I do not want people looking at that
randomly. Do I waive that right in coming across the border?
Mr. Sales. Well, Senator, understandably, people treat the
personal data that they store on their electronic devices with
great sensitivity, and they regard it as very important. But
the Supreme Court has held that the expectation of privacy at
the border is different than the expectation of privacy within
the country. So while we would rightly condemn suspicionless or
especially warrantless searches of your BlackBerry or your
laptop on the streets of Washington, D.C., the analysis has to
change a little bit at the border. And the Supreme Court has
held that the criterion of reasonableness at the border is the
fact that it is the border. In other words, a border search is
reasonable under the terms of the Fourth Amendment because of
the simple fact that it occurs at the border.
Senator Brownback. Mr. Tien, I do not know if you note in
your testimony--somebody did--that you can search--if you have
got a bunch of photographs with you and you are coming through
the border, the border agents can search and look through those
photographs. Is that correct? And that is deemed routine. Is
that correct?
Mr. Tien. Under current law, yes.
Senator Brownback. But if we have a digital camera, I take
it from what you are putting forward, you are saying, Well, I
do not think that is reasonable to do a digital camera.
What is the difference between looking at those two at the
border?
Mr. Tien. What we have been talking about is a general
category of electronic devices that range from a laptop and
your BlackBerry to a digital camera. And our feeling is that
for all of these, you have a number of differences between the
sort of non-electronic version and the electronic version, and
probably the most important--
Senator Brownback. Which is? What is the difference?
Mr. Tien. There is a quantity difference. There is a
quality difference. And I think sort of to extend the point
that Professor Sales made, there is a scope of search
difference. The quantity difference is simply that you can have
way, way more information: an 80-gigabyte drive is just an
unbelievable amount of information.
Senator Brownback. I am getting short on time here. I just
have some question about whether quantity raises your level of
expectation of privacy at the border and your other--but let me
also pursue this with you if I could. If we were to as a
Congress say we want to tighten up this authority for what the
border search could do, wouldn't we be conveying to people that
travel overseas for illegal activities, wouldn't we be
conveying to them just put it in an electronic form and you are
more likely to be able to get through than if you had something
in a physical form of a physical picture? Isn't that the tactic
then that people that would seek to break these laws and do
these crimes take?
Mr. Tien. I do not really think that is a major problem
when you consider a couple of things.
First, existing law protects international mail. That is
actually the law that the Supreme Court pointed to in United
States v. Ramsey, where they noted that you need reasonable
suspicion under statute to open up an envelope and would need a
warrant based on probable cause in order to read the
correspondence in the envelope. That is why the Supreme Court
in U.S. v. Ramsey did not touch the First Amendment issue. So
we have already got laws on the books, for instance, that
establish privacy for correspondence.
Second, when we do this electronically, we have the
protections under the Wiretap Act that control whether or not
those kinds of communications can be searched.
So I do not really see that--from a transparency
perspective that we are really telling folks anything more
about the privacy interests or about the possibility of evading
detection through protecting laptops and BlackBerries and
iPhones any differently.
I also wanted to respond to one of your earlier points,
Senator, about quantity. I was not saying that quantity is the
only reason to differentiate digital devices. There is also the
fact that the nature and the question of information on those
devices is, it seems to me, much more personal because of the
nature of the way that these devices have really embedded
themselves into both our personal lives and our work lives. And
what that ends up meaning is that your devices are like
carrying a giant autobiography of the person in a way that is
very different from most physical conveyances, and that creates
what I call a scope of search problem.
The purpose of or the function of a legal standard like
reasonable suspicion or probable cause is not merely to
establish the threshold reason for being able to perform a
search. It also establishes the standard for the scope. How far
can the search go? If you have probable cause to search
something, then that also entails how much of something you can
search. Because once you go past the amount that the suspicion
or the cause, then you have gone too far. The Fourth Amendment
was intended to prevent general searches and general warrants,
things without particularity. And so the idea of having--
Senator Brownback. I think I got the point here from you. I
just do really question if we are not conveying a signal to
people then that here is the way you get these in and you have
a heightened protection at the border rather than another. And
I still, though, have real trouble with the idea of people do
bring these devices, I use them and bring them across the
border because I hope to be able to use them when I am
traveling. So I do think we have a real question to wrestle
with.
Thanks, Chairman.
Chairman Feingold. First let me compliment the Ranking
Member for the balance and quality of his questions, and I just
want to review the question that was asked of Professor Sales.
Senator Brownback specifically said he did not like the
idea of his BlackBerry being unloaded at the border, and he
asked specifically if he waived his right to do that. You gave
a scholarly answer, and I heard every word of it. But the
answer can only be, based on your words, yes, Senator Brownback
has waived his rights.
Mr. Sales. Senator, I would not take credit for that
myself. I would say those are the Supreme Court's words.
Chairman Feingold. Fine, but I just want everyone to know
that is the whole core of why we are having this hearing.
Senator Brownback's rights to privacy of his BlackBerry are
waived completely at the border, according to your
interpretation of the Supreme Court. And I think that is
something we have to examine.
Mr. Sales. If I could, Senator?
Chairman Feingold. Yes, sir.
Mr. Sales. Thank you, Mr. Chairman. There is no question
that when crossing the border, a U.S. citizen retains his
Fourth Amendment right against unreasonable searches and
seizures. The Fourth Amendment applies at the border. The
border is not a Fourth Amendment-free zone.
The question then becomes what kind of search counts as
reasonable, and the Supreme Court has held for a number of
decades that a routine border search can take place with no
reasonable suspicion whatsoever.
So the answer to your question, I believe, is the Supreme
Court has said ``yes, but.''
Chairman Feingold. Yes, but the ``but'' does not you any
good because it is a ``routine'' search so everything is open.
Now I am going to turn to Senator Durbin for his round.
Senator Durbin. Thank you, Mr. Chairman, for this hearing.
About 10 years ago, the NBC television station in Chicago
received a complaint from a woman who said she was traveling
routinely through Chicago O'Hare, was stopped and strip
searched, and she thought it was outrageous. She was African-
American. The story ran on the air, and as a result of that
story, a number of other African-American women who had gone
through the same experience called the station. The woman who
handled the story decided to make a plea that all of the
African-American women who had been strip searched at Chicago
O'Hare should contact the station, and it ended up with I think
close to 20 when it was over.
It turned out that the U.S. Customs Service had established
a practice at Chicago O'Hare that if you were an African-
American coming from certain countries in the Caribbean, that
they were going to stop more of them, detain them, and search
them. Clearly, this was a case of profiling, and the complaint
was made and an investigation initiated. The GAO investigation
that I requested found there was a clear pattern of profiling
against African-American women. You can understand the personal
outrage of these women who were traveling, under innocent
circumstances, who were being singled out.
As a result, Ray Kelly, who was then head of the Customs
Service, announced that that would end, and I commended him for
doing the right thing.
Now I am hearing complaints from particularly my Pakistani-
American friends, but others, Arab, Muslim friends, that they
are being singled out, and some of them with great
embarrassment, men and women, are being stopped not for a strip
search but for lengthy interrogation and for searching of their
belongings. Many of them are reputable business people who have
been established in the Chicago community for 10, 20 years, who
have businesses with many employees. And travel has become an
opportunity for harassment. And I understand the line of this
questioning when it relates to laptops, but I also want to go
to the larger issue of profiling and elicit some comments from
you relative to that.
Ms. Khera, does the DHS policy allow for Arab and Muslim
Americans to be singled out for scrutiny on the basis of their
national origin or religion?
Ms. Khera. Senator Durbin, you raise an excellent question
and let me also first say--just thank you for your leadership
on this issue. I know back 10 years ago when these issues arose
involving the U.S. Customs Service, you led the fight here in
Congress in trying to hold the U.S. Customs Service, the
predecessor to the CBP, accountable at that time. So thank you
for your continued interest in these issues.
We believe that the current DHS guidance on this issue is
not sufficient, that it does allow basically an escape hatch at
the borders for DHS to use race, ethnicity. And what we heard
this morning--in fact, I am very pleased to hear--is that there
seems to be unanimity on this panel that singling Americans out
based on their faith, ethnicity, is wrong and it is
impermissible.
I think two things. One is I think it behooves Congress to
make it clear that that is the case, because clearly lessons
were not learned from the experience of 10 years ago, and I
think we do need some very direct authority on this. And I know
Senator Feingold has a bill on this issue, the End Racial
Profiling Act. You have been also a strong supporter of that,
and I think it behooves Congress to move on that legislation.
I think the second issue that this raises is even if in
policy folks can agree that people should not be targeted, what
is happening in practice, and are CBP agents receiving the kind
of training they need and the proper guidance to ensure that
they are not targeting people and not asking inappropriate
questions.
And, finally, I would encourage Congress to conduct
oversight, to be demanding of CBP the policy and guidance that
is being given to these agents, as well as having CBP provide
Congress with information about the basis for why people are
being subjected to secondary inspection, the kinds of questions
that are being asked, and items that are seized, and if
information is being seized, how it is being used, how is it
being stored and shared.
Senator Durbin. In this age of concern about security and
terrorism, is it possible or even realistic to say that when it
comes to these border situations, our Government cannot use
race, religion, or ethnic background as the basis for searches
or questioning?
Ms. Khera. I think it is absolutely necessary for our
Government to be clear that we are not targeting people based
on those factors. I think those factors can be used in
combination with other factors indicating some kind of criminal
activity. So if there is, for example, a specific description
of a suspect, a criminal suspect, or a specific terrorist who
might be crossing the border, those factors can then be used.
But as a general matter, it is not smart border policy. It is
not fair as a matter of the Constitution, and it is not
effective, because with the limited scarce resources, as even
my colleague Mr. Carafano pointed out, CBP has scarce
resources, and we need to be sure that CBP agents are using
those scarce resources in an effective way and not targeting
the family man who is returning home from a business trip to
Japan with very invasive, intensive scrutiny. Because for every
minute that is spent on targeting him, it is 1 minute less that
CBP could be focusing on actual wrongdoers.
Senator Durbin. Almost 4 years ago to the day, I asked
then-DHS Secretary Tom Ridge in this Committee room about the
special registration program, and he said at the time that he
was going to modify or eliminate the program. Well, that has
not happened in the 4 years since.
I would just ask this kind of general question to all the
witnesses. Mr. Carafano, you testified that, ``In order to be
successful, CBP must avoid predictable patterns of behavior.''
This is the fundamental problem I see with profiling based on
race, national origin, and religion. It is predictable, and
terrorists and others seeking to do us harm can evade the
profile once they learn about it.
So is there anyone here who disagrees with the premise that
profiling on the basis of race, national origin, or religion
may actually be counterproductive? Is there anyone who
disagrees with that concept? Remarkable unanimity. I appreciate
that very much.
Chairman Feingold. Let the record reflect that no one
disagreed.
Senator Durbin. I would like to ask; is profiling worse at
some airports in America than others? Testimony received today
mentioned several instances in the San Francisco airport, and I
wondered, obviously, if there had been any incidents at O'Hare
or other airports.
Ms. Khera. Senator, the complaints that we have received
and other civil rights organizations have received have come
from a number of different airports and land crossings. That
includes San Francisco, Seattle, Newark, Houston, Boston, as
well as land crossing in Detroit and the Washington State-
Canadian border. So it has been a variety of different
locations.
Senator Durbin. So it is not one particular airport. It is
many.
Ms. Khera. Yes.
Senator Durbin. Thank you very much, Mr. Chairman. I
appreciate it.
Chairman Feingold. Thank you, Senator Durbin. I will begin
another round.
Professor Swire, DHS's written testimony asserts that CBP
border searches have helped to identify terrorists attempting
to enter the United States. The testimony does not mention
whether or not these laptop searches could have proceeded even
if a reasonable suspicion standard were in place. In the few
specific examples that are mentioned, it seems abundantly clear
that reasonable suspicion was present, and so a reasonable
suspicion requirement would have not interfered with
apprehending these individuals.
The same is true of Zacarias Moussaoui, whom Professor
Sales mentioned in his testimony. In Moussaoui's case, an FBI
agent determined that there was a 50-percent probability his
computer contained evidence of criminal activity. Although this
was considered insufficient for probable cause, it surely was
enough for reasonable suspicion.
Do you think requiring a reasonable suspicion threshold for
electronic searches will result in terrorists slipping through
our fingers?
Mr. Swire. Mr. Chairman, I think the reasonable suspicion
threshold is a sensible and traditional legal way to go here.
Maybe I can just briefly make a response to Senator Brownback,
who asked earlier whether there is any distinction we can make
between digital cameras and digital laptops and the rest.
I think there is an important distinction that was not
highlighted yet, which is that with digital things you do not
just get a border search; you get a permanent search, that
there is a record kept and a searchable data base created. And
that does not happen with a suitcase, but it happens with these
digital things. So the permanent search and the ability then to
move it around the information--sharing environment makes all
of these searches very different from traditional other
searches. It is an additional clear legal reason to have a
suspicion before these searches happen.
Chairman Feingold. Did you want to respond to the part of
my question about reasonable suspicion?
Mr. Swire. Reasonable suspicion. So I think in answer to
your question, my reading of the cases is that the examples
pulled out about terrorism involve reasonable suspicion. And I
have not quibbled with and I believe in your opening statement
you made mention that reasonable suspicion is an acceptable
basis for searches at the border. It is random or suspicionless
searches that the business travelers and the rest of us have
very severe concerns about, and it is the one--suspicionless
searches are the ones that pose the biggest computer security
and general infrastructure risks.
Chairman Feingold. On that point, Ms. Khera, we have heard
testimony from Ms. Gurley about the practical harms of
subjecting business travelers to laptop searches, including the
increased cost to companies and loss of competitive edge for
our country. What is the harm that we suffer as a nation when
Americans are singled out for intrusive searches and
questioning because they are Muslim or because they are of Arab
or South Asian descent?
Ms. Khera. Mr. Chairman, first let me make it clear that I
think all Americans, including Muslim-Americans, certainly are
willing to put up with some inconvenience to ensure that our
country is safe and secure. And I think what we are talking
about is not just mere interference but some activities
questioning searches that actually go beyond and really in some
cases result in hours of being detained and being interrogated,
and we have at least one case where the actual property, the
cell phone was actually returned in a damaged and inoperable
condition. So there is some very specific harm to individuals.
And I would say in terms of more broadly speaking, in terms of
your question about the harm to our country, I think
fundamentally this is an issue of is this an effective--are
these effective tactics? And is the broad power of the CBP
being used to actually focus on the bad guys? Or are they
really, you know, following the leads, following the actual
evidence, facts indicating criminal activity? Because, again,
we have scarce resources, and in order to be safe and secure,
we need our resources being used in a targeted way going after
the bad guys.
Chairman Feingold. Thank you.
Professor Swire, if we assume, just for the sake of
argument, that the Government has always had the right to read
any document that citizens carry with them across the border,
travelers in the past could avoid that situation by choosing
not to take sensitive documents with them on their travels.
Now, is that a practical option for most traveling Americans--
to just leave their laptops at home or delete any private
information before traveling?
Mr. Swire. It does not seem a very good option, and they
impose costs on travelers if they have to get a second laptop
or get a second BlackBerry or whatever.
Something that Dr. Carafano said earlier is that the border
people will be limited by resources so they will not copy very
much, they will not do this very much. But the cost to copying
and storing data is going down to close to zero. We have
technology to just make it a routine thing to copy at the
border, and part of the reason to have this hearing now is
before we get to that point, we should have procedures in
place.
Chairman Feingold. Ms. Gurley, Mr. Cunningham testified
that American citizens have no reasonable expectation of
privacy in the contents of their laptops at the border because
the country from which they have traveled may have searched the
laptops as well. He states, ``I submit that many countries
conduct much more aggressive searches than the United States.''
Is that consistent with what the members of your
organization have experienced in their business travel? Do
other countries examine the contents of laptops without
individualized suspicion?
Ms. Gurley. I believe that Canada has similar regulations
to us, but I assume that countries like Uzbekistan, North
Korea, and other countries search your laptops, but I do not
think that should be our benchmark.
Chairman Feingold. Thank you.
Senator Brownback?
Senator Brownback. Thank you, Mr. Chairman.
Dr. Carafano, you said in your written testimony that there
are numerous instances where we have gathered crucial
information from terrorists' laptops. Could you give us a
couple of examples of where that has happened?
Mr. Carafano. Absolutely, Senator. I would just like, if I
may for the record, Professor Swire said that I was talking
about costs on the border. I was primarily referring to costs
of individuals and the time of the individual agents at the
border. I was not talking about the cost of, you know, taking
and storing data.
Senator Brownback. With costs at the border for as far as
that there is the time of inspection of the people?
Mr. Carafano. That is absolutely the most critical element
because there are two costs there. There is, one, the cost of
the agent. You are taking--you are occupying the time of that
agent and secondary inspection, focusing him on an individual.
So that is the most--that agent is the most important in the
line of defense at the border of making the determination of
whether this person is a high-risk traveler, how much time
should be spent with them, you know, how much of a risk do they
actually--how much questions you need to ask, how much do you
need to determine probable cause, because maybe you need to
make a more intrusive inspection. So that is an incredibly
valuable asset, and that is the real time we are concerned
about.
And the second--
Senator Brownback. Just on that, how many border crossings
a year happen into the United States by U.S. citizens?
Mr. Carafano. Millions.
Senator Brownback. Does anybody know the actual number?
Mr. Carafano. Tens of millions.
Senator Brownback. I thought I had seen at one point in
time that we had legal crossings a year into this country of
over 200 million. Legal crossing into the country per year.
Mr. Carafano. That may be if you want to count citizens or
the number of times they actually cross the border. Some people
in San Diego, for example, cross the border several times a
day, and every one of those counts as a crossing.
Senator Brownback. I guess my point of that--and I do not
know how many border agents we have that do that actual
inspection. Does anybody know that actual number?
Mr. Carafano. Well, it depends. For example, at L.A. Long
Beach, there are about 1,500 CBP agents at the port of L.A.
Long Beach, give or take, doing not just border inspections,
not just inspecting people, but cargo and everything else.
Senator Brownback. It has been my experience that a lot of
people cross these borders every day, and so what you are
talking about is just a practical effect of agents looking, and
that is your primary line of defense right there, is pretty
limited about the amount of time that they have per person and
decisionmaking that they have.
Mr. Carafano. That is correct, Senator. And the other great
concern we have is the travelers themselves. The more time they
spend at the border, the higher the transaction costs of
crossing that border for them and their company and the people
that they serve. So you want to reduce those down to the
minimum you possibly can, but you want to make sure that your
security concerns are absolutely looked after. And so that is
why you want to focus those assets on the high-risk travelers.
And you are going to use a range of resources to do that from
intelligence gathering to sharing of information. And that is
why these initial searches are an important part of that whole
thing.
I do think it is important that we make a distinction
between an intrusive search, which does require probable cause,
and what you would call a suspicionless search or inspection.
You know, generally, even suspicionless searches and
inspections are bad because they increase transaction costs.
But that is not always the case. There is one category of
suspicionless search or inspection that makes perfect sense,
and that is a random inspection because, remember, what you are
trying to do is just not speed travelers through, you are
trying to identify bad guys. And part of catching the bad guy
is making sure that they cannot identify the patterns of
inspection that you are using. So randomness is an important
component of that.
For example, we have a Container Security Initiative. We
inspect a percentage of high-risk cargo coming into the United
States. But occasionally we will just pull off a container and
just x-ray it for no other reason, just to try to make it more
difficult for people to identify the pattern of characteristics
that we are looking for to identify high-risk behaviors.
So, again, to make that inspector at the border the most
efficient and effective possible, we do have to be concerned
about two things. One is we cannot make his trade craft so
transparent that the terrorist or criminal can say, Oh, I will
just do this and I will walk through. And the other thing is we
have to give him the discretionary authority that he needs so
he can focus his resources on the high-risk travelers. Again,
the way we do that is to maximize the human capital investment
we make in them so they are not doing racial profiling,
maximize the technology they have available so they can get the
information they need to identify high-risk travelers. But
equally important is to provide them the flexibility they need
in doing searches that are not intrusive, to be able to
identify who are the people they should focus on.
Senator Brownback. Give me a couple of examples of what we
have caught on terrorists' laptops.
Mr. Carafano. I think that is a great question because I
think it is unquestionable that technology can be a formidable
weapon. I mean, the most startling examples, of course, are not
actually border-crossing incidents, but, for example, when we
went into Pakistan and uncovered computers which had enormous
data on al Qaeda operations. The computers and records that
have been looked at, for example, in regards to A.Q. Khan and
forensically what we have been able to determine about the
terrorist network that they use for the movement of people and
material is huge. So the fact that a technology like a computer
can be a weapon and can contain an enormous amount of material
that indicates malicious and criminal activity, I do not think
that is disputable.
Senator Brownback. Thank you, Mr. Chairman.
Chairman Feingold. Just a couple more questions from me.
Mr. Tien, as you know, the Constitution prohibits searching
an American citizen's laptop within the borders of this country
without probable cause and a warrant. If no limits are placed
on customs officials' ability to search laptops at the border,
what is to stop law enforcement agencies from staging an end
run around the constitutional requirement of a warrant by
requesting that customs officials perform the search the next
time that individual attempts to travel overseas?
Mr. Tien. I am afraid that there is not any current limit
on that, and we have actually seen cases in which it appears
that individuals are searched when they come back from
international travel because there is some sort of vague red
flag alert in the data base that says ``put this person into
secondary screening and then search.'' The cases are not always
clear on the actual reason why that flag was in there. It is
just, ``pull this guy over.''
So we are very concerned that this problem of suspicionless
searches does not require that everyone be searched. It can
simply be that the Government is abusing its authority to pick
out people based on factors that would not support probable
cause in the United States.
Chairman Feingold. Thank you.
Professor Swire, I was struck by your comparison to the
encryption wars of the 1990s, which I found quite apt. One
particularly compelling point you made was the ultimate
futility of anti-encryption rules in achieving the intended
goal of preventing the use of strong encryption. You drew a
comparison to laptop searches, stating that ``moderately smart
criminals and terrorists'' would be able to avoid having
electronic information captured through border searches.
Can you elaborate on why you do not think laptop searches
will be particularly helpful in apprehending competent
criminals and terrorists?
Mr. Swire. Thank you, Mr. Chairman. If we assume moderate
intelligence and the ability to do searches on the Internet for
today's hearing transcript, the first thing that you do if you
are trying to avoid the border is you do not carry things in
your laptop. You can load your files in heavily encrypted form
up to a server, and then when you get to the far side, you
download it from the server, and there is never anything in
your laptop when you cross the border.
The second trick is using TrueCrypt or other software that
is easily available today in the public market, widely used.
And what you do then is you take your laptop, and when the
agent says, ``Open it up and give us your password,'' you open
it up, but there is a second layer of encryption so the
directory does not show the hidden part of your hard drive that
has the other things hidden in there.
That does require you to lie to the Border Patrol officer,
so the Border Patrol officer says, ``You can see everything
here? '' And you say, ``Oh, yes, sir, it does.'' But at a
technological level, the Border Patrol agent has gotten in
partway to your computer but cannot get the rest of the way in.
So that is two ways through that are widely known today.
Chairman Feingold. Senator Brownback, did you want to
followup?
[No response.]
Chairman Feingold. First let me thank Senator Brownback for
his very--
Ms. Khera. Mr. Chairman, do you mind if I--
Chairman Feingold. Very briefly, please.
Ms. Khera. Just a brief comment, because in Dr. Carafano's
last statement, he was mentioned Pakistan and laptops that have
been found in possession of al Qaeda with various material. And
I think it is just worth clarifying that the community has been
concerned that the DHS is using the factor of which country
people have traveled to as a potential basis for singling out
people, and I just wanted to clarify that the kinds of stories
we hear around the Muslim community do not seem tailored to the
issue of trying to determine whether there is somebody who has
been mingling with al Qaeda in Pakistan and potentially
carrying laptops. You hear questions about the political views,
Presidential candidates, how often they pray, their
associations with people in the United States, and it seems to
be tied not to criminal activity but instead some part of some
broader intelligence-gathering exercise. So I just wanted to
clarify.
Chairman Feingold. Fair enough, and as luck would have it,
or I guess the world we live in, I am trying to get to a
Foreign Relations hearing on Pakistan right now. So I want to
thank all the witnesses for their testimony. I think it is
extremely important to start giving close examination to this
issue because we are to some degree in uncharted legal
territory. I appreciate Senator Brownback's active and valuable
participation in the hearing.
As I mentioned at the beginning of the hearing, neither the
Framers of the Fourth Amendment nor the Supreme Court when it
crafted a broad border search exception could have conceived of
a world in which Americans crossed over the border dozens of
times each year, carrying with them virtually all of their
personal information. It is time for the law to catch up with
reality. This hearing has shed some light on what that reality
is and how ordinary law-abiding Americans are affected when the
Government claims an unlimited right to search their laptops.
There is room for common sense here. I suspect everyone in
this room who is learning about these searches for the first
time had a visceral reaction to the idea of the Government
reading through the contents of their laptops, browsing their
e-mails, and looking to see what websites they have visited.
That reaction, I am guessing, was very different from the
reaction they would have if asked to open their suitcase. In my
opinion, these different reactions demonstrate the need for
different policies.
I also think this issue has to be placed in the larger
context of this administration's ongoing assault on Americans'
privacy. There was a statement in Mr. Cunningham's written
testimony that I found breathtaking. He said, ``Given the
possibility of surveillance of phones and the Internet, `old-
fashioned' smuggling across the border, by storing files on a
laptop, might prove a safer and more attractive alternative for
[terrorist] communication provided the persons doing so could
be assured that the computer would not be subject to the
possibility of random and suspicionless search.'' The
implication is that the way to stop terrorists is to ensure
total Government surveillance authority over every person at
every point, both inside our borders and out.
That is certainly one way we can respond to the threat we
face from terrorism. We can become a surveillance state. But I
remain convinced that a better approach is to remain true to
our core values as a Nation. I do not think that suspicionless
searches of Americans' laptops at the border or anywhere else
are consistent with those values, nor do I think they are an
effective means of fighting terrorism.
Many of the witnesses today had ideas for solutions that
would bring border searches back in line with our values and
our constitutional principles. I will be taking a close look at
these ideas in the weeks ahead. Because of the upcoming holiday
recess, the hearing record will remain open for 2 weeks for
additional materials and written questions for the witnesses to
be submitted.
As usual--
Senator Brownback. Mr. Chairman, I want to make a closing
comment.
Chairman Feingold. OK. Why don't you go ahead and then I
will finish.
Senator Brownback. Mr. Chairman, I was not going to make a
closing comment, but with yours, I think it is appropriate as
well to also draw some balance on this. I think this is a good
topic for us to discuss. It is an important one. I think you
also get a little stretching on the administration's--they are
just trying to search everybody. I think you have got a very
practical concern here that we are trying to protect, the
people are trying to protect the country, and that you have got
hundreds of millions of crossings a year. You have people
attempting to come into the country or from the country to do
us harm, and you have got a real security need that is here. I
think you have a court that has responded to this, that it has
addressed some of the issues right at the border and your
standards of review that exist at that border.
I would hope people would look at that in a balanced sense
and would say, OK, we do have legitimate--there are legitimate
security needs, standards at the border have been established
by the courts, and we need to see some practical implementation
of that where you have hundreds of millions of people crossing
the border. I cross the border on not an infrequent--a couple
of times a year, and I think we can be sensible about that
without just the hyperbole of blaming an administration that
wants to have a surveillance state. They do not want to have a
surveillance state. Nobody wants to have that. Nobody wants to
stand for that. But we do want to try to keep the American
people safe. And it is just a very practical thing that I hope
we could work on a practical basis, protecting those
constitutional rights, recognizing the difference that the
Court has articulated at the border, and try to work that on
forward.
Thank you, Mr. Chairman.
Chairman Feingold. Let me simply conclude by saying I wish
that what I said about the administration was extreme. But it
is not. This administration for years has created an
environment, whether it be the Inspector General's reports
about the detentions of Muslim-Americans and others right after
9/11 or any number of other practices--you name it. They have
created this environment where, frankly, people might believe a
level of surveillance and activity that is even beyond reality.
We are going to have a new administration, whether it is
Republican or Democrat, but the historical record is clear that
this administration has been reckless with regard to the
privacy of the American people. And I realize we disagree on
that, and this was not the focus of the hearing, but I believe
that if we are going to fix all this, we need to have a
different environment with regard to the next administration. I
am hoping we get that.
As usual, we will ask the witnesses to respond promptly to
any written questions so that the record of the hearing can be
completed. Thank you.
This hearing is adjourned.
[Whereupon, at 10:49 a.m., the Subcommittee was adjourned.]
[Questions and answers and submissions for the record
follow.]
�