Tag Archives: warrantless searches

Visit New Zealand – Fork Over Your Passwords or Risk Being Prosecuted

In what is thought to be the first country to do this, travelers entering New Zealand who do not turn over their phone passwords during searches could be arrested, prosecuted and fined more than $3,000.  This includes citizens and foreigners.

A New Zealand customs spokesperson said that the new fine is an appropriate remedy to balance individual’s privacy and national security.  I am not sure what the balance is here.

In many countries law enforcement can examine your digital devices, but it is up to them to figure out how to hack into them if you don’t unlock them.

I suspect that this will become a bit of a trend.

Once law enforcement has the phone, unlocked, you have to assume that whatever is on the phone – from nude selfies to business trade secrets – has been compromised.  There is no way to know whether that data is secure or not.  Given most government’s security track records, this is probably a sad reality.

In the case of New Zealand, the customs agent has to have some undefined suspicion of wrong doing in order to invoke the new law.

Things that you can do to minimize the pain –

Large companies that are concerned about security are giving their employees burner phones and burner laptops when they travel abroad.

These same companies require employees to get approval for any data files that they load onto these devices.

For private citizens, this applies as well.  Don’t take your laptop and buy a burner phone at Walmart or Best Buy and only load what you need.

Alternatively, store the data that you will need while abroad in the cloud, encrypted, download it while abroad, upload changes before you cross any borders and overwrite the deleted files with software like the free program CCleaner.

If you believe Snowden, intelligence analysts like sexy photographs and swapped them internally like baseball cards.  I would suspect that practice applies to customs agents as well.  If it isn’t there, they cannot do that.

It is likely that you will pass through customs unmolested – in the U.S. last year, customs only searched several tens of thousands of devices compared to the hundreds of millions of travelers –  but if you are concerned, there are some easy and inexpensive steps that you can take.

Source: NY Times.


Warrantless Searches of Your Car

For the most part, police need a search warrant to search your possessions.  Want to search your house, get a warrant.  Search your phone, yup, need a warrant.

But when it comes to your car, the rules are different.

The rules for searching your car don’t run back to the Constitution.  After all, there were no cars in 1776 and searching your horse was likely a different matter.

To search your car all the police need is probable cause and the definition of what is probable cause is somewhat variable.  This goes back to the days when a cop stopped someone for running a stop sign and saw a gun on the front seat or some drugs.  They used that as probable cause to search your car for more.

But where, exactly, does that stop?  Can they plug a cable into your maintenance port and suck out all your call data or text messages from your smart entertainment system without a warrant?  Currently, yes.  So if you won’t give them your phone when they stop you, they could, maybe, get the same data from your car.

It seems to me that there is a difference between looking under a blanket in the back seat for a gun or  drugs or even an illegal immigrant and searching your car’s entertainment system to dump all your email.

The police are welcome to search my car’s entertainment system for my email because it is not there.  I have a dumb entertainment system.  If I want to listen to music stored on my phone, I have to plug in a cable into the headphone jack.  That connection is not going to leak much data.  But, for many people, they like the feature of being able to have their car radio read email to them or read the President’s latest Tweet storm as they drive.  Or be able to say “car, phone ET at home”.

That being said, my car (actually a truck) probably has 50 or more computers in it that tell it everything from my speed to how far I drove today.  Not in my case, since I don’t have a GPS in my car, but for others, it will also tell the police every place my car has been and how it got from place to place and even when.  They can, today, get all that data, likely without a warrant.  Remember of course that they can get that same GPS data from your cell phone carrier, but the guys (and ladies) in black robes in DC have been making the barrier to getting that data higher over time.

Some police are even carrying systems in their police cars that can suck the data out of your phone in seconds.  Even if the phone is locked with a screen lock.  I am pretty confident but not positive, (a) *IF* your phone is encrypted and (b) you power it off – not lock it – before the police make it to your car, then the odds of that software working are as close to zero as possible.  But how many people would even think to do that.

Worse yet, some insurance companies are offering electronic insurance cards.  So, you unlock your phone, bring up the insurance app with the insurance card, hand your unlocked phone to the police officer who takes it back to his or her police car.  What could possible go wrong.   Besides, of course, in the minute or two while the police person is running your license and vehicle for wants and warrants, he or she could also be sucking all the data out of your phone.  Probably legally.

Legal?  Maybe?  But they have the data at that point and there is no law that requires them to delete it, so they add it to some mega database for what purpose?  And keep it for how long?

Seems to me that Congress needs to change the law, but that is just me.

After all, your definition of probable cause and mine could be different and the determination of probable cause could change after the fact.

Just something to ponder.

Information for this post came from Tech Crunch.