Data Kept for 15 Years: Thousands of Customs Agents Can Access Trove of Personal Data

If you thought being subjected to “random” TSA screenings at airports was dehumanizing, just imagine your most sensitive, personal digital information being secretly reviewed by any one of thousands of government agents operating without a warrant or public oversight.
 
The Customs and Border Protection Commissioner Christopher Magnus revealed to Sen. Ron Wyden (D-OR) that the agency is scooping data from thousands of seized electronic devices every year. (Hat tip to Drew Harwell of The Washington Post for detailing this abuse of privacy.) That data is then added to a CBP database accessible by more than 2,700 CBP agents. That data – which can include call logs, messages, contact lists, and photos – can be kept for up to 15 years.
 
This story is just the latest development in a long-running series of data privacy breaches by federal law enforcement officials. Sen. Wyden criticized the agency for “allowing indiscriminate rifling through Americans’ private records.”
 
CBP conducted more than 37,000 searches of travelers’ devices in the 12 months ending in October 2021. According to The Washington Post, the default configuration for some data searches has been to download and retain all contact lists, call logs and messages. This means potentially millions of calls, contacts, and text messages from thousands of phones could be compromised.
 
It has long been known that CBP makes generous use of the “border search” exception in Fourth Amendment law. Sen. Wyden’s revelation about the scale and the scope of this loophole reveals an egregious new threat to the security of Americans’ data privacy. Congress must act now to bolster protections for data privacy.
 
It is high time for the Supreme Court to review and modify the judicially created border search exception in light of the massive amounts of information being seized from law-abiding citizens and then stored for long periods of time. If the Court does not protect the Fourth Amendment, then Congress should step up.
 
Last year, Sens. Wyden and Rand Paul (R-KY) introduced legislation that would require border officials to get a warrant before searching a traveler’s device. Congress should also pass the Fourth Amendment Is Not for Sale Act to ensure this database doesn’t fall into the hands of data brokers.