When it comes to privacy, revelers going to the US have several reasons to be careful of their computers. A report from the Department of Homeland Security released Thursday gives even more reason for alarm about how much data border patrol agents can pull from your phones and computers.

The DHS outlined its US Border Patrol Digital Forensics system in a July 30 Privacy Impact Assessment, specifically for its creation of tools to gather data from mobile devices. For years, DHS and border agents were permitted to search devices without a warrant, before a court in November 2019 found the practice unconstitutional.

The department scanned more than 33,000 apps in 2018 versus 30,200 searches in 2017 and just 4,764 searches in 2015. Civil rights activists have protested against surveillance of this kind, arguing it violates the privacy rights of individuals.


The report highlights the capabilities of the DHS, and shows that when travelers cross the border, agents will make an exact copy of the data on computers. According to the DHS, extracted data from devices can include:


  • Contacts 

  • Call logs/details 

  • IP addresses used by the device 

  • Calendar events 

  • GPS locations used by the device 

  • Emails

  • Social media information

  • Cell site information

  • Phone numbers

  • Videos and pictures

  • Account information (user names and aliases)

  • Text/chat messages

  • Financial accounts and transactions

  • Location history

  • Browser bookmarks

  • Notes

  • Network information

  • Tasks list

The agency did not answer a request for comment. According
to the report, the policy of keeping the data for 75 years still remains. The
data is collected and stored on the local digital forensics network of the DHS
and transferred to PenLink, a platform for telephone surveillance the helps
handle metadata from devices. Police across the US use the company to intercept
text messages, phone calls and device-specific GPS data.

 

But according to its website, it also analyzes the data from
social media and tech platforms.

PenLink is telling potential customers on its free trial
offer that it will map data collected from Snapchat geolocations, Facebook
tracked locations and Google's geofenced data. The firm has not replied to a
request for comment.

"USBP uses the information it gathers using these tools
to develop leads, identify trends associated with illicit activity, and further
law enforcement actions related to terrorism, human and narcotic smuggling, and
other activities posing a threat to border security or national security or
indicative of criminal activity," the DHS report stated. 

The comprehensive list of how much information your phone
can provide about you came just days before the National Security Agency
instructed its employees on best practices for keeping data on their computer
confidential. This include turning off location services and permissions for
ads, and disabling Bluetooth and Wi-Fi.


The DHS said that the privacy risks associated with using
the software are small because only qualified forensic technicians will have
access to the devices, and only data related to investigations will be
retrieved. That assurance contrasts sharply with what American Civil Liberties
Union and Electronic Frontier Foundation lawyers found after a lawsuit revealed
that agents had searched without restrictions through the devices of travelers,
and often for unrelated reasons such as enforcing bankruptcy laws and assisting
outside investigations.