Security staffs have a couple of reasons to pay attention to a Congressional hearing on the rights of officials to search laptops of citizens returning to the States through customs. CSOs and their staffs do their share of traveling. They also must keep their senior executives apprised of the wisdom of carrying timely data overseas.
This U.S. News & World report -- which also discusses the Congressional hearing -- offers some background on the issue. The ability to confiscate the materials was attributed to a ruling by the 9th Circuit Court of Appeals that equated electronic devices with briefcases, which can be searched without suspicion of a crime. The original case was the result of more than 20 incidents, almost all of which involved searching the electronic devices of people with Muslim, Middle Eastern or South Asian backgrounds. As we noted last week, The Electronic Frontier Foundation, The Association of Corporate Travel Executives and others are involved in the appeal of the decision.
The story starts with Bill Hogan, a freelance journalist who had his laptop impounded and various media devices examined. He says that if the materials were work-related -- he was on vacation -- he would have had to tell his sources that they possibly had been compromised.
Beyond the political and philosophical issues involved, it is vital that companies protect themselves and their data when traveling. Absolute Software offers a list of five ways to do this. The writer offers a suggestion from well-known consultant Bruce Schneier that a second level of encryption be used for sensitive data. The writer also advises limiting data, using a VPN, shipping data ahead via FedEx to your destination, and storing data online. Still Secure's Alan Shimel notes that a lot of the back-and-forth probably is meaningless anyway. His point is that the bad guys will know enough to encrypt their data and make it unreadable to officials.
He is right, of course. But the big picture isn't what it will do to crooks and terrorists. It's what the impact will be on the vast majority of innocent travelers who are momentarily inconvenienced and to the businesses that sustain real damages through the loss of time-sensitive data.