At border crossings of many jurisdictions, including, for example, those of the United States, the European Union and China, customs agents have a broad level of authorization to examine the electronic devices of people entering the country, even without suspicion of wrong doing. Electronic devices that can be examined include items such as laptop computers, tablets and phones. These devices frequently store confidential information, for example proprietary corporate data, medical documents, family photographs, website browsing histories, etc. In many industries, a traveler may have a contractual obligation to protect the confidentially of information on an electronic device, such as medical records, non-published research or company trade secrets. Despite this, travelers are limited in their legal rights to refuse to turn over passwords and other electronic device access control mechanisms to border agents.
The US Customs and Border Patrol (CBP) is aware that its agents may encounter privileged or sensitive information, but the CBP does not publish its procedures for retaining and/or safeguarding it. Furthermore, when the CBP encounters difficulties accessing data on a device (e.g., technical difficulties, encrypted files or documents in a language not known by the agent), the CBP is authorized to hold the device or physically transfer it to another government agency for access assistance. The policies of the other agencies for handling confidential data are also unknown, and in such instances the device is typically not returned to the owner for about five days. Similarly, Immigration and Customs (ICE) agents also may hold and inspect electronic devices, even without individualized suspicions, and typically return devices within 30 days. Similar and in some cases more severe issues exist at border crossings into other countries.
Confidential information can be locked based on location or time. Using a location based lock (a technique called geo-fencing), access to certain information is blocked in certain locations. A typical example would be where a user travels to a given country in which it is believed the authorities may attempt to obtain private and confidential information from the user. Therefore, the user's computing device is configured to automatically make the confidential data inaccessible in that country (i.e., a geo-fence for the country is created). The geo-fence remains in effect until the computing device is no longer in the country. A time based lock makes the information inaccessible for a given period of time, for example three days.
It might initially seem that simply creating a geo-fence for the border crossing areas would provide sufficient protection for the confidential information of a computing device. However, the device can be held by the border agents and transported (or a copy of the data transferred) to other agencies not physically located in the border area, and thus outside of the geo-fence. It is not practical or even possible to create a geo-fence for every area to which the device could be shipped, because all such locations cannot not known to the user, and the device could be shipped offshore. Therefore, a simple location based lock is insufficient to protect the contents of the device. Furthermore, a time based lock is also insufficient, because the device can be held until the time based lock expires.
It would be desirable to address these issues.