Travelers at an airport

The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers' electronic devices at US borders.

CBP, an agency part of the US Department of Homeland Security (DHS), last updated the guidelines in August 2009.

New procedures reign in border searches

According to a 12-page set of rules and a 22-page privacy assessment, border agents can still search electronic devices at the US border.

The most impactful changes are that the CBP clearly defines what's a Basic Search and what's an Advanced Search for the first time.

According to the new rules, CBP agents are allowed to choose, with or without suspicion, travelers for Basic Searches.

A Basic Search restricts agents to examining data found only on the device and which is accessible through the device’s operating system or via locally installed applications.

Advanced Searches still occur, but agents must prove reason

An Advanced Search is when the CBP agent connects the user's device to an external system specialized in deeper searches. This external system may "review, copy, and/or analyze" the user's data, but will not destroy or harm it.

The new rules say that CBP agents must prove there's a reasonable suspicion of criminal activity or a "national security concern" to carry out an Advanced Search.

A supervisor must be present, or at least notified at a later date, that an Advanced Search has been carried out.

The new search procedure states that individuals may be permitted to remain present during the search, but they should not be permitted to view the actual search itself because this may reveal law enforcement techniques. Individuals who pose a physical danger to CBP agents or a threat to national security may be removed.

CBP agents can't search data stored in cloud services

Further, CBP agents are allowed to search data that is only present on the device itself, but not cloud services.

"To avoid retrieving or accessing information stored remotely and not otherwise present on the device, Officers will either request that the traveler disable connectivity to any network (e.g., by placing the device in airplane mode), or, where warranted by national security, law enforcement, officer safety, or other operational considerations, Officers will themselves disable network connectivity," the new procedures state.

The CBP claims these searches are necessary to fight terrorist activity, child pornography, violations of export controls, intellectual property rights violations, and visa fraud.

Despite the revised rules, privacy advocates aren't happy, as they still allow border agents to carry out warrantless searches of users' devices without judicial oversight.

Along with the new procedures, the CBP also released device search statistics from the past two years. According to the CBP, border agents searched 19,051 devices in 2016 and 30,200 devices in 2017, a 59% spike from 2016. The number is approximately 0.007% of arriving international travelers processed by CBP officers (more than 397 million), said the CBP.