Setting bold new standards for digital searches, a federal appeals court ruled Friday that customs agents need "reasonable suspicion'' a crime has occurred before delving into the hidden files on someone's computer.
"A person's digital life ought not be hijacked simply by crossing a border, wrote Judge Margaret McKeown for the majority of the 9th U.S. Circuit Court of Appeals. And she said it's appropriate to have a different standard for computer files than other items.
"When packing traditional luggage, one is accustomed to deciding what papers to take and what to leave behind,'' she wrote.
"When carrying a laptop, tablet or other device, however, removing files unnecessary to an impending trip is an impractical solution given the volume and often intermingled nature of the files,'' McKeown continued. And McKeown pointed out that, given the nature of digital files, simply "deleting'' them from the computer does not make them disappear, as they can remain on the hard drive -- and, as is the case here, be found with a forensic examination of that drive.
Friday's ruling also offers new protection in the era of "cloud computing,'' where files are not held within a computer but on a remote server, presents different issues. That makes the computer the access point to that data, with McKeown comparing it to a key to a safe deposit box.
"Notably, although the virtual 'safe deposit box' does not itself cross the border, it may appear as a seamless part of the digital device when presented at the border,'' she wrote. "With access to the cloud through forensic examination, a traveler's cache is just a click away from the government.''
McKeown acknowledged that travelers have a "diminished expectation of privacy'' at the border. And she said international travelers expect their property will be searched.
"What they do not expect is that, absent some particularized suspicion, agents will mine every last piece of data on their devices or deprive them of their most personal property for days (or perhaps weeks or even months, depending on how long the search takes),'' she wrote. "Such a thorough and detailed search of the most intimate details of one's life is a substantial intrusion upon personal privacy and dignity.''
But the ruling, which establishes the legal standards that now apply in Arizona and eight other the Western states within the 9th Circuit, provides no help to Howard Cotterman, whose case the judges were reviewing.
They concluded that Border Patrol agents did in this case have reasonable suspicion to examine his hard drive. And that allows Cotterman, who has been locked up since 2009 -- he had initially fled the country -- to be prosecuted in federal court on charges of child pornography.
His attorney, William Kirchner, said he was studying the ruling on Friday but said he likely will seek review by the U.S. Supreme Court.
Friday's ruling drew fire from Judge Consuelo Callahan who filed a dissent.
"The majority's new limits on the government's border search authority will make it much harder for border agents to do their jobs,'' she wrote.
Callahan said it is "common knowledge'' that agents at security checkpoints do more thorough searches not only of those who arouse suspicion but also on a random basis.
"Otherwise, a person who appears entirely innocent will have nothing to fear and will not be deterred from carrying something that should not be brought into the country,'' the judge wrote. "A checkpoint limited to searches that can be justified by articulable grounds for 'reasonable suspicion' is bound to be less effective.''
And Callahan said the ruling means "criminals now know they can hide their child pornography or terrorist connections in the recesses of their electronic devices'' knowing that border agents, faced with this new standard, will avoid conducting searches.
The case involves Howard and Maureen Cotterman who entered the country at Lukeville in 2007.
Following protocol, customs officials checked their names in a national database. There, they found that Cotterman had been convicted in California in 1992 of seven counts related to child molestation. Based on that, they sent the couple to a secondary inspection area.
A search of the vehicle revealed two laptops and three digital cameras. While the inspecting officer found no child pornography, he noted that several files were password protected.
The officers said they refused Cotterman's help fearing he could destroy any files. Instead, they took the laptops to Tucson.
Eventually, a specialist found what he said were 75 images of child pornography on the computer. Cotterman eventually fled to Australia but was indicted, after which he was extradited back to the United States.
U.S. District Court Judge Raner Collins ruled that the images could not be used at trial. He said agents did not have a "reasonably particularized suspicion" of anything improper to conduct an extended search.
McKeown, however, said there was enough in this case to give agents cause to do the forensic search. That included not only his criminal background but also his frequent travels, coming from a country known for sex tourism as well as the password-protected files.
But she cautioned that last factor, by itself, is not enough, calling it "commonplace for business travelers, casual computer users, students and others to password protect their files.'' And she specifically said that protecting the entire computer with a password, versus individual files, cannot be a factor in determining whether there is reasonable suspicion to search.
"Using a password on a device is a basic means of ensuring that the device cannot be accessed by another in the event it is lost or stolen,'' McKeown wrote.