Government Agency Admits That They’ve Copied Phone Data at Massive Scale – 4th Amendment Violations?

A massive database has been growing at Customs and Border Protection as CBP officers extract data from electronic devices.

A report in The Washington Post last week said that during a summer briefing, CBP leaders told congressional staff that information from about 10,000 people a year is added to the database.

CBP officials said the data is kept on file for 15 years.

CBP agents routinely inspect phones, laptops, tablets, and other electronic devices when travelers enter the country — including those of American citizens, the Post reported.

In a letter to CBP Commissioner Chris Magnus, Democratic Sen. Ron Wyden of Oregon said CBP is wrong for “allowing indiscriminate rifling through Americans’ private records.”

“Innocent Americans should not be tricked into unlocking their phones and laptops,” Wyden wrote.

“CBP should not dump data obtained through thousands of warrantless phone searches into a central database, retain the data for fifteen years, and allow thousands of DHS employees to search through Americans’ personal data whenever they want,” he wrote.

Wyden noted in the letter that CBP personnel searching the stored records don’t have to provide any reason for the search.

In a statement to the Post, CBP spokesman Lawrence Payne said CBP conducts “border searches of electronic devices in accordance with statutory and regulatory authorities” and has imposed rules to ensure the searches are “exercised judiciously, responsibly, and consistent with the public trust.”

Keep reading

Customs And Border Protection Bought Half A Million Dollars Worth Of Location Data

Customs and Border Protection (CBP) just got its hands on a whole bunch of location data. The news service Motherboard (Vice’s technology segment) uncovered a procurement order for $476,000 paid to the company Venntel Software last month. Venntel specializes in location data mining, compiling and selling GPS data gathered on users from various phone apps.

Sources who work with Venntel gave Motherboard more insight into the type of data the government now has its hands on.

Venntel’s technology only gives anonymized data, meaning it does not identify specific people or phone numbers. It gives only a randomized identification number. BUT there is an easy way to identify the owners of the phone.

The technology allows the CBP to draw a perimeter around a geographical area, and obtain the location data for any phones in that area. In this way, CBP could draw a circle around one particular home, acquire the data from it, and surmise that the few devices in that home belong to the homeowners.

What this means:

This allows Customs and Border Protection to ignore laws that require them to obtain a warrant before surveilling particular subjects. They simply purchase the data, instead of having to show probable cause that a crime has been committed.

Keep reading

Customs to Expand License Plate Reading Program Nationwide

The Customs and Border Protection agency has been collecting vehicle information at the border using license plate readers for years. Now, the agency will begin incorporating third-party license plate reader data collected from local governments, law enforcement and the private sector and maintained by a commercial vendor.

privacy impact assessment published July 7 outlines the agency’s plan to incorporate datasets maintained by third-party vendors as part of its investigations. The latest update is the first since December 2017, when CBP authorized the use of license plate readers for data collection.

“To meet its vast mission requirements, CBP relies on a variety of law enforcement tools and techniques for law enforcement and border security,” the PIA states. “One such tool is license plate reader (LPR) technology, which consists of high-speed cameras and related equipment mounted on vehicles or in fixed locations that automatically and without direct human control locate, focus on, and photograph license plates and vehicles that come into range of the device.”

Each data collection—or “read”—gathers the vehicle’s license plate number; an image of the vehicle, including make and model; where it is registered; the location and owner of the camera; and any associated location information, including GPS coordinates. “LPR technology may also capture—within the image—the environment surrounding a vehicle, which may include drivers and passengers,” the impact assessment notes.

Keep reading