9th Circuit Limits Computer Border Searches (Update)

Drawing an interesting distinction between “a review of computer files” and a “forensic examination” of a computer, the long-awaited en banc decision of the 9th Circuit in  United State v. Cotterman concluded that reasonable suspicion is required, reflecting a return to the underlying purpose of border searches rather than using them as an excuse for free unlimited criminal searches.


The court rejected the “extended border search” distance argument, where the forensic examination was performed 170 miles from the border, holding that the location isn’t the critical issue.  What mattered, the majority held, was that computers were different, representing the “uniquely sensitive nature of the data” which

often retain information far beyond the perceived point of erasure, carries with it a significant expectation of privacy and thus renders an exhaustive exploratory search more intrusive than with other forms of property.

Finally, a court has recognized that computers, devices that contain information about the most private and intimate aspects of a person’s life, do not become fodder for the government under a rule devised to keep infected fruit and untaxed diamonds from crossing the border.

From the majority opinion by Judge Margaret McKeown:

The relevant inquiry, as always, is one of reasonableness. But that reasonableness determination must account for differences in property. Unlike searches involving a reassembled gas tank, or small hole in the bed of a pickup truck, which have minimal or no impact beyond the search itself—and little implication for an individual’s dignity and privacy interests—the exposure of confidential and personal information has permanence. It cannot be undone. Accordingly, the uniquely sensitive nature of data on electronic devices carries with it a significant expectation of privacy and thus renders an exhaustive exploratory search more intrusive than with other forms of property.

After their initial search at the border, customs agents made copies of the hard drives and performed forensic evaluations of the computers that took days to turn up contraband. It was essentially a computer strip search. An exhaustive forensic search of a copied laptop hard drive intrudes upon privacy and dignity interests to a far greater degree than a cursory search at the border. It is little comfort to assume that the government—for now—does not have the time or resources to seize and search the millions of devices that accompany the millions of travelers who cross our borders. It is the potential unfettered dragnet effect that is troublesome.

The point is that the level of intrusiveness involved in what the court describes as a “forensic search,” breaking password protected data and searching the deepest, darkest regions of the hard drive for deleted data, is a probe of a different color than is justified by the border search exception.

This is a critically important analysis for two reasons. First, that it reflects a return to the purpose of border searches rather than an extension of the rule without recognition of the rubric.  The border search exception was never meant as a free search for criminal conduct, but as a means of controlling dangerous items that might be brought into the country. As happens so often, the rule swallowed its purpose and became disconnected from the rationale that justified it in the first place.

More importantly, however, the court’s decision recognized that the digital world is different, and searches of computers cannot simply be determined by application of centuries old rules for physical-world things.  Indeed, to the extent a fair analogy can be drawn, computers are “akin to reading a diary line by line looking for mention of criminal activity—plus looking at everything the writer may have erased.”  It’s been a very long time since a court remembered that personal diaries are sacrosanct.

If there is any problem with the decision, it comes from the option given border guards in determining when a deeper probe is warranted based on the dreaded “totality of the circumstances.”  While the majority held that password protection, per se, is not sufficient to create a reasonable suspicion, it is a factor.

The en banc court wrote that password protection of files, which is ubiquitous among many law-abiding citizens, will  not in isolation give rise to reasonable suspicion, but that password protection may be considered in the totality of the circumstances where, as here, there are other indicia of criminal activity. The en banc court wrote that the existence of password-protected files is also relevant to assessing the reasonableness of the scope and duration of the search of the defendant’s computer.

This test tends to favor the artful structure of a post hoc argument by the government, taking otherwise insignificant details, breaking them into their smallest components, and creating the appearance of nefarious suspicion from otherwise utterly ordinary human conduct.  Indicia of criminal activity is often less a matter of illegal conduct than how deftly a prosecutor can describe it.

In a side issue, the Cotterman decision burned the government’s tactical approach to the case. As Orin Kerr notes at Volokh Conspiracy ,

DOJ has generally refused to argue that there is reasonable suspicion in order to keep open Supreme Court review if/when the Ninth Circuit takes a narrow view of the exception. Specifically, DOJ has wanted to avoid the situation in which the Ninth Circuit establishes a reasonable suspicion standard, finds reasonable suspicion, and thus prevents DOJ from being able to file a cert petition to reverse the Ninth Circuit’s conclusion that reasonable suspicion is required.

In the en banc decision today, however, the Ninth Circuit goes on to determine that there is reasonable suspicion and that DOJ therefore wins the case. That is, after holding that reasonable suspicion is required, the en banc court goes on to say that reasonable suspicion existed to search Cotterman’s computer and thus that DOJ wins and the district court has to deny the suppression motion. Ordinarily, then, this would mean that DOJ cannot seek further review: After all, it won the case.

It’s still possible that the government can seek review of the underlying issue under Camreta v. Greene, where the Supreme Court suddenly ignores the Article III case and controversy concerns for the benefit of sad government officials.  If not, then expect this issue to be fought on Second Circuit turf.

Eventually, it will make its way to the Supreme Court, assuming the other circuits recognize the merit of the 9th Circuit’s approach. Hopefully, the justices will finally come to the realization that borders aren’t an excuse for unfettered criminal conduct searches, and that computers are unlike anything that ever existed before in the physical world.

Update: In a new post, Orin raises some  very interesting questions about the distinction between what sort of manual search is allows and where the line should be drawn.

Most users think of computer searches as occuring at the virtual level, because that’s the user experience. But computer forensic software works at the physical level: it treats the hard drive as a physical device that contains millions of zeros and one, not as a virtual “box” of information accessed through an operating system. User profiles and most password protection operate only at a virtual level, so a goverment forensic analyst operating at a physical level wouldn’t even notice the difference unless he was specifically looking for it.

So what does the Cotterman decision allow in the absence of reasonable suspicion, and where is the line drawn? Even if it’s a simple division between virtual and physical, just how far can a virtual search go? If there are 50,000 accessible files on a computer, can a border agent look at every one, even if it takes days? If a file is password protected, can he try to crack the password by chance for a week or two? Where is the line drawn? Cotterman leaves that unclear.

4 thoughts on “9th Circuit Limits Computer Border Searches (Update)

  1. Jack

    While IANAL, I am a computer security guy and the fact that border searches of electronic devices ever got to the point they are at is absurd. The simple fact that the internet exists and there are no borders on the internet (here…yet…) should preclude any electronic device from this type of search in the first place if the searches were truly about protecting the public from contraband. It disgusts me that the simple fact that a user chooses to password their most sensitive information can be used as a factor to establish reasonable suspicion for a forensic search that will tear their device apart bit by bit… that’ll teach people to attempt to protect their most sensitive information at the border…

    The dissent of Judge Smith makes it pretty clear that our courts have no clue as to how electronic data works or that the internet exists. The techno-terrorist hyperbole he uses is priceless – conjuring the image of Osama Bin Laden smiling deviously at a border agent as he slips by – with the border guard knowing that if he could just have a look at his flash drive he could stop the next 9/11.

    Hopefully as more people have to leave copies of their drives at the border, more people will fight back and use strong encryption on their devices. Nothing wastes more time than examining data to determine if something even exists in the first place to attempt to decrypt(as is the case with certain types of encryption like rubber-hose). Best of all, this technology is totally free and widespread.

  2. SHG

    One of the long-standing problems with judges addressing technology is that they neither know (or understand) enough to be technologically accurate, nor recognize their technological limits sufficient to address its impact from a wholly non-tech perspective.  In other words, they tend to know just enough to monumentally screw things up for everyone.

  3. TGM

    The en banc opinion really is quite a surprise, though obviously a welcome one. I recently briefed a border search case for one of my supervising attorneys up in the Northern District, and between U.S. v. Arnold & Cotterman I, the law seemed pretty well settled in the Ninth Circuit. The Rehnquist Court was also militant about making sure everybody knew that warrantless border searches were reasonable simply by virtue of taking place at the border, and the Fourth Circuit also rejected a similar challenge not too long ago. When I saw the en banc opinion come down I nearly spat out my coffee, and immediately e-mailed my supervising attorney to let him know that none of the 9th circuit authority in my brief was still good law (which was good for our side). Kind of an exciting moment, to be honest.

    The only downside is that other circuits are unlikely to follow suit, given that the 9th circuit is notorious for being the red-headed stepchild of the federal court system. But who knows. Maybe the en banc ruling will give it more staying power. If fortune smiles upon us, maybe we can get two judges on a panel here in the 2nd circuit that find the 9th Circuit’s reasoning persuasive. Then again, constitutional avoidance is a way of life in this neck of the woods. A boy can dream, I suppose.

Comments are closed.