Laptops May Be Subject to Suspicionless Searches at the Border

From the ABA

25 April 2008 10:02:27
Caution Travelers: Laptops May Be Subject to Suspicionless Searches at the Border

Earlier this week, the Ninth Circuit issued a ruling in United States v. Arnold that the Fourth Amendment’s “reasonable suspicion” requirement does not apply to the search of a laptop during an international border crossing.

The court rejected Arnold’s argument that a laptop should be treated similarly to a home or office for privacy purposes, holding instead that a laptop was akin to a traveler’s luggage. George Washington University Law School Professor Orin Kerr discusses the holding in more detail at the Volokh Conspiracy blog.

Arnold presents an interesting challenge for attorneys who travel internationally: how do you safeguard the sensitive client and firm data on your laptop when a security person, sans any reasonable suspicion of wrongdoing, can investigate your files?

The easiest and best solution is simply to avoid placing sensitive or confidential information on your laptop. Such information can be stored on secure servers at an attorney’s main office and accessed remotely via VPN, or encrypted and stored remotely with an online backup vendor.

If internet access will be unavailable on your trip or you otherwise require local copies of your sensitive information, consider encrypting the data and perhaps also relocating it to a storage device such as a USB thumb drive or CD-R.

While such methods won’t guarantee you privacy, they may reduce the likelihood that your client’s confidential information will be revealed in a casual search of your laptop.

Mind Your Metadata: Don’t Reveal Strategic Information Through Hidden Comments, Tracked Changes, and Document Properties

Rick Segal, apparently an ex-Microsoft employee and current venture capitalist, writes of a business plan he received which contains revealing metadata that the authors obviously didn’t intend for anyone else to see. Potentially strategic information has been leaked via metadata in a number of high profile incidents relevant to the legal world, including during a lawsuit by SCO against DaimlerChrysler. Some lawyers routinely check documents they receive from opposing counsel for metadata.

Metadata can hide in several forms in Microsoft Word documents, including comments if you have not deleted all comments from the document, tracked changes if you have not accepted or rejected all changes in the document, and document properties (see File->Properties in the menu, under the “Summary” tab there is information such as title, author, and company, that you may want to change or delete). Converting to PDF is not a foolproof way of preventing metadata from reaching prying eyes as document properties metadata and other metadata such as comments may be preserved. (Acrobat 8 features an “Examine Document” tool which can help bring to your attention metadata in a document). Programs exist to “scrub” your documents of metadata, including Workshare Protect and Payne Consulting’s Metadata Assistant

Metadata Minefield

One of the first things Vincent Polley does after receiving a document from op­posing counsel is look for metadata, the hidden information embedded in computer files.

“When I get a document, I take a look for a couple of things, like who it was written by and the number of revisions it went through,” says Polley, who practices information technology law at Dickinson Wright in Bloomfield Hills, Mich., and serves on the council of the ABA Section of Business Law. “You can learn a lot about what someone is sending you that you can’t see by just looking at a document.”

The potential value of metadata is hard to ignore. The Pentagon, the British government and a number of public figures were all embarrassed when metadata revealed that their public statements were at odds with private communications....

The risk of metadata is that an attorney will unknowingly send an electronic document to opposing counsel that includes confidential, privileged or trade secret information. Word processing software, for example, often includes menu commands that allow someone to see edits and changes that have been made to a document, including text that has been deleted.

The biggest concern may be a comments feature that contains confidential information about a document not meant to be included in the final version.

A lot of people use the comments feature to tell co-workers important information, according to Donna Payne, founder of the Payne Group in Seattle, which makes metadata-stripping software. “But if you leave the comments feature on when you send a document out,” she says, “you’re broadcasting your internal discussions to the other side.”

Polley’s firm has a standing policy on metadata. “In my firm, we scrub our outbound communications,” he says. “Metadata is useful internally to keep track of your documents, but if you’re sending something to opposing counsel, you’d better think about cleaning it up first.”



Links to this post:

Create a Link