- The US Customs and Border Protection department has been caught mismanaging personal data of individuals who go through the screening process.
- Agents from the CBP store personal data in Homeland Security servers before transferring them to USB drives.
- Even though the personal files are meant to be deleted, the CBP Agents do not do so.
The Office of the Inspector General is part of Homeland Security, and it is responsible for detailing the activity of various security agencies including the U.S. Customs and Border Protection (CBP). In 2017, CBP agents scanned over 29,000 travelers who entered the US, and despite personal data management regulations being in a place, they were not followed.
According to the report by Homeland Security, there are two types of electronic device searches that can be performed by the CBP at the US border. The manual search involves CBP officers going through individuals’ phones, computers, and tablets without transferring or collecting any data. The advanced search, on the other hand, allows officers to transfer data from devices to Homeland Security servers for further inspection. Both types of searches are completely legal and do not require any warrants.
The Homeland Security report revealed that the border agents “physically inspected thumb drives at five ports of entry. At three of the five ports, we found thumb drives that contained information copied from past advanced searches, meaning the information had not been deleted after the searches were completed. Based on our physical inspection, as well as the lack of a written policy, it appears [Office of Field Operations] has not universally implemented the requirement to delete copied information, increasing the risk of unauthorized disclosure of travelers’ data should thumb drives be lost or stolen.”
While it is already frightening that the US government collects personal data when entering the country, but keeping the data in non-secure locations where it can easily be stolen or lost is even more daunting. Other practices were also highlighted by Homeland Security that includes officers forgetting to disconnect devices from the internet, tainting any data found on devices and more. There is very little supervision at the CBP and scans are not documented properly. 67% of the cases include incomplete or inaccurate information.