Privileged Client Information and Border Searches
Amrita M. Narine and Reshma Shah write: Until the courts adopt a single approach toward border searches of electronic devices, attorneys need to be even more careful when crossing the border with privileged and confidential client information.
December 29, 2017 at 02:30 PM
8 minute read
Imagine you are returning to the United States after traveling abroad. You have been randomly selected for a search at the border by U.S. Customs and Border Protection (CBP). They request that you provide the passwords for both your work phone and work laptop. What do you do? As an attorney, you are likely to have privileged information on such devices. Regardless of whether you are a U.S. citizen or not, CBP can make your life difficult if you refuse. If you are a citizen or legal permanent resident, they will have to let you back into the country, but they can take temporary custody of your device for further examination. If you are not a citizen, CBP has the right to refuse you entry into the United States.
Responding to the growing concern over CBP's expansive searching protocols, the American Bar Association (ABA) has urged the Department of Homeland Security (DHS) to ensure that proper policies and procedures are in place to protect attorney-client privilege and the confidentiality of client information. See Letter from Linda A. Klein, ABA President, to General John F. Kelly, Secretary of Homeland Security, and Joseph B. Maher, Acting General Counsel for DHS (letter at 1) (May 5, 2017). In its letter, ABA President Linda A. Klein suggested that when an attorney travels across the border with an electronic device containing privileged or confidential client information, officers should only be allowed to conduct a routine, cursory physical inspection. See id. Unless the officials obtain a subpoena based on reasonable suspicion or a warrant supported by probable cause, they should not be allowed to read, duplicate, seize or share any privileged or confidential documents or files on the device. See id. at 4.
However, until DHS takes action on this letter, attorneys need to be aware of the possibility of having their electronic devices searched and need to take reasonable steps to protect privileged and confidential client information. The New York City Bar Association's Committee on Professional Ethics released a formal opinion on July 25, 2017, to provide attorneys with reasonable steps to help protect privileged and confidential client information stored on electronic devices. Pursuant to the Model Rules of Professional Conduct Rule 1.6(c), an attorney is required to make “reasonable efforts to prevent … unauthorized access” to confidential client information. Model Rules of Prof'l Conduct r. 1.6(c) (Am. Bar Ass'n 2017). If the CBP requests access to a device with protected information, an attorney may not comply unless it is reasonably necessary to comply with “law or a court order.” Model Rules of Prof'l Conduct r. 1.6(b)(6) (Am. Bar Ass'n 2017). The ethics committee suggests that reasonable measures to prevent disclosure include “informing the border agent that the device or files in question contain privileged or confidential materials, requesting that such materials not be searched or copied, asking to speak to a superior officer and making any other lawful requests to protect the confidential information from disclosure.” Bar Ass'n of NYC Committee on Prof'l Ethics, Formal Op. 2017-5 (at 4) (2017). It also encourages attorneys to carry proof of bar membership, such as an attorney ID card. Finally, if the attorney does disclose protected information during a border search, the attorney has a duty to inform clients about these disclosures. See id.
It is important to recognize that being “reasonable” does not mean that the attorney is guaranteeing that the information is completely secure from unauthorized access. See id. at 5. The opinion provides a list of factors to consider when crossing the border, including how sensitive the information is, the likelihood of disclosure without additional safeguards, the cost and difficulty of implementing additional safeguards, and the extent to which those safeguards negatively affect the attorney's ability to represent the client. See id. Attorneys need to evaluate the potential harmful effects of disclosure against the likelihood of the information being disclosed and the necessity of carrying the information. The most cost-effective and easiest option is to not carry any protected information across the border; however, this is not always feasible. The committee suggests using a blank “burner” phone or laptop, using software to delete confidential information, disconnecting from cloud- or web-based services, or uninstalling applications that provide remote access to protected files before crossing the border. See id. at 7. While removing everything is the most secure option, some electronic information, such as work-related emails, may not contain any protected information. Furthermore, the committee emphasizes that removing information, including emails, turns on the ease or inconvenience of avoiding disclosure of confidential information and the other factors listed above. See id.
As mentioned, there is a limit to what an attorney needs to do to protect client information. Attorneys would face an unreasonable burden if they were required to “forgo re-entry into the United States or allow themselves to be taken into custody while litigating the lawfulness of a border search.” Id. Furthermore, Rule 1.6(b)(6) would permit an attorney to comply with a border agent's demand to hold an electronic device containing confidential information during a border search, provided that the attorney put forth a reasonable effort to prevent disclosure. However, an attorney is not required to provide the device's password.
Even though this all sounds straightforward, the law is still developing regarding electronic device searches. CBP is granted broad authority to search all persons, baggage and other merchandise arriving in or leaving the United States. See CBP Search Authority, U.S. Customs and Border Protection; see also 19 CFR 162.6; 8 U.S.C. 1357. The Supreme Court has held that border searches without probable cause and without a warrant are reasonable simply by virtue of the fact that the person or item in question is attempting to enter the United States from outside. See U.S. v. Ramsey, 431 U.S. 606, 619 (1977); see also U.S. v. Flores-Montano, 541 U.S. 149 (2004) (the government's authority to conduct suspicionless inspections at the border is justified because the government has a paramount interest in protecting the border). However, the Supreme Court has not yet commented on a search of electronic devices. Data storage on phones, laptops, and other devices is now at an all-time high. Therefore, allowing searches without probable cause or warrants can be extremely intrusive. In March 2013, the Ninth Circuit Court of Appeals held that forensic examination of a computer required a showing of reasonable suspicion. See U.S. v. Cotterman, 709 F.3d 952, 968 (9th Cir. 2013). The decision compared a forensic examination of a computer as being “akin to reading a diary line by line looking for any mention of criminal activity—plus looking at everything the writer may have erased.” Id. at 962-63. In December 2013, the District Court for the Eastern District of New York signaled that “if suspicionless forensic computer searches at the border threaten to become the norm, then some threshold showing of reasonable suspicion should be required.” Abidor v. Napolitano, 990 F. Supp. 2d 260, 282 (E.D.N.Y. 2013). While it did hold that there was reasonable suspicion in this case to search the laptop, it did not make reasonable suspicion a requirement. In 2014, the District of Maryland, Southern Division, also held that reasonable suspicion was required to conduct a forensic search of digital devices taken from the defendant at the border. See U.S. v. Saboonchi, 990 F. Supp. 2d 536, 569 (D. Md. 2014). Finally, in 2015, the District of Columbia District Court adopted a new approach when they held that the defendant's right to privacy in his papers and effects had to be reasonable under the totality of the circumstances. See U.S. v. Kim, 103 F. Supp. 3d 32, 59 (D.D.C. 2015). Since higher courts have yet to weigh in on the issue, for now the jurisdictions will continue to be split on their approaches.
Until the courts adopt a single approach toward border searches of electronic devices, attorneys need to be even more careful when crossing the border with privileged and confidential client information. Even though approximately only 0.017 percent of all individuals entering the United States on a given day are subject to an electronic device search, the number is still steadily increasing. See Snapshot: A Summary of CBP Facts and Figures, U.S. Customs and Border Protection. Furthermore, border agents have access to software tools that can help them search devices more effectively and they can copy the contents of devices to review later, if they choose to do so. Bar Ass'n of NYC Committee on Prof'l Ethics, Formal Op. 2017-5 (at 2) (2017). Therefore, attorneys need to undertake reasonable efforts to safeguard protected information while crossing the border.
Amrita M. Narine is a law clerk in Duane Morris' New York office. Reshma Shah is an associate in the firm's New York office.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
‘Second’ Time’s a Charm? The Second Circuit Reaffirms the Contours of the Special Interest Beneficiary Standing Rule
Attorney Fee Reimbursement for Non-Party Subpoena Recipients Under CPLR 3122(d)
6 minute readTrending Stories
- 1'It's Not Going to Be Pretty': PayPal, Capital One Face Novel Class Actions Over 'Poaching' Commissions Owed Influencers
- 211th Circuit Rejects Trump's Emergency Request as DOJ Prepares to Release Special Counsel's Final Report
- 3Supreme Court Takes Up Challenge to ACA Task Force
- 4'Tragedy of Unspeakable Proportions:' Could Edison, DWP, Face Lawsuits Over LA Wildfires?
- 5Meta Pulls Plug on DEI Programs
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
