Data can and will be captured by border agencies – are your on-the-road personnel ready?
Does your company have a travel policy that instructs and supports employees traveling internationally for business regarding collaboration and collaboration? This is not a tricky question. to receive travel program Which provides employees with anticipated scenarios, and provides them with unique tools for international travel, a significant investment of resources, both physical and monetary.
The revelation that US Customs and Border Protection (CBP) Regularly downloads content from individuals’ devices Those entering the United States should attract the attention of every CISO. The fact that CBP routinely captures device content is not new; In fact, several lawsuits over the years have challenged the authority of the CBP, which has always been recognized as legitimate.
Handling the Secondary Interview at the Border
When one does further research, they find that these data capture incidents occur as part of a secondary inspection/interview by a CBP officer prior to being allowed entry into the United States. The time and place are important, as the CBP officer determines whether the person standing in front of them is to be allowed or denied entry into the US and asked to leave without officially entering the US. Is. You are not technically in the United States unless you are passed by a CBP officer, physically at the airport and in the CBP area.
The immediate question everyone must ask is is it the same everywhere?
The short answer is yes. Every country has a secondary screening process. I have been placed in secondary screening in Australia and the UK because my travel pattern prior to arrival was strange (even for me). In my case, it was a five-minute discussion after they emptied my bag on the table and determined that I was doing what I said I was there, and My device (I had a cellphone and a thin client tablet, both powered.) I was not asked to open either device, but if they had asked, I would have accepted because the devices were “travel devices” – That is, they were devoid of any data other than the connection to the VPN and the secure cloud environment where the data I needed for my work lived.
Border areas have unique rules
CISOs need to be aware that international border areas whether they are at an airport, port, train station, or land crossing, are intellectual property opportunities that are plundered by governments with interest or interest in the employee or company. Huh. For example, in 2019, The New York Times Unveils China’s Surveillance of Tourist Phones, In this case, the situation was far more dire than the inspection and data dump at the airport. Rather, the authorities require the installation of a specific application that allows for real-time monitoring of individuals.
2017. In Kasperki report on border crossing, he shared the statistics of electronic equipment being inspected at various international points of entry. Although dated, the numbers provide perspective. In Frankfurt, devices accounted for seven percent, while in Paris 48% of individuals processed at the secondary had device information captured.
CBP came into limelight recently when Senator Ron Wyden (D-OR) sent a letter to CBP on September 15, 2022 which called into question the practice of searching American individuals’ devices. In his letter, Wyden notes that CBP “does not maintain statistics on the number of basic versus advanced searches, how often CBP downloads data to its central database, nor does it maintain this database for ‘national security’ purposes.” How many times does it search? He further said that CBP had informed that the archived information was accessible for 2,700 DHS personnel to search and had been available for 15 years.
Preparing employees for cross-border travel
How can companies prepare their employees for international travel, understanding that the rules that apply in the United States are not those that apply in China, France, Russia, or any other country? The ACLU has published a “know your RightsPrimer that is most useful in helping companies formulate their policy and guidance for employees crossing international borders.
For Americans, failure to answer questions asked of an individual may result in a delay in admission, but will not result in a denial of entry. Similarly, failure to unlock a device may result in forfeiture of the device and a receipt may be provided to the passenger. If you are a foreign national entering the US, you may be denied entry to the US as a result of non-cooperation
Having a travel protection program that includes equipment configured and designed for international travel is another dimension that can reduce the risk that intellectual property resides in the database of CBP or any other country that is populated by those devices. who were under a deep dive. CISOs must also ensure that their travel security program includes guidance from corporate legal and human resources and procedures during international border inspections to which employees may be subject.
In short, anticipate that your employees will have periodic secondary inspections and will be asked to open their equipment to the border/immigration inspector and prepare accordingly.
Copyright © 2022 IDG Communications, Inc.
#Data #captured #border #agencies #ontheroad #personnel #ready