[Senate Hearing 110-589] [From the U.S. Government Publishing Office] S. Hrg. 110-589 LAPTOP SEARCHES AND OTHER VIOLATIONS OF PRIVACY FACED BY AMERICANS RETURNING FROM OVERSEAS TRAVEL ======================================================================= HEARING before the SUBCOMMITTEE ON THE CONSTITUTION of the COMMITTEE ON THE JUDICIARY UNITED STATES SENATE ONE HUNDRED TENTH CONGRESS SECOND SESSION __________ JUNE 25, 2008 __________ Serial No. J-110-103 __________ Printed for the use of the Committee on the JudiciaryU.S. GOVERNMENT PRINTING OFFICE 45-091 PDF WASHINGTON DC: 2008 --------------------------------------------------------------------- For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800 DC area (202)512-1800 Fax: (202) 512-2250 Mail Stop SSOP, Washington, DC 20402-0001 COMMITTEE ON THE JUDICIARY PATRICK J. LEAHY, Vermont, Chairman EDWARD M. KENNEDY, Massachusetts ARLEN SPECTER, Pennsylvania JOSEPH R. BIDEN, Jr., Delaware ORRIN G. HATCH, Utah HERB KOHL, Wisconsin CHARLES E. GRASSLEY, Iowa DIANNE FEINSTEIN, California JON KYL, Arizona RUSSELL D. FEINGOLD, Wisconsin JEFF SESSIONS, Alabama CHARLES E. SCHUMER, New York LINDSEY O. GRAHAM, South Carolina RICHARD J. DURBIN, Illinois JOHN CORNYN, Texas BENJAMIN L. CARDIN, Maryland SAM BROWNBACK, Kansas SHELDON WHITEHOUSE, Rhode Island TOM COBURN, Oklahoma Bruce A. Cohen, Chief Counsel and Staff Director Stephanie A. Middleton, Republican Staff Director Nicholas A. Rossi, Republican Chief Counsel ------ Subcommittee on the Constitution RUSSELL D. FEINGOLD, Wisconsin, Chairman EDWARD M. KENNEDY, Massachusetts SAM BROWNBACK, Kansas DIANNE FEINSTEIN, California ARLEN SPECTER, Pennsylvania RICHARD J. DURBIN, Illinois LINDSEY O. GRAHAM, South Carolina BENJAMIN L. CARDIN, Maryland JOHN CORNYN, Texas Robert F. Schiff, Chief Counsel Lauren B. Petron, Republican Chief Counsel C O N T E N T S ---------- STATEMENTS OF COMMITTEE MEMBERS Page Brownback, Hon. Sam, a U.S. Senator from the State of Kansas..... 4 Feingold, Hon. Russell D., a U.S. Senator from the State of Wisconsin...................................................... 1 prepared statement and attachments........................... 114 Leahy, Hon. Patrick J., a U.S. Senator from the State of Vermont, prepared statement............................................. 142 WITNESSES Carafano, James Jay, Assistant Director, Kathryn and Shelby Cullom Davis Institute for International Studies, and Senior Research Fellow, Douglas and Sarah Allison Center for Foreign Policy Studies, The Heritage Foundation, Washington, D.C....... 15 Cunningham, Larry, Assistant District Attorney, Bronx County; Assistant Professor of Legal Writing, St. John's University School of Law, Queens, New York................................ 12 Gurley, Susan K., Executive Director, Association of Corporate Travel Executives, Alexandria, Virginia........................ 10 Khera, Farhana Y., President and Executive Director, Muslim Advocates, San Francisco, California........................... 13 Sales, Nathan A., Assistant Professor of Law, George Mason University School of Law, Arlington, Virginia.................. 8 Swire, Peter P., Professor, Moritz College of Law, The Ohio State University, and Senior Fellow, Center for American Progress, Washington, D.C................................................ 17 Tien, Lee, Senior Staff Attorney, Electronic Frontier Foundation, San Francisco, California...................................... 6 QUESTIONS AND ANSWERS Responses of Larry Cunningham to questions submitted by Senator Brownback...................................................... 36 Responses of Farhana Khera to questions submitted by Senator Feingold....................................................... 40 Responses of Lee Tien to questions submitted by Senator Feingold. 44 SUBMISSIONS FOR THE RECORD Ahern, Jayson P., Deputy Commissioner, Customs and Border Protection, Department of Homeland Security, Washington, D.C., statement...................................................... 52 Asian Law Caucus, Inc., Shirin Sinnar, Staff Attorney, San Francisco, California, statement and attachments............... 60 Carafano, James Jay, Assistant Director, Kathryn and Shelby Cullom Davis Institute for International Studies, and Senior Research Fellow, Douglas and Sarah Allison Center for Foreign Policy Studies, The Heritage Foundation, Washington, D.C., statement...................................................... 81 Cunningham, Larry, Assistant District Attorney, Bronx County; Assistant Professor of Legal Writing, St. John's University School of Law, Queens, New York, statement..................... 87 Gurley, Susan K., Executive Director, Association of Corporate Travel Executives, Alexandria, Virginia, statement............. 124 Khera, Farhana Y., President and Executive Director, Muslim Advocates, San Francisco, California, statement................ 131 Muslim Bar Association of New York, Asim Rehman, Esq., President, New York, New York, letter..................................... 144 Organizations urging the Committee on the Judiciary to hold hearings on Department of Homeland Security practices: May 1, 2008, joint letter.................................... 146 June 20, 2008, joint letter.................................. 149 Sales, Nathan A., Assistant Professor of Law, George Mason University School of Law, Arlington, Virginia, statement....... 153 Swire, Peter P., Professor, Moritz College of Law, The Ohio State University, and Senior Fellow, Center for American Progress, Washington, D.C., statement.................................... 162 Tien, Lee, Senior Staff Attorney, Electronic Frontier Foundation, San Francisco, California, statement........................... 174 U.S. Immigration and Customs Enforcement, Julie L. Myers, Assistant Secretary, Washington, D.C., directive............... 187 U.S. News and World Report, June 24, 2008, article............... 197 Washington Post, February 7, 2008, article....................... 199 LAPTOP SEARCHES AND OTHER VIOLATIONS OF PRIVACY FACED BY AMERICANS RETURNING FROM OVERSEAS TRAVEL ---------- WEDNESDAY, JUNE 25, 2008 U.S. Senate, Subcommittee on the Constitution, Committee on the Judiciary, Washington, D.C. The Subcommittee met, pursuant to notice, at 9:06 a.m., in room SD-226, Dirksen Senate Office Building, Hon. Russell D. Feingold, Chairman of the Subcommittee, presiding. Present: Senators Feingold, Durbin, and Brownback. OPENING STATEMENT OF HON. RUSSELL D. FEINGOLD, A U.S. SENATOR FROM THE STATE OF WISCONSIN Chairman Feingold. Welcome to this hearing of the Constitution Subcommittee entitled ``Laptop Searches and Other Violations of Privacy Faced by Americans Returning from Overseas Travel.'' We will be hearing this morning from a panel of experts who can help us explore the legal and practical implications of this important issue. Let me start by making a few opening remarks, then I will recognize the Ranking Member, Senator Brownback, for an opening statement, and then we will turn to our witnesses. If you asked most Americans whether the Government has the right to look through their luggage for contraband when they are returning from an overseas trip, they would probably tell you yes, the Government has that right. But if you asked them whether the Government has the right to open their laptops, read their documents and e-mails, look at their photographs, and examine the websites they have visited, all without any suspicion of wrongdoing, I think those same Americans would say that the Government has absolutely no right to do that. And if you asked them whether that actually happens, they would say, ``Not in the United States of America.'' But it is happening. Over the last two years, reports have surfaced that customs agents have been asking U.S. citizens to turn over their cell phones or give them the passwords to their laptops. Travelers have been given a choice between complying with the request or being kept out of their own country. They have been forced to wait for hours while customs agents reviewed and sometimes copied the contents of their electronic devices. In some cases, the laptops or cell phones were confiscated and returned weeks or even months later, with no explanation. Now, the Government has an undeniable right and responsibility to protect the security of our borders. The Supreme Court has thus held that no warrant and no suspicion is necessary to conduct ``routine searches'' at the border. But there is a limit to this so-called ``border search exception.'' The courts have unanimously held that invasive searches of the person, such as strip searches or x-rays, are ``non-routine'' and require reasonable suspicion. As the Supreme Court has stated, these searches implicate dignity and privacy interests that are not present in routine searches of objects. So the constitutional question we face today is this: When the Government looks through the contents of your laptop, is that just like looking through the contents of a suitcase, car trunk, or purse? Or does it raise dignity and privacy interests that are more akin to an invasive search of the person, such that some individualized suspicion should be required before the search is conducted? This administration has argued in court that a laptop can be searched without any suspicion because it is no different from any other ``closed container.'' I find that argument to be disingenuous, to say the least. The search of a suitcase, even one that contains a few letters or documents, is not the same as the search of a laptop containing files upon files of photographs, medical records, financial records, e-mails, letters, journals, and an electronic record of all websites visited. The invasion of privacy represented by a search of a laptop differs by an order of magnitude from that of a suitcase. Ultimately, though, the question is not how the courts decide to apply the Fourth Amendment in these uncharted waters. I guarantee you this: Neither the drafters of the Fourth Amendment nor the Supreme Court when it crafted the ``border search exception'' ever dreamed that tens of thousands of Americans would cross the border every day, carrying with them the equivalent of a full library of their most personal information. Ideally, Fourth Amendment jurisprudence would evolve to protect Americans' privacy in this once unfathomable situation. But if the courts cannot offer that protection, then that responsibility falls to Congress. Customs agents must have the ability to conduct even highly intrusive searches when there is reason to suspect criminal or terrorist activity. But suspicionless searches of Americans' laptops and similar devices go too far. Congress should not allow this gross violation of privacy. Aside from the privacy violation, there is reason for serious concern that these invasive searches are being targeted at Muslim Americans and Americans of Arab or South Asian descent. Many travelers from these backgrounds who have been subject to electronic searches have also been asked about their religious and political views. As we will hear today, travelers have been asked why they chose to convert to Islam, what they think about Jews, and their views of the candidates in the upcoming election. This questioning is deeply disturbing in its own right. It also strongly suggests that border searches are being based, at least in part, on impermissible factors. The disproportionate targeting of this group of Americans does not mean that other Americans are exempt. The Association of Corporate Travel Executives has surveyed its members, and 7 percent of business travelers who responded to the survey had experienced seizures of their laptops or other electronic equipment. That is an incredible number when you consider how many Americans are required to undertake overseas business travel today and the amount of confidential business information stored on their laptops. As we will be hearing today, the problem is large enough to have a real impact on the way Americans do business. Americans have tried to find out from the Department of Homeland Security what its specific policies are on searching and seizing electronic equipment at the border. Two nonprofit organizations filed a Freedom of Information Act request in October 2007 to get DHS to turn over its policies. Eight months later, DHS has not complied with that request. My own questions for Secretary of Homeland Security Michael Chertoff on this issue, which I submitted to him in early April after his appearance at an oversight hearing held by the full Judiciary Committee, have not been answered, despite my specific request that they be answered before this hearing. I asked DHS to send a witness to testify today. DHS responded that its preferred witness was unavailable on the day of the hearing. So I asked DHS to send a different witness, but DHS declined. I felt it was so important to have a DHS witness here that I wrote a letter to Secretary Chertoff last week urging him to reconsider, and that letter will be made part of the hearing record. The Secretary has not responded. DHS did provide written testimony. That testimony--which, incidentally, was submitted over 30 hours later than the Committee rules require--provides little meaningful detail on the agency's policies and raises more questions than it answers--questions that no one from DHS is here to address. Needless to say, I am extremely disappointed that the Department of Homeland Security would not make a witness available to answer questions today. Once again, this administration has demonstrated its perverse belief that it is entitled to keep anything and everything secret from the public it serves and their elected representatives, while Americans are not allowed to keep any secrets from their Government. That is exactly backward. In a country founded on principles of liberty and democracy, the personal information of law-abiding Americans is none of the Government's business, but the policies of the Government are very much the business of Congress and the American people. [The prepared statement of Senator Feingold appears as a submission for the record.] In any event, I look forward to hearing from the witnesses who did accept my invitation to testify today so we can begin to explore this important issue in more detail. But first let me recognize the Ranking Member, Senator Brownback, for any comments he would like to make. STATEMENT OF HON. SAM BROWNBACK, A U.S. SENATOR FROM THE STATE OF KANSAS Senator Brownback. Thank you, Mr. Chairman. Let me pass on my condolences to you and the State of Wisconsin for the flooding that had happened up there. We are going to dealing with it throughout the Midwest. We have had a lot of storms in our part of the country. We have not had quite the level of flooding that you have had, and I know that is something that is concerning all of us and concerning people-- Chairman Feingold. It is rough, yes. Senator Brownback. Yes, just amazing numbers of things we are going to need to deal with. That is aside from this hearing. I want to thank the panelists for all being here, and I want to thank you for holding this hearing. I find it a very interesting topic and one I think that is certainly worthy of this Subcommittee to be exploring and to be looking at. I believe it is always informative and challenging to explore the intersection between the needs to safeguard our country against terrorists and criminal threats and the desire and need to protect our citizens' privacy interests. It seems like to me that has been one of the big challenges that we have had to confront as we have served in the U.S. Senate, and we have certainly seen a great amount since 2001 and the September 11th attacks that we have had. These questions only seem to become more and more complicated as technology advances, as travel and communications reflect an ever more globalized society, and as the dangers we face shift from easily identifiable, nation- specific threats to threats from more diffuse terrorist groups and affiliations. These just get to be more and more complicated and difficult, and they need a lot of expertise. That is why I am appreciative of the panel being here and providing your thoughts and your advice. New technology in some cases, unfortunately, brings with it new ways to misuse technology. The sad fact is that while the vast majority of Americans and visitors to our country use laptop computers and other digital devices for purely legitimate reasons and purposes--business, academic research, personal household management and the like--others use technology for more nefarious purposes. All the cases to address laptop searches at the border, for example, have involved individuals who are transporting child pornography on their computers. We also know that terrorists take advantage of this kind of technology. Mr. Moussaoui, for example, kept information on his laptop computer that, if discovered, might have prevented the September 11th terrorist attacks. That is a sobering thought. As we examine the question of when and how Government officials may search laptop computers at the border, we face two sets of questions--the first are legal, the second seem to be practical. As a legal matter, it seems clear to me that Government officials do have the right under the Constitution to search laptop computers and similar devices without probable cause or reasonable suspicion at the border. I think you address that as such. The Fourth Amendment prohibits unreasonable searches and seizures. However, the Supreme Court has long held that border searches are inherently reasonable and, therefore, do not violate the Fourth Amendment. In the United States v. Ramsey, the Court examined that 2 months before Congress proposed the Bill of Rights, including the Fourth Amendment, it had enacted a customs statute that gave officials ``full power and authority to enter the search'' and search ``any ship or vessel in which they shall have reason to suspect any goods, wares, or merchandise subject to duty shall be concealed.'' The close timing of the customs statute and the Bill of Rights makes it abundantly clear that Congress did not think that border searches and seizures were unreasonable, nor did it intend to require a warrant or probable cause for such searches. The reason for the border search exception seems obvious. Within constitutional limits, a sovereign nation must have the ability to control who and what enters the country. In certain cases, of course, the search will be so intrusive that it must be justified and justifiable by reasonable suspicion. The Supreme Court and the Federal appellate courts have recognized that strip searches, body cavity searches, prolonged detentions, and certain x-ray examinations, so-called non- routine searches are so invasive and embarrassing that they must be based on reasonable suspicions. And I think those are right and those are appropriate to have those limitations on those non-routine searches. Only in cases where they are actually destructive, though, or conducted in a particularly offensive manner do property searches require reasonable suspicion. Otherwise, they are deemed routine searches and are considered reasonable by nature of the very fact that they occur at the border. The reason that I went through some of the legal analysis very quickly on this--and this does not do any of it just--is it seems here we are having the discussion, OK, what is reasonable and routine, and what is not reasonable and non- routine. And that goes to the question that we are involved in here today. I hope, Mr. Chairman--and I have a fuller statement to put into the record, but rather than going through that, I would like to get to the panel. I hope we can go through this on a very basis of protecting an individual's right, but also looking at trying to protect the country and getting information that we need to have to be able to protect the country or to get at criminal elements trying to bring material into the country that would be deemed inappropriate, and that we can have a good discussion of what that intersection is in this technology age, in this age of ever increasing globalization, that we can look at this in both a constitutional way and in a way that we can protect the citizenry of the United States. So I appreciate very much your holding the hearing. I look forward to the witnesses' comments and testimony as we explore this topic. Chairman Feingold. Thank you, Senator Brownback. I think you have certainly correctly characterized the way we should look at this issue, and I believe your comments were very consistent with my opening remarks as well. We are trying to make sure we get this right. We will now turn to our panel of witnesses. Will the witnesses please stand to be sworn in? Will you all please raise your right hand to be sworn? Do you swear or affirm that the testimony you are about to give before the Committee will be the truth, the whole truth, and nothing but the truth, so help you God? Mr. Tien. I do. Mr. Sales. I do. Ms. Gurley. I do. Mr. Cunningham. I do. Mr. Khera. I do. Mr. Carafano. I do. Mr. Swire. I do. Chairman Feingold. Thank you. You may be seated. I want to welcome you and thank you for being here with us this morning. I will ask that each of you limit your remarks to 5 minutes, as we have a full panel today. Your full written statements will, of course, be included in the record. We will begin today with Mr. Lee Tien. Mr. Tien is a senior staff attorney at the Electronic Frontier Foundation, a nonprofit organization that works to protect civil liberties and consumer rights in the digital age. Along with the Asian Law Caucus, EFF filed a Freedom of Information Act lawsuit seeking disclosure of DHS policies on border searches and searches of electronic devices. Mr. Tien specializes in free speech and privacy litigation and has written several law review articles on free speech and privacy issues. Mr. Tien, we are pleased to have you here today, and I appreciate your traveling here from San Francisco to give us your testimony. You may proceed. STATEMENT OF LEE TIEN, SENIOR STAFF ATTORNEY, ELECTRONIC FRONTIER FOUNDATION, SAN FRANCISCO, CALIFORNIA Mr. Tien. Thank you very much. Mr. Chairman, Ranking Member Brownback, the Electronic Frontier Foundation is pleased to discuss an issue of growing importance to Americans' privacy. The problem is simple. The Government claims that it can search any laptop, cell phone, or BlackBerry at the border. It does not matter whether you are a Senator on a fact-finding trip or a tourist on vacation. Your data is fair game. It is clear that most people regard this as a serious privacy invasion. People keep their lives on these devices: diaries, personal mail, financial records, family photos. Even Secretary Chertoff told this full Committee back in April, and I quote, ``There are absolutely privacy concerns.'' It is also a free speech problem. Journalists' laptops and cell phones contain drafts of works in progress and records of their sources. The Government should not be able to read this information without a good reason. And it is a business problem. It is no surprise that a major law firm like Arnold & Porter recently warned its clients about the risks of laptop border searches. Now, EFF does not dispute that the Fourth Amendment works differently at the border, but differently does not mean not at all. Under the Fourth Amendment, any search must be reasonable. And while a routine border search is reasonable by definition, not all border searches are routine. There is no bright-line rule here, but the Supreme Court has said that non-routine searches are largely defined by their invasion of a person's dignity and privacy interests. As you have already pointed out, most courts agree that strip searches, x-ray examinations, and body cavity inspections are non-routine. Our point is that data searches also invade dignity and privacy. Invasiveness is not just physical. Wiretapping invades privacy without any kind of physical intrusion. And because our devices store our thoughts and communications, these searches implicate the First Amendment as well. Fourth Amendment requirements apply with scrupulous exactitude where speech is at issue. In short, searching a laptop, iPhone, or BlackBerry invades dignity and privacy interests and threatens freedom of speech and should require reasonable suspicion, not no suspicion. I have two more quick points before moving on to a few recommendations. First, the word ``search'' in this context is slippery. Border agents do not just look at laptops. They copy data and even seize devices. We feel that copying data is a seizure of that data. If the Government has a copy, you have lost your property right to control it. That is especially invasive. Now, Secretary Chertoff said in April that, as a matter of practice, DHS searches the contents of laptops or cell phones only when there is a reasonable suspicion, and that he believed DHS uses a probable cause standard before seizing a device or retaining copies of its contents. Well, if that is the real policy, there is no reason why these standards cannot be codified in the law. Second, if border agents can legally search any device at the border, then they can search every device at the border. ``Any'' really means ``every.'' Without a standard, resources are the only limit on this power, and technology is removing that limit. In February, Microsoft announced the COFEE, which stands for Computer Online Forensic Evidence Extractor. It is a USB thumb drive that contains 150 commands that can dramatically cut the time it takes to gather digital evidence. In May, the CSI Stick, which stands for Cell Seizure Investigator Stick, was announced. It can capture all data on most models of cell phones or just grab the text messages, phone books and call logs, or multimedia messages. Now, CBP may already be using such devices. My point is not that they should never do so; rather, it is that agents have great practical power to search and seize personal information. And with great power comes great responsibility. After all, the Fourth Amendment is intended to prevent arbitrary and oppressive interference by enforcement officials with the privacy and personal security of individuals. Ideally, the courts would modernize border search law. But so can Congress. As Senator Leahy once noted, the law must advance with the technology to ensure the continued vitality of the Fourth Amendment. The same is true here. Congress can protect the privacy of devices that typically contain e-mail and other stored communications and records. Congress can clarify that seizing data and devices requires probable cause. And, finally, Congress can make DHS accountable by requiring border agents to report their search and seizure activities and informing people of their rights about any seized data or devices. Thank you for allowing me to testify. [The prepared statement of Mr. Tien appears as a submission for the record.] Chairman Feingold. Thanks so much, Mr. Tien. We will now turn to Professor Nathan Sales. Professor Sales is an Assistant Professor at the George Mason University School of Law, where he teaches national security law and administrative law. Prior to joining the faculty of George Mason, Professor Sales served as Deputy Assistant Secretary for Policy Development at the Department of Homeland Security, and he previously served as Senior Counsel in the Department of Justice Office of Legal Policy. Professor Sales, thank you for being here today, and you may proceed with your testimony. STATEMENT OF NATHAN A. SALES, ASSISTANT PROFESSOR OF LAW, GEORGE MASON UNIVERSITY SCHOOL OF LAW, ARLINGTON, VIRGINIA Mr. Sales. Thank you, Mr. Chairman, and thank you, Mr. Brownback, both of you, for holding this hearing on an important issue. Before we talk about the law of laptop searches, I would like to spend a few minutes talking about the policy. Why does CBP occasionally search travelers' computers at the border? Well, the answer is because it is an effective way of detecting child pornography and terrorism. Here is the key statistic. There have been 11 Federal decisions testing the ability of CBP to search laptop computers at the border. Every single one of those cases has involved child pornography. Let me tell you about a man named Stefan Irving. Irving used to be the pediatrician for a school district in New York, but he lost his license and was sent to jail after a 1983 conviction for attempted sexual abuse of a 7-year-old boy. In 1998, after serving his time, he flew back to the United States from vacation in Mexico. Customs officers searched his luggage and found children's books. They also found children's drawings. They also discovered two computer disks. When they looked at the disks, they discovered numerous images of child pornography. It turns out that Irving was in Mexico to visit-- and these are the court's words--``a guest house that served as a place where men from the United States could have sexual relations with Mexican boys''; Irving ``preferred prepubescent boys, under the age of 11.'' Irving is now serving a 21-year sentence. Part of the reason he is behind bars and no longer preying on innocent children is because of a laptop search. Laptop searches are not just about child exploitation. They are also about terrorism. We have already heard that Zacarias Moussaoui kept a wealth of data on his laptop, including information about crop-dusting aircraft and wind patterns. In 2006, more recently, a laptop search at Minneapolis-St. Paul helped CBP detect a high-risk traveler. Officers inspected this man's laptop and found video clips of roadside bombs being used to kill soldiers and destroy vehicles. They also found a video on martyrdom. So what does the Constitution have to say about laptop searches at the border? Not much, actually. The Fourth Amendment applies differently at the border than it does inside the country. Here is how the Supreme Court puts it: Routine border searches ``are not subject to any requirement of reasonable suspicion, probable cause, or warrant.'' Let me give you some more statistics. There have been 11 Federal decisions in this area. Seven of the 11 hold that CBP can search laptops with no particularized suspicion whatsoever. Three courts punted. In those cases, the officers had reasonable suspicion to search the laptops, so it was unnecessary to consider the legal issue. Other than a single California district court that was reversed on appeal, no court has held that CBP needs reasonable suspicion. No court has held that probable cause is required. And no court has held that Customs has to get a warrant. My sense is the Supreme Court is unlikely to disturb this lower court consensus for a simple reason: technological neutrality. The privacy protections we enjoy should not depend on whether we store our information on paper or in the digital world. Officers can search mail, they can search address books, they can search photo albums at the border with no suspicion at all. Why should the rule change when we keep our correspondence, contacts, or pictures on a laptop? The mere fact of computerization should not make a difference to the scope of our privacy rights. Now, while the Fourth Amendment does not have much to say about laptop searches, it is not the end of the conversation. Policymakers should consider adopting a few safeguards above the constitutional floor. For starters, CBP might usefully shed some light on the standards it uses for picking people for laptop searches. Are they selected randomly? Because of travel history? Because of tips from other Government agencies? What about observations regarding passenger demeanor? More transparency here would help assure people whose laptops are searched that they were picked for legitimate law enforcement reasons and not because of impermissible characteristics such as race or religion. Also, CBP might adopt standards on what it does with data copied from laptops. If a search does not uncover anything illegal, CBP would be hard pressed to justify keeping files from a passenger's computer. For data that it does keep, CBP should strictly enforce policies that punish employees who access it or disclose it without authorization. Also, CBP should take special care to see that any sensitive business information, such as trade secrets or attorney-client privileged materials, are handled with all appropriate discretion. Mr. Chairman, thank you again for the opportunity to testify. I would be happy to answer any questions. [The prepared statement of Mr. Sales appears as a submission for the record.] Chairman Feingold. Thank you, Professor Sales. Now we will turn to Susan Gurley. Ms. Gurley is the Executive Director of the Association of Corporate Travel Executives, a nonprofit education and advocacy organization supporting the global corporate travel industry. Ms. Gurley has been instrumental in the ACTE's development of data privacy, travel security, and corporate social responsibility initiatives. Under Ms. Gurley's leadership, the ACTE has taken an active role in voicing concerns about suspicionless searches and seizures of electronic devices at the border. Ms. Gurley, thank you for being here, and the floor is yours. STATEMENT OF SUSAN K. GURLEY, EXECUTIVE DIRECTOR, ASSOCIATION OF CORPORATE TRAVEL EXECUTIVES, ALEXANDRIA, VIRGINIA Ms. Gurley. Thank you. Chairman Feingold and Senator Brownback and distinguished members of this Committee, I appreciate this opportunity to present the views of the Association of Corporate Travel Executives, known as ACTE. The seizure of electronic devices from travelers is real, and it is not mere speculation. ACTE represents the safety, security, and financial interests of business travelers, and we represent more than 2,500 members from 82 countries, including the United States. ACTE's members represent over $300 billion in annual business travel expenditures and are among the companies listed in the Fortune 1000. ACTE's member companies are responsible for over 1 million business travelers and have hundreds of thousands of business travelers on the road at any given time. They routinely cross U.S. borders. All of these U.S. and international business travelers who cross U.S. borders have two things in common: All carry electronic devices, and all are currently subject to the claimed authority of DHS officials to inspect and seize these electronic devices without suspicion or warrant. Thus, ACTE is requesting improved and transparent communications from DHS regarding the policies and safety measures it has in place to protect downloaded data. We specifically ask that the following actions be taken: We hope that this Committee requests a Privacy Impact assessment from DHS on the number of seizures of laptops or other electronic devices. The assessment should also ask for the minimum, average, and maximum amount of time that it takes to return the electronic devices to the owner and the reasons for the seizure. We request that the policies regarding electronic device seizure and data retention policies be published by DHS in the Federal Register and on the agency's home page. These published policies should included at a minimum the following: policies for protecting the integrity of the data; policies for the length of time seized data will be stored and where and how it will be stored; policies for whether the downloaded information will be shared and, if so, with what other U.S. Government and international agencies and under what circumstances; information as to what rights the traveler has to ensure that their electronic device is returned. I am here to advise you that the seizure, copying, and retention of sensitive business information imposes both a personal and economic hardship on business travelers and their corporations. In today's wired and networked and borderless world, one's office no longer sits within four walls or a cubicle. Rather, one's office consists of a collection of mobile electronic devices. It is common for business travelers to carry their electronic devices that contain business, financial, and personal information. These devices constitute the office of today. Under the U.S. Constitution, a warrant is needed to search a physical space such as an office. Yet the unanticipated seizure of one's mobile office has been allowed to occur and can immediately deprive an executive or a company of the very data and, most importantly, revenue a business trip was intended to create. As a businessperson returning to the U.S., you may find yourself effectively locked out of your mobile office indefinitely, and thereby deprived of the resources required to sustain your livelihood. In the case of an independent entrepreneur, a laptop seizure can represent the loss of his or her entire business. It can be argued that the percentage of seized computers and data is small in comparison to the total number of travelers crossing the border. But we simply do not know. Due to DHS' lack of transparency, the actual number of seizures, the extent of data downloading, and potential data breach are not known. Here is what we do know: ACTE surveyed its members in February 2008 on this issue. Seven percent reported that they had been subject to the seizure of a laptop or other electronic device. The survey also revealed that 81 percent of survey respondents were unaware that the informational electronic devices could be copied and held indefinitely. Even though the total number of business travelers subject to these searches and seizures can only be estimated, what is certain is the severe economic and behavioral impact that can follow when a laptop is seized. Fifty percent of the respondents to ACTE's 2008 survey indicated that having a laptop seizure could damage a traveler's professional standing within a company. The seizure of data or computers carrying business proprietary information has and will force companies to implement new and expensive internal travel policies. In fact, this is already happening. Costly and time- consuming travel measures that companies are mandating include having their business travelers send data to themselves via web-accessible e-mail, encrypting files, or using secure USB drives. In addition, companies are purchasing additional computers that are scrubbed of any prior e-mails so that they can be used by business travelers on their trips. All of these measures and business behavior changes cost time and money. In today's economy, American businesses do not need additional and unnecessary financial burdens placed upon them. Thank you very much. [The prepared statement of Ms. Gurley appears as a submission for the record.] Chairman Feingold. Thank you, Ms. Gurley. I will now turn to Mr. Larry Cunningham. Mr. Cunningham is an Assistant District Attorney in Bronx County in New York City and in short order will be starting work as an Assistant Professor of Legal Writing at St. John's University School of Law. He has also taught law courses at Brooklyn Law School, Texas Wesleyan University School of Law, Stetson University College of Law, and Texas Tech University School of Law. Mr. Cunningham, welcome to you as well, and you may proceed. STATEMENT OF LARRY CUNNINGHAM, ASSISTANT DISTRICT ATTORNEY, BRONX COUNTY; ASSISTANT PROFESSOR OF LEGAL WRITING, ST. JOHN'S UNIVERSITY SCHOOL OF LAW, QUEENS, NEW YORK Mr. Cunningham. Thank you, Mr. Chairman, and I would also like to extend my appreciation to you for holding this hearing on this very important topic. I taught the law of search and seizure as both a full-time and adjunct professor. I have also conducted research and written in the area of border searches, and this is what I found. Historically, the Government has had broad authority to conduct searches at the international border without suspicion and without the need to obtain warrants. Case law speaks of the sovereign having an inherent right to protect the country from the importation of illegal or dangerous items. The Supreme Court has also recognized that persons who cross the border have a low expectation of privacy, in part because even if the United States adopted a relaxed border search policy, travelers would still be subjected to search by the countries that they would be traveling to or from. The Supreme Court has required reasonable suspicion only when an invasive search of the human body is contemplated. The rationale for this higher standard is concern for the dignity of the person, not just privacy. I have uncovered no appellate court decision that has extended this same protection to laptop computers. Without doubt, anyone whose property has been searched, whether it is a laptop or a briefcase, will feel that his or her privacy has been violated. However, the Constitution recognizes that some governmental invasions of privacy are permissible. After all, the Fourth Amendment does not prohibit searches, only unreasonable ones. There is also no doubt that many people do keep very personal information on their laptop computers, but the same can be said for travelers who keep their checkbooks, medications, photographs, political literature, love letters, or personal diaries in their briefcases or luggage. No one likes the idea of the Government seeing these things, yet absent a drastic change in the law, each of these tangible, non-electronic items can be seen and examined by customs without reasonable suspicion. So the question boils down to this: Is there something different about laptop computers that warrants disparate treatment from briefcases, suit pockets, and purses? Some would argue that there is, because laptops are readily capable of storing large amounts of information and that in some cases even deleted items can be un-deleted and read. However, the Fourth Circuit in United States v. Ickes pointed out that in- depth searches are likely to be few and far between because of the lack of resources and time. In fact, the case law on this subject demonstrates that the typical laptop search is quite cursory, with travelers simply being asked to quickly open and power on their computers for a quick visual inspection. Full- scale searches and the un-deleting of files are reserved for situations in which the initial observation has aroused an agent's reasonable suspicion. There are significant societal interests at stake here. Each of the cases I have found, as Professor Sales mentioned, have involved defendants attempting to bring child pornography into the country. Congress itself has recognized the importance of catching and punishing this criminal behavior by providing steep penalties for the importation, distribution, and possession of child pornography. Moreover, as the Fourth Circuit recognized in Ickes, without a robust, random border search policy, terrorist or other international criminals could use laptops as a means to smuggle messages and plans into the country for distribution to cells and allies. Such a means of communication might prove more attractive than traditional phone or Internet communications because of the possibility of surveillance. It would seem prudent, however, for the administration to require these searches to be conducted by trained personnel, under supervision, and away from public view, and to disclose records of searches which they acknowledge in a Supreme Court case that they keep to not only the DHS Inspector General but also to this body in closed session to ensure that searches are not being conducted in a racially discriminatory manner or for other improper reasons. Finally, nothing in the Constitution, at least in my view, would permit the Government to seize a laptop or copy or otherwise retain its contents without some suspicion that it contained evidence of a crime. Such a seizure would be a violation, in my view, not just of the right to privacy but also of the owner's property interest in the computer. Mr. Chairman, I would be glad to answer any questions that you have. [The prepared statement of Mr. Cunningham appears as a submission for the record.] Chairman Feingold. Thank you, Mr. Cunningham. We will now turn to Farhana Khera. Ms. Khera is the President and Executive Director of Muslim Advocates in San Francisco, California. Muslim Advocates is a national legal advocacy and educational organization dedicated to promoting freedom, justice, and equality for all, regardless of faith, and serving as a legal resource to promote the full and meaningful participation of Muslims in American civil life. Prior to her work with Muslim Advocates, I was lucky enough to have Ms. Khera on my Constitution Subcommittee staff here in the Senate. Ms. Khera and I worked together for 6 years, and I am indebted to her for her work and advocacy on issues ranging from the PATRIOT Act to racial profiling to women's rights. The record should reflect that she is a wonderful person and was a wonderful staff member. I am pleased to have her back in the Senate, if only for the morning. Ms. Khera, you may proceed. STATEMENT OF FARHANA Y. KHERA, PRESIDENT AND EXECUTIVE DIRECTOR, MUSLIM ADVOCATES, SAN FRANCISCO, CALIFORNIA Ms. Khera. Thank you very much, Mr. Chairman, especially for those very kind, kind words. I do not think I would have imagined myself being on this side of the dais during those 6 years. Mr. Chairman, Senator Brownback, good morning. On behalf of Muslim Advocates, I am pleased to share with you the experiences of Muslim, Arab, and South Asian Americans returning home from international travel. The Department of Homeland Security and Customs and Border Patrol have an important duty to protect our borders. The American people, including Muslim Americans, rightfully expect these agencies to protect us from those who would seek to enter to do us harm. But at the same time, we expect our Nation's border policy to be sound. It should be rational, fair, and effective. Complaints from Americans traveling overseas received by Muslim Advocates and other civil rights groups, however, suggest otherwise. These Americans report that at airports and border crossings, after they have verified their identity and described the purpose of their travel, they have been subjected to more intensive scrutiny, all without any reasonable suspicion that they are engaging in criminal activity. These experiences involve not only searches and seizures of laptops, cell phones, and digital cameras, but perhaps even more troubling, questions about First Amendment-protected matters. Mr. Chairman, my written testimony sets forth a number of these complaints, but this morning I would like to share with you two of them. The first is that of an executive vice president of a major high-tech firm in the greater Seattle area. He is a husband, father of three, and a business leader who has helped drive innovation in our country. He has also been a community leader, having established a mosque and spearheaded interfaith activities with Christian and Jewish communities. He has testified before Congress on IT issues, was recognized by the Interfaith Alliance, and is proud to call America home. He travels frequently due to the demands of working for a global company. Since early 2007, on at least eight occasions, he has been subjected to invasive and intensive questioning, searches, and seizures upon his return home from travel to various countries, including Japan, Canada, Turkey, the U.K., and Europe. CBP agents have interrogated him about the names, birth dates, and addresses of family members living abroad and in the U.S., which mosque he attends, and his activities on behalf of a lawful Muslim charitable organization he helped establish near his home. CBP agents have also searched his cell phone, made copies of various documents on several occasions, and extensively searched his belongings, as well as those of family members traveling with him. Mr. Chairman, the second story is that of a young corporate lawyer, a graduate of Georgetown University Law Center and currently practicing with a prominent law firm on the west coast. She in many ways embodies the American dream. The child of immigrants from Pakistan, she grew up in the northern central valley of California. She worked hard, went to top schools, and has established herself with a stable career, making her family proud. This spring, she took a trip to Pakistan to visit her relatives. On her return, which was a 20- plus-hour trip via East Asia to San Francisco, she was exhausted from the long travel and frustrated after learning that the airline had lost one of her bags. After she presented her passport and verified her identity, she, nevertheless, was pulled aside and her remaining bags were searched. The CBP agent took her digital camera, viewed its images, and asked her to identify the people photographed. Her camera included photos of her mother during her travel overseas, as well as photos taken of her family and friends while she was in the U.S. The CBP agent also saw a book in her bag on one of the Presidential candidates and then proceeded to ask her her views of the candidates in this year's race. We have reason to believe that these stories are not isolated but, rather, suggest a troubling pattern of targeting Americans who are Muslim or of Arab or South Asian descent. If so, it would be wrong and a violation of the equal protection guarantees of our Constitution. These experiences also suggest that CBP's power at the border is overly broad and its practice and policies ineffective. I think we can all agree that neither the corporate vice president nor the young lawyer pose a threat to our security nor engaged in wrongdoing. So why were these Americans stopped? How is CBP power being used? These and other questions must be answered. DHS and CBP have a critical responsibility to protect our Nation's borders. At the same time, these agencies, which have been granted enormous power by the American people, have an obligation to wield that power consistent with the rights and protections guaranteed by the Constitution to all Americans, regardless of faith, ethnicity, or race. And Congress must ensure that they do so. I refer the Subcommittee to my written testimony for specific recommendations for steps Congress can take. Mr. Chairman, thank you for the opportunity to present the views of Muslim Advocates and for holding this hearing. I look forward to your questions. [The prepared statement of Ms. Khera appears as a submission for the record.] Chairman Feingold. Thanks so much, Ms. Khera. Next up is James Carafano. Mr. Carafano is the Assistant Director of the Kathryn and Shelby Cullom Davis Institute for International Studies, and Senior Research Fellow at the Douglas and Sarah Allison Center for Foreign Policy Studies, both at the Heritage Foundation. He is an expert in defense affairs, military operations and strategy, and homeland security. Mr. Carafano is a graduate of West Point, and he also holds a master's degree and doctorate from Georgetown University and a master's degree in strategy from the U.S. Army War College. Mr. Carafano, thank you for being here today to share your testimony. You may proceed. STATEMENT OF JAMES JAY CARAFANO, ASSISTANT DIRECTOR, KATHRYN AND SHELBY CULLOM DAVIS INSTITUTE FOR INTERNATIONAL STUDIES, AND SENIOR RESEARCH FELLOW, DOUGLAS AND SARAH ALLISON CENTER FOR FOREIGN POLICY STUDIES, THE HERITAGE FOUNDATION, WASHINGTON, D.C. Mr. Carafano. Thank you, Mr. Chairman. I want to offer five principles for congressional action. These are based on my years of research and experience looking at border security issues. Just an observation as a preamble. The mission of Homeland Security and, indeed, the mission of Government is to enable Americans to live their lives in freedom, safety, and prosperity and to implement policies that serve all three of those goals equally well. That is nowhere more important than the issues of border security. One of my great frustrations is that we myopically often talk about border security and just focus on the border when, in reality, the way you make a border secure is addressing any criminal or malicious or terrorist activities. It is really thinking about the spectrum of terrorist travel or malicious activity from its origin to its point of destination in the United States, and not myopically focused just at the border. However, border security is important, and nowhere is it more important than at our ports of entry and exit. We have enormous data on known terrorist travel, including the 9/11 Commission report. Overwhelmingly what we know is known terrorists travel mostly through established points of entry and exit. And we know that a wide variety of criminal and malicious activity also enter and exit our legal points of entry and exit. So getting it right at the ports of entry and exit is nowhere more important. I think there are number of vital issues here for the Congress to address. Actually, the legal issues would not be highest on my list. Much more important, I think, are infrastructure issues and creating a border infrastructure that we need both to do inspections expeditiously and effectively and to reduce transaction times in our border which are increasing and are increasing the cost of doing business in the United States. Border searches are a vital part of the port of entry and exit. I do not think that is questions. We all know the most famous case of all, which was the millennium bomber, where a border officer asking some very, very innocent questions-- including ``Where are you going? '' and ``Where are you staying? ''--was able to identify a high-risk traveler, and an inspection later showed that he was carrying explosives and was planning to blow up a target in Los Angeles. So getting it right is incredibly important. For me, the efficacy of border searches will lie less in the issues of narrow legal opinions and much more on the issues of focusing on the critical technology and human capital programs that the Department has to implement so it can do these border searches in an effective and reasonable and secure manner. So I would offer five guidelines for the Congress as it thinks through where it is headed on this. First and most importantly, from a security standpoint, it would be a grave mistake and an error to create any technology as a sanctuary, where someone had a sanctuary in terms of bringing materials into the United States, and anything that impeded the ability to conduct reasonable and routine searches of any technology or emerging technology would be an enormous mistake. Second, the border agents need to retain broad authority in how they implement their powers. They have limited time and limited information to make their inspections. Obviously, human capital programs and added technology will improve their efficiency. But at the end of the day, we do rely on the men and women standing at the border to get it right, and we have to give them the broad authority that they need to do their job. And, third--and this I think is important; I do not think anybody on the panel has mentioned it--we need to really make sure that we do not force the Department to disclose a level of information that would allow malicious actors, whether they are criminals or terrorists, to identify specific patterns of inspection and behavior that would allow them to figure out how to bypass security inspections at the border. So we do, from an operational security standpoint, have to be careful about how much information we publicly disclose, although I think the issue of transparency is vitally important. We should disclose as much as possible, and certainly Congress should be informed on these critical issues. Fourth, any process of inspecting at the border has to be risk-based. Any inspections that are merely based on whim or any kind of racial profiling are wrong not just from a legal standpoint, but they are even more wrong from an efficiency standpoint. You have scarce time and scarce resources at the border. Wasting them on people who are not high-risk travelers is simply unconscionable behavior. And all inspections, all reasonable searches, should be based on risk-based assessments. My last point is that there should be, obviously, a requirement that as DHS deals with any kind of data they inspect at the border, that they deal with it in a responsible and professional manner. Thank you, Mr. Chairman. [The prepared statement of Mr. Carafano appears as a submission for the record.] Chairman Feingold. Thank you, Mr. Carafano. And, finally, we turn to Professor Peter Swire. Professor Swire is a professor at the Moritz College of Law at the Ohio State University and a Senior Fellow at the Center for American Progress Action Fund. He is an expert in the fields of privacy law and computer security. From 1999 to 2001, he served as Chief Counsel for Privacy in the U.S. Office of Management and Budget. In that role, he was responsible for coordinating administration policy on public and private sector uses of personal information. Professor Swire, thank you for coming, and you may proceed. STATEMENT OF PETER P. SWIRE, PROFESSOR, MORITZ COLLEGE OF LAW, THE OHIO STATE UNIVERSITY, AND SENIOR FELLOW, CENTER FOR AMERICAN PROGRESS, WASHINGTON, D.C. Mr. Swire. Thank you, Mr. Chairman. There is no dispute today that with the right factual basis, the Government can search laptops. The focus of the hearing is when they do not have that kind of suspicion and basis, what should the policy and the law be, and that is what we will focus on. I agree with many of the concerns already expressed today by you, Mr. Chairman, and by other witnesses. The focus of my testimony is on comparisons to the encryption policy battles we had in the 1990s and that I worked on when I was in the White House. At that point, we treated things very differently in encryption when across the border, and we tried to use the border for a while as Government policy as an excuse to search computing in very intrusive ways. That policy was eventually rolled back, and I am going to list eight comparisons today between the encryption battles then and laptop border searches today. The first one is that traditional legal arguments apply badly to new facts about computing. In the encryption policy area, there is a legal tradition that wiretap orders were going to be effective, and so the Government wanted wiretap orders to be effective even when there was encryption, so we needed to get all the encryption keys. Today, the Government in the laptop area is saying it is the same old border searches we have always seen for 200 years; there is nothing to see here and move on. But I think there is something to see here, and that is why we have the hearing today. A laptop contains all of the books printed in human history up until sometime into the late 20th century, and the idea that we are just going to trust the Government with this amazing ability to copy all this data I think is a concern and something different. The second comparison is that the Government forces disclosure of encryption keys. For people who do not spend their time focusing on encryption, which is most normal people, I will give a quote from the founder of EFF, who said, ``You can have my encryption algorithm, I thought to myself, when you pry my cold dead fingers from its private key.'' Getting people's encryption keys at the border is a big deal. It led to a big fuss once before. Number three is that these kinds of searches are a severe violation of computer security best practices. My testimony explains this in some detail, but the basic rule in computer security is do not let strangers into your computer. You can get infected. You can have malware put on it. You can never entrust that platform again. It violates best industry practice. It violates all the training we are doing in our security infrastructure if we have routine searches of business computers. It should not happen. Fourth, the U.S. policy can create bad precedents that totalitarian and other regimes can follow. I invite you here to think about if China or other countries going forward make their customs something like this: step one, go through customs; step two, make a copy of your hard drive; step three, we will see you next time. And if that applies to Senators and their staffs when they go on foreign missions, you are not going to want to have that as policy. If the U.S. does border searches all the time and it becomes increasingly easy with technology to make these copies, then we have gotten on the wrong side of the issue. It is hard for us to complain when other countries intrude into our privacy. The fifth comparison is severe harm to personal privacy, free speech, and business secrets. Other witnesses and my written testimony talk about these invasions of privacy, the problems for free speech and the rest. A sixth comparison with the encryption battles of the 1990s is the disadvantages to the U.S. economy. That was a major strike against the encryption policy because we were helping foreign competitors. When it comes to foreign conferences that will not want to come to the United States, when it comes to the idea of whether the U.S. is open for tourists and for business to visit without feeling deeply intruded, I think we have to think about the effect on the U.S. economy of intrusive searches at the border. A seventh comparison to the encryption battles is the political coalition that developed of civil liberties groups and business. We see that today. It is a similar line-up to what we had 10 years ago where we have EFF, we have the Muslim Advocates, we have business groups complaining here. And for someone such as I who spent a lot of time with the tech community, I think this issue may be a much hotter thing than people have realized. It may mobilize the reserve army of outraged techies. And if that happens, we are going to see a lot of yelling and screaming and a lot of concerns from corporate and other security experts. This is, again, I think a big deal. The eighth and final comparison I would make between encryption in the 1990s is the technical futility of current U.S. policy. In crypto, we eventually saw that there were work- arounds to the U.S. policy. Those work-arounds already exist and are easily found on the Internet today. I cite in my testimony articles on the Internet that tell you how to keep your data secret from customs when you go through the border. Any moderately smart terrorist can find these articles if they just read the hearing transcript for today, for instance, and they will be able to get through the border. And also if they are willing to lie, they can get standard software today where they can double encrypt their laptops so the customs people cannot find it. So for these eight comparisons, we see that it is bad policy and ultimately futile to have this. It invades computer security and privacy and free speech and business secrets and sends the wrong signal to the rest of the world, and I think we should change the policy. Thank you, Mr. Chairman. [The prepared statement of Mr. Swire appears as a submission for the record.] Chairman Feingold. Thank you so much, Professor, and thanks to all of you for your excellent testimony. I will start a round of questioning. Senator Brownback had to go to something else, but he is going to try to come back to ask questions as well. So I am going to start going through my questions, but obviously, if and when he comes back, we will turn to him and any other Senator who wants to ask questions. Before we go to the questions, though, there have been some very informative news reports on this subject recently, including a February 7, 2008, article in the Washington Post and an article posted yesterday on the U.S. News & World Report website. Without objection, these will be made part of the record. Also, Senator Leahy, the Chairman of the full Committee, has a statement he would like to put in the record, so without objection, I will do that as well. I will start the first 7-minute round. Professor Swire, some of the witnesses here have testified that we must allow suspicionless searches of U.S. citizens' laptops at the border because laptops can contain evidence of serious crime or even terrorism. Obviously, I do not dispute that laptops can contain such information. But, of course, that very same evidence can exist on laptops located inside U.S. citizens' homes. And yet even if there were no constitutional barrier whatsoever to police officers walking into your house to conduct suspicionless laptop searches, I think we would all agree that such searches should not be permitted. As a policy matter, do you believe the liberty, privacy, and economic interests at stake in these border searches outweigh any security benefit to be gained by conducting them? Mr. Swire. Yes, I do, Senator. Thank you. I think when people cross the border these days using the Internet, they can use strong encryption. We have that written into law now. When people are at home, they can use strong protections against these kinds of invasion. The idea that you are at the border and you have to reveal your passwords and encryption keys is something that is quite remarkable. It is very intrusive. It is bad for privacy and security. And we do not--a couple of the witnesses in their written testimony talked about the principle of technology neutrality, that we should not treat laptops different from other things. Technology neutrality is we can cross the border today using strong encryption, using the Internet. And I think technology neutrality says that same computing should cross the border in laptops. So we as a matter of policy should have much stricter limits than we do currently in this area. Chairman Feingold. Ms. Gurley, one argument in support of allowing suspicionless laptop searches is that customs agents have always been free to search the contents of briefcases, which also carry confidential business information such as trade secrets or attorney-client communications. But there is a big difference between rifling through documents in a briefcase to look for weapons or contraband and picking up the documents and reading them. I would imagine that if customs agents had been reading business documents, we would have heard about a long ago. Is that right? Or has it always been a normal part of business travel for customs agents to read and even copy the documents in travelers' briefcases? Ms. Gurley. It is our understanding that customs would look for contraband, and they would only copy the information that had a nexus with the contraband or the actual potential crime. The difference here is that they basically copy everything, so the vast amounts of information that are being copied are beyond the actual potential crime. So it is not just contraband. It is anything, including the fact that if you were a businessperson and you were carrying documents across the border, those were physical documents. If I am carrying as a businessperson my computer over, I also have erased documents. They can get to that as well. If I have one or two, I drafted something, I have deleted it, customs can, in fact, copy that as well and find it. In the olden days, if I did not bring it, they could not find it. But the big issue for the business travel community is let's say you are not a pornographer, let's say you are not a terrorist. Let's say you are not engaged in any criminal activity. You are a businessperson. You are people like us doing their regular business, and your information is seized. The data is downloaded. And it turns out there is nothing going on. Why can't the U.S. Government tell us how long they are going to retain the information? Are they going to destroy the information? What are the doing with that information? That lack of information causes incredible anxiety to the business community, and putting all the constitutional law issues aside, which are critical, the issue is we should have a transparent Government. We find that there is no criminal activity. Why can that information not be returned? Chairman Feingold. Let me just pursue the briefcase question so I can get a sense of what the current practices are. Were you suggesting that the only thing that would trigger the reading or copying of a document would be the presence of contraband? Or let's say somebody was stupid enough to write down in a letter that they would like to buy some drugs. Would customs agents read that letter, apart from the contraband being in there, and make a copy? Ms. Gurley. I would assume they would make a copy of that, and that makes eminent sense. If you find a letter saying I am a drug dealer-- Chairman Feingold. Apart from there being contraband present within the briefcase. Ms. Gurley. Right. But now they would go through every piece of information, including your love letters, including your bank--so there is a big difference in how information is disseminated and brought across borders now than even 15, 20 years ago. Chairman Feingold. Fair enough. An excellent answer. Mr. Tien, I have a related question for you. A few of today's witnesses have claimed that under existing case law, specifically United States v. Ramsey, customs agents are allowed, without any reasonable suspicion, to read the contents of paper documents that U.S. citizens carry or send across the border. But as you know, the Supreme Court in Ramsey held only that customs agents could open international mail--in that case, to see if it contained heroin. Indeed, the primary reason the Court rejected the defendant's First Amendment challenge is that a Federal statute prohibited customs agents from reading international mail without a warrant. Are you aware of any case in which the Supreme Court has held that customs agents can read the contents of travelers' personal documents without any reasonable suspicion? Mr. Tien. Well, Senator, you are absolutely right about the way that Ramsey does that, and I am not aware of any cases that have specifically authorized that kind of reading. This is one of those situations where the Supreme Court case very, very clearly says we do not need to decide this First Amendment issue because we already have congressional and regulatory protections for the privacy of people's mail. The current law may be slightly different, and one of the things that I wanted to point out, especially in conjunction with Ms. Gurley's testimony about transparency, is that when we have asked CBP for documents about how they handle the looking at or the photocopying of documents, we get back from CBP redacted, blacked-out sections about their policies and practices with respect to documents. So it is very unclear. Chairman Feingold. Thank you, sir. Ms. Khera, the conduct you have described on the part of customs agents is quite shocking. I think most people here would agree that customs agents should not be asking travelers why they converted to Islam, for example. I suspect if a DHS official were here, he or she would say that DHS does not condone these questions, that these are isolated cases of customs agents behaving badly. But, of course, the only way to ensure a certain level of conduct is to require it, and to punish any violations of that requirement. To your knowledge, are there any DHS regulations or any Federal laws that specifically prohibit customs agents from engaging in the kind of questioning identified in your testimony? Ms. Khera. Mr. Chairman, we are not aware of any specific regulations that govern CBP in this area. We believe that CBP is instead relying on age-old statutes as well as we have reason to believe that they are relying on internal policy guidance. But the problem is that that internal policy guidance is not public. My colleagues, the Electronic Frontier Foundation and the Asian Law Caucus, have actually sought to get copies of policy guidance, directives, potential training materials that are given to CBP agents. And CBP has not been forthcoming about that material. I think as we have been discuss this morning, in order to for Congress and the American people to understand how the power, the immense broad power of CBP is being used at the border, we do need that information, and I think Congress should be rightfully seeking that information. Chairman Feingold. Thank you. As promised, Senator Brownback has returned to do a round of questions, and I also want to welcome Senator Durbin, who has joined us. Senator Brownback. Thanks, Mr. Chairman. I want to apologize to the panel and to the Chairman. I had another hearing that I was Ranking Member on. They did not both consult me on the time of this. I do not know why I do not get a little more respect around here. Maybe I should take that as a notice. I want to ask, if I could, it seems like in both the Chairman's and my opening statements, we agreed kind of on the premise, and then we both have questions then on the practicality and the implementation of this, is what the Fourth Amendment applies to as far as at the border, the rights of the country to be able to protect itself, and seeking information, and then this area that the court has tried to figure out is where does the search become so invasive that it is subject to a higher-level standard of review. That is the rub point here. Professor Sales, I wish I could have caught the rest of your testimony. I apologize. But I appreciated your trying to weave through that. How is it that you look at the issue of a search of a laptop at the border? Is that something that needs to have a heightened level of review or not, as you would look and reading the Fourth Amendment decisions that have come down? I take it from what your testimony was that the majority of courts are saying it does not require that. Mr. Sales. Yes, Senator, that is right. My sense is that courts have held--and the Supreme Court, if presented with the question, would hold--that reasonable suspicion is not required to justify a laptop search at the border. There is no question, Senator, that laptops are different from a suitcase. A laptop is a container, like a suitcase is, but a laptop is capable of containing vast amounts of data. An 80-gigabyte hard drive can store, I think, the equivalent of tens of millions of printed pages. So laptops are different. The question, however, is whether laptops are different in a constitutionally significant respect, and I think the answer to that question is probably no. I think Customs already has broad authority under the Supreme Court's border search precedents to search property, even property that contains extremely sensitive information. I would actually commend to you a Texas district court decision that was released just last week. This opinion discusses the sorts of property that are subject to border searches, suspicionless border searches: people's wallets, purses, locked glove boxes, locked containers or luggage, State and Federal identification cards, Social Security cards, medicines and medical records, names and addresses of family and associates, day planners with itineraries and travel documents, credit cards, checkbooks, registries. The list that the court provided goes on and on. Senator Brownback. When I have been on the border, I have seen x-ray machines that sat there apparently for some routine searches of big trucks in some settings like that. Those are used even as, I guess, an invasive type of device. But I have to say as well, too, you know, I do not like the idea of coming across with my BlackBerry and somebody saying, OK, I want to look through your whole BlackBerry, because I have got a lot of things in it. I do not know what all is on there in some cases, and I do not want people looking at that randomly. Do I waive that right in coming across the border? Mr. Sales. Well, Senator, understandably, people treat the personal data that they store on their electronic devices with great sensitivity, and they regard it as very important. But the Supreme Court has held that the expectation of privacy at the border is different than the expectation of privacy within the country. So while we would rightly condemn suspicionless or especially warrantless searches of your BlackBerry or your laptop on the streets of Washington, D.C., the analysis has to change a little bit at the border. And the Supreme Court has held that the criterion of reasonableness at the border is the fact that it is the border. In other words, a border search is reasonable under the terms of the Fourth Amendment because of the simple fact that it occurs at the border. Senator Brownback. Mr. Tien, I do not know if you note in your testimony--somebody did--that you can search--if you have got a bunch of photographs with you and you are coming through the border, the border agents can search and look through those photographs. Is that correct? And that is deemed routine. Is that correct? Mr. Tien. Under current law, yes. Senator Brownback. But if we have a digital camera, I take it from what you are putting forward, you are saying, Well, I do not think that is reasonable to do a digital camera. What is the difference between looking at those two at the border? Mr. Tien. What we have been talking about is a general category of electronic devices that range from a laptop and your BlackBerry to a digital camera. And our feeling is that for all of these, you have a number of differences between the sort of non-electronic version and the electronic version, and probably the most important-- Senator Brownback. Which is? What is the difference? Mr. Tien. There is a quantity difference. There is a quality difference. And I think sort of to extend the point that Professor Sales made, there is a scope of search difference. The quantity difference is simply that you can have way, way more information: an 80-gigabyte drive is just an unbelievable amount of information. Senator Brownback. I am getting short on time here. I just have some question about whether quantity raises your level of expectation of privacy at the border and your other--but let me also pursue this with you if I could. If we were to as a Congress say we want to tighten up this authority for what the border search could do, wouldn't we be conveying to people that travel overseas for illegal activities, wouldn't we be conveying to them just put it in an electronic form and you are more likely to be able to get through than if you had something in a physical form of a physical picture? Isn't that the tactic then that people that would seek to break these laws and do these crimes take? Mr. Tien. I do not really think that is a major problem when you consider a couple of things. First, existing law protects international mail. That is actually the law that the Supreme Court pointed to in United States v. Ramsey, where they noted that you need reasonable suspicion under statute to open up an envelope and would need a warrant based on probable cause in order to read the correspondence in the envelope. That is why the Supreme Court in U.S. v. Ramsey did not touch the First Amendment issue. So we have already got laws on the books, for instance, that establish privacy for correspondence. Second, when we do this electronically, we have the protections under the Wiretap Act that control whether or not those kinds of communications can be searched. So I do not really see that--from a transparency perspective that we are really telling folks anything more about the privacy interests or about the possibility of evading detection through protecting laptops and BlackBerries and iPhones any differently. I also wanted to respond to one of your earlier points, Senator, about quantity. I was not saying that quantity is the only reason to differentiate digital devices. There is also the fact that the nature and the question of information on those devices is, it seems to me, much more personal because of the nature of the way that these devices have really embedded themselves into both our personal lives and our work lives. And what that ends up meaning is that your devices are like carrying a giant autobiography of the person in a way that is very different from most physical conveyances, and that creates what I call a scope of search problem. The purpose of or the function of a legal standard like reasonable suspicion or probable cause is not merely to establish the threshold reason for being able to perform a search. It also establishes the standard for the scope. How far can the search go? If you have probable cause to search something, then that also entails how much of something you can search. Because once you go past the amount that the suspicion or the cause, then you have gone too far. The Fourth Amendment was intended to prevent general searches and general warrants, things without particularity. And so the idea of having-- Senator Brownback. I think I got the point here from you. I just do really question if we are not conveying a signal to people then that here is the way you get these in and you have a heightened protection at the border rather than another. And I still, though, have real trouble with the idea of people do bring these devices, I use them and bring them across the border because I hope to be able to use them when I am traveling. So I do think we have a real question to wrestle with. Thanks, Chairman. Chairman Feingold. First let me compliment the Ranking Member for the balance and quality of his questions, and I just want to review the question that was asked of Professor Sales. Senator Brownback specifically said he did not like the idea of his BlackBerry being unloaded at the border, and he asked specifically if he waived his right to do that. You gave a scholarly answer, and I heard every word of it. But the answer can only be, based on your words, yes, Senator Brownback has waived his rights. Mr. Sales. Senator, I would not take credit for that myself. I would say those are the Supreme Court's words. Chairman Feingold. Fine, but I just want everyone to know that is the whole core of why we are having this hearing. Senator Brownback's rights to privacy of his BlackBerry are waived completely at the border, according to your interpretation of the Supreme Court. And I think that is something we have to examine. Mr. Sales. If I could, Senator? Chairman Feingold. Yes, sir. Mr. Sales. Thank you, Mr. Chairman. There is no question that when crossing the border, a U.S. citizen retains his Fourth Amendment right against unreasonable searches and seizures. The Fourth Amendment applies at the border. The border is not a Fourth Amendment-free zone. The question then becomes what kind of search counts as reasonable, and the Supreme Court has held for a number of decades that a routine border search can take place with no reasonable suspicion whatsoever. So the answer to your question, I believe, is the Supreme Court has said ``yes, but.'' Chairman Feingold. Yes, but the ``but'' does not you any good because it is a ``routine'' search so everything is open. Now I am going to turn to Senator Durbin for his round. Senator Durbin. Thank you, Mr. Chairman, for this hearing. About 10 years ago, the NBC television station in Chicago received a complaint from a woman who said she was traveling routinely through Chicago O'Hare, was stopped and strip searched, and she thought it was outrageous. She was African- American. The story ran on the air, and as a result of that story, a number of other African-American women who had gone through the same experience called the station. The woman who handled the story decided to make a plea that all of the African-American women who had been strip searched at Chicago O'Hare should contact the station, and it ended up with I think close to 20 when it was over. It turned out that the U.S. Customs Service had established a practice at Chicago O'Hare that if you were an African- American coming from certain countries in the Caribbean, that they were going to stop more of them, detain them, and search them. Clearly, this was a case of profiling, and the complaint was made and an investigation initiated. The GAO investigation that I requested found there was a clear pattern of profiling against African-American women. You can understand the personal outrage of these women who were traveling, under innocent circumstances, who were being singled out. As a result, Ray Kelly, who was then head of the Customs Service, announced that that would end, and I commended him for doing the right thing. Now I am hearing complaints from particularly my Pakistani- American friends, but others, Arab, Muslim friends, that they are being singled out, and some of them with great embarrassment, men and women, are being stopped not for a strip search but for lengthy interrogation and for searching of their belongings. Many of them are reputable business people who have been established in the Chicago community for 10, 20 years, who have businesses with many employees. And travel has become an opportunity for harassment. And I understand the line of this questioning when it relates to laptops, but I also want to go to the larger issue of profiling and elicit some comments from you relative to that. Ms. Khera, does the DHS policy allow for Arab and Muslim Americans to be singled out for scrutiny on the basis of their national origin or religion? Ms. Khera. Senator Durbin, you raise an excellent question and let me also first say--just thank you for your leadership on this issue. I know back 10 years ago when these issues arose involving the U.S. Customs Service, you led the fight here in Congress in trying to hold the U.S. Customs Service, the predecessor to the CBP, accountable at that time. So thank you for your continued interest in these issues. We believe that the current DHS guidance on this issue is not sufficient, that it does allow basically an escape hatch at the borders for DHS to use race, ethnicity. And what we heard this morning--in fact, I am very pleased to hear--is that there seems to be unanimity on this panel that singling Americans out based on their faith, ethnicity, is wrong and it is impermissible. I think two things. One is I think it behooves Congress to make it clear that that is the case, because clearly lessons were not learned from the experience of 10 years ago, and I think we do need some very direct authority on this. And I know Senator Feingold has a bill on this issue, the End Racial Profiling Act. You have been also a strong supporter of that, and I think it behooves Congress to move on that legislation. I think the second issue that this raises is even if in policy folks can agree that people should not be targeted, what is happening in practice, and are CBP agents receiving the kind of training they need and the proper guidance to ensure that they are not targeting people and not asking inappropriate questions. And, finally, I would encourage Congress to conduct oversight, to be demanding of CBP the policy and guidance that is being given to these agents, as well as having CBP provide Congress with information about the basis for why people are being subjected to secondary inspection, the kinds of questions that are being asked, and items that are seized, and if information is being seized, how it is being used, how is it being stored and shared. Senator Durbin. In this age of concern about security and terrorism, is it possible or even realistic to say that when it comes to these border situations, our Government cannot use race, religion, or ethnic background as the basis for searches or questioning? Ms. Khera. I think it is absolutely necessary for our Government to be clear that we are not targeting people based on those factors. I think those factors can be used in combination with other factors indicating some kind of criminal activity. So if there is, for example, a specific description of a suspect, a criminal suspect, or a specific terrorist who might be crossing the border, those factors can then be used. But as a general matter, it is not smart border policy. It is not fair as a matter of the Constitution, and it is not effective, because with the limited scarce resources, as even my colleague Mr. Carafano pointed out, CBP has scarce resources, and we need to be sure that CBP agents are using those scarce resources in an effective way and not targeting the family man who is returning home from a business trip to Japan with very invasive, intensive scrutiny. Because for every minute that is spent on targeting him, it is 1 minute less that CBP could be focusing on actual wrongdoers. Senator Durbin. Almost 4 years ago to the day, I asked then-DHS Secretary Tom Ridge in this Committee room about the special registration program, and he said at the time that he was going to modify or eliminate the program. Well, that has not happened in the 4 years since. I would just ask this kind of general question to all the witnesses. Mr. Carafano, you testified that, ``In order to be successful, CBP must avoid predictable patterns of behavior.'' This is the fundamental problem I see with profiling based on race, national origin, and religion. It is predictable, and terrorists and others seeking to do us harm can evade the profile once they learn about it. So is there anyone here who disagrees with the premise that profiling on the basis of race, national origin, or religion may actually be counterproductive? Is there anyone who disagrees with that concept? Remarkable unanimity. I appreciate that very much. Chairman Feingold. Let the record reflect that no one disagreed. Senator Durbin. I would like to ask; is profiling worse at some airports in America than others? Testimony received today mentioned several instances in the San Francisco airport, and I wondered, obviously, if there had been any incidents at O'Hare or other airports. Ms. Khera. Senator, the complaints that we have received and other civil rights organizations have received have come from a number of different airports and land crossings. That includes San Francisco, Seattle, Newark, Houston, Boston, as well as land crossing in Detroit and the Washington State- Canadian border. So it has been a variety of different locations. Senator Durbin. So it is not one particular airport. It is many. Ms. Khera. Yes. Senator Durbin. Thank you very much, Mr. Chairman. I appreciate it. Chairman Feingold. Thank you, Senator Durbin. I will begin another round. Professor Swire, DHS's written testimony asserts that CBP border searches have helped to identify terrorists attempting to enter the United States. The testimony does not mention whether or not these laptop searches could have proceeded even if a reasonable suspicion standard were in place. In the few specific examples that are mentioned, it seems abundantly clear that reasonable suspicion was present, and so a reasonable suspicion requirement would have not interfered with apprehending these individuals. The same is true of Zacarias Moussaoui, whom Professor Sales mentioned in his testimony. In Moussaoui's case, an FBI agent determined that there was a 50-percent probability his computer contained evidence of criminal activity. Although this was considered insufficient for probable cause, it surely was enough for reasonable suspicion. Do you think requiring a reasonable suspicion threshold for electronic searches will result in terrorists slipping through our fingers? Mr. Swire. Mr. Chairman, I think the reasonable suspicion threshold is a sensible and traditional legal way to go here. Maybe I can just briefly make a response to Senator Brownback, who asked earlier whether there is any distinction we can make between digital cameras and digital laptops and the rest. I think there is an important distinction that was not highlighted yet, which is that with digital things you do not just get a border search; you get a permanent search, that there is a record kept and a searchable data base created. And that does not happen with a suitcase, but it happens with these digital things. So the permanent search and the ability then to move it around the information--sharing environment makes all of these searches very different from traditional other searches. It is an additional clear legal reason to have a suspicion before these searches happen. Chairman Feingold. Did you want to respond to the part of my question about reasonable suspicion? Mr. Swire. Reasonable suspicion. So I think in answer to your question, my reading of the cases is that the examples pulled out about terrorism involve reasonable suspicion. And I have not quibbled with and I believe in your opening statement you made mention that reasonable suspicion is an acceptable basis for searches at the border. It is random or suspicionless searches that the business travelers and the rest of us have very severe concerns about, and it is the one--suspicionless searches are the ones that pose the biggest computer security and general infrastructure risks. Chairman Feingold. On that point, Ms. Khera, we have heard testimony from Ms. Gurley about the practical harms of subjecting business travelers to laptop searches, including the increased cost to companies and loss of competitive edge for our country. What is the harm that we suffer as a nation when Americans are singled out for intrusive searches and questioning because they are Muslim or because they are of Arab or South Asian descent? Ms. Khera. Mr. Chairman, first let me make it clear that I think all Americans, including Muslim-Americans, certainly are willing to put up with some inconvenience to ensure that our country is safe and secure. And I think what we are talking about is not just mere interference but some activities questioning searches that actually go beyond and really in some cases result in hours of being detained and being interrogated, and we have at least one case where the actual property, the cell phone was actually returned in a damaged and inoperable condition. So there is some very specific harm to individuals. And I would say in terms of more broadly speaking, in terms of your question about the harm to our country, I think fundamentally this is an issue of is this an effective--are these effective tactics? And is the broad power of the CBP being used to actually focus on the bad guys? Or are they really, you know, following the leads, following the actual evidence, facts indicating criminal activity? Because, again, we have scarce resources, and in order to be safe and secure, we need our resources being used in a targeted way going after the bad guys. Chairman Feingold. Thank you. Professor Swire, if we assume, just for the sake of argument, that the Government has always had the right to read any document that citizens carry with them across the border, travelers in the past could avoid that situation by choosing not to take sensitive documents with them on their travels. Now, is that a practical option for most traveling Americans-- to just leave their laptops at home or delete any private information before traveling? Mr. Swire. It does not seem a very good option, and they impose costs on travelers if they have to get a second laptop or get a second BlackBerry or whatever. Something that Dr. Carafano said earlier is that the border people will be limited by resources so they will not copy very much, they will not do this very much. But the cost to copying and storing data is going down to close to zero. We have technology to just make it a routine thing to copy at the border, and part of the reason to have this hearing now is before we get to that point, we should have procedures in place. Chairman Feingold. Ms. Gurley, Mr. Cunningham testified that American citizens have no reasonable expectation of privacy in the contents of their laptops at the border because the country from which they have traveled may have searched the laptops as well. He states, ``I submit that many countries conduct much more aggressive searches than the United States.'' Is that consistent with what the members of your organization have experienced in their business travel? Do other countries examine the contents of laptops without individualized suspicion? Ms. Gurley. I believe that Canada has similar regulations to us, but I assume that countries like Uzbekistan, North Korea, and other countries search your laptops, but I do not think that should be our benchmark. Chairman Feingold. Thank you. Senator Brownback? Senator Brownback. Thank you, Mr. Chairman. Dr. Carafano, you said in your written testimony that there are numerous instances where we have gathered crucial information from terrorists' laptops. Could you give us a couple of examples of where that has happened? Mr. Carafano. Absolutely, Senator. I would just like, if I may for the record, Professor Swire said that I was talking about costs on the border. I was primarily referring to costs of individuals and the time of the individual agents at the border. I was not talking about the cost of, you know, taking and storing data. Senator Brownback. With costs at the border for as far as that there is the time of inspection of the people? Mr. Carafano. That is absolutely the most critical element because there are two costs there. There is, one, the cost of the agent. You are taking--you are occupying the time of that agent and secondary inspection, focusing him on an individual. So that is the most--that agent is the most important in the line of defense at the border of making the determination of whether this person is a high-risk traveler, how much time should be spent with them, you know, how much of a risk do they actually--how much questions you need to ask, how much do you need to determine probable cause, because maybe you need to make a more intrusive inspection. So that is an incredibly valuable asset, and that is the real time we are concerned about. And the second-- Senator Brownback. Just on that, how many border crossings a year happen into the United States by U.S. citizens? Mr. Carafano. Millions. Senator Brownback. Does anybody know the actual number? Mr. Carafano. Tens of millions. Senator Brownback. I thought I had seen at one point in time that we had legal crossings a year into this country of over 200 million. Legal crossing into the country per year. Mr. Carafano. That may be if you want to count citizens or the number of times they actually cross the border. Some people in San Diego, for example, cross the border several times a day, and every one of those counts as a crossing. Senator Brownback. I guess my point of that--and I do not know how many border agents we have that do that actual inspection. Does anybody know that actual number? Mr. Carafano. Well, it depends. For example, at L.A. Long Beach, there are about 1,500 CBP agents at the port of L.A. Long Beach, give or take, doing not just border inspections, not just inspecting people, but cargo and everything else. Senator Brownback. It has been my experience that a lot of people cross these borders every day, and so what you are talking about is just a practical effect of agents looking, and that is your primary line of defense right there, is pretty limited about the amount of time that they have per person and decisionmaking that they have. Mr. Carafano. That is correct, Senator. And the other great concern we have is the travelers themselves. The more time they spend at the border, the higher the transaction costs of crossing that border for them and their company and the people that they serve. So you want to reduce those down to the minimum you possibly can, but you want to make sure that your security concerns are absolutely looked after. And so that is why you want to focus those assets on the high-risk travelers. And you are going to use a range of resources to do that from intelligence gathering to sharing of information. And that is why these initial searches are an important part of that whole thing. I do think it is important that we make a distinction between an intrusive search, which does require probable cause, and what you would call a suspicionless search or inspection. You know, generally, even suspicionless searches and inspections are bad because they increase transaction costs. But that is not always the case. There is one category of suspicionless search or inspection that makes perfect sense, and that is a random inspection because, remember, what you are trying to do is just not speed travelers through, you are trying to identify bad guys. And part of catching the bad guy is making sure that they cannot identify the patterns of inspection that you are using. So randomness is an important component of that. For example, we have a Container Security Initiative. We inspect a percentage of high-risk cargo coming into the United States. But occasionally we will just pull off a container and just x-ray it for no other reason, just to try to make it more difficult for people to identify the pattern of characteristics that we are looking for to identify high-risk behaviors. So, again, to make that inspector at the border the most efficient and effective possible, we do have to be concerned about two things. One is we cannot make his trade craft so transparent that the terrorist or criminal can say, Oh, I will just do this and I will walk through. And the other thing is we have to give him the discretionary authority that he needs so he can focus his resources on the high-risk travelers. Again, the way we do that is to maximize the human capital investment we make in them so they are not doing racial profiling, maximize the technology they have available so they can get the information they need to identify high-risk travelers. But equally important is to provide them the flexibility they need in doing searches that are not intrusive, to be able to identify who are the people they should focus on. Senator Brownback. Give me a couple of examples of what we have caught on terrorists' laptops. Mr. Carafano. I think that is a great question because I think it is unquestionable that technology can be a formidable weapon. I mean, the most startling examples, of course, are not actually border-crossing incidents, but, for example, when we went into Pakistan and uncovered computers which had enormous data on al Qaeda operations. The computers and records that have been looked at, for example, in regards to A.Q. Khan and forensically what we have been able to determine about the terrorist network that they use for the movement of people and material is huge. So the fact that a technology like a computer can be a weapon and can contain an enormous amount of material that indicates malicious and criminal activity, I do not think that is disputable. Senator Brownback. Thank you, Mr. Chairman. Chairman Feingold. Just a couple more questions from me. Mr. Tien, as you know, the Constitution prohibits searching an American citizen's laptop within the borders of this country without probable cause and a warrant. If no limits are placed on customs officials' ability to search laptops at the border, what is to stop law enforcement agencies from staging an end run around the constitutional requirement of a warrant by requesting that customs officials perform the search the next time that individual attempts to travel overseas? Mr. Tien. I am afraid that there is not any current limit on that, and we have actually seen cases in which it appears that individuals are searched when they come back from international travel because there is some sort of vague red flag alert in the data base that says ``put this person into secondary screening and then search.'' The cases are not always clear on the actual reason why that flag was in there. It is just, ``pull this guy over.'' So we are very concerned that this problem of suspicionless searches does not require that everyone be searched. It can simply be that the Government is abusing its authority to pick out people based on factors that would not support probable cause in the United States. Chairman Feingold. Thank you. Professor Swire, I was struck by your comparison to the encryption wars of the 1990s, which I found quite apt. One particularly compelling point you made was the ultimate futility of anti-encryption rules in achieving the intended goal of preventing the use of strong encryption. You drew a comparison to laptop searches, stating that ``moderately smart criminals and terrorists'' would be able to avoid having electronic information captured through border searches. Can you elaborate on why you do not think laptop searches will be particularly helpful in apprehending competent criminals and terrorists? Mr. Swire. Thank you, Mr. Chairman. If we assume moderate intelligence and the ability to do searches on the Internet for today's hearing transcript, the first thing that you do if you are trying to avoid the border is you do not carry things in your laptop. You can load your files in heavily encrypted form up to a server, and then when you get to the far side, you download it from the server, and there is never anything in your laptop when you cross the border. The second trick is using TrueCrypt or other software that is easily available today in the public market, widely used. And what you do then is you take your laptop, and when the agent says, ``Open it up and give us your password,'' you open it up, but there is a second layer of encryption so the directory does not show the hidden part of your hard drive that has the other things hidden in there. That does require you to lie to the Border Patrol officer, so the Border Patrol officer says, ``You can see everything here? '' And you say, ``Oh, yes, sir, it does.'' But at a technological level, the Border Patrol agent has gotten in partway to your computer but cannot get the rest of the way in. So that is two ways through that are widely known today. Chairman Feingold. Senator Brownback, did you want to followup? [No response.] Chairman Feingold. First let me thank Senator Brownback for his very-- Ms. Khera. Mr. Chairman, do you mind if I-- Chairman Feingold. Very briefly, please. Ms. Khera. Just a brief comment, because in Dr. Carafano's last statement, he was mentioned Pakistan and laptops that have been found in possession of al Qaeda with various material. And I think it is just worth clarifying that the community has been concerned that the DHS is using the factor of which country people have traveled to as a potential basis for singling out people, and I just wanted to clarify that the kinds of stories we hear around the Muslim community do not seem tailored to the issue of trying to determine whether there is somebody who has been mingling with al Qaeda in Pakistan and potentially carrying laptops. You hear questions about the political views, Presidential candidates, how often they pray, their associations with people in the United States, and it seems to be tied not to criminal activity but instead some part of some broader intelligence-gathering exercise. So I just wanted to clarify. Chairman Feingold. Fair enough, and as luck would have it, or I guess the world we live in, I am trying to get to a Foreign Relations hearing on Pakistan right now. So I want to thank all the witnesses for their testimony. I think it is extremely important to start giving close examination to this issue because we are to some degree in uncharted legal territory. I appreciate Senator Brownback's active and valuable participation in the hearing. As I mentioned at the beginning of the hearing, neither the Framers of the Fourth Amendment nor the Supreme Court when it crafted a broad border search exception could have conceived of a world in which Americans crossed over the border dozens of times each year, carrying with them virtually all of their personal information. It is time for the law to catch up with reality. This hearing has shed some light on what that reality is and how ordinary law-abiding Americans are affected when the Government claims an unlimited right to search their laptops. There is room for common sense here. I suspect everyone in this room who is learning about these searches for the first time had a visceral reaction to the idea of the Government reading through the contents of their laptops, browsing their e-mails, and looking to see what websites they have visited. That reaction, I am guessing, was very different from the reaction they would have if asked to open their suitcase. In my opinion, these different reactions demonstrate the need for different policies. I also think this issue has to be placed in the larger context of this administration's ongoing assault on Americans' privacy. There was a statement in Mr. Cunningham's written testimony that I found breathtaking. He said, ``Given the possibility of surveillance of phones and the Internet, `old- fashioned' smuggling across the border, by storing files on a laptop, might prove a safer and more attractive alternative for [terrorist] communication provided the persons doing so could be assured that the computer would not be subject to the possibility of random and suspicionless search.'' The implication is that the way to stop terrorists is to ensure total Government surveillance authority over every person at every point, both inside our borders and out. That is certainly one way we can respond to the threat we face from terrorism. We can become a surveillance state. But I remain convinced that a better approach is to remain true to our core values as a Nation. I do not think that suspicionless searches of Americans' laptops at the border or anywhere else are consistent with those values, nor do I think they are an effective means of fighting terrorism. Many of the witnesses today had ideas for solutions that would bring border searches back in line with our values and our constitutional principles. I will be taking a close look at these ideas in the weeks ahead. Because of the upcoming holiday recess, the hearing record will remain open for 2 weeks for additional materials and written questions for the witnesses to be submitted. As usual-- Senator Brownback. Mr. Chairman, I want to make a closing comment. Chairman Feingold. OK. Why don't you go ahead and then I will finish. Senator Brownback. Mr. Chairman, I was not going to make a closing comment, but with yours, I think it is appropriate as well to also draw some balance on this. I think this is a good topic for us to discuss. It is an important one. I think you also get a little stretching on the administration's--they are just trying to search everybody. I think you have got a very practical concern here that we are trying to protect, the people are trying to protect the country, and that you have got hundreds of millions of crossings a year. You have people attempting to come into the country or from the country to do us harm, and you have got a real security need that is here. I think you have a court that has responded to this, that it has addressed some of the issues right at the border and your standards of review that exist at that border. I would hope people would look at that in a balanced sense and would say, OK, we do have legitimate--there are legitimate security needs, standards at the border have been established by the courts, and we need to see some practical implementation of that where you have hundreds of millions of people crossing the border. I cross the border on not an infrequent--a couple of times a year, and I think we can be sensible about that without just the hyperbole of blaming an administration that wants to have a surveillance state. They do not want to have a surveillance state. Nobody wants to have that. Nobody wants to stand for that. But we do want to try to keep the American people safe. And it is just a very practical thing that I hope we could work on a practical basis, protecting those constitutional rights, recognizing the difference that the Court has articulated at the border, and try to work that on forward. Thank you, Mr. Chairman. Chairman Feingold. Let me simply conclude by saying I wish that what I said about the administration was extreme. But it is not. This administration for years has created an environment, whether it be the Inspector General's reports about the detentions of Muslim-Americans and others right after 9/11 or any number of other practices--you name it. They have created this environment where, frankly, people might believe a level of surveillance and activity that is even beyond reality. We are going to have a new administration, whether it is Republican or Democrat, but the historical record is clear that this administration has been reckless with regard to the privacy of the American people. And I realize we disagree on that, and this was not the focus of the hearing, but I believe that if we are going to fix all this, we need to have a different environment with regard to the next administration. I am hoping we get that. As usual, we will ask the witnesses to respond promptly to any written questions so that the record of the hearing can be completed. Thank you. This hearing is adjourned. [Whereupon, at 10:49 a.m., the Subcommittee was adjourned.] [Questions and answers and submissions for the record follow.]