There’s something in the air when the Presidents of bars from two different countries write letters within a few days of each other to their respective governments about the same thing. In this case, the President of the American Bar Association and the President of the Law Society of British Columbia wrote last week to their governments about the search of lawyers’ electronic devices by border agents.
The ABA letter expressed concern over current standards in the US, which permit officers to search and review the content of lawyers’ laptops, mobile phones and other devices at border crossings without any showing of reasonable suspicion. The ABA asked for the modification and clarification of policies to state that when a lawyer is travelling with a device containing privileged or confidential electronic documents, these documents cannot be read, duplicated, seized or shared, unless the officer first obtains a subpoena based on reasonable suspicion or a warrant supported by probable cause.
The British Columbia letter floats the opinion that a lawyer’s electronic device might legally be considered a ‘law office’, and therefore subject to the same guarantees of solicitor-client privilege as all other files and correspondence. It argues that any power to authorise access to privileged information should be express and specific, absolutely necessary and must not impair the privilege more than minimally. It asks that border agents do not seek to obtain passwords from lawyers, and do not either confiscate the device or otherwise detain the lawyer if the password is refused.
Such searches are an increasing problem. For instance, in the US, while the Department of Homeland Security conducted fewer than 5,000 searches of devices in 2015, the number of inspected devices apparently reached 25,000 in 2016. After President Trump’s recent executive orders on immigration and foreign travel, there were 5,000 device searches in February alone. Of course, lawyers are going to be caught up in these searches, and confidential information will inevitably be included. In true American style, a lawsuit has now been launched in an attempt to lay down the permitted limits for such searches.
There is advice available online about what to do to avoid your confidential data being searched. You should leave your main devices at home, and travel only with data-free replacements. Or you should delete the apps which give you access to your data before you travel, and reinstall them once you have crossed the border. If neither of these solutions is available, make sure you use encryption and long, strong, unique passwords. Turn off your devices completely before going through customs.
You are not obliged to hand over your passwords, but, at least in the US, you might then be refused entry if you are not a US citizen or green-card holder. Even if you are in the latter two categories, you might be held up for a long while. Again in the US, telling border agents that you are a lawyer and that your device contains confidential information should lead to the agent seeking advice from higher up the chain as to what to do.
If you do give your password, make it clear that you do not consent to the search. If the US government can show you consented to the search, it will not need to show any level of suspicion at any point. If you choose to provide your password, an explicit statement to the effect of ‘I do not consent to this search’ is in your best interest. If you are going to provide a password, you should also try to enter it yourself, rather than provide it to the agent. Do not deliberately give the agent a false password, since lying to or obstructing an investigation by an agent is a crime.
From a UK perspective, voluntarily giving up details of social media accounts could amount to a breach of the UK’s data protection laws.
I have written before that we need to be aware that crying ‘Foul!’ too often around the protection of lawyer-client confidentiality will make the authorities grow more tired of it, and increase suspicions that lawyers hide behind it to avoid proper accountability. Indeed, I think there should be a full reflection on the role of client confidentiality, to regain trust in it from those outside the profession.
In the meanwhile, given modern security concerns, and their link to immigration, border searches of electronic devices will presumably become more common everywhere. Bars and lawyers should be alert to the dangers. The legal response, while always based on the need to guarantee lawyer-client confidentiality, which is respected nearly everywhere, will differ according to the governing laws of the jurisdiction into which the lawyer is trying to cross. Be warned, be prepared!