Homeland Security details new tools for extracting device data at US borders:
Travelers heading to the US have many reasons to be cautious about their devices when it comes to privacy. A report released Thursday from the Department of Homeland Security provides even more cause for concern about how much data border patrol agents can pull from your phones and computers.
In a Privacy Impact Assessment dated July 30, the DHS detailed its US Border Patrol Digital Forensics program, specifically for its development of tools to collect data from electronic devices. For years, DHS and border agents were allowed to search devices without a warrant, until a court found the practice unconstitutional in November 2019.
In 2018, the agency searched more than 33,000 devices, compared to 30,200 searches in 2017 and just 4,764 searches in 2015. Civil rights advocates have argued against this kind of surveillance, saying it violates people's privacy rights.
[...] The DHS said the privacy risks of using the tools are low because only trained forensics technicians will have access to the tools, and only data relevant to investigations will be extracted.
That assurance is in stark contrast from what lawyers from the American Civil Liberties Union and the Electronic Frontier Foundation found, after a lawsuit revealed that agents had searched through travelers' devices without any restrictions, and often for unrelated reasons like enforcing bankruptcy laws and helping outside investigations.
(Score: 0) by Anonymous Coward on Friday August 14 2020, @10:15PM
Modern Android phones require a chip in the phone itself in order to read anything that's been encrypted on it. It's not enough to have the relevant passphrases, you'd also have to figure out how to transplant the chip in order to get it to work. I learned this the first of five times I had to have my LG V10 warranty replaced, simply plugging the encrypted MicroSD in and it won't be readable no matter what you do. The internal memory is the same way. Probably possible, but far more difficult than just removing the disk and reading it. Perhaps for devices which haven't been encrypted, but that doesn't require any particular tools.
The end result is that they might try examining it, but ultimately they wouldn't get anywhere near enough to the data to know that it was a factory reset as you're not required to unlock it for them. The searches they were doing were completely illegal in most cases.