Technology is wonderful. Laptop computers are getting lighter. Storage capacity on laptop computers, smartphones, USB keys and other electronic devices are up in the terabytes. What this means is that everyone, including lawyers, can travel with vast amounts of personal data and client documents dating back to or before the purchase of an electronic device.
From one electronic device, you (or the Canada Border Services Agency), U.S. Customs and Border Protection and other border officers can access every email, text message, document, bank statement, health report, credit card statement, invoice, photo, contact, calendar entry, call history, voicemail message, to-do notation, book, magazine, internet search, app data, Facebook post, Twitter post, Netflix download history, stored password and other information stored on your electronic device.
If your electronic device has GPS, the geo-locations of your travels can be downloaded. Your electronic device may be cloud enabled and may synchronize with or open the door to data stored elsewhere (that is not on the electronic device with which you are travelling). Certain deleted data can be retrieved with relative ease.
A single handheld electronic device or laptop can store more than what used to be in luggage. The Customs Act is outdated and has not been modernized to reflect modern technology. Law-abiding citizens do not even think about the information on their electronic devices until the CBSA asks them to write their password down on a piece of paper and they disappear with their electronic device into a back room without them. As the CBSA officer walks away with all of your personal information, you finally ask the important question, “Can they do that?”
And then the door shuts and you have no opportunity to stop the intrusive and invasive search of your electronic device.
If you travel frequently across borders, you may have questions.
For example, what is the CBSA’s policy (Operational Bulletin PRG-2015-31) concerning examinations of electronic devices? There is a policy that has not been posted on the CBSA website but that I have obtained that says the CBSA has the authority to search electronic devices and may look at any email, document, text, photo, etc. as it considers electronic documents to be goods.
You may also ask yourself what the CBSA’s policy is concerning examinations of solicitor-client privilege materials. There is also a short policy (Operational Bulletin PRG-2014-07) that has not been posted on the CBSA website but that I have obtained that says CBSA officers will normally respect solicitor-client privilege but will make decisions on a case-by-case, document-by-document basis.
Other questions may focus on if the CBSA respects solicitor-client privilege. For that, the answer is maybe. Operational Bulletin PRG-2014-07 states that “only documents . . . marked ‘Solicitor/Client Privilege’ or are addressed to/from a law firm, or a lawyer’s office, or where the documents are carried by a lawyer or notary in physical or electronic format and solicitor-client privilege is claimed or asserted . . . are potentially privileged.” The CBSA officer adjudicates whether privilege applies.
Another important area for scrutiny is if there is there a procedure to have someone else review solicitor-client privileged documents. The answer is yes, but you will have to deposit your electronic device in a sealed evidence bag and leave your electronic device with the CBSA for an indefinite period of time. Operational Bulletin PRG-2014-07 does not set out the procedure. There must be another CBSA officer to observe the process and sign a completed IMM 5242B form and the electronic device must be placed in a sealed evidence bag.
This includes questions around whether the CBSA should access emails and texts that arrive while the CBSA is examining your smartphone or laptop. The answer is no. Operational Bulletin PRG-2015-31 requires that the CBSA set your electronic device to “airplane mode.”
It also includes queries about how to proceed if the CBSA asks for the password to webmail or to access documents stored in the cloud. The answer is that the CBSA should only examine goods in your possession at the time you cross the border. But what happens at the border may be different from what is in the bulletin.
You may wonder what to do if the CBSA asks you to access bank records and credit card statements by going into websites. The CBSA should only examine goods in your possession at the time you cross the border, not go on a fishing expedition through your intimate and personal information.
Lastly, one may wonder if the CBSA needs to have reasonable suspicion before examining an electronic device. The answer, in my opinion, is that currently the CBSA just asks to examine the device and does not have to state the reason for asking or state what it will be looking for. The threshold for such examinations is significantly lower than what the police require to obtain a search warrant. The CBSA does not need a search warrant to examine your electronic device. This also extends to your password.
Martin Bolduc, vice president of the Programs Branch of the CBSA, testified before the House of Commons Standing Committee on Access to Information, Privacy and Ethics in September that the CBSA may arrest a person who does not provide a password when requested. The CBSA’s position is that s. 13 of the Customs Act requires that a traveller answer all questions and, therefore, if the CBSA officer asks for a password, it must be provided.
In his testimony, Bolduc was very clear — the CBSA takes the position it has the authority to look at anything you have on your electronic devices. If you do not want the CBSA to look at specific information, do not have it on your electronic devices. So, ask the right questions before you travel with your electronic devices.
Cyndee Todgham Cherniak is a customs lawyer at LexSage Professional Corporation, a boutique international trade and sales tax law firm.