With the new normal that has followed, businesses are more digitalised than ever and employees are afforded the flexibility of working from anywhere.
The increased global mobility means companies now have to be aware of risks that follow employees with digital devices. Border agencies across the world are now given extended powers to seize and search any files you are carrying and also search digital devices of passengers.
Why is this happening?
The aim of electronic media searches is to produce information which can be used to combat terrorism, violations of export controls, and convictions for various crimes, intellectual property rights violations and visa fraud.
Border agencies in the USA, Australia, New Zealand, Israel, Russia and China have the legal authority to conduct searches on the spot without much ability to resist. Laws that allow agents to search bags without a judge’s approval, for the purposes of immigration or security compliance, have been extended to digital devices.
Once this information is searched and a copy of the data is imaged by the government agencies, there is little information as to which other government departments will also have access to these.
Depending on the regime and concerns you may have of the conduct of such authorities in the location you travel to, you may want to safeguard your confidential data to prevent any undue hardship.
What can be done?
Border agents can only inspect data that resides on the device and is accessible through its operating system or through other software, tools or mobile applications. They may not intentionally access information stored remotely, for instance in a cloud. Some countries also have the power to confiscate devices for a further forensic examination. In this case agents can make full copies of all the data on the device, which can be shared with other government agencies.
This gives rise to business concerns, particularly if devices used for work contain confidential information that could be copied and potentially leaked, or misinterpreted by any government agencies, or even potentially the media.
As a general advice, it is prudent when travelling, to:
Ensure there is no company, client, personal confidential or sensitive data stored on or downloaded to the device – use cloud storage services for such data that allows it to be accessed as required
Disable wireless and internet connectivity, limiting access to any data stored externally to the device, for instance, on social media or in a cloud – set the device to airplane mode while in customs and immigration
Limit the number of devices taken on travel or remove sensitive personal information from devices that could be searched
If the device is taken for inspection, immediately change the password of the device and any applications that might have been viewed. Inform the any stakeholders as soon as possible and submit a security incident so the device can be inspected by information security.
Should your organisation require a health check of information practices of your globally mobile employees, please contact us.
Comments