By Paul Gregoire and Ugur Nedim
Australian Border Force officers performed warrantless searches of 41,410 electronic devices belonging to passengers at international airports from January 2017 through to December 2021. These searches involved smartphones, laptops and other devices, such as removable storage drives.
Obtained by IT News via a freedom of information request, these figures provide a clearer understanding of the scope of the border data checking regime, which usually only receives attention when someone subjected to the invasive practice speaks out.
The data outlines that up until 31 May 2020, the ABF was tracking how many electronic devices at the border belonged to citizens as opposed to foreigners. The 31-month period saw 17,085 citizens’ devices searched compared to 23,374 that belonged to people from overseas.
As of June 2020, Border Force officers stopped recording the number of citizens they were searching but began noting how many device searches resulted in data being copied and downloaded. Out of 951 searches over a 19-month period, 304 led to information being copied.
And despite most travellers searched at the border not being told this as their electronic device is about to be taken away for inspection, “travellers have no legal obligation to provide a password/passcode or provide assistance to access”, an ABF officer recently confirmed to IT News.
Border search powers
The laws that permit the ABF to search the goods of incoming and outgoing citizens and noncitizens at the border without a warrant are contained in a number of pieces of federal legislation.
Section 186 of the Customs Act 1901 (Cth) provides the main power for border officials to search goods being carried by passengers without a warrant. Subsection 186(3)(e) permits that if the item being searched is a document, it can be read either directly or with the aid of a device.
While section 186A of the Customs Act allows officers to take an electronic copy or an extract from any document that has been searched if it relates to the import or export of prohibited goods or the commission of a criminal offence or it involves a matter of interest to intelligence agencies.
The warrantless searching of noncitizens is further allowed prior to their being cleared by immigration, under section 252 of the Migration Act 1958 (Cth). This is when an ABF officer has “reasonable grounds for suspecting there are reasonable grounds for cancelling the person’s visa”.
And maritime officers, including customs officials, are permitted to search people and their goods in national maritime areas, under section 61 of the Maritime Powers Act 2013 (Cth). Failure to produce “a thing” during such a search is a crime carrying up to 2 years inside and/or a fine of $26,640.
Withholding passwords
Following the search incidents reported in the media, the general scenario that’s emerged involves a person being told by ABF officers that their electronic device or devices will be searched, and then officials will ask the subject of the search to handover their access password or passcode.
Once Australian Border Force officers are in possession of a device, they then take it away to another room for searching. This process can take up to half an hour, and the individual isn’t informed about what occurs during the search.
Although, there has been at least one case involving a four hours wait time and an outgoing flight being missed.
At a Budget Estimates hearing on 14 February this year, Greens Senator Nick McKim quizzed ABF commissioner Michael Outram on the border searches, including asking the question as to whether his officers have the power to compel a passenger to provide their password.
Outram took the questions on notice. And in replying, he set out that in terms of providing assistance to officers in accessing an electronic device, “there is no legal compulsion for a traveller to provide a password/passcode or provide assistance to an electronic device at the border”.
Under circumstances where a passenger refuses to provide their access code, the ABF can seize the item if it considers there is a risk warranting further search. And as IT News points out Home Affairs has a tender with Grayshift, which produces software to extract data from devices without a code.
The ABF website outlines that electronic devices that are seized under section 186, will be retained for no longer than 14 days, provided there is no data on the device that warranted its seizure and searching in the first place.
Other key takeaways
McKim ascertained that the ABF only seizes a device if it considers it could be a special forfeited good, under section 203B of the Customs Act. This can result from it containing illegal pornography or terrorism-related materials and it can result in penalties of up to 10 years inside.
Outram further explained in his responses that the ABF does copy documents found on electronic devices if they are suspected that they might hold information relating to a crime, however officers don’t have permission to alter or delete such data.
And the copied data may be shared with other parties in accordance with the stipulations set out in the relevant legislation, including the Australian Border Force Act 2015 (Cth), the Privacy Act 1988 (Cth) and the Migration Act. Outram underscored that there are “strict guidelines for disclosure”.
The creeping surveillance state
British Australian man Nathan Hague was stopped by ABF officers at Sydney International Airport in August 2018 and was asked to handover his phone and laptop for searching. The software developer said he reformatted his phone after the 90-minute search as a precaution.
“They basically said that they were going to inspect the files for suspicious content,” Hague told Sydney Criminal Lawyers in September that year. “They wouldn’t let me know what the definition of suspicious content was. And they required me to unlock the phone.”
According to Hague, he asked the officers a series of questions which they flat out refused to answer. These included whether files would be copied, how many would be if so, what the ABF data retention policy is, and whether his files would be destroyed if no suspicious content was found.
“Every single question I had was met with, ‘It’s covered under the legislation,’” Hague recalled. “They were friendly, but evasive.”
