Technology is wonderful. Laptop computers are getting lighter. Storage capacity on laptop computers, smart phones, USB keys and other electronic devices are up in the terabytes. You can travel with your electronic devices and no one will know you are not in the office.
What this means is that we can travel with vast amounts of personal data (and client documents) dating back to (or before) the purchase of an electronic device. From one electronic device, you (or the Canada Border Services Agency (“CBSA”), U.S. Customs and Border Protection (“US CBP”) and other border officers) can access every email, text message, document, bank statement, health report, credit card statement, invoice, photo, contact, calendar entry, call history, voicemail message, to-do notation, book, magazine, internet search, app data, Facebook post, Twitter post, Netflix download history, stored password, and other information stored on your electronic device. If your electronic device has GPS, the geo-locations of your travels can be downloaded. Your electronic device may be cloud enabled and may synchronize with or open the door to data stored elsewhere (that is not on the electronic device with which you are travelling). Certain deleted data can be retrieved with relative ease.
A single handheld electronic device or laptop can store more than what used to be in luggage. The Customs Act is outdated and has not been modernized to reflect modern technology. Law-abiding citizens do not even think about the information on their electronic devices until the CBSA asks you to write your password down on a piece of paper and they disappear with your electronic device into a back room without you. As the CBSA officer walks away with all of your personal information, you finally ask the important question, “Can he/she do that”? And then the door shuts and you have no opportunity to stop the intrusive and invasive search of your electronic device.
Ask the right questions:
- What is the CBSA’s policy concerning examinations of electronic devices? Is there one? The answer is “yes”, there is a policy that has not been posted on the CBSA website. However, LexSage Professional Corporation has posted Operational Bulletin PRG-2015-31 on its website.
- What is the CBSA’s policy concerning examinations of solicitor-client privilege materials? Is there one? The answer is “yes”, there is a short policy that has not been posted on the CBSA website. However, LexSage Professional Corporation has posted Operational Bulletin PRG-2014-07 on its website.
- Will the CBSA respect solicitor-client privilege? The answer is “maybe”. Some within the CBSA believe that Operational Bulletin PRG-2014-07 is only a guideline and that individual CBSA officers can choose not to follow the suggestions. Also, Operational Bulletin PRG-2014-07 states that “only documents … marked “Solicitor/Client Privilege” or are addressed to/from a law firm, or a lawyer’s office, or where the documents are carried by a lawyer or notary in physical or electronic format and solicitor-client privilege is claimed or asserted … are potentially privileged.” The CBSA officer adjudicates whether privilege applies.
- Is there a procedure to have someone else review solicitor-client privileged documents? The answer is “yes”, but you will have to deposit your electronic device in a sealed evidence bag and leave your electronic device with the CBSA for an indefinite period of time. Operational Bulletin PRG-2014-07 does not set out the procedure. The procedure is contained in the CBSA Enforcement Manual, Part 4, Chapter 3, paragraph 96 (also posted on the LexSage website). There must be another CBSA officer to observe the process and sign a completed IMM 5242B form and the electronic device must be placed in a sealed evidence bag.
- Should the CBSA access emails and texts that arrive while the CBSA is examining your smart phone or laptop? The answer is “no”. Operational Bulletin PRG-2015-31 requires that the CBSA set your electronic device to “airplane mode”.
- Should the CBSA ask for the password to webmail or to access documents stored in the cloud? The answer is that the CBSA should only examine goods in your possession at the time you cross the border. But, what happens at the border may be different than what is in the bulletin.
- Should the CBSA ask you to access bank records and credit card statements by going into websites? The answer is “no”. The answer is that the CBSA should only examine goods in your possession at the time you cross the border. But, what happens at the border may be different than what is in the bulletin.
- Should the CBSA look at your photos? The answer is that it all depends on what they are looking for. If the CBSA thinks you have child pornography on your phone or computers, they do have authority to look for prohibited materials. However, the CBSA should not go on a fishing expedition through your intimate and personal information.
- Does the CBSA need to have reasonable suspicion before examining an electronic device. The answer is that currently the CBSA just asks to examine the device and does not have to state the reason for asking or state what they will they be looking for. The threshold for such examinations is significantly lower than what the police require to obtain a search warrant. The CBSA does not need a search warrant to examine your electronic device.
- Do you have to give the CBSA your password? Martin Bolduc, VP Programs Branch of the CBSA, testified before the House of Commons, Standing Committee on Access to Information, Privacy and Ethics (“ETHI”) on September 27, 2017 that the CBSA may arrest a person who does not provide a password when requested. The CBSA’s position is that section 13 of the Customs Act requires that a traveler answer all questions and, therefore if the CBSA officer asks for a password, it must be provided.
There is not a lot of case law on searches of electronic devices by the CBSA. What we know is that paragraph 99(1)(a) of the Customs Act grants CBSA officers the authority to examine goods. Goods is defined in subsection 2(1) of the Customs Act to include luggage and “any document in any form”. While the CBSA interprets the word “document” to include an electronic document, electronic information in or accessible through an electronic device is another matter altogether.
On June 8, 2017, the Privacy Commissioner, Daniel Therrien wrote to House of Commons Standing Committee on Public Safety and National Security and made the following observations in the context on Bill C-23 relating to pre-clearance:
“The fundamental problems with groundless searches of electronic devices is that these searches do not recognize that they are extremely privacy intrusive. Yet, Bill C-23 recognizes the sensitivity of other searches, namely searches of persons, from the relatively un-intrusive frisk or pat down searches to the more intrusive strip and body cavity searches. These searches legally cannot be performed unless an officer has reasonable grounds to suspect some legal contravention, notably the concealment of goods. In my view, it is extremely clear that searches of electronic devices can contain the most personal and intimate information we hold … The idea that electronic devices should be considered as mere goods and therefore subject to border searches without legal grounds is clearly outdated and does not reflect the realities of modern technology. Border controls are important and legitimate for reasons of sovereignty and public safety, but they should not be exercised arbitrarily.”
On September 27, 2017, the Canadian Bar Association (including myself and David Fraser as witnesses) presented a submission and appeared before the ETHI Standing Committee and raised concerns about the CBSA’s policies on examinations of electronic devices. The CBA raised these same concerns. The Submissions of the CBA raised the following points:
- Any interpretation of the Customs Act that would authorize a warrantless search of data stored on an electronic device or accessed from an electronic device or require an individual to disclose a password to access it may be unconstitutional.
- The Supreme Court of Canada has modified the common law in response to technological change.
- There is a very high expectation of privacy in the contents of electronic devices. (R. v. Fearon, 2014 SCC 77)
- In R. v. Vu, the Supreme Court of Canada found that a search with a warrant had to exclude a computer found on those premises because of the acute privacy interests engaged by these devices. Therefore, electronic devices require special rules.
- The Supreme Court of Canada has said that solicitor-client privilege is fundamental to the proper functioning of the Canadian legal system. (Blood Tribe Department of Health v. Attorney General of Canada et. Al,  2 S.C.R. 574.
- The Supreme Court of Canada has repeatedly emphasized that solicitor-client privilege must remain “as close to absolute as possible and should not be interfered with unless absolutely necessary”. (Alberta (Information and Privacy Commissioner) v. University of Calgary, 2016 SCC 53)
- The Customs Act should be updated to reflect modern Canadian views on our advancing technologies and it is time for Parliament to weigh in.
- Only Canadian courts can adjudicate solicitor-client privilege claims. The CBSA is an administrative government body / an enforcer. They do not have the authority to decide what is and what is not covered by solicitor-client privilege.
In his testimony to the EHTI Committee on September 27, 2017, Mr. Bolduc was very clear, the CBSA takes the position they have the authority to look at anything you have on your electronic devices. If you do not want the CBSA to look at specific information, do not have it on your electronic devices. So, ask the right questions before you travel with your electronic devices.
For more information about the CBSA’s examination powers and solicitor-client privilege, please contact Cyndee Todgham Cherniak at 416-307-4168 or at email@example.com. Other useful documents are posted on the LexSage web-site. The best place to look on the LexSage website is under Customs articles and University of Windsor course materials “NEXUS/Border Infractions“.
Other helpful articles include: