New lawsuit to challenge laptop searches at U.S. border

 Criminal defense lawyers, press photographers and a university student are challenging the Obama administration's search policy permitting officers at U.S. borders to detain travelers' laptop computers and examine their contents even without suspecting the traveler of wrongdoing.
In a federal lawsuit to be filed Tuesday in the Eastern District of New York, the plaintiffs allege that the Department of Homeland Security policy violates constitutional rights to privacy and free speech.
At issue is the government's contention - upheld by two federal appeals courts - that its broad authority to protect the border extends to reviewing information stored in a traveler's laptop, cellphone or other electronic device, even if the traveler is not suspected of involvement in criminal activity. In the government's view, a laptop is no different than a suitcase.
After the Sept. 11, 2001, terrorist attacks, the George W. Bush administration took an expansive view of the government's authority at the border in an effort to stop terrorists from entering the country, and to find evidence of terrorist plots.
The Obama administration has followed suit, the plaintiffs said, with a pair of DHS policies issued by U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement in August 2009 that reaffirmed the policy of suspicionless searches at the border.
"Keeping Americans safe in an increasingly digital world depends on our ability to lawfully screen materials entering the United States," Homeland Security Secretary Janet Napolitano said when the policies were issued. "The new directives . . . strike the balance between respecting the civil liberties and privacy of all travelers while ensuring DHS can take the lawful actions necessary to secure our borders."
But the American Civil Liberties Union, which is filing the case on behalf of the plaintiffs, argues that laptops and smartphones, unlike a suitcase of clothes and toiletries, contain highly personal information, from financial records to family photos. The government should have a "reasonable suspicion" that a crime has been or is about to be committed before reviewing such information, the plaintiffs contend.
Justice Department spokesman Charles Miller said that once the lawsuit is filed, "we'll review it and make a determination on how we'll ultimately respond in court."
ACLU attorney Catherine Crump said this case may be more likely to succeed than previous challenges, which involved criminal defendants whose laptops contained child pornography.
"The plaintiffs in our case are extremely sympathetic, and the harms they suffered are grave," Crump said. "I'm optimistic that a judge seeing that will be more inclined to recognize that the Fourth Amendment requires reasonable suspicion for searches that are this invasive."
The plaintiffs are the National Association of Criminal Defense Lawyers (NACDL), the National Press Photographers Association and Pascal Abidor. Abidor, a 26-year-old doctoral student and dual U.S.-French citizen, was on an Amtrak train from Montreal to New York to visit family last spring when his laptop was searched and confiscated by CBP officers.
"I had no idea how this would end, what repercussions this would have on any aspect of my life," Abidor said in an interview. "Here my laptop and hard drive were taken away from me, after having done nothing. Having no control over what might happen to me, or over what the government might believe me to be up to, was extremely frightening."
The following account is taken from the complaint and the interview.
On May 1, at an inspection point at the border of Quebec and New York, a CBP officer who had examined Abidor's two passports, which had visas for Jordan, Syria and Lebanon, asked to inspect his belongings. In the train's cafe car, the officer turned on his laptop, ordered him to enter his password and began to examine its contents.
Abidor, whose focus is Islamic studies at Montreal's McGill University, frequently travels internationally to conduct research.
She asked him about personal photos as well as pictures he had downloaded from the Internet for research, including images of rallies by the militant Islamist groups Hamas and Hezbollah. She asked him why he had "this stuff" on his computer, the complaint said. He said that his research focused on the modern history of Shiites in Lebanon.
He was later handcuffed and detained for three hours, and agents asked him to explain why he had so many "symbolic materials" in his possession.
Abidor's laptop and hard drive were returned to him 11 days later. By examining the "last opened" date of files, Abidor saw that officers had examined directory folders on his laptop as well as backup documents stored on his external hard drive. The files included personal photos, a transcript of a chat with his girlfriend, copies of e-mail correspondence, class notes and his tax returns.
Today, Abidor travels with less information on his computer. He "self-censors" photos he downloads to his computer. He said he will have to warn people he interviews for research that U.S. officials may have access to the notes, but fears this will discourage interviewees from being candid.
The NACDL and the New York Civil Liberties Union are co-counsel in the case.
Abidor is among 6,671 travelers whose laptops or other devices were searched between October 2008 and June 2010, according to the ACLU. Slightly less than half - 45 percent - were U.S. citizens.
Eighty-three percent were male, 52 percent identified as white, 10 percent as black and 9 percent as Asian. No category was provided for people of Middle Eastern descent.
The policy also permits agencies under certain circumstances to share the data found on travelers' devices, which was done 282 times between July 2008 and July 2009, according to the ACLU.

Druva delivers deduping laptop backup

 Three-year-old start-up Druva is opening an office in the UK and delivering global deduplicating backup software for laptops. It's Outlook and Office-aware to reduce network transmission loads and provide user self-service restores, which Druva says Avamar cannot.

The product is called inSynch v4.0 and it resides on laptops as a 7MB agent which works in the background and backs up files to a server over network links. The 40MB InSynch server software can support up to 1,000 laptops and run on physical servers or as a virtual machine.
The laptop agent performs source-based deduplication, calculating a checksum fingerprint for blocks to be backed up and ignores the block if it has been backed up already. The server distributes its most recently-seen checksums to all the connected laptop clients, so individual client laptops get a global view. Druva CEO and co-founder Jaspreet Singh says that because inSynch is app-aware as far as Microsoft's Outlook and Office are concerned it understands about things like mail headers and footers being repeated in multiple blocks inside a PST file and, unlike other reduplication products, can deduplicate them.
The software sniffs or checks what type of network connection the laptop has - VPN, LAN or WAN - and optimises the style of network transmission, with smart bandwidth throttling, so as to minimise the network burden. There is what Singh calls intelligent caching to ensure that inSynch client-server communications are fast and efficient.
Laptop users can restore files or folders on self-service basis, with a search facility enabling them to look for , say, mails sent at a particular time or to a certain person etc. Singh said: "We can restore reduplicated data on the fly. Avamar does not have self-service restore." Files can be selected and examined by the user to see how they changed over time with a file at a particular point in time selected for restore.
When it was suggested that inSynch has similarities to Apple's Time Machine backup, he said: "Time Machine does not have search; it doesn't have deduplication; and it's not application-aware."
Druva was founded in 2007 by people who came from Veritas. They saw a need for laptop backup facilities that reflected the fact that laptops were not stationary and couldn't have a backup regime based on a standard scheduled backup time and constant, reliable network connection. Likewise restore should not be based on file versions but on file changes over time; a continuous data protection scheme in effect. Instead the software uses what Druva calls "smart, opportunistic scheduling".
InSynch functionality will be coming for iPhones and iPads later this year with an enterprise server backup product due in the 2011-2012 period.
The company is headquartered in Puna, India, with an office in Santa Monica and now one in London. Its products are sold in 28 countries, using a reseller channel. It is being funded by the Indian Angel Network and Sequoia Capital, the VC firm that funded Google and many other startups. One aspect of Druva's marketing pitch is that business laptops are very poorly served by backup software. Over 30 per cent of corporate data can reside on laptops yet Druva says 67 per cent of these laptops are not backed up.
It says 750,000 laptops were lost at US airports in 2009, so 67 per cent of them probably had no backup of their data. Other backup suppliers, Singh says, do a poor job. Veritas has an ageing and very cheap product. IBM is not active in this market at all and neither is CA. He says the Druva software just sits in the laptop and works and is better than all of them.
Druva's customer list includes NASA, Emerson Network Power, Xerox, Schlumberger, Stihl and, in the UK, Capita. The US Marine Corps also use Druva's software, particularly in Afghanistan where notebooks are threatened by an unusually severe set of risks. There are more than 450 enterprise installations.
Druva's inSynch v 4.0 costs £60 per client license, with discounts for quantity, and £500 for the server software supporting up to 1,000 clients. ®